916 resultados para attack trees
Resumo:
In this paper we identify requirements for choosing a threat modelling formalisation for modelling sophisticated malware such as Duqu 2.0. We discuss the gaps in current formalisations and propose the use of Attack Trees with Sequential Conjunction when it comes to analysing complex attacks. The paper models Duqu 2.0 based on the latest information sourced from formal and informal sources. This paper provides a well structured model which can be used for future analysis of Duqu 2.0 and related attacks.
Resumo:
This paper presents a formal methodology for attack modeling and detection for networks. Our approach has three phases. First, we extend the basic attack tree approach 1 to capture (i) the temporal dependencies between components, and (ii) the expiration of an attack. Second, using the enhanced attack trees (EAT) we build a tree automaton that accepts a sequence of actions from input stream if there is a traverse of an attack tree from leaves to the root node. Finally, we show how to construct an enhanced parallel automaton (EPA) that has each tree automaton as a subroutine and can process the input stream by considering multiple trees simultaneously. As a case study, we show how to represent the attacks in IEEE 802.11 and construct an EPA for it.
Resumo:
A complex attack is a sequence of temporally and spatially separated legal and illegal actions each of which can be detected by various IDS but as a whole they constitute a powerful attack. IDS fall short of detecting and modeling complex attacks therefore new methods are required. This paper presents a formal methodology for modeling and detection of complex attacks in three phases: (1) we extend basic attack tree (AT) approach to capture temporal dependencies between components and expiration of an attack, (2) using enhanced AT we build a tree automaton which accepts a sequence of actions from input message streams from various sources if there is a traversal of an AT from leaves to root, and (3) we show how to construct an enhanced parallel automaton that has each tree automaton as a subroutine. We use simulation to test our methods, and provide a case study of representing attacks in WLANs.
Resumo:
Khaya senegalensis, African mahogany, a high-value hardwood, was introduced in the Northern Territory (NT) in the 1950s; included in various trials there and at Weipa, Q in the 1960s-1970s; planted on ex mine sites at Weipa (160 ha) until 1985; revived in farm plantings in Queensland and in trials in the NT in the 1990s; adopted for large-scale, annual planting in the Douglas-Daly region, NT from 2006 and is to have the planted area in the NT extended to at least 20,000 ha. The recent serious interest from plantation growers, including Forest Enterprises Australia Ltd (FEA), has seen the establishment of some large scale commercial plantations. FEA initiated the current study to process relatively young plantation stands from both Northern Territory and Queensland plantations to investigate the sawn wood and veneer recovery and quality from trees ranging from 14 years (NT – 36 trees) to 18-20 years (North Queensland – 31 trees). Field measures of tree size and straightness were complemented with log end splitting assessment and cross-sectional disc sample collection for laboratory wood properties measurements including colour and shrinkage. End-splitting scores assessed on sawn logs were relatively low compared to fast grown plantation eucalypts and did not impact processing negatively. Heartwood proportion in individual trees ranged from 50% up to 92 % of butt cross-sectional disc area for the visually-assessed dark coloured central heartwood and lighter coloured transition wood combined. Dark central heartwood proportion was positively related to tree size (R2 = 0.57). Chemical tests failed to assist in determining heartwood – sapwood boundary. Mean basic density of whole disc samples was 658 kg/m3 and ranged among trees from 603 to 712 kg/m3. When freshly sawn, the heartwood of African mahogany was orange-red to red. Transition wood appeared to be pinkish and the sapwood was a pale yellow colour. Once air dried the heartwood colour generally darkens to pinkish-brown or orange-brown and the effect of prolonged time and sun exposure is to darken and change the heartwood to a red-brown colour. A portable colour measurement spectrophotometer was used to objectively assess colour variation in CIE L*, a* and b* values over time with drying and exposure to sunlight. Capacity to predict standard colour values accurately after varying periods of direct sunlight exposure using results obtained on initial air-dried surfaces decreased with increasing time to sun exposure. The predictions are more accurate for L* values which represent brightness than for variation in the a* values (red spectrum). Selection of superior breeding trees for colour is likely to be based on dried samples exposed to sunlight to reliably highlight wood colour differences. A generally low ratio between tangential and radial shrinkages was found, which was reflected in a low incidence of board distortion (particularly cupping) during drying. A preliminary experiment was carried out to investigate the quality of NIR models to predict shrinkage and density. NIR spectra correlated reasonably well with radial shrinkage and air dried density. When calibration models were applied to their validation sets, radial shrinkage was predicted to an accuracy of 76% with Standard Error of Prediction of 0.21%. There was also a strong predictive power for wood density. These are encouraging results suggesting that NIR spectroscopy has good potential to be used as a non-destructive method to predict shrinkage and wood density using 12mm diameter increment core samples. Average green off saw recovery was 49.5% (range 40 to 69%) for Burdekin Agricultural College (BAC) logs and 41.9% (range 20 to 61%) for Katherine (NT) logs. These figures are about 10% higher than compared to 30-year-old Khaya study by Armstrong et al. (2007) however they are inflated as the green boards were not docked to remove wane prior to being tallied. Of the recovered sawn, dried and dressed volume from the BAC logs, based on the cambial face of boards, 27% could potentially be used for select grade, 40% for medium feature grade and 26% for high feature grades. The heart faces had a slightly higher recovery of select (30%) and medium feature (43%) grade boards with a reduction in the volume of high feature (22%) and reject (6%) grade boards. Distribution of board grades for the NT site aged 14 years followed very similar trends to those of the BAC site boards with an average (between facial and cambial face) 27% could potentially be used for select grade, 42% for medium feature grade, 26% for high feature grade and 5% reject. Relatively to some other subtropical eucalypts, there was a low incidence of borer attack. The major grade limiting defects for both medium and high feature grade boards recovered from the BAC site were knots and wane. The presence of large knots may reflect both management practices and the nature of the genetic material at the site. This stand was not managed for timber production with a very late pruning implemented at about age 12 years. The large amount of wane affected boards is indicative of logs with a large taper and the presence of significant sweep. Wane, knots and skip were the major grade limiting defects for the NT site reflecting considerable amounts of sweep with large taper as might be expected in younger trees. The green veneer recovered from billets of seven Khaya trees rotary peeled on a spindleless lathe produced a recovery of 83% of green billet volume. Dried veneer recovery ranged from 40 to 74 % per billet with an average of 64%. All of the recovered grades were suitable for use in structural ply in accordance to AS/NZ 2269: 2008. The majority of veneer sheets recovered from all billets was C grade (27%) with 20% making D grade and 13% B grade. Total dry sliced veneer recovery from the logs of the two largest logs from each location was estimated to be 41.1%. Very positive results have been recorded in this small scale study. The amount of colour development observed and the very reasonable recoveries of both sawn and veneer products, with a good representation of higher grades in the product distribution, is encouraging. The prospects for significant improvement in these results from well managed and productive stands grown for high quality timber should be high. Additionally, the study has shown the utility of non-destructive evaluation techniques for use in tree improvement programs to improve the quality of future plantations. A few trees combined several of the traits desired of individuals for a first breeding population. Fortunately, the two most promising trees (32, 19) had already been selected for breeding on external traits, and grafts of them are established in the seed orchard.
Resumo:
Phoracantha longicorn beetles are endemic to Australia, and some species have become significant pests of eucalypts worldwide, yet little is known about their host plant interactions and factors influencing tree susceptibility in Australia. Here, we investigate the host relationships of Phoracantha solida (Blackburn, 1894) on four eucalypt taxa (one pure species and three hybrid families), examining feeding site physical characteristics including phloem thickness, density, and moisture content, and host tree factors such as diameter, height, growth, taper, and survival. We also determine the cardinal and vertical (within-tree) and horizontal (between-tree) spatial distribution of borers. Fewer than 10% of P. solida attacks were recorded from the pure species (Corymbia citriodora subsp. variegate (Hook)), and this taxon also showed the highest survival, phloem thickness, relative growth rate, and bark:wood area. For the two most susceptible taxa, borer severity was negatively correlated with moisture content, and positively related to phloem density. Borers were nonrandomly and nonuniformly distributed within trees, and were statistically aggregated in 32% of plots. More attacks were situated on the northern side of the tree than the other aspects, and most larvae fed within the lower 50 cm of the bole, with attack height positively correlated with severity. Trees with borers had more dead neighbors, and more bored neighbors, than trees without borers, while within plots, borer incidence and severity were positively correlated. Because the more susceptible taxa overlapped with less susceptible taxa for several physical tree factors, the role of primary and secondary chemistries in determining host suitability needs to be investigated. Nevertheless, taxon, moisture content, phloem density, tree size, and mortality of neighboring trees appeared the most important physical characteristics influencing host suitability for P. solida at this site.
Resumo:
Data on sleep-related behaviors were collected for a group of central Yunnan black crested gibbons (Nomascus concolor jingdongensis) at Mt. Wuliang, Yunnan, China from March 2005 to April 2006. Members of the group usually formed four sleeping units (adult male and juvenile, adult female with one semi-dependent black infant, adult female with one dependent yellow infant, and subadult male) spread over different sleeping trees. Individuals or units preferred specific areas to sleep; all sleeping sites were situated in primary forest, mostly (77%) between 2,200 and 2,400 m in elevation. They tended to sleep in the tallest and thickest trees with large crowns on steep slopes and near important food patches. Factors influencing sleeping site selection were (1) tree characteristics, (2) accessibility, and (3) easy escape. Few sleeping trees were used repeatedly by the same or other members of the group. The gibbons entered the sleeping trees on average 128 min before sunset and left the sleeping trees on average 33 min after sunrise. The lag between the first and last individual entering the trees was on average 17.8 min. We suggest that sleep-related behaviors are primarily adaptations to minimize the risk of being detected by predators. Sleeping trees may be chosen to make approach and attack difficult for the predator, and to provide an easy escape route in the dark. In response to cold temperatures in a higher habitat, gibbons usually sit and huddle together during the night, and in the cold season they tend to sleep on ferns and/or orchids.
Resumo:
We consider the problem of self-healing in peer-to-peer networks that are under repeated attack by an omniscient adversary. We assume that, over a sequence of rounds, an adversary either inserts a node with arbitrary connections or deletes an arbitrary node from the network. The network responds to each such change by quick “repairs,” which consist of adding or deleting a small number of edges. These repairs essentially preserve closeness of nodes after adversarial deletions, without increasing node degrees by too much, in the following sense. At any point in the algorithm, nodes v and w whose distance would have been l in the graph formed by considering only the adversarial insertions (not the adversarial deletions), will be at distance at most l log n in the actual graph, where n is the total number of vertices seen so far. Similarly, at any point, a node v whose degree would have been d in the graph with adversarial insertions only, will have degree at most 3d in the actual graph. Our distributed data structure, which we call the Forgiving Graph, has low latency and bandwidth requirements. The Forgiving Graph improves on the Forgiving Tree distributed data structure from Hayes et al. (2008) in the following ways: 1) it ensures low stretch over all pairs of nodes, while the Forgiving Tree only ensures low diameter increase; 2) it handles both node insertions and deletions, while the Forgiving Tree only handles deletions; 3) it requires only a very simple and minimal initialization phase, while the Forgiving Tree initially requires construction of a spanning tree of the network.
Resumo:
Existing compact routing schemes, e.g., Thorup and Zwick [SPAA 2001] and Chechik [PODC 2013], often have no means to tolerate failures, once the system has been setup and started. This paper presents, to our knowledge, the first self-healing compact routing scheme. Besides, our schemes are developed for low memory nodes, i.e., nodes need only O(log2 n) memory, and are thus, compact schemes.
We introduce two algorithms of independent interest: The first is CompactFT, a novel compact version (using only O(log n) local memory) of the self-healing algorithm Forgiving Tree of Hayes et al. [PODC 2008]. The second algorithm (CompactFTZ) combines CompactFT with Thorup-Zwick’s treebased compact routing scheme [SPAA 2001] to produce a fully compact self-healing routing scheme. In the self-healing model, the adversary deletes nodes one at a time with the affected nodes self-healing locally by adding few edges. CompactFT recovers from each attack in only O(1) time and ∆ messages, with only +3 degree increase and O(log∆) graph diameter increase, over any sequence of deletions (∆ is the initial maximum degree).
Additionally, CompactFTZ guarantees delivery of a packet sent from sender s as long as the receiver has not been deleted, with only an additional O(y log ∆) latency, where y is the number of nodes that have been deleted on the path between s and t. If t has been deleted, s gets informed and the packet removed from the network.
Resumo:
The authors report a massive attack by Pseudomyrmex ants on a human who touched a Triplaria - novice tree (Triplaris spp). The ants naturally live in these trees and their stings cause intense pain and discrete to moderate local inflammation. The problem is common in sonic Brazilian regions and can be prevented by identifying the trees.
Resumo:
Integral attacks are well-known to be effective against byte-based block ciphers. In this document, we outline how to launch integral attacks against bit-based block ciphers. This new type of integral attack traces the propagation of the plaintext structure at bit-level by incorporating bit-pattern based notations. The new notation gives the attacker more details about the properties of a structure of cipher blocks. The main difference from ordinary integral attacks is that we look at the pattern the bits in a specific position in the cipher block has through the structure. The bit-pattern based integral attack is applied to Noekeon, Serpent and present reduced up to 5, 6 and 7 rounds, respectively. This includes the first attacks on Noekeon and present using integral cryptanalysis. All attacks manage to recover the full subkey of the final round.
Resumo:
The work was both conceived and constructed in-situ within Gnombup Swamp a seasonal water body at Bremer Bay, Western Australia. The work interacts with site-specific conditions including wind patterns and a datum of seasonal water levels marks. The work is the result of collaboration between soil scientist Paula Deegan and Ian Weir. The installation was documented with a series of 30 still digital photographs, later animated in Microsoft Powerpoint.
Resumo:
High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.
