Computer "Insecurity" and Viral Attacks : Liability Issues Regarding Unsafe Computer Systems Under Quebec Law

Un résumé en français est également disponible.

"Computer ""Insecurity"" and Viral Attacks:Liability Issues Regarding Unsafe Computer Systems Under Quebec Law"

Dans un contexte où les virus informatiques présentent un risque sérieux pour les réseaux à travers le globe, il est impératif de retenir la responsabilité des compagnies qui n’y maintiennent pas une sécurité adéquate. À ce jour, les tribunaux québécois n’ont pas encore été saisis d’affaires en responsabilité pour des virus informatiques. Cet article brosse un portrait général de la responsabilité entourant les virus informatiques en fonction des principes généraux de responsabilité civile en vigueur au Québec. L’auteur propose des solutions pour interpréter les trois critères traditionnels ­ la faute, le dommage et le lien causal ­ en mettant l’accent sur l’obligation de précaution qui repose sur les épaules de l’administrateur de réseau. Ce joueur clé pourrait bénéficier de l’adoption de dispositions générales afin de limiter sa responsabilité. De plus, les manufacturiers et les distributeurs peuvent également partager une partie de la responsabilité en proportion de la gravité de leur faute. Les entreprises ont un devoir légal de s’assurer que leurs systèmes sont sécuritaires afin de protéger les intérêts de leurs clients et des tiers.

Aphidius ervi preferentially attacks the green morph of the pea aphid, Acyrthosiphon pisum

The pea aphid, Acyrthosiphon pisum Harris (Hemiptera: Aphididae) is found in red and green color morphs. Previous work has suggested that the aphidiine parasitoid Aphidius ervi Haliday preferentially attacks green pea aphids in the field. It is not clear whether these results reflect a real preference, or some unknown clonal difference, such as in immunity, between the aphids used in the previous studies. We used three susceptibility-matched pairs of red and green morph pea aphid clones to test for preferences. In a no-choice situation, the parasitoids attacked equal proportions of each color morph. When provided with a choice, A. ervi was significantly more likely to oviposit into colonies formed from green morphs when the neighboring colony was formed from red morph aphids. In contrast, red morphs were less likely to be attacked when their neighboring colony was of the green morph. By preferentially attacking green colonies, A. ervi may reduce the likelihood of intraguild predation, as it is suggested that visually foraging predators preferentially attack red aphid colonies. Furthermore, if this host choice behavior is replicated in the field, we speculate that color morphs of the pea aphid may interact indirectly through their shared natural enemies, leading to intraspecific apparent competition.

Increasing detection rate of user-to-root attacks using genetic algorithms

An extensive set of machine learning and pattern classification techniques trained and tested on KDD dataset failed in detecting most of the user-to-root attacks. This paper aims to provide an approach for mitigating negative aspects of the mentioned dataset, which led to low detection rates. Genetic algorithm is employed to implement rules for detecting various types of attacks. Rules are formed of the features of the dataset identified as the most important ones for each attack type. In this way we introduce high level of generality and thus achieve high detection rates, but also gain high reduction of the system training time. Thenceforth we re-check the decision of the user-to- root rules with the rules that detect other types of attacks. In this way we decrease the false-positive rate. The model was verified on KDD 99, demonstrating higher detection rates than those reported by the state- of-the-art while maintaining low false-positive rate.

A qualified defense of American drone attacks in northwest Pakistan under international humanitarian law

Since the terrorist attacks of September 11, 2001, international law has had to grapple with the fundamental challenges that large-scale violence carried out by non-State actors poses to the traditional inter- State orientation of international law. Questions related to the “adequacy” and “effectiveness” of international humanitarian law, international human rights law and the law related to the use of force have been particularly pronounced. This paper focuses on the international humanitarian law implications of American drone attacks in northwest Pakistan. A highly-advanced modality of modern warfare, armed drones highlight the possibilities, problems, prospects and pitfalls of high-tech warfare. How is the battlefield to be defined and delineated geographically and temporally? Who can be targeted, and by whom? Ultimately, this paper concludes that American drone attacks in northwest Pakistan are not unlawful as such under international humanitarian law, though, like any tactical decision in the context of asymmetric warfare, they should be continuously and closely monitored according to the dictates of law with sensitivity to facts on the ground.

Robust multimodal face and fingerprint fusion in the presence of spoofing attacks

Anti-spoofing is attracting growing interest in biometrics, considering the variety of fake materials and new means to attack biometric recognition systems. New unseen materials continuously challenge state-of-the-art spoofing detectors, suggesting for additional systematic approaches to target anti-spoofing. By incorporating liveness scores into the biometric fusion process, recognition accuracy can be enhanced, but traditional sum-rule based fusion algorithms are known to be highly sensitive to single spoofed instances. This paper investigates 1-median filtering as a spoofing-resistant generalised alternative to the sum-rule targeting the problem of partial multibiometric spoofing where m out of n biometric sources to be combined are attacked. Augmenting previous work, this paper investigates the dynamic detection and rejection of livenessrecognition pair outliers for spoofed samples in true multi-modal configuration with its inherent challenge of normalisation. As a further contribution, bootstrap aggregating (bagging) classifiers for fingerprint spoof-detection algorithm is presented. Experiments on the latest face video databases (Idiap Replay- Attack Database and CASIA Face Anti-Spoofing Database), and fingerprint spoofing database (Fingerprint Liveness Detection Competition 2013) illustrate the efficiency of proposed techniques.

Protection of spruce seedlings against pine weevil attacks by treatment of seeds or seedlings with nicotinamide, nicotinic acid and jasmonic acid

Sustainable methods are required to protect newly planted tree seedlings from insect herbivore attack. To this end, here Norway spruce (Picea abies (L.) Karst.) seeds were treated with 2.5 mM nicotinamide (NIC), 2.5 mM nicotinic acid (NIA), 3 mM jasmonic acid (JA) or 0.2 mM 5-azacytidine (5-Aza), and 6-month-old seedlings grown from these seeds were planted at a reforestation area in central Sweden. Attack by pine weevils (Hylobius abietis) was reduced by 50 per cent by NIC treatment, 62.5 per cent by JA treatment and 25 per cent by 5-Aza treatment, when compared with seedlings grown from untreated seeds. Watering 18-month-old spruce seedlings with 2 mM NIC or 2 mM NIA did reduce attack during the first season in the field by 40 and 53 per cent, respectively, compared with untreated plants. Girdling was also reduced by the different treatments. Analysis of conifer seedlings treated with 5-Aza points at a possible involvement of epigenetic mechanisms in this defensive capacity. This is supported by a reduced level of DNA methylation in the needles of young spruce seedlings grown in a greenhouse from NIC-treated seeds. Seed treatment for seedling defense potentiation is simple, inexpensive and also a new approach for forestry with many potential applications.

Protect grids from DDoS attacks

Recently a number of highly publicised incidents of Distributed Denial of Service (DDoS) attacks have made people aware of the importance of providing available securely the grids’ data and services to users. This paper introduces the vulnerability of grids to DDoS attacks, and proposes a distributed defense system that has a mixture deployment of sub-systems to protect grids from DDoS attacks. According to the simulation experiments, this system is effective to defend grids against attacks. It can avoid overall network congestion and provide more resources to legitimate grid users.

Algebraic attacks over GF(q)

Recent algebraic attacks on LFSR-based stream ciphers and S-boxes have generated much interest as they appear to be extremely powerful. Theoretical work has been developed focusing around the Boo- lean function case. In this paper, we generalize this theory to arbitrary finite fields and extend the theory of annihilators and ideals introduced at Eurocrypt 2004 by Meier, Pasalic and Carlet. In particular, we prove that for any function f in the multivariate polynomial ring over GF(q), f has a low degree multiple precisely when two low degree functions appear in the same coset of the annihilator of f ^{q – 1} – 1. In this case, many such low degree multiples exist.

Distributed defense against distributed denial-of-service attacks

Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.

Safeguard information infrastructure against DDoS attacks: experiments and modeling

Nowadays Distributed Denial of Service (DDoS) attacks have made one of the most serious threats to the information infrastructure. In this paper we firstly present a new filtering approach, Mark-Aided Distributed Filtering (MADF), which is to find the network anomalies by using a back-propagation neural network, deploy the defense system at distributed routers, identify and filtering the attack packets before they can reach the victim; and secondly propose an analytical model for the interactions between DDoS attack party and defense party, which allows us to have a deep insight of the interactions between the attack and defense parties. According to the experimental results, we find that MADF can detect and filter DDoS attack packets with high sensitivity and accuracy, thus provide high legitimate traffic throughput and low attack traffic throughput. Through the comparison between experiments and numerical results, we also demonstrate the validity of the analytical model that can precisely estimate the effectiveness of a DDoS defense system before it encounters different attacks.

Detecting collusion attacks in security protocols

Security protocols have been widely used to safeguard secure electronic transactions. We usually assume that principals are credible and shall not maliciously disclose their individual secrets to someone else. Nevertheless, it is impractical to completely ignore the possibility that some principals may collude in private to achieve a fraudulent or illegal purpose. Therefore, it is critical to address the possibility of collusion attacks in order to correctly analyse security protocols. This paper proposes a framework by which to detect collusion attacks in security protocols. The possibility of security threats from insiders is especially taken into account. The case study demonstrates that our methods are useful and promising in discovering and preventing collusion attacks.