968 resultados para security evaluation
Resumo:
Web threats are becoming a major issue for both governments and companies. Generally, web threats increased as much as 600% during last year (WebSense, 2013). This appears to be a significant issue, since many major businesses seem to provide these services. Denial of Service (DoS) attacks are one of the most significant web threats and generally their aim is to waste the resources of the target machine (Mirkovic & Reiher, 2004). Dis-tributed Denial of Service (DDoS) attacks are typically executed from many sources and can result in large traf-fic flows. During last year 11% of DDoS attacks were over 60 Gbps (Prolexic, 2013a). The DDoS attacks are usually performed from the large botnets, which are networks of remotely controlled computers. There is an increasing effort by governments and companies to shut down the botnets (Dittrich, 2012), which has lead the attackers to look for alternative DDoS attack methods. One of the techniques to which attackers are returning to is DDoS amplification attacks. Amplification attacks use intermediate devices called amplifiers in order to amplify the attacker's traffic. This work outlines an evaluation tool and evaluates an amplification attack based on the Trivial File Transfer Proto-col (TFTP). This attack could have amplification factor of approximately 60, which rates highly alongside other researched amplification attacks. This could be a substantial issue globally, due to the fact this protocol is used in approximately 599,600 publicly open TFTP servers. Mitigation methods to this threat have also been consid-ered and a variety of countermeasures are proposed. Effects of this attack on both amplifier and target were analysed based on the proposed metrics. While it has been reported that the breaching of TFTP would be possible (Schultz, 2013), this paper provides a complete methodology for the setup of the attack, and its verification.
Resumo:
Existing work in Computer Science and Electronic Engineering demonstrates that Digital Signal Processing techniques can effectively identify the presence of stress in the speech signal. These techniques use datasets containing real or actual stress samples i.e. real-life stress such as 911 calls and so on. Studies that use simulated or laboratory-induced stress have been less successful and inconsistent. Pervasive, ubiquitous computing is increasingly moving towards voice-activated and voice-controlled systems and devices. Speech recognition and speaker identification algorithms will have to improve and take emotional speech into account. Modelling the influence of stress on speech and voice is of interest to researchers from many different disciplines including security, telecommunications, psychology, speech science, forensics and Human Computer Interaction (HCI). The aim of this work is to assess the impact of moderate stress on the speech signal. In order to do this, a dataset of laboratory-induced stress is required. While attempting to build this dataset it became apparent that reliably inducing measurable stress in a controlled environment, when speech is a requirement, is a challenging task. This work focuses on the use of a variety of stressors to elicit a stress response during tasks that involve speech content. Biosignal analysis (commercial Brain Computer Interfaces, eye tracking and skin resistance) is used to verify and quantify the stress response, if any. This thesis explains the basis of the author’s hypotheses on the elicitation of affectively-toned speech and presents the results of several studies carried out throughout the PhD research period. These results show that the elicitation of stress, particularly the induction of affectively-toned speech, is not a simple matter and that many modulating factors influence the stress response process. A model is proposed to reflect the author’s hypothesis on the emotional response pathways relating to the elicitation of stress with a required speech content. Finally the author provides guidelines and recommendations for future research on speech under stress. Further research paths are identified and a roadmap for future research in this area is defined.
Resumo:
Side-channel attacks (SCA) threaten electronic cryptographic devices and can be carried out by monitoring the physical characteristics of security circuits. Differential Power Analysis (DPA) is one the most widely studied side-channel attacks. Numerous countermeasure techniques, such as Random Delay Insertion (RDI), have been proposed to reduce the risk of DPA attacks against cryptographic devices. The RDI technique was first proposed for microprocessors but it was shown to be unsuccessful when implemented on smartcards as it was vulnerable to a variant of the DPA attack known as the Sliding-Window DPA attack.Previous research by the authors investigated the use of the RDI countermeasure for Field Programmable Gate Array (FPGA) based cryptographic devices. A split-RDI technique wasproposed to improve the security of the RDI countermeasure. A set of critical parameters wasalso proposed that could be utilized in the design stage to optimize a security algorithm designwith RDI in terms of area, speed and power. The authors also showed that RDI is an efficientcountermeasure technique on FPGA in comparison to other countermeasures.In this article, a new RDI logic design is proposed that can be used to cost-efficiently implementRDI on FPGA devices. Sliding-Window DPA and realignment attacks, which were shown to beeffective against RDI implemented on smartcard devices, are performed on the improved RDIFPGA implementation. We demonstrate that these attacks are unsuccessful and we also proposea realignment technique that can be used to demonstrate the weakness of RDI implementations.
Resumo:
Experiences from smart grid cyber-security incidents in the past decade have raised questions on the applicability and effectiveness of security measures and protection mechanisms applied to the grid. In this chapter we focus on the security measures applied under real circumstances in today’s smart grid systems. Beginning from real world example implementations, we first review cyber-security facts that affected the electrical grid, from US blackout incidents, to the Dragonfly cyber-espionage campaign currently focusing on US and European energy firms. Provided a real world setting, we give information related to energy management of a smart grid looking also in the optimization techniques that power control engineers perform into the grid components. We examine the application of various security tools in smart grid systems, such as intrusion detection systems, smart meter authentication and key management using Physical Unclonable Functions, security analytics and resilient control algorithms. Furthermore we present evaluation use cases of security tools applied on smart grid infrastructure test-beds that could be proved important prior to their application in the real grid, describing a smart grid intrusion detection system application and security analytics results. Anticipated experimental results from the use-cases and conclusions about the successful transitions of security measures to real world smart grid operations will be presented at the end of this chapter.
Resumo:
In many CCTV and sensor network based intelligent surveillance systems, a number of attributes or criteria are used to individually evaluate the degree of potential threat of a suspect. The outcomes for these attributes are in general from analytical algorithms where data are often pervaded with uncertainty and incompleteness. As a result, such individual threat evaluations are often inconsistent, and individual evaluations can change as time elapses. Therefore, integrating heterogeneous threat evaluations with temporal influence to obtain a better overall evaluation is a challenging issue. So far, this issue has rarely be considered by existing event reasoning frameworks under uncertainty in sensor network based surveillance. In this paper, we first propose a weighted aggregation operator based on a set of principles that constraints the fusion of individual threat evaluations. Then, we propose a method to integrate the temporal influence on threat evaluation changes. Finally, we demonstrate the usefulness of our system with a decision support event modeling framework using an airport security surveillance scenario.
Resumo:
Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work.
Resumo:
Mobile malwares are increasing with the growing number of Mobile users. Mobile malwares can perform several operations which lead to cybersecurity threats such as, stealing financial or personal information, installing malicious applications, sending premium SMS, creating backdoors, keylogging and crypto-ransomware attacks. Knowing the fact that there are many illegitimate Applications available on the App stores, most of the mobile users remain careless about the security of their Mobile devices and become the potential victim of these threats. Previous studies have shown that not every antivirus is capable of detecting all the threats; due to the fact that Mobile malwares use advance techniques to avoid detection. A Network-based IDS at the operator side will bring an extra layer of security to the subscribers and can detect many advanced threats by analyzing their traffic patterns. Machine Learning(ML) will provide the ability to these systems to detect unknown threats for which signatures are not yet known. This research is focused on the evaluation of Machine Learning classifiers in Network-based Intrusion detection systems for Mobile Networks. In this study, different techniques of Network-based intrusion detection with their advantages, disadvantages and state of the art in Hybrid solutions are discussed. Finally, a ML based NIDS is proposed which will work as a subsystem, to Network-based IDS deployed by Mobile Operators, that can help in detecting unknown threats and reducing false positives. In this research, several ML classifiers were implemented and evaluated. This study is focused on Android-based malwares, as Android is the most popular OS among users, hence most targeted by cyber criminals. Supervised ML algorithms based classifiers were built using the dataset which contained the labeled instances of relevant features. These features were extracted from the traffic generated by samples of several malware families and benign applications. These classifiers were able to detect malicious traffic patterns with the TPR upto 99.6% during Cross-validation test. Also, several experiments were conducted to detect unknown malware traffic and to detect false positives. These classifiers were able to detect unknown threats with the Accuracy of 97.5%. These classifiers could be integrated with current NIDS', which use signatures, statistical or knowledge-based techniques to detect malicious traffic. Technique to integrate the output from ML classifier with traditional NIDS is discussed and proposed for future work.
Resumo:
Aquaculture is one of the prime catalysts for the socio-economic development of Indian economy contributing to the nations food and nutritional security, export earnings, income and employment generation. In this study an evaluation of extension activities in the development of aquaculture in Kerala. This study was conducted with a view to examine how the Kerala fisheries department offered extension services to the aquaculture farmers in the freshwater and brackish water sectors of the state through various agencies like Fish Farmers Development Agency(FFDA), Brackish water Fish Farmers Development Agency (BFFDA). In this study there are 3 category of respondent’s fresh water beneficiary farmers, brackish water beneficiary farmers and fisheries extension officers. The main motive of the thesis is to make an attempt to explore the responses of local producers to the extension programs of the state with special reference to the aquaculture sector of Kerala, India. The most important technical constraint faced by the fresh water farmers was lack of knowledge followed by non-availability of quality seeds. In the case of brackish water farming, it was infection of disease followed by lack of knowledge. The overall activities of the department of fisheries were ‘fairly good’. It indicate the need for improvements in the delivery of extension services to various target groups. The state fisheries department has already moving towards evolving these modes of extension activities by community participation.
Resumo:
Does the 2009 Stockholm Programme matter? This paper addresses the controversies experienced at EU institutional levels as to ‘who’ should have ownership of the contours of the EU’s policy and legislative multiannual programming in the Area of Freedom, Security and Justice (AFSJ) in a post-Lisbon Treaty landscape. It examines the struggles around the third multiannual programme on the AFSJ, i.e. the Stockholm Programme, and the dilemmas affecting its implementation. The latest affair to emerge relates to the lack of fulfilment by the European Commission of the commitment to provide a mid-term evaluation of the Stockholm Programme’s implementation by mid-2012, as requested by both the Council and the European Parliament. This paper shifts the focus to a broader perspective and raises the following questions: Is the Stockholm Programme actually relevant? What do the discussions behind its implementation tell us about the new institutional dynamics affecting European integration on the AFSJ? Does the EU actually need a new (post- Stockholm) multiannual programme for the period 2015–20? And last, what role should the EP play in legislative and policy programming in order to further strengthen the democratic accountability and legitimacy of the EU’s AFSJ?
Resumo:
Since the advent of the internet in every day life in the 1990s, the barriers to producing, distributing and consuming multimedia data such as videos, music, ebooks, etc. have steadily been lowered for most computer users so that almost everyone with internet access can join the online communities who both produce, consume and of course also share media artefacts. Along with this trend, the violation of personal data privacy and copyright has increased with illegal file sharing being rampant across many online communities particularly for certain music genres and amongst the younger age groups. This has had a devastating effect on the traditional media distribution market; in most cases leaving the distribution companies and the content owner with huge financial losses. To prove that a copyright violation has occurred one can deploy fingerprinting mechanisms to uniquely identify the property. However this is currently based on only uni-modal approaches. In this paper we describe some of the design challenges and architectural approaches to multi-modal fingerprinting currently being examined for evaluation studies within a PhD research programme on optimisation of multi-modal fingerprinting architectures. Accordingly we outline the available modalities that are being integrated through this research programme which aims to establish the optimal architecture for multi-modal media security protection over the internet as the online distribution environment for both legal and illegal distribution of media products.
Resumo:
The UK Biotechnology and Biological Sciences Research Council’s Advanced Training Partnerships initiative represents a significant investment in the provision of high-level skills for the UK food industry sector to address global food security from farm to fork. This paper summarises the background, aims and scope of the Advanced Training Partnerships, their development so far, and offers a view on future directions and evaluation of impact.
Resumo:
The main objective for this degree project was to analyze the Endpoint Security Solutions developed by Cisco, Microsoft and a third minor company solution represented by InfoExpress. The different solutions proposed are Cisco Network Admission Control, Microsoft Network Access Protection and InfoExpress CyberGatekeeper. An explanation of each solution functioning is proposed as well as an analysis of the differences between those solutions. This thesis work also proposes a tutorial for the installation of Cisco Network Admission Control for an easier implementation. The research was done by reading articles on the internet and by experimenting the Cisco Network Admission Control solution. My background knowledge about Cisco routing and ACL was also used. Based on the actual analysis done in this thesis, a conclusion was drawn that all existing solutions are not yet ready for large-scale use in corporate networks. Moreover all solutions are proprietary and incompatible. The future possible standard for Endpoint solution might be driven by Cisco and Microsoft and a rude competition begins between those two giants.
Resumo:
Insurance provision against uncertainties is present in several dimensions of peoples´s lives, such as the provisions related to, inter alia, unemployment, diseases, accidents, robbery and death. Microinsurance improves the ability of low-income individuals to cope with these risks. Brazil has a fairly developed financial system but still not geared towards the poor, especially in what concerns the insurance industry. The evaluation of the microinsurance effects on well-being, and the demand for different types of microinsurance require an analysis of the dynamics of the individual income process and an assessment of substitutes and complementary institutions that condition their respective financial behavior. The evaluation of the microinsurance effects on well-being, and the demand for different types of microinsurance require an analysis of the dynamics of the individual income process and an assessment of substitutes and complementary institutions that condition their respective financial behavior. The Brazilian government provides a relatively developed social security system considering other countries of similar income level which crowds-out the demand for insurance and savings. On the other hand, this same public infrastructure may help to foster microfinance products supply. The objective of this paper is to analyze the demand for different types of private insurance by the low-income population using microdata from a National Expenditure Survey (POF/IBGE). The final objective is to help to understand the trade-offs faced for the development of an emerging industry of microinsurance in Brazil.
Resumo:
Fluoride toothpastes are a risk factor for the development of dental fluorosis. Products with low fluoride content offer a higher security, but their effectiveness must be proven. The aim of this in vitro study was to compare two acidified toothpastes with low fluoride concentration (412 and 550 mu g F/g) with neutral toothpastes. Bovine enamel blocks were selected by surface microhardness (SMH) and randomized to twelve groups of 13, according to the fluoride concentration in toothpaste (placebo, 275, 412, 550 or 1,100 jig F/g) and pH (7.0 or 5.5). Two commercially available toothpastes were also studied: a 1,100-mu g F/g, pH 7.0 paste (positive control) and a children's paste (500 mu g F/g, pH 7.0). The blocks were subjected to pH cycling for 7 days. The toothpaste treatment was done twice daily. Surface and cross-sectional microhardnesses were assessed to calculate the percentage change of SMH (%SMH) and the mineral loss (Delta Z). The amount of fluoride, calcium and phosphorus in the solutions after the pH cycling was also analyzed. Compared to neutral toothpastes, the acidified toothpastes reduced the %SMH in all F concentrations. Higher F and lower Ca and P concentrations were found in solutions for the acidified toothpastes. Regarding AZ, only the positive control, 1,100-mu g F/g (acidified and neutral) groups were not statistically different. The acidified toothpastes showed a dose-response relationship with all variables. For the low-fluoride toothpastes evaluated, only the 550-mu g F/g acidified paste had the same anticariogenic action as the 1,100-mu g F/g neutral paste.
Resumo:
Recently, considerable research work have been conducted towards finding fast and accurate pattern classifiers for training Intrusion Detection Systems (IDSs). This paper proposes using the so called Fuzzy ARTMAT classifier to detect intrusions in computer network. Our investigation shows, through simulations, how efficient such a classifier can be when used as the learning mechanism of a typical IDS. The promising evaluation results in terms of both detection accuracy and training duration indicate that the Fuzzy ARTMAP is indeed viable for this sort of application.
