Impact of Metric Selection on Wireless DeAuthentication DoS Attack Performance

DeAuthentication Denial of Service attacks in Public Access WiFi operate by exploiting the lack of authentication of management frames in the 802.11 protocol. Detection of these attacks rely almost exclusively on the selection of appropriate thresholds. In this work the authors demonstrate that there are additional, previously unconsidered, metrics which also influence DoS detection performance. A method of systematically tuning these metrics to optimal values is proposed which ensures that parameter choices are repeatable and verifiable.

Authority dependence and judgments of utilitarian harm

Three studies tested the conditions under which people judge utilitarian harm to be authority dependent (i.e., whether its right or wrongness depends on the ruling of an authority). In Study 1, participants judged the right or wrongness of physical abuse when used as an interrogation method anticipated to yield useful information for preventing future terrorist attacks. The ruling of the military authority towards the harm was manipulated (prohibited vs. prescribed) and found to significantly influence judgments of the right or wrongness of inflicting harm. Study 2 established a boundary condition with regards to the influence of authority, which was eliminated when the utility of the harm was definitely obtained rather than forecasted. Finally, Study 3 replicated the findings of Studies 1-2 in a completely different context—an expert committee’s ruling about the harming of chimpanzees for biomedical research. These results are discussed as they inform ongoing debates regarding the role of authority in moderating judgments of complex and simple harm. 2013 Elsevier B.V. © All rights reserved.

Effect of acarbose on biochemical responses and clinical symptoms in dumping syndrome

A dose of 50 mg of acarbose was administered with a standard breakfast to 13 subjects with dumping syndrome. Significant attenuation of hyperglycaemia (p less than 0.01) was observed, and rises in plasma gastric inhibitory polypeptide, insulin and enteroglycagon were reduced (p less than 0.05). Plasma levels of neurotensin, vasoactive intestinal polypeptide and somatostatin were not affected. Dumping score was reduced, but this did not achieve statistical significance. In a longer-term study, 9 patients took acarbose, 50 mg t.i.d., for 1 month. No significant reduction in the number or severity of dumping attacks was observed, but a majority expressed a preference for the drug and some individuals experienced a marked improvement of symptoms.

Impact of Cyber-Security Issues on Smart Grid

Greater complexity and interconnectivity across systems embracing Smart Grid technologies has meant that cyber-security issues have attracted significant attention. This paper describes pertinent cyber-security requirements, in particular cyber attacks and countermeasures which are critical for reliable Smart Grid operation. Relevant published literature is presented for critical aspects of Smart Grid cyber-security, such as vulnerability, interdependency, simulation, and standards. Furthermore, a preliminary study case is given which demonstrates the impact of a cyber attack which violates the integrity of data on the load management of real power system. Finally, the paper proposes future work plan which focuses on applying intrusion detection and prevention technology to address cyber-security issues. This paper also provides an overview of Smart Grid cyber-security with reference to related cross-disciplinary research topics.

Rule-Based Intrusion Detection System for SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified using a ruled based method.

Intrusion Detection System for Network Security in Synchrophasor Systems

Synchrophasor systems will play a crucial role in next generation Smart Grid monitoring, protection and control. However these systems also introduce a multitude of potential vulnerabilities from malicious and inadvertent attacks, which may render erroneous operation or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attack and unintended misuse. The SSIDS comprises a heterogeneous whitelist and behavior-based approach to detect known attack types and unknown and so-called ‘zero-day’ vulnerabilities and attacks. The paper describes reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attack types executed against a practical synchrophasor system which are used to validate the real-time effectiveness of the proposed SSIDS cyber detection method.

Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules.

Multi-Attribute SCADA-Specific Intrusion Detection System for Power Networks

The increased interconnectivity and complexity of supervisory control and data acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential vulnerabilities. In this paper, we present a novel approach for a next-generation SCADA-specific intrusion detection system (IDS). The proposed system analyzes multiple attributes in order to provide a comprehensive solution that is able to mitigate varied cyber-attack threats. The multiattribute IDS comprises a heterogeneous white list and behavior-based concept in order to make SCADA cybersystems more secure. This paper also proposes a multilayer cyber-security framework based on IDS for protecting SCADA cybersecurity in smart grids without compromising the availability of normal data. In addition, this paper presents a SCADA-specific cybersecurity testbed to investigate simulated attacks, which has been used in this paper to validate the proposed approach.

Picking up the Pieces: Self-Healing in reconfigurable networks

We consider the problem of self-healing in networks that are reconfigurable in the sense that they can change their topology during an attack. Our goal is to maintain connectivity in these networks, even in the presence of repeated adversarial node deletion, by carefully adding edges after each attack. We present a new algorithm, DASH, that provably ensures that: 1) the network stays connected even if an adversary deletes up to all nodes in the network; and 2) no node ever increases its degree by more than 2 log n, where n is the number of nodes initially in the network. DASH is fully distributed; adds new edges only among neighbors of deleted nodes; and has average latency and bandwidth costs that are at most logarithmic in n. DASH has these properties irrespective of the topology of the initial network, and is thus orthogonal and complementary to traditional topology- based approaches to defending against attack. We also prove lower-bounds showing that DASH is asymptotically optimal in terms of minimizing maximum degree increase over multiple attacks. Finally, we present empirical results on power-law graphs that show that DASH performs well in practice, and that it significantly outperforms naive algorithms in reducing maximum degree increase.

PRECYSE: Cyber-attack Detection and Response for Industrial Control Systems

In this short paper, we present an integrated approach to detecting and mitigating cyber-attacks to modern interconnected industrial control systems. One of the primary goals of this approach is that it is cost effective, and thus whenever possible it builds on open-source security technologies and open standards, which are complemented with novel security solutions that address the specific challenges of securing critical infrastructures.

Targeted Impersonation As A Tool For The Detection Of Biometric System Vulnerabilities

This paper argues that biometric verification evaluations can obscure vulnerabilities that increase the chances that an attacker could be falsely accepted. This can occur because existing evaluations implicitly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. This paper shows how an attacker can select a target with a similar biometric signature in order to increase their chances of false acceptance. It demonstrates this effect using a publicly available iris recognition algorithm. The evaluation shows that the system can be vulnerable to attackers targeting subjects who are enrolled with a smaller section of iris due to occlusion. The evaluation shows how the traditional DET curve analysis conceals this vulnerability. As a result, traditional analysis underestimates the importance of an existing score normalisation method for addressing occlusion. The paper concludes by evaluating how the targeted false acceptance rate increases with the number of available targets. Consistent with a previous investigation of targeted face verification performance, the experiment shows that the false acceptance rate can be modelled using the traditional FAR measure with an additional term that is proportional to the logarithm of the number of available targets.

TARGETED BIOMETRIC IMPERSONATION

When applying biometric algorithms to forensic verification, false acceptance and false rejection can mean a failure to identify a criminal, or worse, lead to the prosecution of individuals for crimes they did not commit. It is therefore critical that biometric evaluations be performed as accurately as possible to determine their legitimacy as a forensic tool. This paper argues that, for forensic verification scenarios, traditional performance measures are insufficiently accurate. This inaccuracy occurs because existing verification evaluations implicitly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. In addition to describing this new vulnerability, the paper describes a novel Targeted.. FAR metric that combines the traditional False Acceptance Rate (FAR) measure with a term that indicates how performance degrades with the number of potential targets. The paper includes an evaluation of the effects of targeted impersonation on an existing academic face verification system. This evaluation reveals that even with a relatively small number of targets false acceptance rates can increase significantly, making the analysed biometric systems unreliable.

Tracking smart grid hackers

The next-generation smart grid will rely highly on telecommunications infrastructure for data transfer between various systems. Anywhere we have data transfer in a system is a potential security threat. When we consider the possibility of smart grid data being at the heart of our critical systems infrastructure it is imperative that we do all we can to ensure the confidentiality, availability and integrity of the data. A discussion on security itself is outside the scope of this paper, but if we assume the network to be as secure as possible we must consider what we can do to detect when that security fails, or when the attacks comes from the inside of the network. One way to do this is to setup a hacker-trap, or honeypot. A honeypot is a device or service on a network which appears legitimate, but is in-fact a trap setup to catch breech attempts. This paper identifies the different types of honeypot and describes where each may be used. The authors have setup a test honeypot system which has been live for some time. The test system has been setup to emulate a device on a utility network. The system has had many hits, which are described in detail by the authors. Finally, the authors discuss how larger-scale systems in utilities may benefit from honeypot placement.

Inhibition of Rho-kinase protects cerebral barrier from ischaemia-evoked injury through modulations of endothelial cell oxidative stress and tight junctions

Ischaemic strokes evoke blood-brain barrier (BBB) disruption and oedema formation through a series of mechanisms involving Rho-kinase activation. Using an animal model of human focal cerebral ischaemia, this study assessed and confirmed the therapeutic potential of Rho-kinase inhibition during the acute phase of stroke by displaying significantly improved functional outcome and reduced cerebral lesion and oedema volumes in fasudil- versus vehicle-treated animals. Analyses of ipsilateral and contralateral brain samples obtained from mice treated with vehicle or fasudil at the onset of reperfusion plus 4 h post-ischaemia or 4 h post-ischaemia alone revealed these benefits to be independent of changes in the activity and expressions of oxidative stress- and tight junction-related parameters. However, closer scrutiny of the same parameters in brain microvascular endothelial cells subjected to oxygen-glucose deprivation ± reperfusion revealed marked increases in prooxidant NADPH oxidase enzyme activity, superoxide anion release and in expressions of antioxidant enzyme catalase and tight junction protein claudin-5. Cotreatment of cells with Y-27632 prevented all of these changes and protected in vitro barrier integrity and function. These findings suggest that inhibition of Rho-kinase after acute ischaemic attacks improves cerebral integrity and function through regulation of endothelial cell oxidative stress and reorganization of intercellular junctions. Inhibition of Rho-kinase (ROCK) activity in a mouse model of human ischaemic stroke significantly improved functional outcome while reducing cerebral lesion and oedema volumes compared to vehicle-treated counterparts. Studies conducted with brain microvascular endothelial cells exposed to OGD ± R in the presence of Y-27632 revealed restoration of intercellular junctions and suppression of prooxidant NADPH oxidase activity as important factors in ROCK inhibition-mediated BBB protection.

Perceptual Watermarking for Discrete Shearlet Transform

This paper presents a new perceptual watermarking model for Discrete Shearlet transform (DST). DST provides the optimal representation [10] of the image features based on multi-resolution and multi-directional analysis. This property can be exploited on for watermark embedding to achieve the watermarking imperceptibility by introducing the human visual system using Chou’s model. In this model, a spatial JND profile is adapted to fit the sub-band structure. The combination of DST and the Just-Noticeable Distortion (JND) profile improves the levels of robustness against certain attacks while minimizing the distortion; by assigning a visibility threshold of distortion to each DST sub-band coefficient in the case of grey scale image watermarking.