A modified moment-based image watermarking method robust to cropping attack

Developing a watermarking method that is robust to cropping attack is a challenging task in image watermarking. The moment-based watermarking schemes show good robustness to common signal processing attacks and some geometric attacks but are sensitive to cropping attack. In this paper, we modify the moment-based approach to deal with cropping attack. Firstly, we find the probability density function (pdf) of the pixel value distribution from the original image. Secondly, we reshape and normalize the pdf of the pixel value distribution (PPVD) to form a two dimensional image. Then, the moment invariants are calculated from the PPVD image. Since PPVD is insensitive to cropping, the proposed method is robust to cropping attack. Besides, it also has high robustness against other common attacks. Experimental results demonstrate the effectiveness of the proposed method.

Crime toolkits : the productisation of cybercrime

The productisation of crime toolkits is happening at an ever-increasing rate. Previous attacks that required indepth knowledge of computer systems can now be purchased online. Large scale attacks previously requiring months to setup a botnet can now be scheduled for a small fee. Criminals are leveraging this opportunity of commercialization, by compromising web applications and user's browser, to gain advantages such as using the computer's resources for launching further attacks, or stealing data such as identifying information. Crime toolkits are being developed to attack an increasing number of applications and can now be deployed by attackers with little technical knowledge. This paper surveys the current trends in crime toolkits, with a case study on the Zeus botnet. We profile the types of exploits that malicious writers prefer, with a view to predicting future attack trends. We find that the scope for damage is increasing, particularly as specialisation and scale increase in cybercrime.

Information security governance: the art of detecting hidden malware

Detecting malicious software or malware is one of the major concerns in information security governance as malware authors pose a major challenge to digital forensics by using a variety of highly sophisticated stealth techniques to hide malicious code in computing systems, including smartphones. The current detection techniques are futile, as forensic analysis of infected devices is unable to identify all the hidden malware, thereby resulting in zero day attacks. This chapter takes a key step forward to address this issue and lays foundation for deeper investigations in digital forensics. The goal of this chapter is, firstly, to unearth the recent obfuscation strategies employed to hide malware. Secondly, this chapter proposes innovative techniques that are implemented as a fully-automated tool, and experimentally tested to exhaustively detect hidden malware that leverage on system vulnerabilities. Based on these research investigations, the chapter also arrives at an information security governance plan that would aid in addressing the current and future cybercrime situations.

Using feature selection and classification scheme for automating phishing email detection

Email has become the critical communication medium for most organizations. Unfortunately, email-born attacks in computer networks are causing considerable economic losses worldwide. Exiting phishing email blocking appliances have little effect in weeding out the vast majority of phishing emails. At the same time, online criminals are becoming more dangerous and sophisticated. Phishing emails are more active than ever before and putting the average computer user and organizations at risk of significant data, brand and financial loss. In this paper, we propose a hybrid feature selection approach based combination of content-based and behaviour-based. The approach could mine the attacker behaviour based on email header. On a publicly available test corpus, our hybrid features selection is able to achieve 94% accuracy rate.

Crime toolkits : the current threats to web applications

Increasingly, web applications are being developed over the Internet. Securing these web applications is becoming important as they hold critical security features. However, cybercriminals are becoming smarter by developing a crime toolkit, and employing sophisticated techniques to evade detection. These crime toolkits can be used by any person to target Internet users. In this paper, we explore the techniques used in crime toolkits. We present a current state-of-the-art analysis of crime toolkits and focus on attacks against web applications. The crime toolkit techniques are compared with the vulnerability of web applications to help reveal particular behaviour such as popular web application vulnerabilities that malicious writers prefer. In addition, we outline the existing protection mechanism, and observe that the possibility for damage is rising, particularly as specialization and scale increase in cybercrime.

Malware detection and prevention system based on multi-stage rules

The continuously rising Internet attacks pose severe challenges to develop an effective Intrusion Detection System (IDS) to detect known and unknown malicious attack. In order to address the problem of detecting known, unknown attacks and identify an attack grouped, the authors provide a new multi stage rules for detecting anomalies in multi-stage rules. The authors used the RIPPER for rule generation, which is capable to create rule sets more quickly and can determine the attack types with smaller numbers of rules. These rules would be efficient to apply for Signature Intrusion Detection System (SIDS) and Anomaly Intrusion Detection System (AIDS).

Political Islam and human security

In the wake of the September 11 and subsequent terrorist attacks, the academic and media commentaries on Islam the religion and Islam the basis for political ideology haves received an unprecedented high level of exposure and attention. The acts of political violence by extremist groups and the omnipresent war on terror have added fresh uncertainties to an already complex global order. Just as terrorism and counter-terrorism are locked in a mutually re-enforcing symbiosis, the sense of insecurity felt by Muslims and non-Muslims alike is mutually dependent and has the potential to escalate. This general assessment holds true for Muslims living in the Muslim world and beyond. The pervasive sense of being under attack physically and culturally by the United States and its allies has contributed to a growing unease among Muslims and re-enforced deep-seated mistrust of the ‘West’. Public articulation of such misgivings has in turn, lent credence to Western observers who posit an inherent antipathy between the West and the Muslim world. The subsequent policies that have emerged in this context of fear and mutual distrust have contributed to the vicious cycle of insecurity.

"It's about freedom": contesting dominant representations of devout Muslim women in the space of the nation

Since September 11 there has been a rise of Islamophobia in Australian public discourse, matched by a growth of racialised attacks on visibly identifiable Muslims in public space. These cultural racisms have arisen in a context where Islamic religious signifiers and practices have come to be read as signs of fundamentalism, terrorism and threat to national political traditions and cultural values. In particular, the hijab has become a symbol of these tensions, with the veiled woman being read as the embodiment of a ‘repressive and fundamentalist religion’. However, as some Muslim and feminist scholars have proposed, these readings rob Muslim women of their ability to articulate the reasons why wear the veil or engage in gendered religious practices. This paper argues that this enacts a form of disembodiment, whereby Muslim womens’ ability to comfortably inhabit their bodies and assert themselves in the public sphere is limited. In particular the paper draws upon two case studies which express this disembodiment, whilst highlighting the counter-strategies that devout Muslim women are adopting to reinsert their bodies and narratives in the national frame. The first refers to the recent media backlash which followed a public lecture held at Melbourne University by Islamic organization Hikmah Way, where the audience was segregated along gender lines. The second draws upon interviews conducted with veiled Muslim women in Sydney, following the Cronulla riot. These interviews show how Muslim women are contesting dominant representations of the hijab in western popular discourse by recoding it as a signifier of religious and national identity, and as an expression of democratic freedom.

Wave of bombings across Iraq ahead of elections

The people of Iraq have also endured bombings but on a larger scale. There are media reports saying up to thirty-one people were killed in dozens of separate explosions across different Iraqi provinces including two blasts at a checkpoint at Baghdad international airport.

This comes just days before provincial elections across Iraq, the first ballot since the withdrawal of US troops at the end of 2011. Although it is unclear who carried out the attacks different factions are increasingly stoking the fire as they vie for political power in the upcoming elections. Tawar Razaghi spoke to Senior Research Fellow, Dr Benjamin Isakhan, at the Centre for Citizenship and Globalisation at Deakin University.

The new anti-semitism

The new Anti-Semitism is a term that came into use to describe attacks on Jews across the world that erupted in the aftermath of the outbreak of Israeli-Palestinian fighting in September 2000 after the collapse of the Camp David peace talks. The conflict unleashed a wave of suicide bombings in Israel and led to Israel reoccupying Palestinian areas. This fighting triggered an outburst of antiSemitism not seen since the end of the World War II. Nearly 100 synagogues were attacked across the world in the four weeks from the end of September to October 2000; more were burnt down at any time since Kristallnacht, when Nazis attacked Jewish institutions in Germany in 1938.

An attack-resistant hybrid data-privatization method with low information loss

We examine a recent proposal for data-privatization by testing it against well-known attacks, we show that all of these attacks successfully retrieve a relatively large (and unacceptable) portion of the original data. We then indicate how the data-privatization method examined can be modified to assist it to withstand these attacks and compare the performance of the two approaches. We also show that the new method has better privacy and lower information loss than the former method.

Towards designing privacy-preserving signature-based IDS as a service : a study and practice

With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative to protect a network (e.g., financial organization) from a wide range of network attacks by offloading the expensive operations such as the process of signature matching to the cloud. The IDSaaS can be roughly classified into two types: signature-based detection and anomaly-based detection. During the packet inspection, no party wants to disclose their own data especially sensitive information to others, even to the cloud provider, for privacy concerns. However, current solutions of IDSaaS have not much discussed this issue. In this work, focus on the signature-based IDSaaS, we begin by designing a promising privacy-preserving intrusion detection mechanism, the main feature of which is that the process of signature matching does not reveal any specific content of network packets by means of a fingerprint-based comparison. We further conduct a study to evaluate this mechanism under a cloud scenario and identify several open problems and issues for designing such a privacy-preserving mechanism for IDSaaS in a practical environment.

A hierarchical PCA-based anomaly detection model

A hierarchical intrusion detection model is proposed to detect both anomaly and misuse attacks. In order to further speed up the training and testing, PCA-based feature extraction algorithm is used to reduce the dimensionality of the data. A PCA-based algorithm is used to filter normal data out in the upper level. The experiment results show that PCA can reduce noise in the original data set and the PCA-based algorithm can reach the desirable performance.

A general cloud firewall framework with dynamic resource allocation

Cloud is becoming a dominant computing platform. However, we see few work on how to protect cloud data centers. As a cloud usually hosts many different type of applications, the traditional packet level firewall mechanism is not suitable for cloud platforms in case of complex attacks. It is necessary to perform anomaly detection at the event level. Moreover, protecting objects are more diverse than the traditional firewall. Motivated by this, we propose a general framework of cloud firewall, which features event level detection chain with dynamic resource allocation. We establish a mathematical model for the proposed framework. Moreover, a linear resource investment function is proposed for economical dynamical resource allocation for cloud firewalls. A few conclusions have been extracted for the reference of cloud service providers and designers.