773 resultados para DDoS attacks
Resumo:
This paper investigated using lip movements as a behavioural biometric for person authentication. The system was trained, evaluated and tested using the XM2VTS dataset, following the Lausanne Protocol configuration II. Features were selected from the DCT coefficients of the greyscale lip image. This paper investigated the number of DCT coefficients selected, the selection process, and static and dynamic feature combinations. Using a Gaussian Mixture Model - Universal Background Model framework an Equal Error Rate of 2.20% was achieved during evaluation and on an unseen test set a False Acceptance Rate of 1.7% and False Rejection Rate of 3.0% was achieved. This compares favourably with face authentication results on the same dataset whilst not being susceptible to spoofing attacks.
Resumo:
Cryptographic algorithms have been designed to be computationally secure, however it has been shown that when they are implemented in hardware, that these devices leak side channel information that can be used to mount an attack that recovers the secret encryption key. In this paper an overlapping window power spectral density (PSD) side channel attack, targeting an FPGA device running the Advanced Encryption Standard is proposed. This improves upon previous research into PSD attacks by reducing the amount of pre-processing (effort) required. It is shown that the proposed overlapping window method requires less processing effort than that of using a sliding window approach, whilst overcoming the issues of sampling boundaries. The method is shown to be effective for both aligned and misaligned data sets and is therefore recommended as an improved approach in comparison with existing time domain based correlation attacks.
Resumo:
Side channel attacks permit the recovery of the secret key held within a cryptographic device. This paper presents a new EM attack in the frequency domain, using a power spectral density analysis that permits the use of variable spectral window widths for each trace of the data set and demonstrates how this attack can therefore overcome both inter-and intra-round random insertion type countermeasures. We also propose a novel re-alignment method exploiting the minimal power markers exhibited by electromagnetic emanations. The technique can be used for the extraction and re-alignment of round data in the time domain.
Resumo:
This paper presents a new encryption scheme implemented at the physical layer of wireless networks employing orthogonal frequency-division multiplexing (OFDM). The new scheme obfuscates the subcarriers by randomly reserving several subcarriers for dummy data and resequences the training symbol by a new secure sequence. Subcarrier obfuscation renders the OFDM transmission more secure and random, while training symbol resequencing protects the entire physical layer packet, but does not affect the normal functions of synchronization and channel estimation of legitimate users while preventing eavesdroppers from performing these functions. The security analysis shows the system is robust to various attacks by analyzing the search space using an exhaustive key search. Our scheme is shown to have a better performance in terms of search space, key rate and complexity in comparison with other OFDM physical layer encryption schemes. The scheme offers options for users to customize the security level and key rate according to the hardware resource. Its low complexity nature also makes the scheme suitable for resource limited devices. Details of practical design considerations are highlighted by applying the approach to an IEEE 802.11 OFDM system case study.
Resumo:
The occurrence of Bursaphelenchus species in the Czech Republic is poorly known, the first report of the genus being made by Kubátová et al. (2000) who reported the association of B. eremus with the hyphomycetous microfungus, Esteya vermicola, and the bark beetle, Scolytus intricatus, collected from Quercus robur, in central Bohemia. To date, four other species have been reported from the country, namely B. fungivorus (Braasch et al., 2002), B. hofmanni (see Braasch, 2001), B. mucronatus (see Braasch, 2001) and B. vallesianus (Gaar et al., 2006). More recently, a survey for Bursaphelenchus species associated with bark- and wood-boring insects in the Czech Republic identified B. pinophilus Brzeski & Baujard, 1997 from the Moravia region. Although this represents a new country record, it was also associated with nematangia on the hind wings of a new insect vector. A total of 404 bark- and wood-boring insects were collected from declining or symptomatic trees and screened for the presence of Bursaphelenchus. Bark and longhorn beetles were captured manually after debarking parts of the trunk displaying symptoms of insect attacks. Longhorn beetle larvae were also collected together with logs cut from the trunk. Logs were kept at room temperature in the laboratory until insect emergence. Each adult insect was individually dissected in water and examined for nematodes. All nematodes resembling dauer juveniles of Bursaphelenchus were collected and identified by molecular characterisation using a region of ribosomal DNA (rDNA) containing the internal transcribed spacer regions ITS1 and ITS2. ITS-RFLP analyses using five restriction enzymes (AluI, HaeIII, HinfI, MspI, RsaI) were performed to generate the species-specific profile according to Burgermeister et al. (2009). Species identification was also confirmed by morphological data after culture of the dauers on Botrytis cinerea Pers. ex Ft., growing in 5% malt extract agar. During this survey, only species belonging to the Curculionidae, subfamily Scolytinae, revealed the presence of nematodes belonging to Bursaphelenchus. Dauers of this genus were found aggregated under the elytra in nematangia formed at the root of the hind wings (Fig. 1). The dauers were identified from 12 individuals of Pityogenes bidentatus (Herbst, 1783) (Coleoptera: Scolytinae) collected under the bark of Pinus sylvestris trunks. Each insect carried ca 10-100 dauers. The ITS-RFLP patterns of the dauers so obtained confirmed the identification of B. pinophilus associated with this insect species. Bursaphelenchus pinophilus has been found mainly in Europe and has been reported from various countries such as Poland (Brzeski & Baujard, 1997), Germany (Braasch, 2001), and Portugal (Penas et al., 2007). The recent detection of this species associated with dead P. koraiensis in Korea (Han et al., 2009) expands its geographical distribution and potential importance. It has been found associated only with Pinus species, but very little is known about the insect vector. The bark beetle, Hylurgus ligniperda, was initially suggested as the insect vector by Pe-nas et al. (2006), although the nematode associated with this insect was later reclassified as B. sexdentati by morphological and molecular analysis (Penas et al., 2007). According to the literature, P. bidentatus has been cited as a vector of Ektaphelenchus sp. (Kakuliya, 1966) in Georgia, and an unidentified nematode species in Spain (Roberston et al., 2008). Interestingly, B. pinophilus was found in the nematangia formed at the root of the hind wings of P. bidentatus. Although this phenomenon is not so common in other Bursaphelenchus species, B. rufipennis has been found recently in such a structure on the hind wings of the insect Dendroctonus rufipennis (Kanzaki et al., 2008). Although other nematode species (e.g., Ektaphelenchus spp.) are frequently found associated within the same nematangia (see Kanzaki et al., 2008), in this particular case, only dauers of B. pinophilus were identified. The association between B. pinophilus and P. bidentatus represents the first report of this biological association and the association with the Scolytinae strengthens the tight and specific links between this group of Bursaphelenchus species and members of the Scolytinae (Ryss et al., 2005).
Resumo:
Internet Tra c, Internet Applications, Internet Attacks, Tra c Pro ling, Multi-Scale Analysis abstract Nowadays, the Internet can be seen as an ever-changing platform where new and di erent types of services and applications are constantly emerging. In fact, many of the existing dominant applications, such as social networks, have appeared recently, being rapidly adopted by the user community. All these new applications required the implementation of novel communication protocols that present di erent network requirements, according to the service they deploy. All this diversity and novelty has lead to an increasing need of accurately pro ling Internet users, by mapping their tra c to the originating application, in order to improve many network management tasks such as resources optimization, network performance, service personalization and security. However, accurately mapping tra c to its originating application is a di cult task due to the inherent complexity of existing network protocols and to several restrictions that prevent the analysis of the contents of the generated tra c. In fact, many technologies, such as tra c encryption, are widely deployed to assure and protect the con dentiality and integrity of communications over the Internet. On the other hand, many legal constraints also forbid the analysis of the clients' tra c in order to protect their con dentiality and privacy. Consequently, novel tra c discrimination methodologies are necessary for an accurate tra c classi cation and user pro ling. This thesis proposes several identi cation methodologies for an accurate Internet tra c pro ling while coping with the di erent mentioned restrictions and with the existing encryption techniques. By analyzing the several frequency components present in the captured tra c and inferring the presence of the di erent network and user related events, the proposed approaches are able to create a pro le for each one of the analyzed Internet applications. The use of several probabilistic models will allow the accurate association of the analyzed tra c to the corresponding application. Several enhancements will also be proposed in order to allow the identi cation of hidden illicit patterns and the real-time classi cation of captured tra c. In addition, a new network management paradigm for wired and wireless networks will be proposed. The analysis of the layer 2 tra c metrics and the di erent frequency components that are present in the captured tra c allows an e cient user pro ling in terms of the used web-application. Finally, some usage scenarios for these methodologies will be presented and discussed.
Resumo:
Os anelídeos poliquetas são elementos importantes em ambientes estuarinos e costeiros, pela sua elevada biodiversidade e abundância e pelo papel que têm nas cadeias tróficas. Algumas espécies são intensivamente exploradas para serem utilizadas como isco na pesca desportiva e profissional, como é o caso de Diopatra neapolitana. Apesar da importância económica, existem poucos estudos sobre a sua biologia e ecologia. No decorrer deste estudo foram identificadas duas outras espécies do género Diopatra em Portugal: D. marocensis, inicialmente descrita para a costa de Marrocos e cuja distribuição actual se sabe estender-se a toda a costa Portuguesa e Norte de Espanha e, D. micrura, espécie nova para a ciência. O presente estudo tem como objectivos principais estudar a diversidade e reprodução do género Diopatra, bem como a capacidade de regeneração da espécie D. neapolitana. Este trabalho aborda a distribuição espacial de D. marocensis ao longo da costa Portuguesa e descreve a espécie D. micrura, uma nova espécie do género Diopatra Audouin and Milne Edwards, 1833. As três espécies coabitam em águas transicionais, onde as espécies D. micrura e D. marocensis facilmente se confundem com juvenis de D. neapolitana. Foi realizada uma comparação morfológica e genética entre as três espécies. A espécie D. neapolitana coexiste em algumas áreas da Ria de Aveiro com a D. marocensis. Apesar destas duas espécies apresentarem padrões reprodutivos muito diferentes, Maio a Agosto é o período principal para a reprodução de ambas as espécies. D. neapolitana apresenta um desenvolvimento larvar planctónico, e os óocitos presentes na cavidade celómica são esverdeados e apresentam um diâmetro de 40-240 μm (média = 164.39±40.79 μm) e as fêmeas contêm no celoma milhares de óocitos. Contrariamente, a espécie D. marocensis reproduz-se por desenvolvimento directo no interior do tubo parental. Os óocitos observados no celoma são amarelos com um diâmetro entre 180 e 740 μm (média = 497.65 ± 31.38 μm) e o seu número varia entre 44 e 624 (276.85 ± 161.54). Por seu turno, o número de ovos observados no interior dos tubos varia entre 75 e 298, com um diâmetro entre 600 e 660 μm, e o número de larvas entre 60 e 194. A proporção machos: fêmeas foi de 1:1 para a população de D. neapolitana e entre 1:2 e 1:4 para a população de D. marocensis, em que as fêmeas dominam a população durante todo o ano. O estudo da capacidade de regeneração da espécie D. neapolitana, avaliada a partir de experiências de laboratório, revelou que esta espécie é capaz de sobreviver à perda de alguns setígeros. Durante a captura de D. neapolitana para vender como isco são normalmente cortados mais de 20 setígeros e de acordo com os nossos resultados a extremidade posterior que fica no tubo não é capaz de regenerar a extremidade anterior; a espécie consegue no entanto recuperar de ataques por predadores.
Resumo:
In Mobile Ad hoc NETworks (MANETs), where cooperative behaviour is mandatory, there is a high probability for some nodes to become overloaded with packet forwarding operations in order to support neighbor data exchange. This altruistic behaviour leads to an unbalanced load in the network in terms of traffic and energy consumption. In such scenarios, mobile nodes can benefit from the use of energy efficient and traffic fitting routing protocol that better suits the limited battery capacity and throughput limitation of the network. This PhD work focuses on proposing energy efficient and load balanced routing protocols for ad hoc networks. Where most of the existing routing protocols simply consider the path length metric when choosing the best route between a source and a destination node, in our proposed mechanism, nodes are able to find several routes for each pair of source and destination nodes and select the best route according to energy and traffic parameters, effectively extending the lifespan of the network. Our results show that by applying this novel mechanism, current flat ad hoc routing protocols can achieve higher energy efficiency and load balancing. Also, due to the broadcast nature of the wireless channels in ad hoc networks, other technique such as Network Coding (NC) looks promising for energy efficiency. NC can reduce the number of transmissions, number of re-transmissions, and increase the data transfer rate that directly translates to energy efficiency. However, due to the need to access foreign nodes for coding and forwarding packets, NC needs a mitigation technique against unauthorized accesses and packet corruption. Therefore, we proposed different mechanisms for handling these security attacks by, in particular by serially concatenating codes to support reliability in ad hoc network. As a solution to this problem, we explored a new security framework that proposes an additional degree of protection against eavesdropping attackers based on using concatenated encoding. Therefore, malicious intermediate nodes will find it computationally intractable to decode the transitive packets. We also adopted another code that uses Luby Transform (LT) as a pre-coding code for NC. Primarily being designed for security applications, this code enables the sink nodes to recover corrupted packets even in the presence of byzantine attacks.
Resumo:
A computer system's security can be compromised in many ways—a denial-of-service attack can make a server inoperable, a worm can destroy a user's private data, or an eavesdropper can reap financial rewards by inserting himself in the communication link between a customer and her bank through a man-in-the-middle (MITM) attack. What all these scenarios have in common is that the adversary is an untrusted entity that attacks a system from the outside—we assume that the computers under attack are operated by benign and trusted users. But if we remove this assumption, if we allow anyone operating a computer system—from system administrators down to ordinary users—to compromise that system's security, we find ourselves in a scenario that has received comparatively little attention.
Resumo:
Tese de doutoramento, História (Arte Património e Restauro), Universidade de Lisboa, Faculdade de Letras, 2014
Resumo:
Here we review some of the most important aspects of recent work on Ragweed (Ambrosia) and birch (Betula) concerning: 1) sources, 2) trends & phenology and 3) dispersion and transformation. Sources: At Northern latitudes the birch fraction in forests usually exceeds 50% of all broadleaved trees and the abundance of birch decreases with latitude from 5%-20% in many mid-latitude regions and down to 0%-2% in more southern areas. Birches are also commonly found in small woodlands or planted as ornamental trees in urban areas. Ragweeds are herbaceous weed species that are associated with areas of disturbance. Ragweed is native to North America, but considered an invasive species in Europe, Australia and China. In Europe, the four main centres are: The Pannonian Plain, Ukraine, The Po Valley (Italy) and the Rhone Valley (France). Trends & Phenology: Birch pollen seasons have started earlier during the last decades. This trend appears have decreased during recent years despite increasing spring temperatures. Ragweed tends to experience less change in flowering date as ragweed flowering depends on photoperiod. Ragweed is increasing its distribution in Europe, but airborne concentrations of ragweed pollen are not universally increasing, e.g. due to control measures or pest attacks. Dispersion & transformation: The beginning of the birch pollen season is often heralded by episodes of Long Distance Transport (LDT) from the south. Similar LDT episodes are intermittently seen for ragweed, which can reach as far north as Scandinavia. Humidity and air pollution can modify pollen grains during atmospheric transport. This can cause a change in allergenic potential of the pollen grain and is a direction for future research including the effect of co-exposure of air pollution and the transformation of aeroallergens.
Resumo:
Tese de mestrado em Biologia da Conservação, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2016
Resumo:
In democratic polities, constitutional equilibria or balances of power between the executive and the legislature shift over time. Normative and empirical political theorists have long recognised that war, civil unrest, economic and political crises, terrorist attacks, and other events strengthen the power of the executive, disrupt and threaten constitutional politics, and damage democratic institutions: crises require swift action and executives are thought to be more capable than parliaments and legislatures of taking such actions. The terrorist attacks on New York and Washington on 11 September 2001 and the ensuing so-called 'war on terror' declared by President Bush clearly constituted a crisis, not only in the United States but also in other political systems, in part because of the US's hegemonic position in defining and shaping many other states' foreign and domestic policies. Dicey, Schmitt, and Rossiter suggest that critical events and political crises inevitably trigger the concentration of (emergency) powers in the hands of the executive. Aristotle and Machiavelli questioned the inevitability of this process. This article and the articles that follow in this Special Issue utilise empirical evidence, through the use of case studies of the United States, the United Kingdom, Russia, Australia, Israel, Italy and Indonesia, to address this debate. Specifically, the issue explores to what extent the external shock or crisis of 9/11 (and other terrorist attacks) and the ensuing 'war on terror' significantly changed the balance of executive-legislative relations from t (before the crisis) to t+1 (after the crisis) in these political systems, all of which were the targets of actual or foiled terrorist attacks. The most significant findings are that the shock of 9/11 and the 'war on terror' elicited varied responses by national executives and legislatures/parliaments and thus the balance of executive-legislative relations in different political systems; that, therefore, executive-legislative relations are positive rather than zero-sum; and that domestic political contexts conditioned these institutional responses.
Resumo:
Congressional dominance theory holds that not only can the US Congress control the executive, it does. The terrorist attacks on New York and Washington on 11 September 2001 and the Bush administration's ensuing global 'war on terror' suggest a different result. Bush's response to 9/11 signalled not only new directions in US foreign and domestic policy but a new stage in the aggrandisement of presidential power in the United States and a further step in the marginalisation of the Congress. Informed by a constitutional doctrine unknown to the framers of the US Constitution, the Bush administration pursued a presidentialist or 'ultra-separationist' governing strategy that was disrespectful to the legislature's intended role in the separated system. Using its unilateral powers, in public and in secret, claiming 'inherent' authority from the Constitution, and exploiting the public's fear of a further terrorist attack and of endangering the lives of US troops abroad, the administration skilfully drove its legislation through the Congress. Occasionally, the Congress was able to extract concessions - notably in the immediate aftermath of 9/11, when partisan control of the government was split - but more typically, for most of the period, the Congress acquiesced to administration demands, albeit with the consolation of minor concessions. The administration not only dominated the lawmaking process, it also cowed legislators into legitimating often highly controversial (and sometimes illegal) administration-determined definitions of counter-terrorism and national security policy. Certainly, the Congress undertook a considerable amount of oversight during the period of the 'war on terror'; lawmakers also complained. But the effects on policy were marginal. This finding held true for periods of Democratic as well as Republican majorities.
Resumo:
The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants - insulated from the minutiae of hardware maintenance - rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.