773 resultados para DDoS attacks
Resumo:
DDoS攻击以其高发性、高破坏力和难以防范的特点,近年来成为互联网的主要安全威胁之一.研究者们提出了多种对抗DDoS攻击的方法.:乓中,Savage等人提出的概率包标记方案以其易于实施、消耗资源小等优点,引起人们的重视.然而概率包标记方案存在两个明显缺陷:多攻击路径重构时的高误报率和高计算复杂度.在概率包标记的基础上,提出了一种分块包标记方案,该方案与概率包标记方案相比具有较低的误报率和较低的计算复杂度,因而具有更高的实际应用意义.
Resumo:
作为加密标准,DES(data encryption standard)算法虽然已被AES(advanced encryption standard)算法所取代,但其仍有着不可忽视的重要作用.在一些领域,尤其是金融领域,DES和Triple DES仍被广泛使用着.而近年来又提出了一些新的密码分析方法,其中,Rectangle攻击和Boomerang攻击已被证明是非常强大而有效的.因此,有必要重新评估DES算法抵抗这些新分析方法的能力.研究了DES算法针对Rectangle攻击和Boomerang攻击的安全性.利用DES各轮最优差分路径及其概率,分别得到了对12轮DES的Rectangle攻击和对11轮DES的Boomerang攻击.攻击结果分别为:利用Rectangle攻击可以攻击到12轮DES,数据复杂度为2~(62)。个选择明文,时间复杂度为2~(42)次12轮加密;利用Boomerang攻击可以攻击到11轮DES,数据复杂度为2~(58)个适应性选择明密文,时间复杂度为2~(38)次11轮加密.由于使用的都是DES各轮的最优差分路径,所以可以相信,该结果是Rectangle攻击和Boomerang攻击对DES所能达到的最好结果.
Resumo:
研究AES-256抵抗相关密钥-不可能差分密码分析的能力.首先给出相关密钥的差分,该差分可以扩展到8轮(甚至更多轮)子密钥差分;然后构造出一个5.5轮的相关密钥不可能差分特征.最后,给出一个对7轮AES-256的攻击和4个对8轮AES-256的攻击.
Resumo:
文中研究由密文的完整性检查而导致的数据保密性问题,提出一个新的安全概念——加密方案在密文验证攻击下的不可区分性(IND-CVA:indistinguishability ofencryption scheme under ciphertext verification attacks)来刻画加密方案在这种情况下的保密安全性。IND-CVA允许敌手访问加密oracle和密文验证oracle。与IND-CPA和IND-CCA相比,IND-CVA比IND-CPA稍微强些,但要比IND-CCA弱得多。IND-CVA能使多数常用的加密方案(如:OTP,CBC,及CTR)得以满足。并且,这个IND-CVA可以恰当地刻画安全信道的保密安全性。将认证方案和加密方案结合起来是保证通信安全的一种常用方法。然而,在IND-CVA模型下,当利用认证方案来加强保密安全性的时候,却有可能反而破坏了原有的保密安全性。IND-CVA揭示了完整性对保密性的影响,准确刻画了安全信道的保密性要求,为协议设计提供了有益的参考。
Resumo:
Compared with other existing methods, the feature point-based image watermarking schemes can resist to global geometric attacks and local geometric attacks, especially cropping and random bending attacks (RBAs), by binding watermark synchronization with salient image characteristics. However, the watermark detection rate remains low in the current feature point-based watermarking schemes. The main reason is that both of feature point extraction and watermark embedding are more or less related to the pixel position, which is seriously distorted by the interpolation error and the shift problem during geometric attacks. In view of these facts, this paper proposes a geometrically robust image watermarking scheme based on local histogram. Our scheme mainly consists of three components: (1) feature points extraction and local circular regions (LCRs) construction are conducted by using Harris-Laplace detector; (2) a mechanism of grapy theoretical clustering-based feature selection is used to choose a set of non-overlapped LCRs, then geometrically invariant LCRs are completely formed through dominant orientation normalization; and (3) the histogram and mean statistically independent of the pixel position are calculated over the selected LCRs and utilized to embed watermarks. Experimental results demonstrate that the proposed scheme can provide sufficient robustness against geometric attacks as well as common image processing operations. (C) 2010 Elsevier B.V. All rights reserved.
Resumo:
Feature-based image watermarking schemes, which aim to survive various geometric distortions, have attracted great attention in recent years. Existing schemes have shown robustness against rotation, scaling, and translation, but few are resistant to cropping, nonisotropic scaling, random bending attacks (RBAs), and affine transformations. Seo and Yoo present a geometrically invariant image watermarking based on affine covariant regions (ACRs) that provide a certain degree of robustness. To further enhance the robustness, we propose a new image watermarking scheme on the basis of Seo's work, which is insensitive to geometric distortions as well as common image processing operations. Our scheme is mainly composed of three components: 1) feature selection procedure based on graph theoretical clustering algorithm is applied to obtain a set of stable and nonoverlapped ACRs; 2) for each chosen ACR, local normalization, and orientation alignment are performed to generate a geometrically invariant region, which can obviously improve the robustness of the proposed watermarking scheme; and 3) in order to prevent the degradation in image quality caused by the normalization and inverse normalization, indirect inverse normalization is adopted to achieve a good compromise between the imperceptibility and robustness. Experiments are carried out on an image set of 100 images collected from Internet, and the preliminary results demonstrate that the developed method improves the performance over some representative image watermarking approaches in terms of robustness.
Resumo:
Hot dip Zn-Al alloy coating performs better than hot dip galvanized coating and 55% Al-Zn-Si coating as well with regard to general seawater corrosion protection. A characterization of the corrosion products on Zn-Al alloy coating immersed in dynamic aerated seawater has been performed mainly based on transmission electron microscopy (TEM) for morphological analysis and X-ray diffraction (XRD) technique for crystalline phase identification. The XRD and TEM analyses showed that the corrosion products mainly were typical nanometer Zn4CO3(OH)(6).H2O, Zn-5(OH)(8)Cl-2 and Zn6Al2CO3(OH)(16). 4H(2)O microcrystals. This probably is connected to the co-precipitation of Zn2+ and Al3+ ions caused by adsorption. Zn-Al alloy coating being suffered seawater attacks, AI(OH)(3) gel was first produced on the coating surface. Zn and Al hydroxides would co-precipitate and form double-hydroxide when the concentration of adsorbed Zn2+ ions by the newly produced gel exceeded the critical degree of supersaturation of the interphase nucleation. However, because the growth of the crystals was too low to keep in step with the nucleation, a layer of nano-crystalline corrosion products were produced on the surface of the coating finally. (C) 2001 Elsevier Science Ltd. All rights reserved.
Resumo:
Expert systems are too slow. This work attacks that problem by speeding up a useful system component that remembers facts and tracks down simple consequences. The redesigned component can assimilate new facts more quickly because it uses a compact, grammar-based internal representation to deal with whole classes of equivalent expressions at once. It can support faster hypothetical reasoning because it remembers the consequences of several assumption sets at once. The new design is targeted for situations in which many of the stored facts are equalities. The deductive machinery considered here supplements stored premises with simple new conclusions. The stored premises include permanently asserted facts and temporarily adopted assumptions. The new conclusions are derived by substituting equals for equals and using the properties of the logical connectives AND, Or, and NOT. The deductive system provides supporting premises for its derived conclusions. Reasoning that involves quantifiers is beyond the scope of its limited and automatic operation. The expert system of which the reasoning system is a component is expected to be responsible for overall control of reasoning.
Resumo:
Malicious software (malware) have significantly increased in terms of number and effectiveness during the past years. Until 2006, such software were mostly used to disrupt network infrastructures or to show coders’ skills. Nowadays, malware constitute a very important source of economical profit, and are very difficult to detect. Thousands of novel variants are released every day, and modern obfuscation techniques are used to ensure that signature-based anti-malware systems are not able to detect such threats. This tendency has also appeared on mobile devices, with Android being the most targeted platform. To counteract this phenomenon, a lot of approaches have been developed by the scientific community that attempt to increase the resilience of anti-malware systems. Most of these approaches rely on machine learning, and have become very popular also in commercial applications. However, attackers are now knowledgeable about these systems, and have started preparing their countermeasures. This has lead to an arms race between attackers and developers. Novel systems are progressively built to tackle the attacks that get more and more sophisticated. For this reason, a necessity grows for the developers to anticipate the attackers’ moves. This means that defense systems should be built proactively, i.e., by introducing some security design principles in their development. The main goal of this work is showing that such proactive approach can be employed on a number of case studies. To do so, I adopted a global methodology that can be divided in two steps. First, understanding what are the vulnerabilities of current state-of-the-art systems (this anticipates the attacker’s moves). Then, developing novel systems that are robust to these attacks, or suggesting research guidelines with which current systems can be improved. This work presents two main case studies, concerning the detection of PDF and Android malware. The idea is showing that a proactive approach can be applied both on the X86 and mobile world. The contributions provided on this two case studies are multifolded. With respect to PDF files, I first develop novel attacks that can empirically and optimally evade current state-of-the-art detectors. Then, I propose possible solutions with which it is possible to increase the robustness of such detectors against known and novel attacks. With respect to the Android case study, I first show how current signature-based tools and academically developed systems are weak against empirical obfuscation attacks, which can be easily employed without particular knowledge of the targeted systems. Then, I examine a possible strategy to build a machine learning detector that is robust against both empirical obfuscation and optimal attacks. Finally, I will show how proactive approaches can be also employed to develop systems that are not aimed at detecting malware, such as mobile fingerprinting systems. In particular, I propose a methodology to build a powerful mobile fingerprinting system, and examine possible attacks with which users might be able to evade it, thus preserving their privacy. To provide the aforementioned contributions, I co-developed (with the cooperation of the researchers at PRALab and Ruhr-Universität Bochum) various systems: a library to perform optimal attacks against machine learning systems (AdversariaLib), a framework for automatically obfuscating Android applications, a system to the robust detection of Javascript malware inside PDF files (LuxOR), a robust machine learning system to the detection of Android malware, and a system to fingerprint mobile devices. I also contributed to develop Android PRAGuard, a dataset containing a lot of empirical obfuscation attacks against the Android platform. Finally, I entirely developed Slayer NEO, an evolution of a previous system to the detection of PDF malware. The results attained by using the aforementioned tools show that it is possible to proactively build systems that predict possible evasion attacks. This suggests that a proactive approach is crucial to build systems that provide concrete security against general and evasion attacks.
Resumo:
Gunning, Jeroen. 'Terrorism, Charities and Diasporas: Contrasting the fundraising practices of Hamas and al Qaeda among Muslims in Europe', In: Countering the Financing of Terrorism (New York: Routledge, 2007), pp.93-125 RAE2008
Resumo:
Wheeler, Nicholas, 'Dying for `Enduring Freedom': Accepting Responsibility for Civilian Casualties in the War against Terrorism', International Relations (2002) 16(2) pp.205-225 RAE2008
Resumo:
McInnes, C., 'A different kind of war? 11 September and the United States' Afghan war'. Review of International Studies, 29 (2), 165-184. RAE2008
Resumo:
Hughes, R. (2002). 'We are not Seeking Strength for its Own Sake': The British Labour Party, West Germany and the Cold War, 1951-64. Cold War History. 3(1) pp.67-94 RAE2008