Prevention of Malicious Nodes Communication in MANETs by Using Authorized Tokens

NASA Astrophysics Data System (ADS)

Chandrakant, N.; Shenoy, P. Deepa; Venugopal, K. R.; Patnaik, L. M.

A rapid increase of wireless networks and mobile computing applications has changed the landscape of network security. A MANET is more susceptible to the attacks than wired network. As a result, attacks with malicious intent have been and will be devised to take advantage of these vulnerabilities and to cripple the MANET operation. Hence we need to search for new architecture and mechanisms to protect the wireless networks and mobile computing applications. In this paper, we examine the nodes that come under the vicinity of base node and members of the network and communication is provided to genuine nodes only. It is found that the proposed algorithm is a effective algorithm for security in MANETs.

Intrusion-Tolerant Replication under Attack

ERIC Educational Resources Information Center

Kirsch, Jonathan

2010-01-01

Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

Implementing a High-Assurance Smart-Card OS

NASA Astrophysics Data System (ADS)

Karger, Paul A.; Toll, David C.; Palmer, Elaine R.; McIntosh, Suzanne K.; Weber, Samuel; Edwards, Jonathan W.

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

A Learning System for Discriminating Variants of Malicious Network Traffic

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Symons, Christopher T; Gillen, Rob

Modern computer network defense systems rely primarily on signature-based intrusion detection tools, which generate alerts when patterns that are pre-determined to be malicious are encountered in network data streams. Signatures are created reactively, and only after in-depth manual analysis of a network intrusion. There is little ability for signature-based detectors to identify intrusions that are new or even variants of an existing attack, and little ability to adapt the detectors to the patterns unique to a network environment. Due to these limitations, the need exists for network intrusion detection techniques that can more comprehensively address both known unknown networkbased attacksmore » and can be optimized for the target environment. This work describes a system that leverages machine learning to provide a network intrusion detection capability that analyzes behaviors in channels of communication between individual computers. Using examples of malicious and non-malicious traffic in the target environment, the system can be trained to discriminate between traffic types. The machine learning provides insight that would be difficult for a human to explicitly code as a signature because it evaluates many interdependent metrics simultaneously. With this approach, zero day detection is possible by focusing on similarity to known traffic types rather than mining for specific bit patterns or conditions. This also reduces the burden on organizations to account for all possible attack variant combinations through signatures. The approach is presented along with results from a third-party evaluation of its performance.« less

Teaching Hackers: School Computing Culture and the Future of Cyber-Rights.

ERIC Educational Resources Information Center

Van Buren, Cassandra

2001-01-01

Discussion of the need for ethical computing strategies and policies at the K-12 level to acculturate computer hackers away from malicious network hacking focuses on a three-year participant observation ethnographic study conducted at the New Technology High School (California) that examined the school's attempts to socialize its hackers to act…

Protecting Dynamic Mobile Agent against Denial of Service Attacks

NASA Astrophysics Data System (ADS)

Aggarwal, Mayank; Nipur, Pallavi

2010-11-01

Mobile Agents are softwares migrating from one node to another to fulfill the task of its owner. The introduction of mobile agents has reduced network latency, network traffic a lot but at the same time it has increased the vulnerability for attacks by malicious hosts. One such attack is `Denial of Service', once the agent is launched it is free to roam without any control of its owner, this on one hand decreases the cost of agent—owner interaction and on the other hand increases the chances of `Denial Of Service'. In Denial Of Service attack the malicious host may deny resources required by the agent and kill the agent, thus the result computed so far is lost and this may happen every time the agent visits any malicious host. In this paper we continued the work done in [10] in which the authors proposed techniques by which owner can detect the malicious host for `Denial Of Service' but they did not covered technique for dynamic routes i.e. where the host or agent initiate migrations to hosts which were not contained in the route composed by the owner. We introduced an algorithm and a model which can be useful for the above purpose.

Colleges Struggle To Train Experts in Protecting Computer Systems.

ERIC Educational Resources Information Center

McCollum, Kelly

2000-01-01

Describes university courses and programs in protecting computer networks and World Wide Web sites from vandals, cyberterrorists, and malicious hackers. Notes such courses are provided by East Stroudsburg University (Pennsylvania), Purdue University (Indiana), George Mason University (Virginia), and Texas A&M University. Also notes the federal…

Modeling Security Aspects of Network

NASA Astrophysics Data System (ADS)

Schoch, Elmar

With more and more widespread usage of computer systems and networks, dependability becomes a paramount requirement. Dependability typically denotes tolerance or protection against all kinds of failures, errors and faults. Sources of failures can basically be accidental, e.g., in case of hardware errors or software bugs, or intentional due to some kind of malicious behavior. These intentional, malicious actions are subject of security. A more complete overview on the relations between dependability and security can be found in [31]. In parallel to the increased use of technology, misuse also has grown significantly, requiring measures to deal with it.

77 FR 52043 - Privacy Act of 1974; Proposed Exempt New System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-28

... study. 6. After NIH makes a finding of research misconduct and has informed ORI of the finding... Internet traffic to and from federal computer networks to prevent malicious computer code from reaching the... portable/ mobile devices including, but not limited to: Laptops, PDAs, USB drives, portable hard drives...

Polymorphic Attacks and Network Topology: Application of Concepts from Natural Systems

ERIC Educational Resources Information Center

Rangan, Prahalad

2010-01-01

The growing complexity of interactions between computers and networks makes the subject of network security a very interesting one. As our dependence on the services provided by computing networks grows, so does our investment in such technology. In this situation, there is a greater risk of occurrence of targeted malicious attacks on computers…

Game Theory and Uncertainty Quantification for Cyber Defense Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Halappanavar, Mahantesh; Tipireddy, Ramakrishna

Cyber-system defenders face the challenging task of protecting critical assets and information continually against multiple types of malicious attackers. Defenders typically operate within resource constraints while attackers operate at relatively low costs. As a result, design and development of resilient cyber-systems that can support mission goals under attack while accounting for the dynamics between attackers and defenders is an important research problem.

Characterizing and Measuring Maliciousness for Cybersecurity Risk Assessment

PubMed Central

King, Zoe M.; Henshel, Diane S.; Flora, Liberty; Cains, Mariana G.; Hoffman, Blaine; Sample, Char

2018-01-01

Cyber attacks have been increasingly detrimental to networks, systems, and users, and are increasing in number and severity globally. To better predict system vulnerabilities, cybersecurity researchers are developing new and more holistic approaches to characterizing cybersecurity system risk. The process must include characterizing the human factors that contribute to cyber security vulnerabilities and risk. Rationality, expertise, and maliciousness are key human characteristics influencing cyber risk within this context, yet maliciousness is poorly characterized in the literature. There is a clear absence of literature pertaining to human factor maliciousness as it relates to cybersecurity and only limited literature relating to aspects of maliciousness in other disciplinary literatures, such as psychology, sociology, and law. In an attempt to characterize human factors as a contribution to cybersecurity risk, the Cybersecurity Collaborative Research Alliance (CSec-CRA) has developed a Human Factors risk framework. This framework identifies the characteristics of an attacker, user, or defender, all of whom may be adding to or mitigating against cyber risk. The maliciousness literature and the proposed maliciousness assessment metrics are discussed within the context of the Human Factors Framework and Ontology. Maliciousness is defined as the intent to harm. Most maliciousness cyber research to date has focused on detecting malicious software but fails to analyze an individual’s intent to do harm to others by deploying malware or performing malicious attacks. Recent efforts to identify malicious human behavior as it relates to cybersecurity, include analyzing motives driving insider threats as well as user profiling analyses. However, cyber-related maliciousness is neither well-studied nor is it well understood because individuals are not forced to expose their true selves to others while performing malicious attacks. Given the difficulty of interviewing malicious-behaving individuals and the potential untrustworthy nature of their responses, we aim to explore the maliciousness as a human factor through the observable behaviors and attributes of an individual from their actions and interactions with society and networks, but to do so we will need to develop a set of analyzable metrics. The purpose of this paper is twofold: (1) to review human maliciousness-related literature in diverse disciplines (sociology, economics, law, psychology, philosophy, informatics, terrorism, and cybersecurity); and (2) to identify an initial set of proposed assessment metrics and instruments that might be culled from in a future effort to characterize human maliciousness within the cyber realm. The future goal is to integrate these assessment metrics into holistic cybersecurity risk analyses to determine the risk an individual poses to themselves as well as other networks, systems, and/or users. PMID:29459838

Characterizing and Measuring Maliciousness for Cybersecurity Risk Assessment.

PubMed

King, Zoe M; Henshel, Diane S; Flora, Liberty; Cains, Mariana G; Hoffman, Blaine; Sample, Char

2018-01-01

Cyber attacks have been increasingly detrimental to networks, systems, and users, and are increasing in number and severity globally. To better predict system vulnerabilities, cybersecurity researchers are developing new and more holistic approaches to characterizing cybersecurity system risk. The process must include characterizing the human factors that contribute to cyber security vulnerabilities and risk. Rationality, expertise, and maliciousness are key human characteristics influencing cyber risk within this context, yet maliciousness is poorly characterized in the literature. There is a clear absence of literature pertaining to human factor maliciousness as it relates to cybersecurity and only limited literature relating to aspects of maliciousness in other disciplinary literatures, such as psychology, sociology, and law. In an attempt to characterize human factors as a contribution to cybersecurity risk, the Cybersecurity Collaborative Research Alliance (CSec-CRA) has developed a Human Factors risk framework. This framework identifies the characteristics of an attacker, user, or defender, all of whom may be adding to or mitigating against cyber risk. The maliciousness literature and the proposed maliciousness assessment metrics are discussed within the context of the Human Factors Framework and Ontology. Maliciousness is defined as the intent to harm. Most maliciousness cyber research to date has focused on detecting malicious software but fails to analyze an individual's intent to do harm to others by deploying malware or performing malicious attacks. Recent efforts to identify malicious human behavior as it relates to cybersecurity, include analyzing motives driving insider threats as well as user profiling analyses. However, cyber-related maliciousness is neither well-studied nor is it well understood because individuals are not forced to expose their true selves to others while performing malicious attacks. Given the difficulty of interviewing malicious-behaving individuals and the potential untrustworthy nature of their responses, we aim to explore the maliciousness as a human factor through the observable behaviors and attributes of an individual from their actions and interactions with society and networks, but to do so we will need to develop a set of analyzable metrics. The purpose of this paper is twofold: (1) to review human maliciousness-related literature in diverse disciplines (sociology, economics, law, psychology, philosophy, informatics, terrorism, and cybersecurity); and (2) to identify an initial set of proposed assessment metrics and instruments that might be culled from in a future effort to characterize human maliciousness within the cyber realm. The future goal is to integrate these assessment metrics into holistic cybersecurity risk analyses to determine the risk an individual poses to themselves as well as other networks, systems, and/or users.

T2AR: trust-aware ad-hoc routing protocol for MANET.

PubMed

Dhananjayan, Gayathri; Subbiah, Janakiraman

2016-01-01

Secure data transfer against the malicious attacks is an important issue in an infrastructure-less independent network called mobile ad-hoc network (MANET). Trust assurance between MANET nodes is the key parameter in the high-security provision under dynamic topology variations and open wireless constraints. But, the malicious behavior of nodes reduces the trust level of the nodes that leads to an insecure data delivery. The increase in malicious attacks causes the excessive energy consumption that leads to a reduction of network lifetime. The lack of positional information update of the nodes in ad-hoc on-demand vector (AODV) protocol during the connection establishment offers less trust level between the nodes. Hence, the trust rate computation using energy and mobility models and its update are the essential tasks for secure data delivery. This paper proposes a trust-aware ad-hoc routing (T2AR) protocol to improve the trust level between the nodes in MANET. The proposed method modifies the traditional AODV routing protocol with the constraints of trust rate, energy, mobility based malicious behavior prediction. The packet sequence ID matching from the log reports of neighbor nodes determine the trust rate that avoids the malicious report generation. Besides, the direct and indirect trust observation schemes utilization increases the trust level. Besides, the received signal strength indicator utilization determines the trusted node is within the communication range or not. The comparative analysis between the proposed T2AR with the existing methods such as TRUNCMAN, RBT, GR, FBR and DICOTIDS regarding the average end-to-end delay, throughput, false positives, packet delivery ratio shows the effectiveness of T2AR in the secure MANET environment design.

DROP: Detecting Return-Oriented Programming Malicious Code

NASA Astrophysics Data System (ADS)

Chen, Ping; Xiao, Hai; Shen, Xiaobin; Yin, Xinchun; Mao, Bing; Xie, Li

Return-Oriented Programming (ROP) is a new technique that helps the attacker construct malicious code mounted on x86/SPARC executables without any function call at all. Such technique makes the ROP malicious code contain no instruction, which is different from existing attacks. Moreover, it hides the malicious code in benign code. Thus, it circumvents the approaches that prevent control flow diversion outside legitimate regions (such as W ⊕ X ) and most malicious code scanning techniques (such as anti-virus scanners). However, ROP has its own intrinsic feature which is different from normal program design: (1) uses short instruction sequence ending in "ret", which is called gadget, and (2) executes the gadgets contiguously in specific memory space, such as standard GNU libc. Based on the features of the ROP malicious code, in this paper, we present a tool DROP, which is focused on dynamically detecting ROP malicious code. Preliminary experimental results show that DROP can efficiently detect ROP malicious code, and have no false positives and negatives.

Abnormally Malicious Autonomous Systems and their Internet Connectivity

DOE Office of Scientific and Technical Information (OSTI.GOV)

Shue, Craig A; Kalafut, Prof. Andrew; Gupta, Prof. Minaxi

While many attacks are distributed across botnets, investigators and network operators have recently targeted malicious networks through high profile autonomous system (AS) de-peerings and network shut-downs. In this paper, we explore whether some ASes indeed are safe havens for malicious activity. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using ten popular blacklists, plus local spam data, and extensive DNS resolutions based on the contents of the blacklists. We find that some ASes have over 80% of their routable IP address space blacklisted. Yet others account for large fractions of blacklisted IP addresses. Several ASes regularlymore » peer with ASes associated with significant malicious activity. We also find that malicious ASes as a whole differ from benign ones in other properties not obviously related to their malicious activities, such as more frequent connectivity changes with their BGP peers. Overall, we conclude that examining malicious activity at AS granularity can unearth networks with lax security or those that harbor cybercrime.« less

Malicious Hubs: Detecting Abnormally Malicious Autonomous Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kalafut, Andrew J.; Shue, Craig A; Gupta, Prof. Minaxi

While many attacks are distributed across botnets, investigators and network operators have recently targeted malicious networks through high profile autonomous system (AS) de-peerings and network shut-downs. In this paper, we explore whether some ASes indeed are safe havens for malicious activity. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using 12 popular blacklists. We find that some ASes have over 80% of their routable IP address space blacklisted and others account for large fractions of blacklisted IPs. Overall, we conclude that examining malicious activity at the AS granularity can unearth networks with lax security or thosemore » that harbor cybercrime.« less

Awareness of Malicious Social Engineering among Facebook Users

ERIC Educational Resources Information Center

Slonka, Kevin J.

2014-01-01

With the rapid growth of Facebook, the social networking website is becoming a lucrative target for malicious activity. Users of Facebook therefore should be aware of various malicious attacks and know how to identify them. This research analyzed Facebook users' level of understanding in the domain of malicious social engineering on Facebook. The…

A Demonstration of the Subversion Threat: Facing a Critical Responsibility in the Defense of Cyberspace

DTIC Science & Technology

2002-03-01

dependence upon the proper functioning of the system is crucial. Perhaps the closest relative to subversion is the Trojan Horse attack in which the...additional malicious function. There are three primary factors that distinguish this from subversion. First, the Trojan Horse requires a legitimate...user to run it while the artifice in subversion does not. Second, the Trojan Horse program exploits the level of privilege associated with the

Characterizing and Implementing Efficient Primitives for Privacy-Preserving Computation

DTIC Science & Technology

2015-07-01

the mobile device. From this, the mobile will detect any tampering from the malicious party by a discrepancy in these returned values, eliminating...the need for an output MAC. If no tampering is detected , the mobile device then decrypts the output of computation. APPROVED FOR PUBLIC RELEASE...useful error messages when the compiler detects a problem with an application, making debugging the application significantly easier than with other

Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders

NASA Astrophysics Data System (ADS)

White, Jonathan; Panda, Brajendra

A major concern for computer system security is the threat from malicious insiders who target and abuse critical data items in the system. In this paper, we propose a solution to enable automatic identification of critical data items in a database by way of data dependency relationships. This identification of critical data items is necessary because insider threats often target mission critical data in order to accomplish malicious tasks. Unfortunately, currently available systems fail to address this problem in a comprehensive manner. It is more difficult for non-experts to identify these critical data items because of their lack of familiarity and due to the fact that data systems are constantly changing. By identifying the critical data items automatically, security engineers will be better prepared to protect what is critical to the mission of the organization and also have the ability to focus their security efforts on these critical data items. We have developed an algorithm that scans the database logs and forms a directed graph showing which items influence a large number of other items and at what frequency this influence occurs. This graph is traversed to reveal the data items which have a large influence throughout the database system by using a novel metric based formula. These items are critical to the system because if they are maliciously altered or stolen, the malicious alterations will spread throughout the system, delaying recovery and causing a much more malignant effect. As these items have significant influence, they are deemed to be critical and worthy of extra security measures. Our proposal is not intended to replace existing intrusion detection systems, but rather is intended to complement current and future technologies. Our proposal has never been performed before, and our experimental results have shown that it is very effective in revealing critical data items automatically.

Analysis of Malicious Traffic in Modbus/TCP Communications

NASA Astrophysics Data System (ADS)

Kobayashi, Tiago H.; Batista, Aguinaldo B.; Medeiros, João Paulo S.; Filho, José Macedo F.; Brito, Agostinho M.; Pires, Paulo S. Motta

This paper presents the results of our analysis about the influence of Information Technology (IT) malicious traffic on an IP-based automation environment. We utilized a traffic generator, called MACE (Malicious trAffic Composition Environment), to inject malicious traffic in a Modbus/TCP communication system and a sniffer to capture and analyze network traffic. The realized tests show that malicious traffic represents a serious risk to critical information infrastructures. We show that this kind of traffic can increase latency of Modbus/TCP communication and that, in some cases, can put Modbus/TCP devices out of communication.

Computer Viruses: Prevention, Detection, and Treatment

DTIC Science & Technology

1990-03-12

executed, also carries out its covert function, potentially undetected. This class of attack earned the term "Trojan horse" from the original of Greek ... mythology , signifying a gift which conceals a malicious purpose. 1 cause harm. The offending code may be present in a code segment the user "touches," which

Cyber Strategic Inquiry: Enabling Change through a Strategic Simulation and Megacommunity Concept

DTIC Science & Technology

2009-02-01

malicious software embedded in thumb drives and CDs that thwarted protections, such as antivirus software , on computers. In the scenario, these...Executives for National Security • The Carlyle Group • Cassat Corporation • Cisco Systems, Inc. • Cyveillance • General Dynamics • General Motors

A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks.

PubMed

Mi, Shichao; Han, Hui; Chen, Cailian; Yan, Jian; Guan, Xinping

2016-02-19

Heterogeneous wireless sensor networks (HWSNs) can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs) have more computation power, while relay nodes (RNs) with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS) to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

Using Reputation Based Trust to Overcome Malfunctions and Malicious Failures in Electric Power Protection Systems

DTIC Science & Technology

2011-09-01

concert with a physical attack. Additionally, the importance of preventive measures implemented by a social human network to counteract a cyber attack...integrity of the data stored on specific computers. This coordinated cyber attack would have been successful if not for the trusted social network...established by Mr. Hillar Aarelaid, head of the Estonian computer 6 emergency response team (CERT). This social network consisted of Mr. Hillar Aarelaid

Application of Cellular Automata to Detection of Malicious Network Packets

ERIC Educational Resources Information Center

Brown, Robert L.

2014-01-01

A problem in computer security is identification of attack signatures in network packets. An attack signature is a pattern of bits that characterizes a particular attack. Because there are many kinds of attacks, there are potentially many attack signatures. Furthermore, attackers may seek to avoid detection by altering the attack mechanism so that…

Students Compete to Mount Best Defense against Malicious Hackers

ERIC Educational Resources Information Center

Mejia, Robin

2008-01-01

The need for colleges to graduate students who understand computer security is growing. The Internet Crime Complaint Center, a partnership of the FBI; the National White Collar Crime Center; and the Bureau of Justice Assistance, in the Department of Justice, reported more than 90,000 crimes in 2007, with reported financial losses of almost…

Leveraging Client-Side DNS Failure Patterns to Identify Malicious Behaviors

DTIC Science & Technology

2015-09-28

malicious behavior found in our dataset and (ii) to create ground truth to evaluate the system proposed in Section V. We begin by removing those cases that...2011. [10] S. Hao, N. Feamster, and R. Pandrangi, “Monitoring the Initial DNS Behavior of Malicious Domains,” in ACM IMC , 2011. [11] R. Perdisci et...distribution is unlimited. Leveraging Client-Side DNS Failure Patterns to Identify Malicious Behaviors The views, opinions and/or findings contained in

IDMA: improving the defense against malicious attack for mobile ad hoc networks based on ARIP protocol

NASA Astrophysics Data System (ADS)

Peng, Chaorong; Chen, Chang Wen

2008-04-01

Malicious nodes are mounting increasingly sophisticated attacking operations on the Mobile Ad Hoc Networks (MANETs). This is mainly because the IP-based MANETs are vulnerable to attacks by various malicious nodes. However, the defense against malicious attack can be improved when a new layer of network architecture can be developed to separate true IP address from disclosing to the malicious nodes. In this paper, we propose a new algorithm to improve the defense against malicious attack (IDMA) that is based on a recently developed Assignment Router Identify Protocol (ARIP) for the clustering-based MANET management. In the ARIP protocol, we design the ARIP architecture based on the new Identity instead of the vulnerable IP addresses to provide the required security that is embedded seamlessly into the overall network architecture. We make full use of ARIP's special property to monitor gateway forward packets by Reply Request Route Packets (RREP) without additional intrusion detection layer. We name this new algorithm IDMA because of its inherent capability to improve the defense against malicious attacks. Through IDMA, a watching algorithm can be established so as to counterattack the malicious node in the routing path when it unusually drops up packets. We provide analysis examples for IDMA for the defense against a malicious node that disrupts the route discovery by impersonating the destination, or by responding with state of corrupted routing information, or by disseminating forged control traffic. The IDMA algorithm is able to counterattack the malicious node in the cases when the node lunch DoS attack by broadcast a large number of route requests, or make Target traffic congestion by delivering huge mount of data; or spoof the IP addresses and send forge packets with a fake ID to the same Target causing traffic congestion at that destination. We have implemented IDMA algorism using the GloMoSim simulator and have demonstrated its performance under a variety of operational conditions.

A Study on Architecture of Malicious Code Blocking Scheme with White List in Smartphone Environment

NASA Astrophysics Data System (ADS)

Lee, Kijeong; Tolentino, Randy S.; Park, Gil-Cheol; Kim, Yong-Tae

Recently, the interest and demands for mobile communications are growing so fast because of the increasing prevalence of smartphones around the world. In addition, the existing feature phones were replaced by smartphones and it has widely improved while using the explosive growth of Internet users using smartphones, e-commerce enabled Internet banking transactions and the importance of protecting personal information. Therefore, the development of smartphones antivirus products was developed and launched in order to prevent malicious code or virus infection. In this paper, we proposed a new scheme to protect the smartphone from malicious codes and malicious applications that are element of security threats in mobile environment and to prevent information leakage from malicious code infection. The proposed scheme is based on the white list smartphone application which only allows installing authorized applications and to prevent the installation of malicious and untrusted mobile applications which can possibly infect the applications and programs of smartphones.

Quantitative Risk Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Helms, J.

2017-02-10

The US energy sector is vulnerable to multiple hazards including both natural disasters and malicious attacks from an intelligent adversary. The question that utility owners, operators and regulators face is how to prioritize their investments to mitigate the risks from a hazard that can have the most impact on the asset of interest. In order to be able to understand their risk landscape and develop a prioritized mitigation strategy, they must quantify risk in a consistent way across all hazards their asset is facing. Without being able to quantitatively measure risk, it is not possible to defensibly prioritize security investmentsmore » or evaluate trade-offs between security and functionality. Development of a methodology that will consistently measure and quantify risk across different hazards is needed.« less

Using Hybrid Algorithm to Improve Intrusion Detection in Multi Layer Feed Forward Neural Networks

ERIC Educational Resources Information Center

Ray, Loye Lynn

2014-01-01

The need for detecting malicious behavior on a computer networks continued to be important to maintaining a safe and secure environment. The purpose of this study was to determine the relationship of multilayer feed forward neural network architecture to the ability of detecting abnormal behavior in networks. This involved building, training, and…

Code White: A Signed Code Protection Mechanism for Smartphones

DTIC Science & Technology

2010-09-01

analogous to computer security is the use of antivirus (AV) software . 12 AV software is a brute force approach to security. The software ...these users, numerous malicious programs have also surfaced. And while smartphones have desktop-like capabilities to execute software , they do not...11 2.3.1 Antivirus and Mobile Phones ............................................................... 11 2.3.2

Information Warfare: Issues Associated with the Defense of DOD Computers and Computer Networks

DTIC Science & Technology

2002-04-12

professionals; any mistakes that remain are mine and mine alone. Finally, I wish to thank my family, my wife Cecilia , my daughters Leslie and Marguerite, and my...Accessed 15 January 2002. Malicious Activity Continues to Climb Virus Growth Per Month (Internet - “Wild List”) J a n May NovS e pJul 130 140 150 160...28 Original brief previously unpublished. Briefing is currently held in Operation Directorate ( J -3) of the Joint Task

Effect of Gratitude on Benign and Malicious Envy: The Mediating Role of Social Support.

PubMed

Xiang, Yanhui; Chao, Xiaomei; Ye, Yanyan

2018-01-01

Gratitude has been investigated in various areas in psychology. The present research showed that gratitude had some positive effects on some aspects of our life, such as subjective well-being, life satisfaction, and social relationships. It can also help us relieve negative emotions. However, the existing literature has not studied the influence of gratitude on envy. The present study used structural equation modeling to test the mediating role of social support between gratitude and two types of envy (malicious and benign). We recruited 426 Chinese undergraduates to complete the Gratitude Questionnaire, Malicious and Benign Envy Scales, and the Multi-Dimensional Scale of Perceived Social Support. Results showed that gratitude positively predicted benign envy and negatively predicted malicious envy. In addition, the indirect effect of gratitude on two types of envy via social support was significant. These results revealed the direct relationship between gratitude and malicious/benign envy, and the mediating effect of social support, which will contribute to find effective measures to inhibit malicious envy and promote benign envy from the perspective of cultivating gratitude and increasing individuals' social support.

Effect of Gratitude on Benign and Malicious Envy: The Mediating Role of Social Support

PubMed Central

Xiang, Yanhui; Chao, Xiaomei; Ye, Yanyan

2018-01-01

Gratitude has been investigated in various areas in psychology. The present research showed that gratitude had some positive effects on some aspects of our life, such as subjective well-being, life satisfaction, and social relationships. It can also help us relieve negative emotions. However, the existing literature has not studied the influence of gratitude on envy. The present study used structural equation modeling to test the mediating role of social support between gratitude and two types of envy (malicious and benign). We recruited 426 Chinese undergraduates to complete the Gratitude Questionnaire, Malicious and Benign Envy Scales, and the Multi-Dimensional Scale of Perceived Social Support. Results showed that gratitude positively predicted benign envy and negatively predicted malicious envy. In addition, the indirect effect of gratitude on two types of envy via social support was significant. These results revealed the direct relationship between gratitude and malicious/benign envy, and the mediating effect of social support, which will contribute to find effective measures to inhibit malicious envy and promote benign envy from the perspective of cultivating gratitude and increasing individuals' social support. PMID:29867595

A fragile zero watermarking scheme to detect and characterize malicious modifications in database relations.

PubMed

Khan, Aihab; Husain, Syed Afaq

2013-01-01

We put forward a fragile zero watermarking scheme to detect and characterize malicious modifications made to a database relation. Most of the existing watermarking schemes for relational databases introduce intentional errors or permanent distortions as marks into the database original content. These distortions inevitably degrade the data quality and data usability as the integrity of a relational database is violated. Moreover, these fragile schemes can detect malicious data modifications but do not characterize the tempering attack, that is, the nature of tempering. The proposed fragile scheme is based on zero watermarking approach to detect malicious modifications made to a database relation. In zero watermarking, the watermark is generated (constructed) from the contents of the original data rather than introduction of permanent distortions as marks into the data. As a result, the proposed scheme is distortion-free; thus, it also resolves the inherent conflict between security and imperceptibility. The proposed scheme also characterizes the malicious data modifications to quantify the nature of tempering attacks. Experimental results show that even minor malicious modifications made to a database relation can be detected and characterized successfully.

Personal privacy, information assurance, and the threat posed by malware techology

NASA Astrophysics Data System (ADS)

Stytz, Martin R.; Banks, Sheila B.

2006-04-01

In spite of our best efforts to secure the cyber world, the threats posed to personal privacy by attacks upon networks and software continue unabated. While there are many reasons for this state of affairs, clearly one of the reasons for continued vulnerabilities in software is the inability to assess their security properties and test their security systems while they are in development. A second reason for this growing threat to personal privacy is the growing sophistication and maliciousness of malware coupled with the increasing difficulty of detecting malware. The pervasive threat posed by malware coupled with the difficulties faced when trying to detect its presence or an attempted intrusion make addressing the malware threat one of the most pressing issues that must be solved in order to insure personal privacy to users of the internet. In this paper, we will discuss the threat posed by malware, the types of malware found in the wild (outside of computer laboratories), and current techniques that are available for from a successful malware penetration. The paper includes a discussion of anti-malware tools and suggestions for future anti-malware efforts.

Emulating a million machines to investigate botnets.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rudish, Donald W.

2010-06-01

Researchers at Sandia National Laboratories in Livermore, California are creating what is in effect a vast digital petridish able to hold one million operating systems at once in an effort to study the behavior of rogue programs known as botnets. Botnets are used extensively by malicious computer hackers to steal computing power fron Internet-connected computers. The hackers harness the stolen resources into a scattered but powerful computer that can be used to send spam, execute phishing, scams or steal digital information. These remote-controlled 'distributed computers' are difficult to observe and track. Botnets may take over parts of tens of thousandsmore » or in some cases even millions of computers, making them among the world's most powerful computers for some applications.« less

Using a Prediction Model to Manage Cyber Security Threats.

PubMed

Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

Using a Prediction Model to Manage Cyber Security Threats

PubMed Central

Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

A Security Monitoring Framework For Virtualization Based HEP Infrastructures

NASA Astrophysics Data System (ADS)

Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

2017-10-01

High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

Relationship between Effective Application of Machine Learning and Malware Detection: A Quantitative Study

ERIC Educational Resources Information Center

Enfinger, Kerry Wayne

2016-01-01

The number of malicious files present in the public domain continues to rise at a substantial rate. Current anti-malware software utilizes a signature-based method to detect the presence of malicious software. Generating these pattern signatures is time consuming due to malicious code complexity and the need for expert analysis, however, by making…

Security-Enhanced Push Button Configuration for Home Smart Control.

PubMed

Han, Junghee; Park, Taejoon

2017-06-08

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment.

Security-Enhanced Push Button Configuration for Home Smart Control †

PubMed Central

Han, Junghee; Park, Taejoon

2017-01-01

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment. PMID:28594370

Toward a Mobile Agent Relay Network

DTIC Science & Technology

2010-03-01

in the study of particle movement. In computer science, flocking movement has been adapted for use in the collective, cooperative movement of...MARN). For our approach, we utilize a mod- ified flocking behavior to generate cooperative movement that utilizes the agent’s re- lay capability. We...Summary Our testing focuses on measuring effective cooperative movement and robustness against malicious agents. The movement testing demonstrated that a

Secure key storage and distribution

DOEpatents

Agrawal, Punit

2015-06-02

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Dispositional envy revisited: unraveling the motivational dynamics of benign and malicious envy.

PubMed

Lange, Jens; Crusius, Jan

2015-02-01

Previous research has conceptualized dispositional envy as a unitary construct. Recently however, episodic envy has been shown to emerge in two qualitatively different forms. Benign envy is related to the motivation to move upward, whereas malicious envy is related to pulling superior others down. In four studies (N = 1,094)--using the newly developed Benign and Malicious Envy Scale (BeMaS)--we show that dispositional envy is also characterized by two independent dimensions related to distinct motivational dynamics and behavioral consequences. Dispositional benign and malicious envy uniquely predict envious responding following upward social comparisons. Furthermore, they are differentially connected to hope for success and fear of failure. Corresponding to these links, dispositional benign envy predicted faster race performance of marathon runners mediated via higher goal setting. In contrast, dispositional malicious envy predicted race goal disengagement. The findings highlight that disentangling the two sides of envy opens up numerous research avenues. © 2014 by the Society for Personality and Social Psychology, Inc.

GlobalTrust: An Attack Resilient Reputation System for Tactical Networks

DTIC Science & Technology

2014-07-03

MSA): Some malicious nodes misbehave while other malicious nodes, called malicious spies, behave normally by providing proper services. These...disseminate conflicting (or inconsistent) LTOs. For example, they may misbehave only to a subset of honest nodes (referred to as target nodes) to... misbehaving with prob. α honestly reporting LTOs NRA misbehaving with prob. α reporting opposite LTOs, 1− α CRA misbehaving with prob. α reporting

Design of Cyber Attack Precursor Symptom Detection Algorithm through System Base Behavior Analysis and Memory Monitoring

NASA Astrophysics Data System (ADS)

Jung, Sungmo; Kim, Jong Hyun; Cagalaban, Giovanni; Lim, Ji-Hoon; Kim, Seoksoo

More recently, botnet-based cyber attacks, including a spam mail or a DDos attack, have sharply increased, which poses a fatal threat to Internet services. At present, antivirus businesses make it top priority to detect malicious code in the shortest time possible (Lv.2), based on the graph showing a relation between spread of malicious code and time, which allows them to detect after malicious code occurs. Despite early detection, however, it is not possible to prevent malicious code from occurring. Thus, we have developed an algorithm that can detect precursor symptoms at Lv.1 to prevent a cyber attack using an evasion method of 'an executing environment aware attack' by analyzing system behaviors and monitoring memory.

A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets

NASA Astrophysics Data System (ADS)

Dittrich, David; Leder, Felix; Werner, Tillmann

It is becoming more common for researchers to find themselves in a position of being able to take over control of a malicious botnet. If this happens, should they use this knowledge to clean up all the infected hosts? How would this affect not only the owners and operators of the zombie computers, but also other researchers, law enforcement agents serving justice, or even the criminals themselves? What dire circumstances would change the calculus about what is or is not appropriate action to take? We review two case studies of long-lived malicious botnets that present serious challenges to researchers and responders and use them to illuminate many ethical issues regarding aggressive mitigation. We make no judgments about the questions raised, instead laying out the pros and cons of possible choices and allowing workshop attendees to consider how and where they would draw lines. By this, we hope to expose where there is clear community consensus as well as where controversy or uncertainty exists.

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

Performance Evaluation of AODV with Blackhole Attack

NASA Astrophysics Data System (ADS)

Dara, Karuna

2010-11-01

A Mobile Ad Hoc Network (MANET) is a temporary network set up by a wireless mobile computers moving arbitrary in the places that have no network infrastructure. These nodes maintain connectivity in a decentralized manner. Since the nodes communicate with each other, they cooperate by forwarding data packets to other nodes in the network. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, mobile ad-hoc networks are unprotected to attacks of the malicious nodes. One of these attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. In this paper, we simulated the black hole attack in various mobile ad-hoc network scenarios using AODV routing protocol of MANET and have tried to find a effect if number of nodes are increased with increase in malicious nodes.

Encryption and the loss of patient data.

PubMed

Miller, Amalia R; Tucker, Catherine E

2011-01-01

Fast-paced IT advances have made it increasingly possible and useful for firms to collect data on their customers on an unprecedented scale. One downside of this is that firms can experience negative publicity and financial damage if their data are breached. This is particularly the case in the medical sector, where we find empirical evidence that increased digitization of patient data is associated with more data breaches. The encryption of customer data is often presented as a potential solution, because encryption acts as a disincentive for potential malicious hackers, and can minimize the risk of breached data being put to malicious use. However, encryption both requires careful data management policies to be successful and does not ward off the insider threat. Indeed, we find no empirical evidence of a decrease in publicized instances of data loss associated with the use of encryption. Instead, there are actually increases in the cases of publicized data loss due to internal fraud or loss of computer equipment.

Cyber Moat: Adaptive Virtualized Network Framework for Deception and Disinformation

DTIC Science & Technology

2016-12-12

As one type of bots, web crawlers have been leveraged by search engines (e.g., Googlebot by Google) to popularize websites through website indexing...However, the number of malicious bots is increasing too. To regulate the behavior of crawlers, most websites include a file called "robots.txt" that...However, "robots.txt" only provides a guideline, and almost all malicious robots ignore it. Moreover, since this file is publicly available, malicious

In-situ trainable intrusion detection system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Symons, Christopher T.; Beaver, Justin M.; Gillen, Rob

A computer implemented method detects intrusions using a computer by analyzing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such thatmore » the semi-supervised learning modules may identify malicious traffic without relying on specific rules, signatures, or anomaly detection.« less

Leveling up and down: the experiences of benign and malicious envy.

PubMed

van de Ven, Niels; Zeelenberg, Marcel; Pieters, Rik

2009-06-01

Envy is the painful emotion caused by the good fortune of others. This research empirically supports the distinction between two qualitatively different types of envy, namely benign and malicious envy. It reveals that the experience of benign envy leads to a moving-up motivation aimed at improving one's own position, whereas the experience of malicious envy leads to a pulling-down motivation aimed at damaging the position of the superior other. Study 1 used guided recall of the two envy types in a culture (the Netherlands) that has separate words for benign and malicious envy. Analyses of the experiential content of these emotions found the predicted differences. Study 2 and 3 used one sample from the United States and one from Spain, respectively, where a single word exists for both envy types. A latent class analysis based on the experiential content of envy confirmed the existence of separate experiences of benign and malicious envy in both these cultures as well. The authors discuss the implications of distinguishing the two envy types for theories of cooperation, group performance, and Schadenfreude.

Statistics attack on `quantum private comparison with a malicious third party' and its improvement

NASA Astrophysics Data System (ADS)

Gu, Jun; Ho, Chih-Yung; Hwang, Tzonelih

2018-02-01

Recently, Sun et al. (Quantum Inf Process:14:2125-2133, 2015) proposed a quantum private comparison protocol allowing two participants to compare the equality of their secrets via a malicious third party (TP). They designed an interesting trap comparison method to prevent the TP from knowing the final comparison result. However, this study shows that the malicious TP can use the statistics attack to reveal the comparison result. A simple modification is hence proposed to solve this problem.

Symmetrically private information retrieval based on blind quantum computing

NASA Astrophysics Data System (ADS)

Sun, Zhiwei; Yu, Jianping; Wang, Ping; Xu, Lingling

2015-05-01

Universal blind quantum computation (UBQC) is a new secure quantum computing protocol which allows a user Alice who does not have any sophisticated quantum technology to delegate her computing to a server Bob without leaking any privacy. Using the features of UBQC, we propose a protocol to achieve symmetrically private information retrieval, which allows a quantum limited Alice to query an item from Bob with a fully fledged quantum computer; meanwhile, the privacy of both parties is preserved. The security of our protocol is based on the assumption that malicious Alice has no quantum computer, which avoids the impossibility proof of Lo. For the honest Alice, she is almost classical and only requires minimal quantum resources to carry out the proposed protocol. Therefore, she does not need any expensive laboratory which can maintain the coherence of complicated quantum experimental setups.

Cloud Security: Issues and Research Directions

DTIC Science & Technology

2014-11-18

4. Cloud Computing Security: What Changes with Software - Defined Networking ? Maur´ıcio Tsugawa, Andr´ea Matsunaga, and Jos´e A. B. Fortes 5...machine’s memory from an untrusted or malicious hypervisor. In Chapter 4, Tsugawa et al. discuss the security issues introduced when Software - Defined ... Networking ( SDN ) is deployed within and across clouds. Chapters 5-9 are focused on the protection of data stored in the cloud. In Chapter 5, Wang et

Final Report: Computer-aided Human Centric Cyber Situation Awareness

DTIC Science & Technology

2016-03-20

logs, OS audit trails, vulnerability reports, and packet dumps ), weeding out the false positives, grouping the related indicators so that different...short time duration of each visual stimulus in an fMRI study, we have designed “network security analysis cards ” that require the subject to...determine whether alerts in the cards indicate malicious events. Two types of visual displays of alerts (i.e., tabular display and node-link display) are

Network Security Issues

DTIC Science & Technology

1989-01-01

access. 8 An example of a Trojan Horse was one that affected many Macintosh users in 1987. The program called "Sexy Ladies " deleted files as the...be malicious, just the disruption and freezing of the system would be enough to send a panic throughout the financial world. Gold prices would soar...Protection Products," Computers and Security, Apr 88, p. 159. 15 Neil Rubenking, " Antivirus Programs Fight Data Loss," PC Magazine (First Look), 28 Jun

When envy leads to schadenfreude.

PubMed

van de Ven, Niels; Hoogland, Charles E; Smith, Richard H; van Dijk, Wilco W; Breugelmans, Seger M; Zeelenberg, Marcel

2015-01-01

Previous research has yielded inconsistent findings concerning the relationship between envy and schadenfreude. Three studies examined whether the distinction between benign and malicious envy can resolve this inconsistency. We found that malicious envy is related to schadenfreude, while benign envy is not. This result held both in the Netherlands where benign and malicious envy are indicated by separate words (Study 1: Sample A, N = 139; Sample B, N = 150), and in the USA where a single word is used to denote both types (Study 2, N = 180; Study 3, N = 349). Moreover, the effect of malicious envy on schadenfreude was independent of other antecedents of schadenfreude (such as feelings of inferiority, disliking the target person, anger, and perceived deservedness). These findings improve our understanding of the antecedents of schadenfreude and help reconcile seemingly contradictory findings on the relationship between envy and schadenfreude.

Spy the Lie: Detecting Malicious Insiders

DOE Office of Scientific and Technical Information (OSTI.GOV)

Noonan, Christine F.

Insider threat is a hard problem. There is no ground truth, there are innumerable variables, and the data is sparse. The types of crimes and abuses associated with insider threats are significant; the most serious include espionage, sabotage, terrorism, embezzlement, extortion, bribery, and corruption. Malicious activities include an even broader range of exploits, such as negligent use of classified data, fraud, cybercrime, unauthorized access to sensitive information, and illicit communications with unauthorized recipients. Inadvertent action or inaction without malicious intent (e.g., disposing of sensitive documents incorrectly) can also cause harm to an organization. This review article will explore insider threat,more » specifically behaviors, beliefs, and current debates within the field. Additionally particular focus is given to deception, a significant behavioral component of the malicious insider. Finally, research and policy implications for law enforcement and the intelligence community are addressed.« less

The effects of malicious nodes on performance of mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Li, Fanzhi; Shi, Xiyu; Jassim, Sabah; Adams, Christopher

2006-05-01

Wireless ad hoc networking offers convenient infrastructureless communication over the shared wireless channel. However, the nature of ad hoc networks makes them vulnerable to security attacks. Unlike their wired counterpart, infrastructureless ad hoc networks do not have a clear line of defense, their topology is dynamically changing, and every mobile node can receive messages from its neighbors and can be contacted by all other nodes in its neighborhood. This poses a great danger to network security if some nodes behave in a malicious manner. The immediate concern about the security in this type of networks is how to protect the network and the individual mobile nodes against malicious act of rogue nodes from within the network. This paper is concerned with security aspects of wireless ad hoc networks. We shall present results of simulation experiments on ad hoc network's performance in the presence of malicious nodes. We shall investigate two types of attacks and the consequences will be simulated and quantified in terms of loss of packets and other factors. The results show that network performance, in terms of successful packet delivery ratios, significantly deteriorates when malicious nodes act according to the defined misbehaving characteristics.

Impact of malicious servers over trust and reputation models in wireless sensor networks

NASA Astrophysics Data System (ADS)

Verma, Vinod Kumar; Singh, Surinder; Pathak, N. P.

2016-03-01

This article deals with the impact of malicious servers over different trust and reputation models in wireless sensor networks. First, we analysed the five trust and reputation models, namely BTRM-WSN, Eigen trust, peer trust, power trust, linguistic fuzzy trust model. Further, we proposed wireless sensor network design for optimisation of these models. Finally, influence of malicious servers on the behaviour of above mentioned trust and reputation models is discussed. Statistical analysis has been carried out to prove the validity of our proposal.

Behavioral analysis of malicious code through network traffic and system call monitoring

NASA Astrophysics Data System (ADS)

Grégio, André R. A.; Fernandes Filho, Dario S.; Afonso, Vitor M.; Santos, Rafael D. C.; Jino, Mario; de Geus, Paulo L.

2011-06-01

Malicious code (malware) that spreads through the Internet-such as viruses, worms and trojans-is a major threat to information security nowadays and a profitable business for criminals. There are several approaches to analyze malware by monitoring its actions while it is running in a controlled environment, which helps to identify malicious behaviors. In this article we propose a tool to analyze malware behavior in a non-intrusive and effective way, extending the analysis possibilities to cover malware samples that bypass current approaches and also fixes some issues with these approaches.

A Secure Framework for Location Verification in Pervasive Computing

NASA Astrophysics Data System (ADS)

Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

Verifiable Measurement-Only Blind Quantum Computing with Stabilizer Testing.

PubMed

Hayashi, Masahito; Morimae, Tomoyuki

2015-11-27

We introduce a simple protocol for verifiable measurement-only blind quantum computing. Alice, a client, can perform only single-qubit measurements, whereas Bob, a server, can generate and store entangled many-qubit states. Bob generates copies of a graph state, which is a universal resource state for measurement-based quantum computing, and sends Alice each qubit of them one by one. Alice adaptively measures each qubit according to her program. If Bob is honest, he generates the correct graph state, and, therefore, Alice can obtain the correct computation result. Regarding the security, whatever Bob does, Bob cannot get any information about Alice's computation because of the no-signaling principle. Furthermore, malicious Bob does not necessarily send the copies of the correct graph state, but Alice can check the correctness of Bob's state by directly verifying the stabilizers of some copies.

Verifiable Measurement-Only Blind Quantum Computing with Stabilizer Testing

NASA Astrophysics Data System (ADS)

Hayashi, Masahito; Morimae, Tomoyuki

2015-11-01

We introduce a simple protocol for verifiable measurement-only blind quantum computing. Alice, a client, can perform only single-qubit measurements, whereas Bob, a server, can generate and store entangled many-qubit states. Bob generates copies of a graph state, which is a universal resource state for measurement-based quantum computing, and sends Alice each qubit of them one by one. Alice adaptively measures each qubit according to her program. If Bob is honest, he generates the correct graph state, and, therefore, Alice can obtain the correct computation result. Regarding the security, whatever Bob does, Bob cannot get any information about Alice's computation because of the no-signaling principle. Furthermore, malicious Bob does not necessarily send the copies of the correct graph state, but Alice can check the correctness of Bob's state by directly verifying the stabilizers of some copies.

CSIRT Requirements for Situational Awareness

DTIC Science & Technology

2014-01-25

deepsight-products http://www.symantec.com/security_response/publications/threatreport.jsp Verizon Verizon produces an annual data breach report...impact studies to the differences between malicious versus non-malicious data breaches . Ponemon also offers con- sulting services. Ponemon also

Method for detecting core malware sites related to biomedical information systems.

PubMed

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%.

Elucidating the Dark Side of Envy: Distinctive Links of Benign and Malicious Envy With Dark Personalities

PubMed Central

Lange, Jens; Paulhus, Delroy L.; Crusius, Jan

2017-01-01

Researchers have recently drawn a contrast between two forms of envy: benign and malicious envy. In three studies (total N = 3,123), we challenge the assumption that malicious envy is destructive, whereas benign envy is entirely constructive. Instead, both forms have links with the Dark Triad of personality. Benign envy is associated with Machiavellian behaviors, whereas malicious envy is associated with both Machiavellian and psychopathic behaviors. In Study 1, this pattern emerged from meta-analyzed trait correlations. In Study 2, a manipulation affecting the envy forms mediated an effect on antisocial behavioral intentions. Study 3 replicated these patterns by linking envy to specific antisocial behaviors and their impact on status in the workplace. Together, our correlational and experimental results suggest that the two forms of envy can both be malevolent. Instead of evaluating envy’s morality, we propose to focus on its functional value. PMID:29271287

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

PubMed Central

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%. PMID:25821511

A Multi Agent System for Flow-Based Intrusion Detection Using Reputation and Evolutionary Computation

DTIC Science & Technology

2011-03-01

the actions of malicious and benign users of the Internet, as well as the engi- neering decisions giving rise to observed network topologies. Say and...with resilience, which is particularly important in the domain of quickly-evolving cyber threats. “Self-organization,” says Meadows, “is basically the...system design paradigm is to leverage the advantages of a distributed approach? What is meant by saying the witness conceptually rates the target

Towards Countering the Rise of the Silicon Trojan

DTIC Science & Technology

The Trojan Horse has a venerable if unwelcome history and it is still regarded by many as the primary component in Computer Network Attack. Trojans ... Trojans have in the vast majority taken the form of malicious software. However, more recent times have seen the emergence of what has been dubbed by some...as the ’Silicon Trojan ’ these trojans are embedded at the hardware level and can be designed directly into chips and devices. The complexity of the

An Efficient Location Verification Scheme for Static Wireless Sensor Networks.

PubMed

Kim, In-Hwan; Kim, Bo-Sung; Song, JooSeok

2017-01-24

In wireless sensor networks (WSNs), the accuracy of location information is vital to support many interesting applications. Unfortunately, sensors have difficulty in estimating their location when malicious sensors attack the location estimation process. Even though secure localization schemes have been proposed to protect location estimation process from attacks, they are not enough to eliminate the wrong location estimations in some situations. The location verification can be the solution to the situations or be the second-line defense. The problem of most of the location verifications is the explicit involvement of many sensors in the verification process and requirements, such as special hardware, a dedicated verifier and the trusted third party, which causes more communication and computation overhead. In this paper, we propose an efficient location verification scheme for static WSN called mutually-shared region-based location verification (MSRLV), which reduces those overheads by utilizing the implicit involvement of sensors and eliminating several requirements. In order to achieve this, we use the mutually-shared region between location claimant and verifier for the location verification. The analysis shows that MSRLV reduces communication overhead by 77% and computation overhead by 92% on average, when compared with the other location verification schemes, in a single sensor verification. In addition, simulation results for the verification of the whole network show that MSRLV can detect the malicious sensors by over 90% when sensors in the network have five or more neighbors.

An Efficient Location Verification Scheme for Static Wireless Sensor Networks

PubMed Central

Kim, In-hwan; Kim, Bo-sung; Song, JooSeok

2017-01-01

In wireless sensor networks (WSNs), the accuracy of location information is vital to support many interesting applications. Unfortunately, sensors have difficulty in estimating their location when malicious sensors attack the location estimation process. Even though secure localization schemes have been proposed to protect location estimation process from attacks, they are not enough to eliminate the wrong location estimations in some situations. The location verification can be the solution to the situations or be the second-line defense. The problem of most of the location verifications is the explicit involvement of many sensors in the verification process and requirements, such as special hardware, a dedicated verifier and the trusted third party, which causes more communication and computation overhead. In this paper, we propose an efficient location verification scheme for static WSN called mutually-shared region-based location verification (MSRLV), which reduces those overheads by utilizing the implicit involvement of sensors and eliminating several requirements. In order to achieve this, we use the mutually-shared region between location claimant and verifier for the location verification. The analysis shows that MSRLV reduces communication overhead by 77% and computation overhead by 92% on average, when compared with the other location verification schemes, in a single sensor verification. In addition, simulation results for the verification of the whole network show that MSRLV can detect the malicious sensors by over 90% when sensors in the network have five or more neighbors. PMID:28125007

Detecting the manipulation of digital clinical records in dental practice.

PubMed

Díaz-Flores-García, V; Labajo-González, E; Santiago-Sáez, A; Perea-Pérez, B

2017-11-01

Radiography provides many advantages in the diagnosis and management of dental conditions. However, dental X-ray images may be subject to manipulation with malicious intent using easily accessible computer software. In this study, we sought to evaluate a dentist's ability to identify a manipulated dental X-ray images, when compared with the original, using a variant of the methodology described by Visser and Kruger. Sixty-six dentists were invited to participate and evaluate 20 intraoral dental X-ray images, 10 originals and 10 modified, manipulated using Adobe Photoshop to simulate fillings, root canal treatments, etc. Participating dentists were correct in identifying the manipulated image in 56% of cases, 6% higher than by chance and 10% more than in the study by Visser and Kruger. Malicious changes to dental X-ray images may go unnoticed even by experienced dentists. Professionals must be aware of the legal consequences of such changes. A system of detection/validation should be created for radiographic images. Copyright © 2017 The College of Radiographers. Published by Elsevier Ltd. All rights reserved.

Detection, Localization, and Tracking of Unauthorized UAS and Jammers

NASA Technical Reports Server (NTRS)

Guvenc, Ismail; Ozdemir, Ozgur; Yapici, Yavuz; Mehrpouyan, Hani; Matolak, David

2017-01-01

Small unmanned aircraft systems (UASs) are expected to take major roles in future smart cities, for example, by delivering goods and merchandise, potentially serving as mobile hot spots for broadband wireless access, and maintaining surveillance and security. Although they can be used for the betterment of the society, they can also be used by malicious entities to conduct physical and cyber attacks to infrastructure, private/public property, and people. Even for legitimate use-cases of small UASs, air traffic management (ATM) for UASs becomes of critical importance for maintaining safe and collusion-free operation. Therefore, various ways to detect, track, and interdict potentially unauthorized drones carries critical importance for surveillance and ATM applications. In this paper, we will review techniques that rely on ambient radio frequency signals (emitted from UASs), radars, acoustic sensors, and computer vision techniques for detection of malicious UASs. We will present some early experimental and simulation results on radar-based range estimation of UASs, and receding horizon tracking of UASs. Subsequently, we will overview common techniques that are considered for interdiction of UASs.

Change of Detection: To Find the Terrorist within the Identification of the U.S. Army’s Insider Threat

DTIC Science & Technology

2012-06-08

Management, usually used in conjunction with the word System TRADOC Training and Doctrine Command UCMJ Uniform Code of Military Justice U.S. United...information system , whether a military member, a DOD civilian employee, or employee of another Federal agency or the private sector. Some...recommendations, however, address the broader scope of “ system components” or “computer software code” inside a system and intended to carry out a malicious

Building and Vegetation Rasterization for the Three-dimensional Wind Field (3DWF) Model

DTIC Science & Technology

2010-12-01

Maps API. By design, JavaScript limits access to local resources. This is done to protect against the execution of malicious code. However, ActiveX ...to only use these types of objects ( ActiveX or XPCOM) from a trusted source in order to minimize the exposure of a computer system to malware...Microsoft ActiveX . There is also a need to restructure and rethink the implementation of the JavaScript code. It would be desirable to save the digitized

Dynamic Detection of Malicious Code in COTS Software

DTIC Science & Technology

2000-04-01

run the following documented hostile applets or ActiveX of these tools work only on mobile code (Java, ActiveX , controls: 16-11 Hostile Applets Tiny...Killer App Exploder Runner ActiveX Check Spy eSafe Protect Desktop 9/9 blocked NB B NB 13/17 blocked NB Surfinshield Online 9/9 blocked NB B B 13/17...Exploder is an ActiveX control top (@). that performs a clean shutdown of your computer. The interface is attractive, although rather complex, as McLain’s

Understanding of the Cyber Security and the Development of CAPTCHA

NASA Astrophysics Data System (ADS)

Yang, Yu

2018-04-01

CAPTCHA is the abbreviation of "Completely Automated Public Turing Test to Tell Computers and Humans Apart", which is a program algorithm for distinguishing between computers and humans. It is able to generate and evaluate tests that are easy for human to pass yet are not possible for computers to. Common CAPTCHA generally contains symbols, text, pictures, and even videos, which is mainly used for human-computer verification. With the popularization of the Internet and its related applications, many malicious attacks against websites, systems and servers gradually appear. Therefore, the research on CAPTCHA is especially important. This article will briefly summarize and introduce the existing CAPTCHA technology, and summarizes the common problems of network attacks and information security. After listing the common type of CAPTCHA, it will finally propose feasible suggestions for the development of CAPTCHA.

Incentives, Behavior, and Risk Management

ERIC Educational Resources Information Center

Liu, Debin

2011-01-01

Insiders are one of the most serious threats to an organization's information assets. Generally speaking, there are two types of insider threats based on the insiders' intents. Malicious Insiders are individuals with varying degrees of harmful intentions. Inadvertent Insiders are individuals without malicious intent. In this dissertation, I…

Accuracy comparison among different machine learning techniques for detecting malicious codes

NASA Astrophysics Data System (ADS)

Narang, Komal

2016-03-01

In this paper, a machine learning based model for malware detection is proposed. It can detect newly released malware i.e. zero day attack by analyzing operation codes on Android operating system. The accuracy of Naïve Bayes, Support Vector Machine (SVM) and Neural Network for detecting malicious code has been compared for the proposed model. In the experiment 400 benign files, 100 system files and 500 malicious files have been used to construct the model. The model yields the best accuracy 88.9% when neural network is used as classifier and achieved 95% and 82.8% accuracy for sensitivity and specificity respectively.

Real Time Network Monitoring and Reporting System

ERIC Educational Resources Information Center

Massengale, Ricky L., Sr.

2009-01-01

With the ability of modern system developers to develop intelligent programs that allows machines to learn, modify and evolve themselves, current trends of reactionary methods to detect and eradicate malicious software code from infected machines is proving to be too costly. Addressing malicious software after an attack is the current methodology…

Malicious Use of Nonpharmaceuticals in Children

ERIC Educational Resources Information Center

Yin, Shan

2011-01-01

Objective: The objective of this study was to describe malicious nonpharmaceutical exposures in children reported to US poison centers. Methods: We performed a retrospective study of all nonpharmaceutical exposures involving children 7 years old reported to the US National Poison Data System (NPDS) from 2000 to 2008 for which the reason for…

Securing mobile code.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Link, Hamilton E.; Schroeppel, Richard Crabtree; Neumann, William Douglas

2004-10-01

If software is designed so that the software can issue functions that will move that software from one computing platform to another, then the software is said to be 'mobile'. There are two general areas of security problems associated with mobile code. The 'secure host' problem involves protecting the host from malicious mobile code. The 'secure mobile code' problem, on the other hand, involves protecting the code from malicious hosts. This report focuses on the latter problem. We have found three distinct camps of opinions regarding how to secure mobile code. There are those who believe special distributed hardware ismore » necessary, those who believe special distributed software is necessary, and those who believe neither is necessary. We examine all three camps, with a focus on the third. In the distributed software camp we examine some commonly proposed techniques including Java, D'Agents and Flask. For the specialized hardware camp, we propose a cryptographic technique for 'tamper-proofing' code over a large portion of the software/hardware life cycle by careful modification of current architectures. This method culminates by decrypting/authenticating each instruction within a physically protected CPU, thereby protecting against subversion by malicious code. Our main focus is on the camp that believes that neither specialized software nor hardware is necessary. We concentrate on methods of code obfuscation to render an entire program or a data segment on which a program depends incomprehensible. The hope is to prevent or at least slow down reverse engineering efforts and to prevent goal-oriented attacks on the software and execution. The field of obfuscation is still in a state of development with the central problem being the lack of a basis for evaluating the protection schemes. We give a brief introduction to some of the main ideas in the field, followed by an in depth analysis of a technique called 'white-boxing'. We put forth some new attacks and improvements on this method as well as demonstrating its implementation for various algorithms. We also examine cryptographic techniques to achieve obfuscation including encrypted functions and offer a new application to digital signature algorithms. To better understand the lack of security proofs for obfuscation techniques, we examine in detail general theoretical models of obfuscation. We explain the need for formal models in order to obtain provable security and the progress made in this direction thus far. Finally we tackle the problem of verifying remote execution. We introduce some methods of verifying remote exponentiation computations and some insight into generic computation checking.« less

Concurrent and Short-Term Longitudinal Associations between Peer Victimization and School and Recess Liking during Middle Childhood

ERIC Educational Resources Information Center

Boulton, Michael J.; Chau, Cam; Whitehand, Caroline; Amataya, Kishori; Murray, Lindsay

2009-01-01

Background: Prior studies outside of the UK have shown that peer victimization is negatively associated with school adjustment. Aims: To examine concurrent and short-term longitudinal associations between peer victimization (physical, malicious teasing, deliberate social exclusion, and malicious gossiping) and two measures of school adjustment…

Understanding the Value of a Computer Emergency Response Capability for Nuclear Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gasper, Peter Donald; Rodriguez, Julio Gallardo

The international nuclear community has a great understanding of the physical security needs relating to the prevention, detection, and response of malicious acts associated with nuclear facilities and radioactive material. International Atomic Energy Agency (IAEA) Nuclear Security Recommendations (INFCIRC_225_Rev 5) outlines specific guidelines and recommendations for implementing and maintaining an organization’s nuclear security posture. An important element for inclusion into supporting revision 5 is the establishment of a “Cyber Emergency Response Team (CERT)” focused on the international communities cybersecurity needs to maintain a comprehensive nuclear security posture. Cybersecurity and the importance of nuclear cybersecurity require that there be a specificmore » focus on developing an International Nuclear CERT (NS-CERT). States establishing contingency plans should have an understanding of the cyber threat landscape and the potential impacts to systems in place to protect and mitigate malicious activities. This paper will outline the necessary components, discuss the relationships needed within the international community, and outline a process by which the NS-CERT identifies, collects, processes, and reports critical information in order to establish situational awareness (SA) and support decision-making« less

Novel Duplicate Address Detection with Hash Function

PubMed Central

Song, GuangJia; Ji, ZhenZhou

2016-01-01

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution. PMID:26991901

Deviation-based spam-filtering method via stochastic approach

NASA Astrophysics Data System (ADS)

Lee, Daekyung; Lee, Mi Jin; Kim, Beom Jun

2018-03-01

In the presence of a huge number of possible purchase choices, ranks or ratings of items by others often play very important roles for a buyer to make a final purchase decision. Perfectly objective rating is an impossible task to achieve, and we often use an average rating built on how previous buyers estimated the quality of the product. The problem of using a simple average rating is that it can easily be polluted by careless users whose evaluation of products cannot be trusted, and by malicious spammers who try to bias the rating result on purpose. In this letter we suggest how trustworthiness of individual users can be systematically and quantitatively reflected to build a more reliable rating system. We compute the suitably defined reliability of each user based on the user's rating pattern for all products she evaluated. We call our proposed method as the deviation-based ranking, since the statistical significance of each user's rating pattern with respect to the average rating pattern is the key ingredient. We find that our deviation-based ranking method outperforms existing methods in filtering out careless random evaluators as well as malicious spammers.

Preventing and Profiling Malicious Insider Attacks

DTIC Science & Technology

2012-04-01

malicious insiders. This research program could also be extended to look at general human factors issues surrounding information security behaviours ... behaviours . This research also draws on corresponding studies into fraud and espionage in non IT scenarios. A range of preventative measures is...This includes motivating factors, personality traits and observable behaviours that may assist organisations in the detection and profiling of

Malware Memory Analysis of the Jynx2 Linux Rootkit (Part 1): Investigating a Publicly Available Linux Rootkit Using the Volatility Memory Analysis Framework

DTIC Science & Technology

2014-10-01

indication that not a single scanner was able to detect the rootkit as malicious or infected. SHA256 ...clear indication that not a single scanner was able detect it as malicious, infected or associated to the Jynx2 rootkit. SHA256

Crowdsourcing contest dilemma

PubMed Central

Naroditskiy, Victor; Jennings, Nicholas R.; Van Hentenryck, Pascal; Cebrian, Manuel

2014-01-01

Crowdsourcing offers unprecedented potential for solving tasks efficiently by tapping into the skills of large groups of people. A salient feature of crowdsourcing—its openness of entry—makes it vulnerable to malicious behaviour. Such behaviour took place in a number of recent popular crowdsourcing competitions. We provide game-theoretic analysis of a fundamental trade-off between the potential for increased productivity and the possibility of being set back by malicious behaviour. Our results show that in crowdsourcing competitions malicious behaviour is the norm, not the anomaly—a result contrary to the conventional wisdom in the area. Counterintuitively, making the attacks more costly does not deter them but leads to a less desirable outcome. These findings have cautionary implications for the design of crowdsourcing competitions. PMID:25142518

InkTag: Secure Applications on an Untrusted Operating System

PubMed Central

Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

2014-01-01

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

InkTag: Secure Applications on an Untrusted Operating System.

PubMed

Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

2013-01-01

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

Develop a solution for protecting and securing enterprise networks from malicious attacks

NASA Astrophysics Data System (ADS)

Kamuru, Harshitha; Nijim, Mais

2014-05-01

In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, Hsien-Hsin S

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniquesmore » and system software for achieving a robust, secure, and reliable computing system toward our goal.« less

Quantum-secured blockchain

NASA Astrophysics Data System (ADS)

Kiktenko, E. O.; Pozhar, N. O.; Anufriev, M. N.; Trushechkin, A. S.; Yunusov, R. R.; Kurochkin, Y. V.; Lvovsky, A. I.; Fedorov, A. K.

2018-07-01

Blockchain is a distributed database which is cryptographically protected against malicious modifications. While promising for a wide range of applications, current blockchain platforms rely on digital signatures, which are vulnerable to attacks by means of quantum computers. The same, albeit to a lesser extent, applies to cryptographic hash functions that are used in preparing new blocks, so parties with access to quantum computation would have unfair advantage in procuring mining rewards. Here we propose a possible solution to the quantum era blockchain challenge and report an experimental realization of a quantum-safe blockchain platform that utilizes quantum key distribution across an urban fiber network for information-theoretically secure authentication. These results address important questions about realizability and scalability of quantum-safe blockchains for commercial and governmental applications.

Deterring Malicious Behavior in Cyberspace

DTIC Science & Technology

2015-01-01

Malicious Behavior in Cyberspace Strategic Studies Quarterly ♦ Spring 2015 [ 79 ] 8. Chris Pepper, ed., Defending against Denial of Service Attacks...Jackson Higgins , “Chinese Cyberespionage Tool Updated for Traditional Cyber- crime,” Dark Reading, 27 November 2012, http://www.darkreading.com/attacks...content /uploads/sites/43/vlpdfs/kaspersky-the-net-traveler-part1-final.pdf. 13. Kelly Jackson Higgins , “ ‘NetTraveler’ Cyberespionage Campaign

Neural Detection of Malicious Network Activities Using a New Direct Parsing and Feature Extraction Technique

DTIC Science & Technology

2015-09-01

intrusion detection systems , neural networks 15. NUMBER OF PAGES 75 16. PRICE CODE 17. SECURITY CLASSIFICATION OF... detection system (IDS) software, which learns to detect and classify network attacks and intrusions through prior training data. With the added criteria of...BACKGROUND The growing threat of malicious network activities and intrusion attempts makes intrusion detection systems (IDS) a

Job Analysis Results for Malicious-Code Reverse Engineers: A Case Study

DTIC Science & Technology

2014-05-01

Testing in Personnel Selection: Contemporary Issues in Cognitive Ability and Personality Testing .” Journal of Business Inquiry: Research , Edu- cation, and...federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of...predict the develop- ment of expertise is important. Currently, job analysis research on teams of malicious-code re- verse engineers is lacking. Therefore

Keylogger Application to Monitoring Users Activity with Exact String Matching Algorithm

NASA Astrophysics Data System (ADS)

Rahim, Robbi; Nurdiyanto, Heri; Saleh A, Ansari; Abdullah, Dahlan; Hartama, Dedy; Napitupulu, Darmawan

2018-01-01

The development of technology is very fast, especially in the field of Internet technology that at any time experiencing significant changes, The development also supported by the ability of human resources, Keylogger is a tool that most developed because this application is very rarely recognized a malicious program by antivirus, keylogger will record all activities related to keystrokes, the recording process is accomplished by using string matching method. The application of string matching method in the process of recording the keyboard is to help the admin in knowing what the user accessed on the computer.

An Architectural Concept for Intrusion Tolerance in Air Traffic Networks

NASA Technical Reports Server (NTRS)

Maddalon, Jeffrey M.; Miner, Paul S.

2003-01-01

The goal of an intrusion tolerant network is to continue to provide predictable and reliable communication in the presence of a limited num ber of compromised network components. The behavior of a compromised network component ranges from a node that no longer responds to a nod e that is under the control of a malicious entity that is actively tr ying to cause other nodes to fail. Most current data communication ne tworks do not include support for tolerating unconstrained misbehavio r of components in the network. However, the fault tolerance communit y has developed protocols that provide both predictable and reliable communication in the presence of the worst possible behavior of a limited number of nodes in the system. One may view a malicious entity in a communication network as a node that has failed and is behaving in an arbitrary manner. NASA/Langley Research Center has developed one such fault-tolerant computing platform called SPIDER (Scalable Proces sor-Independent Design for Electromagnetic Resilience). The protocols and interconnection mechanisms of SPIDER may be adapted to large-sca le, distributed communication networks such as would be required for future Air Traffic Management systems. The predictability and reliabi lity guarantees provided by the SPIDER protocols have been formally v erified. This analysis can be readily adapted to similar network stru ctures.

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey.

PubMed

Abdalzaher, Mohamed S; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-06-29

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs.

Comparison between genetic algorithm and self organizing map to detect botnet network traffic

NASA Astrophysics Data System (ADS)

Yugandhara Prabhakar, Shinde; Parganiha, Pratishtha; Madhu Viswanatham, V.; Nirmala, M.

2017-11-01

In Cyber Security world the botnet attacks are increasing. To detect botnet is a challenging task. Botnet is a group of computers connected in a coordinated fashion to do malicious activities. Many techniques have been developed and used to detect and prevent botnet traffic and the attacks. In this paper, a comparative study is done on Genetic Algorithm (GA) and Self Organizing Map (SOM) to detect the botnet network traffic. Both are soft computing techniques and used in this paper as data analytics system. GA is based on natural evolution process and SOM is an Artificial Neural Network type, uses unsupervised learning techniques. SOM uses neurons and classifies the data according to the neurons. Sample of KDD99 dataset is used as input to GA and SOM.

Use of Deception to Improve Client Honeypot Detection of Drive-by-Download Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Popovsky, Barbara; Narvaez Suarez, Julia F.; Seifert, Christian

2009-07-24

This paper presents the application of deception theory to improve the success of client honeypots at detecting malicious web page attacks from infected servers programmed by online criminals to launch drive-by-download attacks. The design of honeypots faces three main challenges: deception, how to design honeypots that seem real systems; counter-deception, techniques used to identify honeypots and hence defeating their deceiving nature; and counter counter-deception, how to design honeypots that deceive attackers. The authors propose the application of a deception model known as the deception planning loop to identify the current status on honeypot research, development and deployment. The analysis leadsmore » to a proposal to formulate a landscape of the honeypot research and planning of steps ahead.« less

New Technologies and Emerging Threats: Personnel Security Adjudicative Guidelines in the Age of Social Networking

DTIC Science & Technology

2012-12-01

behavior unless it becomes criminal or involves the publishing of sensitive information. This means that malicious doxing, cyberbullying or other...workplace or background investigation realms, as well as the many forms of cyberbullying and malicious rumor-spreading online could be addressed. Doxing...None Sexually harass another person online None Engage in cyberbullying by using the Internet to send offensive, inappropriate verbal allack

Insider Threat Detection on the Windows Operating System using Virtual Machine Introspection

DTIC Science & Technology

2012-06-14

by a malicious insider. HBSS systems running on a user’s workstation could be disabled either due to misconfiguration, privilege escalation , or by a...potential malicious insider threat, organizations must develop use cases which categorize possible attack techniques, such as data exfiltration via...hardware and contain any type of data an attacker may be looking for. Minimal Resources Since honeypots do not provide any network services, they

Building a Trusted Path for Applications Using COTS Components

DTIC Science & Technology

2004-11-01

against attacks by malicious software. Trojan horse programs, i.e., programs with additional hidden, often malicious, functions, are more and more...cannot be imitated by untrusted software." Wiseman et al. (1988) propose a user interface for the SMITE system to prevent Trojan horses from...input, two of which can also be used for the hologram service. 7.0 CONCLUSION Trojan horse programs, i.e., programs with additional hidden, often

Extending Case-Based Reasoning (CBR) Approaches to Semi-automated Network Alert Reporting

DTIC Science & Technology

2013-04-01

connecting to the domain is likely infected with malware, or may have been exposed to malicious code. -- Detailed Information: The Sourcefire VRT ...to be generated by malware. After applying an extensive whitelist, the VRT pulls out the most commonly visited domains and adds them to its...malicious software. The VRT recommends ClamAV for Windows 3.0. 39 -- Contributors: Sourcefire Vulnerability Research Team -- Additional

Detecting Malicious Tweets in Twitter Using Runtime Monitoring With Hidden Information

DTIC Science & Technology

2016-06-01

text mining using Twitter streaming API and python [Online]. Available: http://adilmoujahid.com/posts/2014/07/twitter-analytics/ [22] M. Singh, B...sites with 645,750,000 registered users [3] and has open source public tweets for data mining . 2. Malicious Users and Tweets In the modern world...want to data mine in Twitter, and presents the natural language assertions and corresponding rule patterns. It then describes the steps performed using

Using Trust to Establish a Secure Routing Model in Cognitive Radio Network.

PubMed

Zhang, Guanghua; Chen, Zhenguo; Tian, Liqin; Zhang, Dongwen

2015-01-01

Specific to the selective forwarding attack on routing in cognitive radio network, this paper proposes a trust-based secure routing model. Through monitoring nodes' forwarding behaviors, trusts of nodes are constructed to identify malicious nodes. In consideration of that routing selection-based model must be closely collaborative with spectrum allocation, a route request piggybacking available spectrum opportunities is sent to non-malicious nodes. In the routing decision phase, nodes' trusts are used to construct available path trusts and delay measurement is combined for making routing decisions. At the same time, according to the trust classification, different responses are made specific to their service requests. By adopting stricter punishment on malicious behaviors from non-trusted nodes, the cooperation of nodes in routing can be stimulated. Simulation results and analysis indicate that this model has good performance in network throughput and end-to-end delay under the selective forwarding attack.

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey

PubMed Central

Abdalzaher, Mohamed S.; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-01-01

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs. PMID:27367700

Sensor Based Framework for Secure Multimedia Communication in VANET

PubMed Central

Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T.; Sher, Muhammad; Kim, Tai-Hoon

2010-01-01

Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

Prospects for Evidence -Based Software Assurance: Models and Analysis

DTIC Science & Technology

2015-09-01

virtual machine is much lighter than the workstation. The virtual machine doesn’t need to run anti- virus , firewalls, intrusion preven- tion systems...34] Maiorca, D., Corona , I., and Giacinto, G. Looking at the bag is not enough to find the bomb: An evasion of structural methods for malicious PDF...CCS ’13, ACM, pp. 119–130. [35] Maiorca, D., Giacinto, G., and Corona , I. A pattern recognition system for malicious PDF files detection. In

A Secure and Efficient Audit Mechanism for Dynamic Shared Data in Cloud Storage

PubMed Central

2014-01-01

With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and consistency in the cloud storage, the audit mechanisms were proposed. However, existing approaches have some security vulnerabilities and require a lot of computational overheads. This paper proposes a secure and efficient audit mechanism for dynamic shared data in cloud storage. The proposed scheme prevents a malicious cloud service provider from deceiving an auditor. Moreover, it devises a new index table management method and reduces the auditing cost by employing less complex operations. We prove the resistance against some attacks and show less computation cost and shorter time for auditing when compared with conventional approaches. The results present that the proposed scheme is secure and efficient for cloud storage services managing dynamic shared data. PMID:24959630

Improving Remote Voting Security with CodeVoting

NASA Astrophysics Data System (ADS)

Joaquim, Rui; Ribeiro, Carlos; Ferreira, Paulo

One of the major problems that prevents the spread of elections with the possibility of remote voting over electronic networks, also called Internet Voting, is the use of unreliable client platforms, such as the voter's computer and the Internet infrastructure connecting it to the election server. A computer connected to the Internet is exposed to viruses, worms, Trojans, spyware, malware and other threats that can compromise the election's integrity. For instance, it is possible to write a virus that changes the voter's vote to a predetermined vote on election's day. Another possible attack is the creation of a fake election web site where the voter uses a malicious vote program on the web site that manipulates the voter's vote (phishing/pharming attack). Such attacks may not disturb the election protocol, therefore can remain undetected in the eyes of the election auditors.

A secure and efficient audit mechanism for dynamic shared data in cloud storage.

PubMed

Kwon, Ohmin; Koo, Dongyoung; Shin, Yongjoo; Yoon, Hyunsoo

2014-01-01

With popularization of cloud services, multiple users easily share and update their data through cloud storage. For data integrity and consistency in the cloud storage, the audit mechanisms were proposed. However, existing approaches have some security vulnerabilities and require a lot of computational overheads. This paper proposes a secure and efficient audit mechanism for dynamic shared data in cloud storage. The proposed scheme prevents a malicious cloud service provider from deceiving an auditor. Moreover, it devises a new index table management method and reduces the auditing cost by employing less complex operations. We prove the resistance against some attacks and show less computation cost and shorter time for auditing when compared with conventional approaches. The results present that the proposed scheme is secure and efficient for cloud storage services managing dynamic shared data.

Anti-jamming Technology in Small Satellite Communication

NASA Astrophysics Data System (ADS)

Jia, Zixiang

2018-01-01

Small satellite communication has an increasingly important position among the wireless communications due to the advantages of low cost and high technology. However, in view of the case that its relay station stays outside the earth, its uplink may face interference from malicious signal frequently. Here this paper classified enumerates existing interferences, and proposes channel signals as main interference by comparison. Based on a basic digital communication process, then this paper discusses the possible anti - jamming techniques that commonly be realized at all stages in diverse processes, and comes to the conclusion that regarding the spread spectrum technology and antenna anti-jamming technology as fundamental direction of future development. This work provides possible thought for the design of new small satellite communication system with the coexistence of multi - technologies. This basic popular science can be consulted for people interested in small satellite communication.

Trouble Brewing: Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Control Systems

NASA Astrophysics Data System (ADS)

McEvoy, Thomas Richard; Wolthusen, Stephen D.

Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints.

Test and Evaluation of the Malicious Activity Simulation Tool (MAST) in a Local Area Network (LAN) Running the Common PC Operating System Environment (COMPOSE)

DTIC Science & Technology

2013-09-01

Malicious Activity Simulation Tool MMORPG Massively Multiplayer Online Role-Playing Game MMS Mission Management Server MOA Memorandum of Agreement MS...conferencing, and massively multiplayer online role- playing games (MMORPG). During all of these Internet-based exchanges and transactions, the Internet user...In its 2011 Internet Crime Report, the Internet Crime Complaint Center (IC3) stated there were more than 300,000 complaints of online criminal

A Study and Taxonomy of Vulnerabilities in Web Based Animation and Interactivity Software

DTIC Science & Technology

2010-12-01

Flash Player is available as a plugin for most common Web browsers (Firefox, Mozilla, Netscape, Opera) and as an ActiveX control for Internet...script or HTML via (1) a swf file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX ...malicious page or open a malicious file. 2. Coding an Exploit The specific flaw exists in the Flash Player ActiveX Control’s handling of the

Web malware spread modelling and optimal control strategies

NASA Astrophysics Data System (ADS)

Liu, Wanping; Zhong, Shouming

2017-02-01

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice.

Web malware spread modelling and optimal control strategies.

PubMed

Liu, Wanping; Zhong, Shouming

2017-02-10

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice.

A two-stage flow-based intrusion detection model for next-generation networks.

PubMed

Umer, Muhammad Fahad; Sher, Muhammad; Bi, Yaxin

2018-01-01

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

A two-stage flow-based intrusion detection model for next-generation networks

PubMed Central

2018-01-01

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results. PMID:29329294

Web malware spread modelling and optimal control strategies

PubMed Central

Liu, Wanping; Zhong, Shouming

2017-01-01

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice. PMID:28186203

Securing Collaborative Spectrum Sensing against Untrustworthy Secondary Users in Cognitive Radio Networks

NASA Astrophysics Data System (ADS)

Wang, Wenkai; Li, Husheng; Sun, Yan(Lindsay); Han, Zhu

2009-12-01

Cognitive radio is a revolutionary paradigm to migrate the spectrum scarcity problem in wireless networks. In cognitive radio networks, collaborative spectrum sensing is considered as an effective method to improve the performance of primary user detection. For current collaborative spectrum sensing schemes, secondary users are usually assumed to report their sensing information honestly. However, compromised nodes can send false sensing information to mislead the system. In this paper, we study the detection of untrustworthy secondary users in cognitive radio networks. We first analyze the case when there is only one compromised node in collaborative spectrum sensing schemes. Then we investigate the scenario that there are multiple compromised nodes. Defense schemes are proposed to detect malicious nodes according to their reporting histories. We calculate the suspicious level of all nodes based on their reports. The reports from nodes with high suspicious levels will be excluded in decision-making. Compared with existing defense methods, the proposed scheme can effectively differentiate malicious nodes and honest nodes. As a result, it can significantly improve the performance of collaborative sensing. For example, when there are 10 secondary users, with the primary user detection rate being equal to 0.99, one malicious user can make the false alarm rate [InlineEquation not available: see fulltext.] increase to 72%. The proposed scheme can reduce it to 5%. Two malicious users can make [InlineEquation not available: see fulltext.] increase to 85% and the proposed scheme reduces it to 8%.

SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon Rueff; Lyle Roybal; Denis Vollmer

2013-01-01

There is a significant need to protect the nation’s energy infrastructures from malicious actors using cyber methods. Supervisory, Control, and Data Acquisition (SCADA) systems may be vulnerable due to the insufficient security implemented during the design and deployment of these control systems. This is particularly true in older legacy SCADA systems that are still commonly in use. The purpose of INL’s research on the SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) project was to determine if and how data compression techniques could be used to identify and protect SCADA systems from cyber attacks. Initially, the concept was centered on howmore » to train a compression algorithm to recognize normal control system traffic versus hostile network traffic. Because large portions of the TCP/IP message traffic (called packets) are repetitive, the concept of using compression techniques to differentiate “non-normal” traffic was proposed. In this manner, malicious SCADA traffic could be identified at the packet level prior to completing its payload. Previous research has shown that SCADA network traffic has traits desirable for compression analysis. This work investigated three different approaches to identify malicious SCADA network traffic using compression techniques. The preliminary analyses and results presented herein are clearly able to differentiate normal from malicious network traffic at the packet level at a very high confidence level for the conditions tested. Additionally, the master dictionary approach used in this research appears to initially provide a meaningful way to categorize and compare packets within a communication channel.« less

Hybrid epidemics--a case study on computer worm conficker.

PubMed

Zhang, Changwang; Zhou, Shi; Chain, Benjamin M

2015-01-01

Conficker is a computer worm that erupted on the Internet in 2008. It is unique in combining three different spreading strategies: local probing, neighbourhood probing, and global probing. We propose a mathematical model that combines three modes of spreading: local, neighbourhood, and global, to capture the worm's spreading behaviour. The parameters of the model are inferred directly from network data obtained during the first day of the Conficker epidemic. The model is then used to explore the tradeoff between spreading modes in determining the worm's effectiveness. Our results show that the Conficker epidemic is an example of a critically hybrid epidemic, in which the different modes of spreading in isolation do not lead to successful epidemics. Such hybrid spreading strategies may be used beneficially to provide the most effective strategies for promulgating information across a large population. When used maliciously, however, they can present a dangerous challenge to current internet security protocols.

Assessing the Macro-Level Correlates of Malware Infections Using a Routine Activities Framework.

PubMed

Holt, Thomas J; Burruss, George W; Bossler, Adam M

2018-05-01

The ability to gain unauthorized access to computer systems to engage in espionage and data theft poses a massive threat to individuals worldwide. There has been minimal focus, however, on the role of malicious software, or malware, which can automate this process. This study examined the macro-correlates of malware infection at the national level by using an open repository of known malware infections and utilizing a routine activities framework. Negative inflated binomial models for counts indicated that nations with greater technological infrastructure, more political freedoms, and with less organized crime financial impact were more likely to report malware infections. The number of Computer Emergency Response Teams (CERTs) in a nation was not significantly related with reported malware infection. The implications of the study for the understanding of malware infection, routine activity theory, and target-hardening strategies are discussed.

The effects of different representations on static structure analysis of computer malware signatures.

PubMed

Narayanan, Ajit; Chen, Yi; Pang, Shaoning; Tao, Ban

2013-01-01

The continuous growth of malware presents a problem for internet computing due to increasingly sophisticated techniques for disguising malicious code through mutation and the time required to identify signatures for use by antiviral software systems (AVS). Malware modelling has focused primarily on semantics due to the intended actions and behaviours of viral and worm code. The aim of this paper is to evaluate a static structure approach to malware modelling using the growing malware signature databases now available. We show that, if malware signatures are represented as artificial protein sequences, it is possible to apply standard sequence alignment techniques in bioinformatics to improve accuracy of distinguishing between worm and virus signatures. Moreover, aligned signature sequences can be mined through traditional data mining techniques to extract metasignatures that help to distinguish between viral and worm signatures. All bioinformatics and data mining analysis were performed on publicly available tools and Weka.

The Effects of Different Representations on Static Structure Analysis of Computer Malware Signatures

PubMed Central

Narayanan, Ajit; Chen, Yi; Pang, Shaoning; Tao, Ban

2013-01-01

The continuous growth of malware presents a problem for internet computing due to increasingly sophisticated techniques for disguising malicious code through mutation and the time required to identify signatures for use by antiviral software systems (AVS). Malware modelling has focused primarily on semantics due to the intended actions and behaviours of viral and worm code. The aim of this paper is to evaluate a static structure approach to malware modelling using the growing malware signature databases now available. We show that, if malware signatures are represented as artificial protein sequences, it is possible to apply standard sequence alignment techniques in bioinformatics to improve accuracy of distinguishing between worm and virus signatures. Moreover, aligned signature sequences can be mined through traditional data mining techniques to extract metasignatures that help to distinguish between viral and worm signatures. All bioinformatics and data mining analysis were performed on publicly available tools and Weka. PMID:23983644

Topological properties of robust biological and computational networks

PubMed Central

Navlakha, Saket; He, Xin; Faloutsos, Christos; Bar-Joseph, Ziv

2014-01-01

Network robustness is an important principle in biology and engineering. Previous studies of global networks have identified both redundancy and sparseness as topological properties used by robust networks. By focusing on molecular subnetworks, or modules, we show that module topology is tightly linked to the level of environmental variability (noise) the module expects to encounter. Modules internal to the cell that are less exposed to environmental noise are more connected and less robust than external modules. A similar design principle is used by several other biological networks. We propose a simple change to the evolutionary gene duplication model which gives rise to the rich range of module topologies observed within real networks. We apply these observations to evaluate and design communication networks that are specifically optimized for noisy or malicious environments. Combined, joint analysis of biological and computational networks leads to novel algorithms and insights benefiting both fields. PMID:24789562

On localization attacks against cloud infrastructure

NASA Astrophysics Data System (ADS)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

DualTrust: A Distributed Trust Model for Swarm-Based Autonomic Computing Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Maiden, Wendy M.; Dionysiou, Ioanna; Frincke, Deborah A.

2011-02-01

For autonomic computing systems that utilize mobile agents and ant colony algorithms for their sensor layer, trust management is important for the acceptance of the mobile agent sensors and to protect the system from malicious behavior by insiders and entities that have penetrated network defenses. This paper examines the trust relationships, evidence, and decisions in a representative system and finds that by monitoring the trustworthiness of the autonomic managers rather than the swarming sensors, the trust management problem becomes much more scalable and still serves to protect the swarm. We then propose the DualTrust conceptual trust model. By addressing themore » autonomic manager’s bi-directional primary relationships in the ACS architecture, DualTrust is able to monitor the trustworthiness of the autonomic managers, protect the sensor swarm in a scalable manner, and provide global trust awareness for the orchestrating autonomic manager.« less

Analysis on trust influencing factors and trust model from multiple perspectives of online Auction

NASA Astrophysics Data System (ADS)

Yu, Wang

2017-10-01

Current reputation models lack the research on online auction trading completely so they cannot entirely reflect the reputation status of users and may cause problems on operability. To evaluate the user trust in online auction correctly, a trust computing model based on multiple influencing factors is established. It aims at overcoming the efficiency of current trust computing methods and the limitations of traditional theoretical trust models. The improved model comprehensively considers the trust degree evaluation factors of three types of participants according to different participation modes of online auctioneers, to improve the accuracy, effectiveness and robustness of the trust degree. The experiments test the efficiency and the performance of our model under different scale of malicious user, under environment like eBay and Sporas model. The experimental results analysis show the model proposed in this paper makes up the deficiency of existing model and it also has better feasibility.

Toward a theoretical framework for trustworthy cyber sensing

NASA Astrophysics Data System (ADS)

Xu, Shouhuai

2010-04-01

Cyberspace is an indispensable part of the economy and society, but has been "polluted" with many compromised computers that can be abused to launch further attacks against the others. Since it is likely that there always are compromised computers, it is important to be aware of the (dynamic) cyber security-related situation, which is however challenging because cyberspace is an extremely large-scale complex system. Our project aims to investigate a theoretical framework for trustworthy cyber sensing. With the perspective of treating cyberspace as a large-scale complex system, the core question we aim to address is: What would be a competent theoretical (mathematical and algorithmic) framework for designing, analyzing, deploying, managing, and adapting cyber sensor systems so as to provide trustworthy information or input to the higher layer of cyber situation-awareness management, even in the presence of sophisticated malicious attacks against the cyber sensor systems?

Hybrid Epidemics—A Case Study on Computer Worm Conficker

PubMed Central

Zhang, Changwang; Zhou, Shi; Chain, Benjamin M.

2015-01-01

Conficker is a computer worm that erupted on the Internet in 2008. It is unique in combining three different spreading strategies: local probing, neighbourhood probing, and global probing. We propose a mathematical model that combines three modes of spreading: local, neighbourhood, and global, to capture the worm’s spreading behaviour. The parameters of the model are inferred directly from network data obtained during the first day of the Conficker epidemic. The model is then used to explore the tradeoff between spreading modes in determining the worm’s effectiveness. Our results show that the Conficker epidemic is an example of a critically hybrid epidemic, in which the different modes of spreading in isolation do not lead to successful epidemics. Such hybrid spreading strategies may be used beneficially to provide the most effective strategies for promulgating information across a large population. When used maliciously, however, they can present a dangerous challenge to current internet security protocols. PMID:25978309

Face recognition system and method using face pattern words and face pattern bytes

DOEpatents

Zheng, Yufeng

2014-12-23

The present invention provides a novel system and method for identifying individuals and for face recognition utilizing facial features for face identification. The system and method of the invention comprise creating facial features or face patterns called face pattern words and face pattern bytes for face identification. The invention also provides for pattern recognitions for identification other than face recognition. The invention further provides a means for identifying individuals based on visible and/or thermal images of those individuals by utilizing computer software implemented by instructions on a computer or computer system and a computer readable medium containing instructions on a computer system for face recognition and identification.

Protecting Patient Records from Unwarranted Access

NASA Astrophysics Data System (ADS)

Gardner, Ryan; Garera, Sujata; Rubin, Aviel D.; Rajan, Anand; Rozas, Carlos V.; Sastry, Manoj

Securing access to medical information is vital to protecting patient privacy. However, Electronic Patient Record (EPR) systems are vulnerable to a number of inside and outside threats. Adversaries can compromise EPR client machines to obtain a variety of highly sensitive information including valid EPR login credentials, without detection. Furthermore, medical staff can covertly view records of their choosing for personal interest or more malicious purposes. In particular, we observe that the lack of integrity measurement and auditability in these systems creates a potential threat to the privacy of patient information. We explore the use of virtualization and trusted computing hardware to address these problems. We identify open problems and encourage further research in the area.

Insider Threat Assessment: Model, Analysis and Tool

NASA Astrophysics Data System (ADS)

Chinchani, Ramkumar; Ha, Duc; Iyer, Anusha; Ngo, Hung Q.; Upadhyaya, Shambhu

Insider threat is typically attributed to legitimate users who maliciously leverage their system privileges, and familiarity and proximity to their computational environment to compromise valuable information or inflict damage. According to the annual CSI/FBI surveys conducted since 1996, internal attacks and insider abuse form a significant portion of reported incidents. The strongest indication yet that insider threat is very real is given by the recent study [2] jointly conducted by CERT and the US Secret Service; the first of its kind, which provides an in-depth insight into the problem in a real-world setting. However, there is no known body of work which addresses this problem effectively. There are several challenges, beginning with understanding the threat.

Detecting Heap-Spraying Code Injection Attacks in Malicious Web Pages Using Runtime Execution

NASA Astrophysics Data System (ADS)

Choi, Younghan; Kim, Hyoungchun; Lee, Donghoon

The growing use of web services is increasing web browser attacks exponentially. Most attacks use a technique called heap spraying because of its high success rate. Heap spraying executes a malicious code without indicating the exact address of the code by copying it into many heap objects. For this reason, the attack has a high potential to succeed if only the vulnerability is exploited. Thus, attackers have recently begun using this technique because it is easy to use JavaScript to allocate the heap memory area. This paper proposes a novel technique that detects heap spraying attacks by executing a heap object in a real environment, irrespective of the version and patch status of the web browser. This runtime execution is used to detect various forms of heap spraying attacks, such as encoding and polymorphism. Heap objects are executed after being filtered on the basis of patterns of heap spraying attacks in order to reduce the overhead of the runtime execution. Patterns of heap spraying attacks are based on analysis of how an web browser accesses benign web sites. The heap objects are executed forcibly by changing the instruction register into the address of them after being loaded into memory. Thus, we can execute the malicious code without having to consider the version and patch status of the browser. An object is considered to contain a malicious code if the execution reaches a call instruction and then the instruction accesses the API of system libraries, such as kernel32.dll and ws_32.dll. To change registers and monitor execution flow, we used a debugger engine. A prototype, named HERAD(HEap spRAying Detector), is implemented and evaluated. In experiments, HERAD detects various forms of exploit code that an emulation cannot detect, and some heap spraying attacks that NOZZLE cannot detect. Although it has an execution overhead, HERAD produces a low number of false alarms. The processing time of several minutes is negligible because our research focuses on detecting heap spraying. This research can be applied to existing systems that collect malicious codes, such as Honeypot.

Tumor Microenvironment Modulation via Gold Nanoparticles Targeting Malicious Exosomes: Implications for Cancer Diagnostics and Therapy

PubMed Central

Roma-Rodrigues, Catarina; Raposo, Luís R.; Cabral, Rita; Paradinha, Fabiana; Baptista, Pedro V.; Fernandes, Alexandra R.

2017-01-01

Exosomes are nanovesicles formed in the endosomal pathway with an important role in paracrine and autocrine cell communication. Exosomes secreted by cancer cells, malicious exosomes, have important roles in tumor microenvironment maturation and cancer progression. The knowledge of the role of exosomes in tumorigenesis prompted a new era in cancer diagnostics and therapy, taking advantage of the use of circulating exosomes as tumor biomarkers due to their stability in body fluids and targeting malignant exosomes’ release and/or uptake to inhibit or delay tumor development. In recent years, nanotechnology has paved the way for the development of a plethora of new diagnostic and therapeutic platforms, fostering theranostics. The unique physical and chemical properties of gold nanoparticles (AuNPs) make them suitable vehicles to pursuit this goal. AuNPs’ properties such as ease of synthesis with the desired shape and size, high surface:volume ratio, and the possibility of engineering their surface as desired, potentiate AuNPs’ role in nanotheranostics, allowing the use of the same formulation for exosome detection and restraining the effect of malicious exosomes in cancer progression. PMID:28098821

Persona: Network Layer Anonymity and Accountability for Next Generation Internet

NASA Astrophysics Data System (ADS)

Mallios, Yannis; Modi, Sudeep; Agarwala, Aditya; Johns, Christina

Individual privacy has become a major concern, due to the intrusive nature of the services and websites that collect increasing amounts of private information. One of the notions that can lead towards privacy protection is that of anonymity. Unfortunately, anonymity can also be maliciously exploited by attackers to hide their actions and identity. Thus some sort of accountability is also required. The current Internet has failed to provide both properties, as anonymity techniques are difficult to fully deploy and thus are easily attacked, while the Internet provides limited level of accountability. The Next Generation Internet (NGI) provides us with the opportunity to examine how these conflicting properties could be efficiently applied and thus protect users’ privacy while holding malicious users accountable. In this paper we present the design of a scheme, called Persona that can provide anonymity and accountability in the network layer of NGI. More specifically, our design requirements are to combine these two conflicting desires in a stateless manner within routers. Persona allows users to choose different levels of anonymity, while it allows the discovery of malicious nodes.

Tumor Microenvironment Modulation via Gold Nanoparticles Targeting Malicious Exosomes: Implications for Cancer Diagnostics and Therapy.

PubMed

Roma-Rodrigues, Catarina; Raposo, Luís R; Cabral, Rita; Paradinha, Fabiana; Baptista, Pedro V; Fernandes, Alexandra R

2017-01-14

Exosomes are nanovesicles formed in the endosomal pathway with an important role in paracrine and autocrine cell communication. Exosomes secreted by cancer cells, malicious exosomes, have important roles in tumor microenvironment maturation and cancer progression. The knowledge of the role of exosomes in tumorigenesis prompted a new era in cancer diagnostics and therapy, taking advantage of the use of circulating exosomes as tumor biomarkers due to their stability in body fluids and targeting malignant exosomes' release and/or uptake to inhibit or delay tumor development. In recent years, nanotechnology has paved the way for the development of a plethora of new diagnostic and therapeutic platforms, fostering theranostics. The unique physical and chemical properties of gold nanoparticles (AuNPs) make them suitable vehicles to pursuit this goal. AuNPs' properties such as ease of synthesis with the desired shape and size, high surface:volume ratio, and the possibility of engineering their surface as desired, potentiate AuNPs' role in nanotheranostics, allowing the use of the same formulation for exosome detection and restraining the effect of malicious exosomes in cancer progression.

Agents Based e-Commerce and Securing Exchanged Information

NASA Astrophysics Data System (ADS)

Al-Jaljouli, Raja; Abawajy, Jemal

Mobile agents have been implemented in e-Commerce to search and filter information of interest from electronic markets. When the information is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described, which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol usingSymbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data-authenticity, origin confidentiality and data non-repudiability.

Testing simple deceptive honeypot tools

NASA Astrophysics Data System (ADS)

Yahyaoui, Aymen; Rowe, Neil C.

2015-05-01

Deception can be a useful defensive technique against cyber-attacks; it has the advantage of unexpectedness to attackers and offers a variety of tactics. Honeypots are a good tool for deception. They act as decoy computers to confuse attackers and exhaust their time and resources. This work tested the effectiveness of two free honeypot tools in real networks by varying their location and virtualization, and the effects of adding more deception to them. We tested a Web honeypot tool, Glastopf and an SSH honeypot tool Kippo. We deployed the Web honeypot in both a residential network and our organization's network and as both real and virtual machines; the organization honeypot attracted more attackers starting in the third week. Results also showed that the virtual honeypots received attacks from more unique IP addresses. They also showed that adding deception to the Web honeypot, in the form of additional linked Web pages and interactive features, generated more interest by attackers. For the purpose of comparison, we used examined log files of a legitimate Web-site www.cmand.org. The traffic distributions for the Web honeypot and the legitimate Web site showed similarities (with much malicious traffic from Brazil), but the SSH honeypot was different (with much malicious traffic from China). Contrary to previous experiments where traffic to static honeypots decreased quickly, our honeypots received increasing traffic over a period of three months. It appears that both honeypot tools are useful for providing intelligence about cyber-attack methods, and that additional deception is helpful.

Real-time detection and classification of anomalous events in streaming data

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ferragut, Erik M.; Goodall, John R.; Iannacone, Michael D.

2016-04-19

A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The events can be displayed to a user in user-defined groupings in an animated fashion. The system can include a plurality of anomaly detectors that together implement an algorithm to identify low probability events and detect atypical traffic patterns. The atypical traffic patterns can then be classified as being of interest or not. In one particular example, in a network environment, the classification can be whether the network traffic is malicious or not.

The Use of Computer-Mediated Communication To Enhance Subsequent Face-to-Face Discussions.

ERIC Educational Resources Information Center

Dietz-Uhler, Beth; Bishop-Clark, Cathy

2001-01-01

Describes a study of undergraduate students that assessed the effects of synchronous (Internet chat) and asynchronous (Internet discussion board) computer-mediated communication on subsequent face-to-face discussions. Results showed that face-to-face discussions preceded by computer-mediated communication were perceived to be more enjoyable.…

Protecting computer-based medical devices: defending against viruses and other threats.

PubMed

2005-07-01

The increasing integration of computer hardware has exposed medical devices to greater risks than ever before. More and more devices rely on commercial off-the-shelf software and operating systems, which are vulnerable to the increasing proliferation of viruses and other malicious programs that target computers. Therefore, it is necessary for hospitals to take steps such as those outlined in this article to ensure that their computer-based devices are made safe and continue to remain safe in the future. Maintaining the security of medical devices requires planning, careful execution, and a commitment of resources. A team should be created to develop a process for surveying the security status of all computerized devices in the hospital and making sure that patches and other updates are applied as needed. These patches and updates should be approved by the medical system supplier before being implemented. The team should consider using virtual local area networks to isolate susceptible devices on the hospital's network. All security measures should be carefully documented, and the documentation should be kept up-to-date. Above all, care must be taken to ensure that medical device security involves a collaborative, supportive partnership between the hospital's information technology staff and biomedical engineering personnel.

The Interactive Effects of Computer Conferencing and Multiple Intelligences on Expository Writing.

ERIC Educational Resources Information Center

Cifuentes, Lauren; Hughey, Jane

2003-01-01

Investigates the differential effects of computer conferencing on expository writing for students of seven intelligence types. Students were assigned to treatment groups that provided controlled exposure to a topic: unstructured exposure; computer conferencing; face-to-face discussion; and computer conferencing and face-to-face discussion.…

Homeless drug users' awareness and risk perception of peer "Take Home Naloxone" use – a qualitative study

PubMed Central

Wright, Nat; Oldham, Nicola; Francis, Katharine; Jones, Lesley

2006-01-01

Background Peer use of take home naloxone has the potential to reduce drug related deaths. There appears to be a paucity of research amongst homeless drug users on the topic. This study explores the acceptability and potential risk of peer use of naloxone amongst homeless drug users. From the findings the most feasible model for future treatment provision is suggested. Methods In depth face-to-face interviews conducted in one primary care centre and two voluntary organisation centres providing services to homeless drug users in a large UK cosmopolitan city. Interviews recorded, transcribed and analysed thematically by framework techniques. Results Homeless people recognise signs of a heroin overdose and many are prepared to take responsibility to give naloxone, providing prior training and support is provided. Previous reports of the theoretical potential for abuse and malicious use may have been overplayed. Conclusion There is insufficient evidence to recommend providing "over the counter" take home naloxone" to UK homeless injecting drug users. However a programme of peer use of take home naloxone amongst homeless drug users could be feasible providing prior training is provided. Peer education within a health promotion framework will optimise success as current professionally led health promotion initiatives are failing to have a positive impact amongst homeless drug users. PMID:17014725

E-commerce Review System to Detect False Reviews.

PubMed

Kolhar, Manjur

2017-08-15

E-commerce sites have been doing profitable business since their induction in high-speed and secured networks. Moreover, they continue to influence consumers through various methods. One of the most effective methods is the e-commerce review rating system, in which consumers provide review ratings for the products used. However, almost all e-commerce review rating systems are unable to provide cumulative review ratings. Furthermore, review ratings are influenced by positive and negative malicious feedback ratings, collectively called false reviews. In this paper, we proposed an e-commerce review system framework developed using the cumulative sum method to detect and remove malicious review ratings.

Behavioral biometrics for verification and recognition of malicious software agents

NASA Astrophysics Data System (ADS)

Yampolskiy, Roman V.; Govindaraju, Venu

2008-04-01

Homeland security requires technologies capable of positive and reliable identification of humans for law enforcement, government, and commercial applications. As artificially intelligent agents improve in their abilities and become a part of our everyday life, the possibility of using such programs for undermining homeland security increases. Virtual assistants, shopping bots, and game playing programs are used daily by millions of people. We propose applying statistical behavior modeling techniques developed by us for recognition of humans to the identification and verification of intelligent and potentially malicious software agents. Our experimental results demonstrate feasibility of such methods for both artificial agent verification and even for recognition purposes.

Trust recovery model of Ad Hoc network based on identity authentication scheme

NASA Astrophysics Data System (ADS)

Liu, Jie; Huan, Shuiyuan

2017-05-01

Mobile Ad Hoc network trust model is widely used to solve mobile Ad Hoc network security issues. Aiming at the problem of reducing the network availability caused by the processing of malicious nodes and selfish nodes in mobile Ad Hoc network routing based on trust model, an authentication mechanism based on identity authentication mobile Ad Hoc network is proposed, which uses identity authentication to identify malicious nodes, And trust the recovery of selfish nodes in order to achieve the purpose of reducing network congestion and improving network quality. The simulation results show that the implementation of the mechanism can effectively improve the network availability and security.

Dataset of anomalies and malicious acts in a cyber-physical subsystem.

PubMed

Laso, Pedro Merino; Brosset, David; Puentes, John

2017-10-01

This article presents a dataset produced to investigate how data and information quality estimations enable to detect aNomalies and malicious acts in cyber-physical systems. Data were acquired making use of a cyber-physical subsystem consisting of liquid containers for fuel or water, along with its automated control and data acquisition infrastructure. Described data consist of temporal series representing five operational scenarios - Normal, aNomalies, breakdown, sabotages, and cyber-attacks - corresponding to 15 different real situations. The dataset is publicly available in the .zip file published with the article, to investigate and compare faulty operation detection and characterization methods for cyber-physical systems.

Proactive malware detection

NASA Astrophysics Data System (ADS)

Gloster, Jonathan; Diep, Michael; Dredden, David; Mix, Matthew; Olsen, Mark; Price, Brian; Steil, Betty

2014-06-01

Small-to-medium sized businesses lack resources to deploy and manage high-end advanced solutions to deter sophisticated threats from well-funded adversaries, but evidence shows that these types of businesses are becoming key targets. As malicious code and network attacks become more sophisticated, classic signature-based virus and malware detection methods are less effective. To augment the current malware methods of detection, we developed a proactive approach to detect emerging malware threats using open source tools and intelligence to discover patterns and behaviors of malicious attacks and adversaries. Technical and analytical skills are combined to track adversarial behavior, methods and techniques. We established a controlled (separated domain) network to identify, monitor, and track malware behavior to increase understanding of the methods and techniques used by cyber adversaries. We created a suite of tools that observe the network and system performance looking for anomalies that may be caused by malware. The toolset collects information from open-source tools and provides meaningful indicators that the system was under or has been attacked. When malware is discovered, we analyzed and reverse engineered it to determine how it could be detected and prevented. Results have shown that with minimum resources, cost effective capabilities can be developed to detect abnormal behavior that may indicate malicious software.

Computer Self-Efficacy, Anxiety, and Learning in Online versus Face to Face Medium

ERIC Educational Resources Information Center

Hauser, Richard; Paul, Ravi; Bradley, John

2012-01-01

The purpose of this research is to examine the relationships between changes to computer self-efficacy (CSE) and computer anxiety and the impact on performance on computer-related tasks in both online and face-to-face mediums. While many studies have looked at these factors individually, relatively few have included multiple measures of these…

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

NASA Technical Reports Server (NTRS)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments.

PubMed

Song, Min Su; Lee, Jae Dong; Jeong, Young-Sik; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system.

Trust Management in Swarm-Based Autonomic Computing Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Maiden, Wendy M.; Haack, Jereme N.; Fink, Glenn A.

2009-07-07

Reputation-based trust management techniques can address issues such as insider threat as well as quality of service issues that may be malicious in nature. However, trust management techniques must be adapted to the unique needs of the architectures and problem domains to which they are applied. Certain characteristics of swarms such as their lightweight ephemeral nature and indirect communication make this adaptation especially challenging. In this paper we look at the trust issues and opportunities in mobile agent swarm-based autonomic systems and find that by monitoring the trustworthiness of the autonomic managers rather than the swarming sensors, the trust managementmore » problem becomes much more scalable and still serves to protect the swarms. We also analyze the applicability of trust management research as it has been applied to architectures with similar characteristics. Finally, we specify required characteristics for trust management mechanisms to be used to monitor the trustworthiness of the entities in a swarm-based autonomic computing system.« less

DS-ARP: A New Detection Scheme for ARP Spoofing Attacks Based on Routing Trace for Ubiquitous Environments

PubMed Central

Song, Min Su; Lee, Jae Dong; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system. PMID:25243205

Cybersecurity through Real-Time Distributed Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kisner, Roger A; Manges, Wayne W; MacIntyre, Lawrence Paul

2010-04-01

Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections. Much work is under way in numerous organizations to characterize the cyber threat, determine means to minimize risk, and develop mitigation strategies to address potential consequences. While it seems natural that a simple application of cyber-protection methods derived from corporate business information technology (IT) domain would lead to an acceptable solution, the reality is that the characteristics of RTDCSs make many of those methods inadequatemore » and unsatisfactory or even harmful. A solution lies in developing a defense-in-depth approach that ranges from protection at communications interconnect levels ultimately to the control system s functional characteristics that are designed to maintain control in the face of malicious intrusion. This paper summarizes the nature of RTDCSs from a cybersecurity perspec tive and discusses issues, vulnerabilities, candidate mitigation approaches, and metrics.« less

Wireless Networks under a Backoff Attack: A Game Theoretical Perspective.

PubMed

Parras, Juan; Zazo, Santiago

2018-01-30

We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi's network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality.

The Impact of Emotions and Empathy-Related Traits on Punishment Behavior: Introduction and Validation of the Inequality Game.

PubMed

Klimecki, Olga M; Vuilleumier, Patrik; Sander, David

2016-01-01

In the prevention and resolution of conflicts in social contexts, an important step is to understand how different emotions and empathic traits are linked to punishment behaviors. Unfortunately, few paradigms exist to study these phenomena. Here, we developed the Inequality Game (IG) as an economic and verbal interaction paradigm in which participants are faced with an "unfair other" as opposed to a "fair other" and subsequently have the opportunity to engage in a range of social behaviors. These social behaviors include cooperative or competitive economic choices and nice or derogatory verbal behavior toward the unfair and fair other. Participants could thus engage in punishment or forgiveness behavior toward the unfair other as well as in cooperative or aggressive behavior toward the fair other. We validated the IG through multimodal measures comprising the assessment of personality traits, emotions (by means of facial expressions and self-reports), arousal (by means of skin conductance responses), physical effort (force exertion), and behavioral reactions. Second, we examined the influence of emotions and empathy-related traits on punishment behavior. With regard to emotions, we observed a positive relation between malicious joy and punishment behavior. This result highlights the role of reward-related mechanisms in favoring punishment behavior. In addition, different empathic traits had opposing effects on antisocial behavior. Whereas personal distress predicted aggressive verbal behavior, perspective taking and empathic concern predicted a reduction in punishment behavior. Empathic traits also modulated emotional experience and person evaluations, such that perspective taking was related to more positive affect (less frowning and more smiling) and a more favorable evaluation of the unfair other. The current data validate the IG, reveal that malicious joy is positively related to punishment behavior, and show that different types of empathic traits can have opposing effects on antisocial behavior as well as on related emotions and person evaluations.

The Impact of Emotions and Empathy-Related Traits on Punishment Behavior: Introduction and Validation of the Inequality Game

PubMed Central

Klimecki, Olga M.; Vuilleumier, Patrik; Sander, David

2016-01-01

In the prevention and resolution of conflicts in social contexts, an important step is to understand how different emotions and empathic traits are linked to punishment behaviors. Unfortunately, few paradigms exist to study these phenomena. Here, we developed the Inequality Game (IG) as an economic and verbal interaction paradigm in which participants are faced with an “unfair other” as opposed to a “fair other” and subsequently have the opportunity to engage in a range of social behaviors. These social behaviors include cooperative or competitive economic choices and nice or derogatory verbal behavior toward the unfair and fair other. Participants could thus engage in punishment or forgiveness behavior toward the unfair other as well as in cooperative or aggressive behavior toward the fair other. We validated the IG through multimodal measures comprising the assessment of personality traits, emotions (by means of facial expressions and self-reports), arousal (by means of skin conductance responses), physical effort (force exertion), and behavioral reactions. Second, we examined the influence of emotions and empathy-related traits on punishment behavior. With regard to emotions, we observed a positive relation between malicious joy and punishment behavior. This result highlights the role of reward-related mechanisms in favoring punishment behavior. In addition, different empathic traits had opposing effects on antisocial behavior. Whereas personal distress predicted aggressive verbal behavior, perspective taking and empathic concern predicted a reduction in punishment behavior. Empathic traits also modulated emotional experience and person evaluations, such that perspective taking was related to more positive affect (less frowning and more smiling) and a more favorable evaluation of the unfair other. The current data validate the IG, reveal that malicious joy is positively related to punishment behavior, and show that different types of empathic traits can have opposing effects on antisocial behavior as well as on related emotions and person evaluations. PMID:26978065

A methodology for secure recovery of spacecrafts based on a trusted hardware platform

NASA Astrophysics Data System (ADS)

Juliato, Marcio; Gebotys, Catherine

2017-02-01

This paper proposes a methodology for the secure recovery of spacecrafts and the recovery of its cryptographic capabilities in emergency scenarios recurring from major unintentional failures and malicious attacks. The proposed approach employs trusted modules to achieve higher reliability and security levels in space missions due to the presence of integrity check capabilities as well as secure recovery mechanisms. Additionally, several recovery protocols are thoroughly discussed and analyzed against a wide variety of attacks. Exhaustive search attacks are shown in a wide variety of contexts and are shown to be infeasible and totally independent of the computational power of attackers. Experimental results have shown that the proposed methodology allows for the fast and secure recovery of spacecrafts, demanding minimum implementation area, power consumption and bandwidth.

Collaborative Localization and Location Verification in WSNs

PubMed Central

Miao, Chunyu; Dai, Guoyong; Ying, Kezhen; Chen, Qingzhang

2015-01-01

Localization is one of the most important technologies in wireless sensor networks. A lightweight distributed node localization scheme is proposed by considering the limited computational capacity of WSNs. The proposed scheme introduces the virtual force model to determine the location by incremental refinement. Aiming at solving the drifting problem and malicious anchor problem, a location verification algorithm based on the virtual force mode is presented. In addition, an anchor promotion algorithm using the localization reliability model is proposed to re-locate the drifted nodes. Extended simulation experiments indicate that the localization algorithm has relatively high precision and the location verification algorithm has relatively high accuracy. The communication overhead of these algorithms is relative low, and the whole set of reliable localization methods is practical as well as comprehensive. PMID:25954948

Learning, Interactional, and Motivational Outcomes in One-to-One Synchronous Computer-Mediated versus Face-to-Face Tutoring

ERIC Educational Resources Information Center

Siler, Stephanie Ann; VanLehn, Kurt

2009-01-01

Face-to-face (FTF) human-human tutoring has ranked among the most effective forms of instruction. However, because computer-mediated (CM) tutoring is becoming increasingly common, it is instructive to evaluate its effectiveness relative to face-to-face tutoring. Does the lack of spoken, face-to-face interaction affect learning gains and…

Safety and security of radioactive sources in industrial radiography in Bangladesh

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mollah, A. S.; Nazrul, M. Abdullah

2013-07-01

Malicious use of radioactive sources can involve dispersal of that material through an explosive device. There has been recognition of the threat posed by the potential malicious misuse of NDT radioactive source by terrorists. The dispersal of radioactive material using conventional explosives, referred to as a 'dirty bomb', could create considerable panic, disruption and area access denial in an urban environment. However, as it is still a relatively new topic among regulators, users, and transport and storage operators worldwide, international assistance and cooperation in developing the necessary regulatory and security infrastructure is required. The most important action in reducing themore » risk of radiological terrorism is to increase the security of radioactive sources. This paper presents safety and security considerations for the transport and site storage of the industrial radiography sources as per national regulations entitled 'Nuclear Safety and Radiation Control Rules-1997'.The main emphasis was put on the stages of some safety and security actions in order to prevent theft, sabotage or other malicious acts during the transport of the packages. As a conclusion it must be mentioned that both safety and security considerations are very important aspects that must be taking in account for the transport and site storage of radioactive sources used in the practice of industrial radiography. (authors)« less

High-end Home Firewalls CIAC-2326

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orvis, W

Networking in most large organizations is protected with corporate firewalls and managed by seasoned security professionals. Attempts to break into systems at these organizations are extremely difficult to impossible for an external intruder. With the growth in networking and the options that it makes possible, new avenues of intrusion are opening up. Corporate machines exist that are completely unprotected against intrusions, that are not managed by a security professional, and that are regularly connected to the company network. People have the option of and are encouraged to work at home using a home computer linked to the company network. Managersmore » have home computers linked to internal machines so they can keep an eye on internal processes while not physically at work. Researchers do research or writing at home and connect to the company network to download information and upload results. In most cases, these home computers are completely unprotected, except for any protection that the home user might have installed. Unfortunately, most home users are not security professionals and home computers are often used by other family members, such as children downloading music, who are completely unconcerned about security precautions. When these computers are connected to the company network, they can easily introduce viruses, worms, and other malicious code or open a channel behind the company firewall for an external intruder.« less

Multi-Party Privacy-Preserving Set Intersection with Quasi-Linear Complexity

NASA Astrophysics Data System (ADS)

Cheon, Jung Hee; Jarecki, Stanislaw; Seo, Jae Hong

Secure computation of the set intersection functionality allows n parties to find the intersection between their datasets without revealing anything else about them. An efficient protocol for such a task could have multiple potential applications in commerce, health care, and security. However, all currently known secure set intersection protocols for n>2 parties have computational costs that are quadratic in the (maximum) number of entries in the dataset contributed by each party, making secure computation of the set intersection only practical for small datasets. In this paper, we describe the first multi-party protocol for securely computing the set intersection functionality with both the communication and the computation costs that are quasi-linear in the size of the datasets. For a fixed security parameter, our protocols require O(n2k) bits of communication and Õ(n2k) group multiplications per player in the malicious adversary setting, where k is the size of each dataset. Our protocol follows the basic idea of the protocol proposed by Kissner and Song, but we gain efficiency by using different representations of the polynomials associated with users' datasets and careful employment of algorithms that interpolate or evaluate polynomials on multiple points more efficiently. Moreover, the proposed protocol is robust. This means that the protocol outputs the desired result even if some corrupted players leave during the execution of the protocol.

Wireless Networks under a Backoff Attack: A Game Theoretical Perspective

PubMed Central

Zazo, Santiago

2018-01-01

We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi’s network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality. PMID:29385752

An enhanced performance through agent-based secure approach for mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Bisen, Dhananjay; Sharma, Sanjeev

2018-01-01

This paper proposes an agent-based secure enhanced performance approach (AB-SEP) for mobile ad hoc network. In this approach, agent nodes are selected through optimal node reliability as a factor. This factor is calculated on the basis of node performance features such as degree difference, normalised distance value, energy level, mobility and optimal hello interval of node. After selection of agent nodes, a procedure of malicious behaviour detection is performed using fuzzy-based secure architecture (FBSA). To evaluate the performance of the proposed approach, comparative analysis is done with conventional schemes using performance parameters such as packet delivery ratio, throughput, total packet forwarding, network overhead, end-to-end delay and percentage of malicious detection.

Effects of Face-to-Face and Computer-Mediated Constructive Controversy on Social Interdependence, Motivation, and Achievement

ERIC Educational Resources Information Center

Roseth, Cary J.; Saltarelli, Andy J.; Glass, Chris R.

2011-01-01

Cooperative learning capitalizes on the relational processes by which peers promote learning, yet it remains unclear whether these processes operate similarly in face-to-face and online settings. This study addresses this issue by comparing face-to-face and computer-mediated versions of "constructive controversy", a cooperative learning procedure…

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.

PubMed

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V

2017-03-21

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider's server contains a lot of valuable resources. LoBSs' users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs' risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs' risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing.

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks

PubMed Central

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V.

2017-01-01

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider’s server contains a lot of valuable resources. LoBSs’ users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs’ risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs’ risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing. PMID:28335569

Comparison of Knowledge and Attitudes Using Computer-Based and Face-to-Face Personal Hygiene Training Methods in Food Processing Facilities

ERIC Educational Resources Information Center

Fenton, Ginger D.; LaBorde, Luke F.; Radhakrishna, Rama B.; Brown, J. Lynne; Cutter, Catherine N.

2006-01-01

Computer-based training is increasingly favored by food companies for training workers due to convenience, self-pacing ability, and ease of use. The objectives of this study were to determine if personal hygiene training, offered through a computer-based method, is as effective as a face-to-face method in knowledge acquisition and improved…

Mitigating Inadvertent Insider Threats with Incentives

NASA Astrophysics Data System (ADS)

Liu, Debin; Wang, Xiaofeng; Camp, L. Jean

Inadvertent insiders are trusted insiders who do not have malicious intent (as with malicious insiders) but do not responsibly managing security. The result is often enabling a malicious outsider to use the privileges of the inattentive insider to implement an insider attack. This risk is as old as conversion of a weak user password into root access, but the term inadvertent insider is recently coined to identify the link between the behavior and the vulnerability. In this paper, we propose to mitigate this threat using a novel risk budget mechanism that offers incentives to an insider to behave according to the risk posture set by the organization. We propose assigning an insider a risk budget, which is a specific allocation of risk points, allowing employees to take a finite number of risk-seeking choice. In this way, the employee can complete her tasks without subverting the security system, as with absolute prohibitions. In the end, the organization penalizes the insider if she fails to accomplish her task within the budget while rewards her in the presence of a surplus. Most importantly. the risk budget requires that the user make conscious visible choices to take electronic risks. We describe the theory behind the system, including specific work on the insider threats. We evaluated this approach using human-subject experiments, which demonstrate the effectiveness of our risk budget mechanism. We also present a game theoretic analysis of the mechanism.

CernVM WebAPI - Controlling Virtual Machines from the Web

NASA Astrophysics Data System (ADS)

Charalampidis, I.; Berzano, D.; Blomer, J.; Buncic, P.; Ganis, G.; Meusel, R.; Segal, B.

2015-12-01

Lately, there is a trend in scientific projects to look for computing resources in the volunteering community. In addition, to reduce the development effort required to port the scientific software stack to all the known platforms, the use of Virtual Machines (VMs)u is becoming increasingly popular. Unfortunately their use further complicates the software installation and operation, restricting the volunteer audience to sufficiently expert people. CernVM WebAPI is a software solution addressing this specific case in a way that opens wide new application opportunities. It offers a very simple API for setting-up, controlling and interfacing with a VM instance in the users computer, while in the same time offloading the user from all the burden of downloading, installing and configuring the hypervisor. WebAPI comes with a lightweight javascript library that guides the user through the application installation process. Malicious usage is prohibited by offering a per-domain PKI validation mechanism. In this contribution we will overview this new technology, discuss its security features and examine some test cases where it is already in use.

A Novel Certificateless Signature Scheme for Smart Objects in the Internet-of-Things.

PubMed

Yeh, Kuo-Hui; Su, Chunhua; Choo, Kim-Kwang Raymond; Chiu, Wayne

2017-05-01

Rapid advances in wireless communications and pervasive computing technologies have resulted in increasing interest and popularity of Internet-of-Things (IoT) architecture, ubiquitously providing intelligence and convenience to our daily life. In IoT-based network environments, smart objects are embedded everywhere as ubiquitous things connected in a pervasive manner. Ensuring security for interactions between these smart things is significantly more important, and a topic of ongoing interest. In this paper, we present a certificateless signature scheme for smart objects in IoT-based pervasive computing environments. We evaluate the utility of the proposed scheme in IoT-oriented testbeds, i.e., Arduino Uno and Raspberry PI 2. Experiment results present the practicability of the proposed scheme. Moreover, we revisit the scheme of Wang et al. (2015) and revealed that a malicious super type I adversary can easily forge a legitimate signature to cheat any receiver as he/she wishes in the scheme. The superiority of the proposed certificateless signature scheme over relevant studies is demonstrated in terms of the summarized security and performance comparisons.

A Distributed Signature Detection Method for Detecting Intrusions in Sensor Systems

PubMed Central

Kim, Ilkyu; Oh, Doohwan; Yoon, Myung Kuk; Yi, Kyueun; Ro, Won Woo

2013-01-01

Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu–Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors. PMID:23529146

A distributed signature detection method for detecting intrusions in sensor systems.

PubMed

Kim, Ilkyu; Oh, Doohwan; Yoon, Myung Kuk; Yi, Kyueun; Ro, Won Woo

2013-03-25

Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu-Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

A Novel Certificateless Signature Scheme for Smart Objects in the Internet-of-Things

PubMed Central

Yeh, Kuo-Hui; Su, Chunhua; Choo, Kim-Kwang Raymond; Chiu, Wayne

2017-01-01

Rapid advances in wireless communications and pervasive computing technologies have resulted in increasing interest and popularity of Internet-of-Things (IoT) architecture, ubiquitously providing intelligence and convenience to our daily life. In IoT-based network environments, smart objects are embedded everywhere as ubiquitous things connected in a pervasive manner. Ensuring security for interactions between these smart things is significantly more important, and a topic of ongoing interest. In this paper, we present a certificateless signature scheme for smart objects in IoT-based pervasive computing environments. We evaluate the utility of the proposed scheme in IoT-oriented testbeds, i.e., Arduino Uno and Raspberry PI 2. Experiment results present the practicability of the proposed scheme. Moreover, we revisit the scheme of Wang et al. (2015) and revealed that a malicious super type I adversary can easily forge a legitimate signature to cheat any receiver as he/she wishes in the scheme. The superiority of the proposed certificateless signature scheme over relevant studies is demonstrated in terms of the summarized security and performance comparisons. PMID:28468313

A model for anomaly classification in intrusion detection systems

NASA Astrophysics Data System (ADS)

Ferreira, V. O.; Galhardi, V. V.; Gonçalves, L. B. L.; Silva, R. C.; Cansian, A. M.

2015-09-01

Intrusion Detection Systems (IDS) are traditionally divided into two types according to the detection methods they employ, namely (i) misuse detection and (ii) anomaly detection. Anomaly detection has been widely used and its main advantage is the ability to detect new attacks. However, the analysis of anomalies generated can become expensive, since they often have no clear information about the malicious events they represent. In this context, this paper presents a model for automated classification of alerts generated by an anomaly based IDS. The main goal is either the classification of the detected anomalies in well-defined taxonomies of attacks or to identify whether it is a false positive misclassified by the IDS. Some common attacks to computer networks were considered and we achieved important results that can equip security analysts with best resources for their analyses.

Identifying and tracking dynamic processes in social networks

NASA Astrophysics Data System (ADS)

Chung, Wayne; Savell, Robert; Schütt, Jan-Peter; Cybenko, George

2006-05-01

The detection and tracking of embedded malicious subnets in an active social network can be computationally daunting due to the quantity of transactional data generated in the natural interaction of large numbers of actors comprising a network. In addition, detection of illicit behavior may be further complicated by evasive strategies designed to camouflage the activities of the covert subnet. In this work, we move beyond traditional static methods of social network analysis to develop a set of dynamic process models which encode various modes of behavior in active social networks. These models will serve as the basis for a new application of the Process Query System (PQS) to the identification and tracking of covert dynamic processes in social networks. We present a preliminary result from application of our technique in a real-world data stream-- the Enron email corpus.

Network Security Validation Using Game Theory

NASA Astrophysics Data System (ADS)

Papadopoulou, Vicky; Gregoriades, Andreas

Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

A Comparison between the Occurrence of Pauses, Repetitions and Recasts under Conditions of Face-to-Face and Computer-Mediated Communication: A Preliminary Study

ERIC Educational Resources Information Center

Cabaroglu, Nese; Basaran, Suleyman; Roberts, Jon

2010-01-01

This study compares pauses, repetitions and recasts in matched task interactions under face-to-face and computer-mediated conditions. Six first-year English undergraduates at a Turkish University took part in Skype-based voice chat with a native speaker and face-to-face with their instructor. Preliminary quantitative analysis of transcripts showed…

The Effects of Web-Based and Face-to-Face Discussion on Computer Engineering Majors' Performance on the Karnaugh Map

ERIC Educational Resources Information Center

Hung, Yen-Chu

2011-01-01

This study investigates the different effects of web-based and face-to-face discussion on computer engineering majors' performance using the Karnaugh map in digital logic design. Pretest and posttest scores for two treatment groups (web-based discussion and face-to-face discussion) and a control group were compared and subjected to covariance…

Face Recognition in Humans and Machines

NASA Astrophysics Data System (ADS)

O'Toole, Alice; Tistarelli, Massimo

The study of human face recognition by psychologists and neuroscientists has run parallel to the development of automatic face recognition technologies by computer scientists and engineers. In both cases, there are analogous steps of data acquisition, image processing, and the formation of representations that can support the complex and diverse tasks we accomplish with faces. These processes can be understood and compared in the context of their neural and computational implementations. In this chapter, we present the essential elements of face recognition by humans and machines, taking a perspective that spans psychological, neural, and computational approaches. From the human side, we overview the methods and techniques used in the neurobiology of face recognition, the underlying neural architecture of the system, the role of visual attention, and the nature of the representations that emerges. From the computational side, we discuss face recognition technologies and the strategies they use to overcome challenges to robust operation over viewing parameters. Finally, we conclude the chapter with a look at some recent studies that compare human and machine performances at face recognition.

Appraisal patterns of envy and related emotions.

PubMed

van de Ven, Niels; Zeelenberg, Marcel; Pieters, Rik

2012-06-01

Envy is a frustrating emotion that arises from upward social comparison. Two studies investigated the appraisals that distinguish benign envy (aimed at improving one's own situation) from malicious envy (aimed at pulling down the superior other). Study 1 found that appraisals of deservingness and control potential differentiated both types of envy. We manipulated these appraisals in Study 2 and found that while both did not influence the intensity of envy, they did determine the type of envy that resulted. The more a situation was appraised as undeserved, the more participants experienced malicious envy. Benign envy was experienced more when the situation was not undeserved, and the most when the situation was appraised as both deserved and controllable. The current research also clarifies how the types of envy differ from the related emotions admiration and resentment.

The Functional Neuroanatomy of Human Face Perception.

PubMed

Grill-Spector, Kalanit; Weiner, Kevin S; Kay, Kendrick; Gomez, Jesse

2017-09-15

Face perception is critical for normal social functioning and is mediated by a network of regions in the ventral visual stream. In this review, we describe recent neuroimaging findings regarding the macro- and microscopic anatomical features of the ventral face network, the characteristics of white matter connections, and basic computations performed by population receptive fields within face-selective regions composing this network. We emphasize the importance of the neural tissue properties and white matter connections of each region, as these anatomical properties may be tightly linked to the functional characteristics of the ventral face network. We end by considering how empirical investigations of the neural architecture of the face network may inform the development of computational models and shed light on how computations in the face network enable efficient face perception.

Human face recognition using eigenface in cloud computing environment

NASA Astrophysics Data System (ADS)

Siregar, S. T. M.; Syahputra, M. F.; Rahmat, R. F.

2018-02-01

Doing a face recognition for one single face does not take a long time to process, but if we implement attendance system or security system on companies that have many faces to be recognized, it will take a long time. Cloud computing is a computing service that is done not on a local device, but on an internet connected to a data center infrastructure. The system of cloud computing also provides a scalability solution where cloud computing can increase the resources needed when doing larger data processing. This research is done by applying eigenface while collecting data as training data is also done by using REST concept to provide resource, then server can process the data according to existing stages. After doing research and development of this application, it can be concluded by implementing Eigenface, recognizing face by applying REST concept as endpoint in giving or receiving related information to be used as a resource in doing model formation to do face recognition.

The investigation and implementation of real-time face pose and direction estimation on mobile computing devices

NASA Astrophysics Data System (ADS)

Fu, Deqian; Gao, Lisheng; Jhang, Seong Tae

2012-04-01

The mobile computing device has many limitations, such as relative small user interface and slow computing speed. Usually, augmented reality requires face pose estimation can be used as a HCI and entertainment tool. As far as the realtime implementation of head pose estimation on relatively resource limited mobile platforms is concerned, it is required to face different constraints while leaving enough face pose estimation accuracy. The proposed face pose estimation method met this objective. Experimental results running on a testing Android mobile device delivered satisfactory performing results in the real-time and accurately.

Data Mining and Privacy of Social Network Sites' Users: Implications of the Data Mining Problem.

PubMed

Al-Saggaf, Yeslam; Islam, Md Zahidul

2015-08-01

This paper explores the potential of data mining as a technique that could be used by malicious data miners to threaten the privacy of social network sites (SNS) users. It applies a data mining algorithm to a real dataset to provide empirically-based evidence of the ease with which characteristics about the SNS users can be discovered and used in a way that could invade their privacy. One major contribution of this article is the use of the decision forest data mining algorithm (SysFor) to the context of SNS, which does not only build a decision tree but rather a forest allowing the exploration of more logic rules from a dataset. One logic rule that SysFor built in this study, for example, revealed that anyone having a profile picture showing just the face or a picture showing a family is less likely to be lonely. Another contribution of this article is the discussion of the implications of the data mining problem for governments, businesses, developers and the SNS users themselves.

Brief Announcement: Induced Churn to Face Adversarial Behavior in Peer-to-Peer Systems

NASA Astrophysics Data System (ADS)

Anceaume, Emmanuelle; Brasileiro, Francisco; Ludinard, Romaric; Sericola, Bruno; Tronel, Frederic

Awerbuch and Scheideler [2] have shown that peer-to-peer overlays networks can only survive Byzantine attacks if malicious nodes are not able to predict what will be the topology of the network for a given sequence of join and leave operations. A prerequisite for this condition to hold is to guarantee that nodes identifiers randomness is continuously preserved. However targeted join/leave attacks may quickly endanger the relevance of such an assumption. Inducing churn has been shown to be the other fundamental ingredient to preserve randomness. Several strategies based on these principles have been proposed. Most of them are based on locally induced churn. However either they have been proven incorrect or they involve a too high level of complexity to be practically acceptable [2]. The other ones, based on globally induced churn, enforce limited lifetime for each node in the system. However, these solutions keep the system in an unnecessary hyper-activity, and thus need to impose strict restrictions on nodes joining rate which clearly limit their applicability to open systems.

Construction of Shared Knowledge in Face-to-Face and Computer-Mediated Cooperation.

ERIC Educational Resources Information Center

Fischer, Frank; Mandl, Heinz

This study examined how learners constructed and used shared knowledge in computer-mediated and face-to-face cooperative learning, investigating how to facilitate the construction and use of shared knowledge through dynamic visualization. Forty-eight college students were separated into dyads and assigned to one of four experimental conditions…

Collaborative Dialogue in Synchronous Computer-Mediated Communication and Face-to-Face Communication

ERIC Educational Resources Information Center

Zeng, Gang

2017-01-01

Previous research has documented that collaborative dialogue promotes L2 learning in both face-to-face (F2F) and synchronous computer-mediated communication (SCMC) modalities. However, relatively little research has explored modality effects on collaborative dialogue. Thus, motivated by sociocultual theory, this study examines how F2F compares…

Blending Synchronous Face-to-Face and Computer-Supported Cooperative Learning in a Hybrid Doctoral Seminar

ERIC Educational Resources Information Center

Roseth, Cary; Akcaoglu, Mete; Zellner, Andrea

2013-01-01

Online education is often assumed to be synonymous with asynchronous instruction, existing apart from or supplementary to face-to-face instruction in traditional bricks-and-mortar classrooms. However, expanding access to computer-mediated communication technologies now make new models possible, including distance learners synchronous online…

Effects of Synchronicity and Belongingness on Face-to-Face and Computer-Mediated Constructive Controversy

ERIC Educational Resources Information Center

Saltarelli, Andy J.; Roseth, Cary J.

2014-01-01

Adapting face-to-face (FTF) pedagogies to online settings raises boundary questions about the contextual conditions in which the same instructional method stimulates different outcomes. We address this issue by examining FTF and computer-mediated communication (CMC) versions of constructive controversy, a cooperative learning procedure involving…

Development of three-dimensional patient face model that enables real-time collision detection and cutting operation for a dental simulator.

PubMed

Yamaguchi, Satoshi; Yamada, Yuya; Yoshida, Yoshinori; Noborio, Hiroshi; Imazato, Satoshi

2012-01-01

The virtual reality (VR) simulator is a useful tool to develop dental hand skill. However, VR simulations with reactions of patients have limited computational time to reproduce a face model. Our aim was to develop a patient face model that enables real-time collision detection and cutting operation by using stereolithography (STL) and deterministic finite automaton (DFA) data files. We evaluated dependence of computational cost and constructed the patient face model using the optimum condition for combining STL and DFA data files, and assessed the computational costs for operation in do-nothing, collision, cutting, and combination of collision and cutting. The face model was successfully constructed with low computational costs of 11.3, 18.3, 30.3, and 33.5 ms for do-nothing, collision, cutting, and collision and cutting, respectively. The patient face model could be useful for developing dental hand skill with VR.

Does virtual intimacy exist? A brief exploration into reported levels of intimacy in online relationships.

PubMed

Scott, Veronica M; Mottarella, Karen E; Lavooy, Maria J

2006-12-01

This study examined the levels of intimacy reported by individuals in face-to-face and computer-mediated (or "virtual") romantic relationships. As suggested by the media and promised by online dating services, some degree of intimacy was reported in computer-mediated relationships, but stronger intimacy was reported in all participants' face-to-face relationships. Results also indicated that individuals who had online, virtual relationships reported less intimacy in their own face-to-face relationships compared to individuals who had engaged exclusively in face-to-face relationships, suggesting that people may turn to virtual relating after challenges in their face-to-face experiences.

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2010 CFR

2010-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2014 CFR

2014-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2011 CFR

2011-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2012 CFR

2012-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2013 CFR

2013-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

Department of Homeland Security

MedlinePlus

... Release Joint Technical Alerts on Malicious North Korean Cyber Activity Today, DHS and FBI released a pair ... María Provide Feedback to DHS Protect Myself from Cyber Attacks Report Cyber Incidents Prepare My Family for ...

Detecting insider activity using enhanced directory virtualization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Shin, Dongwan; Claycomb, William R.

2010-07-01

Insider threats often target authentication and access control systems, which are frequently based on directory services. Detecting these threats is challenging, because malicious users with the technical ability to modify these structures often have sufficient knowledge and expertise to conceal unauthorized activity. The use of directory virtualization to monitor various systems across an enterprise can be a valuable tool for detecting insider activity. The addition of a policy engine to directory virtualization services enhances monitoring capabilities by allowing greater flexibility in analyzing changes for malicious intent. The resulting architecture is a system-based approach, where the relationships and dependencies between datamore » sources and directory services are used to detect an insider threat, rather than simply relying on point solutions. This paper presents such an architecture in detail, including a description of implementation results.« less

Formal Analysis of Key Integrity in PKCS#11

NASA Astrophysics Data System (ADS)

Falcone, Andrea; Focardi, Riccardo

PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and usb crypto-tokens. Though widely adopted, this API has been shown to be prone to attacks in which a malicious user gains access to the sensitive keys stored in the devices. In 2008, Delaune, Kremer and Steel proposed a model to formally reason on this kind of attacks. We extend this model to also describe flaws that are based on integrity violations of the stored keys. In particular, we consider scenarios in which a malicious overwriting of keys might fool honest users into using attacker's own keys, while performing sensitive operations. We further enrich the model with a trusted key mechanism ensuring that only controlled, non-tampered keys are used in cryptographic operations, and we show how this modified API prevents the above mentioned key-replacement attacks.

Comparison analysis on vulnerability of metro networks based on complex network

NASA Astrophysics Data System (ADS)

Zhang, Jianhua; Wang, Shuliang; Wang, Xiaoyuan

2018-04-01

This paper analyzes the networked characteristics of three metro networks, and two malicious attacks are employed to investigate the vulnerability of metro networks based on connectivity vulnerability and functionality vulnerability. Meanwhile, the networked characteristics and vulnerability of three metro networks are compared with each other. The results show that Shanghai metro network has the largest transport capacity, Beijing metro network has the best local connectivity and Guangzhou metro network has the best global connectivity, moreover Beijing metro network has the best homogeneous degree distribution. Furthermore, we find that metro networks are very vulnerable subjected to malicious attacks, and Guangzhou metro network has the best topological structure and reliability among three metro networks. The results indicate that the proposed methodology is feasible and effective to investigate the vulnerability and to explore better topological structure of metro networks.

Investigating weaknesses in Android certificate security

NASA Astrophysics Data System (ADS)

Krych, Daniel E.; Lange-Maney, Stephen; McDaniel, Patrick; Glodek, William

2015-05-01

Android's application market relies on secure certificate generation to establish trust between applications and their users; yet, cryptography is often not a priority for application developers and many fail to take the necessary security precautions. Indeed, there is cause for concern: several recent high-profile studies have observed a pervasive lack of entropy on Web-systems leading to the factorization of private keys.1 Sufficient entropy, or randomness, is essential to generate secure key pairs and combat predictable key generation. In this paper, we analyze the security of Android certificates. We investigate the entropy present in 550,000 Android application certificates using the Quasilinear GCD finding algorithm.1 Our results show that while the lack of entropy does not appear to be as ubiquitous in the mobile markets as on Web-systems, there is substantial reuse of certificates only one third of the certificates in our dataset were unique. In other words, we find that organizations frequently reuse certificates for different applications. While such a practice is acceptable under Google's specifications for a single developer, we find that in some cases the same certificates are used for a myriad of developers, potentially compromising Android's intended trust relationships. Further, we observed duplicate certificates being used by both malicious and non-malicious applications. The top 3 repeated certificates present in our dataset accounted for a total of 11,438 separate APKs. Of these applications, 451, or roughly 4%, were identified as malicious by antivirus services.

Vital area identification for U.S. Nuclear Regulatory Commission nuclear power reactor licensees and new reactor applicants.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Whitehead, Donnie Wayne; Varnado, G. Bruce

2008-09-01

U.S. Nuclear Regulatory Commission nuclear power plant licensees and new reactor applicants are required to provide protection of their plants against radiological sabotage, including the placement of vital equipment in vital areas. This document describes a systematic process for the identification of the minimum set of areas that must be designated as vital areas in order to ensure that all radiological sabotage scenarios are prevented. Vital area identification involves the use of logic models to systematically identify all of the malicious acts or combinations of malicious acts that could lead to radiological sabotage. The models available in the plant probabilisticmore » risk assessment and other safety analyses provide a great deal of the information and basic model structure needed for the sabotage logic model. Once the sabotage logic model is developed, the events (or malicious acts) in the model are replaced with the areas in which the events can be accomplished. This sabotage area logic model is then analyzed to identify the target sets (combinations of areas the adversary must visit to cause radiological sabotage) and the candidate vital area sets (combinations of areas that must be protected against adversary access to prevent radiological sabotage). Any one of the candidate vital area sets can be selected for protection. Appropriate selection criteria will allow the licensee or new reactor applicant to minimize the impacts of vital area protection measures on plant safety, cost, operations, or other factors of concern.« less

Directional templates for real-time detection of coronal axis rotated faces

NASA Astrophysics Data System (ADS)

Perez, Claudio A.; Estevez, Pablo A.; Garate, Patricio

2004-10-01

Real-time face and iris detection on video images has gained renewed attention because of multiple possible applications in studying eye function, drowsiness detection, virtual keyboard interfaces, face recognition, video processing and multimedia retrieval. In this paper, a study is presented on using directional templates in the detection of faces rotated in the coronal axis. The templates are built by extracting the directional image information from the regions of the eyes, nose and mouth. The face position is determined by computing a line integral using the templates over the face directional image. The line integral reaches a maximum when it coincides with the face position. It is shown an improvement in localization selectivity by the increased value in the line integral computed with the directional template. Besides, improvements in the line integral value for face size and face rotation angle was also found through the computation of the line integral using the directional template. Based on these results the new templates should improve selectivity and hence provide the means to restrict computations to a fewer number of templates and restrict the region of search during the face and eye tracking procedure. The proposed method is real time, completely non invasive and was applied with no background limitation and normal illumination conditions in an indoor environment.

Learning Opportunities in Synchronous Computer-Mediated Communication and Face-to-Face Interaction

ERIC Educational Resources Information Center

Kim, Hye Yeong

2014-01-01

This study investigated how synchronous computer-mediated communication (SCMC) and face-to-face (F2F) oral interaction influence the way in which learners collaborate in language learning and how they solve their communicative problems. The findings suggest that output modality may affect how learners produce language, attend to linguistic forms,…

Learners' Willingness to Communicate in Face-to-Face versus Oral Computer-Mediated Communication

ERIC Educational Resources Information Center

Yanguas, Íñigo; Flores, Alayne

2014-01-01

The present study had two main goals: to explore performance differences in a task-based environment between face-to-face (FTF) and oral computer-mediated communication (OCMC) groups, and to investigate the relationship between trait-like willingness to communicate (WTC) and performance in the FTF and OCMC groups. Students from two intact…

The Influence of Students and Teachers Characteristics on the Efficacy of Face-to-Face and Computer Supported Collaborative Learning

ERIC Educational Resources Information Center

Solimeno, Andrea; Mebane, Minou Ella; Tomai, Manuela; Francescato, Donata

2008-01-01

In this paper we compared the efficacy of face-to-face and computer supported collaborative learning (CSCL) in increasing academic knowledge and professional competences. We also explored how students' personality characteristics and learning strategies and teachers' characteristics were associated with better learning outcomes in online or…

Developing Face-to-Face Argumentation Skills: Does Arguing on the Computer Help?

ERIC Educational Resources Information Center

Iordanou, Kalypso

2013-01-01

Arguing on the computer was used as a method to promote development of face-to-face argumentation skills in middle schoolers. In the study presented, sixth graders engaged in electronic dialogues with peers on a controversial topic and in some reflective activities based on transcriptions of the dialogues. Although participants initially exhibited…

Calibration Testing of Network Tap Devices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Popovsky, Barbara; Chee, Brian; Frincke, Deborah A.

2007-11-14

Abstract: Understanding the behavior of network forensic devices is important to support prosecutions of malicious conduct on computer networks as well as legal remedies for false accusations of network management negligence. Individuals who seek to establish the credibility of network forensic data must speak competently about how the data was gathered and the potential for data loss. Unfortunately, manufacturers rarely provide information about the performance of low-layer network devices at a level that will survive legal challenges. This paper proposes a first step toward an independent calibration standard by establishing a validation testing methodology for evaluating forensic taps against manufacturermore » specifications. The methodology and the theoretical analysis that led to its development are offered as a conceptual framework for developing a standard and to "operationalize" network forensic readiness. This paper also provides details of an exemplar test, testing environment, procedures and results.« less

Design and implementation of website information disclosure assessment system.

PubMed

Cho, Ying-Chiang; Pan, Jen-Yi

2015-01-01

Internet application technologies, such as cloud computing and cloud storage, have increasingly changed people's lives. Websites contain vast amounts of personal privacy information. In order to protect this information, network security technologies, such as database protection and data encryption, attract many researchers. The most serious problems concerning web vulnerability are e-mail address and network database leakages. These leakages have many causes. For example, malicious users can steal database contents, taking advantage of mistakes made by programmers and administrators. In order to mitigate this type of abuse, a website information disclosure assessment system is proposed in this study. This system utilizes a series of technologies, such as web crawler algorithms, SQL injection attack detection, and web vulnerability mining, to assess a website's information disclosure. Thirty websites, randomly sampled from the top 50 world colleges, were used to collect leakage information. This testing showed the importance of increasing the security and privacy of website information for academic websites.

A Weak Quantum Blind Signature with Entanglement Permutation

NASA Astrophysics Data System (ADS)

Lou, Xiaoping; Chen, Zhigang; Guo, Ying

2015-09-01

Motivated by the permutation encryption algorithm, a weak quantum blind signature (QBS) scheme is proposed. It involves three participants, including the sender Alice, the signatory Bob and the trusted entity Charlie, in four phases, i.e., initializing phase, blinding phase, signing phase and verifying phase. In a small-scale quantum computation network, Alice blinds the message based on a quantum entanglement permutation encryption algorithm that embraces the chaotic position string. Bob signs the blinded message with private parameters shared beforehand while Charlie verifies the signature's validity and recovers the original message. Analysis shows that the proposed scheme achieves the secure blindness for the signer and traceability for the message owner with the aid of the authentic arbitrator who plays a crucial role when a dispute arises. In addition, the signature can neither be forged nor disavowed by the malicious attackers. It has a wide application to E-voting and E-payment system, etc.

A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

2013-06-01

The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

Architecture for removable media USB-ARM

DOEpatents

Shue, Craig A.; Lamb, Logan M.; Paul, Nathanael R.

2015-07-14

A storage device is coupled to a computing system comprising an operating system and application software. Access to the storage device is blocked by a kernel filter driver, except exclusive access is granted to a first anti-virus engine. The first anti-virus engine is directed to scan the storage device for malicious software and report results. Exclusive access may be granted to one or more other anti-virus engines and they may be directed to scan the storage device and report results. Approval of all or a portion of the information on the storage device is based on the results from the first anti-virus engine and the other anti-virus engines. The storage device is presented to the operating system and access is granted to the approved information. The operating system may be a Microsoft Windows operating system. The kernel filter driver and usage of anti-virus engines may be configurable by a user.

Analysis of Network Vulnerability Under Joint Node and Link Attacks

NASA Astrophysics Data System (ADS)

Li, Yongcheng; Liu, Shumei; Yu, Yao; Cao, Ting

2018-03-01

The security problem of computer network system is becoming more and more serious. The fundamental reason is that there are security vulnerabilities in the network system. Therefore, it’s very important to identify and reduce or eliminate these vulnerabilities before they are attacked. In this paper, we are interested in joint node and link attacks and propose a vulnerability evaluation method based on the overall connectivity of the network to defense this attack. Especially, we analyze the attack cost problem from the attackers’ perspective. The purpose is to find the set of least costs for joint links and nodes, and their deletion will lead to serious network connection damage. The simulation results show that the vulnerable elements obtained from the proposed method are more suitable for the attacking idea of the malicious persons in joint node and link attack. It is easy to find that the proposed method has more realistic protection significance.

Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glenn, Colleen; Sterbentz, Dane; Wright, Aaron

With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks,more » the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices for prevention and response to cyber threats, and utility suggestions about how the federal government can aid utilities in combating and mitigating risks.« less

Computer Networks as a New Data Base.

ERIC Educational Resources Information Center

Beals, Diane E.

1992-01-01

Discusses the use of communication on computer networks as a data source for psychological, social, and linguistic research. Differences between computer-mediated communication and face-to-face communication are described, the Beginning Teacher Computer Network is discussed, and examples of network conversations are appended. (28 references) (LRW)

Legal Aspects of Confrontation

ERIC Educational Resources Information Center

Shannon, Thomas A.

1970-01-01

High school principals are obligated to protect the property and students entrusted to their care. As long as any action they take against student dissenters resorting to violence is non-malicious, they need not fear legal repercussions. (CK)

Streaming PCA with many missing entries.

DOT National Transportation Integrated Search

2015-12-01

This paper considers the problem of matrix completion when some number of the columns are : completely and arbitrarily corrupted, potentially by a malicious adversary. It is well-known that standard : algorithms for matrix completion can return arbit...

Pair Interactions and Mode of Communication: Comparing Face-to-Face and Computer Mediated Communication

ERIC Educational Resources Information Center

Tan, Lan Liana; Wigglesworth, Gillian; Storch, Neomy

2010-01-01

In today's second language classrooms, students are often asked to work in pairs or small groups. Such collaboration can take place face-to-face, but now more often via computer mediated communication. This paper reports on a study which investigated the effect of the medium of communication on the nature of pair interaction. The study involved…

The Nature of Negotiations in Face-to-Face versus Computer-Mediated Communication in Pair Interactions

ERIC Educational Resources Information Center

Rouhshad, Amir; Wigglesworth, Gillian; Storch, Neomy

2016-01-01

The Interaction Approach argues that negotiation for meaning and form is conducive to second language development. To date, most of the research on negotiations has been either in face-to-face (FTF) or text-based synchronous computer-mediated communication (SCMC) modes. Very few studies have compared the nature of negotiations across the modes.…

Writing as Involvement: A Case for Face-to-Face Classroom Talk in a Computer Age.

ERIC Educational Resources Information Center

Berggren, Anne G.

The abandonment of face-to-face voice conversations in favor of the use of electronic conversations in composition classes is an issue to be interrogated. In a recent push to "prepare students for the 21st century," teachers are asked to teach computer applications in the humanities--and composition teachers, who will teach writing in…

Examining the Difference in Student Achievement between Face-to-Face and Online Computer Classes

ERIC Educational Resources Information Center

Hearn, Phillips Turner

2017-01-01

The purpose of this study was to compare the achievement of students taking a computer applications class in one of two instructional methods, traditional face-to-face and online, at a Southeastern community college. The research questions examined more than 3,000 samples from the summer of 2012 through the spring semester of 2016. There were…

Value-Range Analysis of C Programs

NASA Astrophysics Data System (ADS)

Simon, Axel

In 1988, Robert T. Morris exploited a so-called buffer-overflow bug in finger (a dæmon whose job it is to return information on local users) to mount a denial-of-service attack on hundreds of VAX and Sun-3 computers [159]. He created what is nowadays called a worm; that is, a crafted stream of bytes that, when sent to a computer over the network, utilises a buffer-overflow bug in the software of that computer to execute code encoded in the byte stream. In the case of a worm, this code will send the very same byte stream to other computers on the network, thereby creating an avalanche of network traffic that ultimately renders the network and all computers involved in replicating the worm inaccessible. Besides duplicating themselves, worms can alter data on the host that they are running on. The most famous example in recent years was the MSBlaster32 worm, which altered the configuration database on many Microsoft Windows machines, thereby forcing the computers to reboot incessantly. Although this worm was rather benign, it caused huge damage to businesses who were unable to use their IT infrastructure for hours or even days after the appearance of the worm. A more malicious worm is certainly conceivable [187] due to the fact that worms are executed as part of a dæmon (also known as "service" on Windows machines) and thereby run at a privileged level, allowing access to any data stored on the remote computer. While the deletion of data presents a looming threat to valuable information, even more serious uses are espionage and theft, in particular because worms do not have to affect the running system and hence may be impossible to detect.

Mobile Transactional Modelling: From Concepts to Incremental Knowledge

NASA Astrophysics Data System (ADS)

Launders, Ivan; Polovina, Simon; Hill, Richard

In 1988, Robert T. Morris exploited a so-called buffer-overflow bug in finger (a dæmon whose job it is to return information on local users) to mount a denial-of-service attack on hundreds of VAX and Sun-3 computers [159]. He created what is nowadays called a worm; that is, a crafted stream of bytes that, when sent to a computer over the network, utilises a buffer-overflow bug in the software of that computer to execute code encoded in the byte stream. In the case of a worm, this code will send the very same byte stream to other computers on the network, thereby creating an avalanche of network traffic that ultimately renders the network and all computers involved in replicating the worm inaccessible. Besides duplicating themselves, worms can alter data on the host that they are running on. The most famous example in recent years was the MSBlaster32 worm, which altered the configuration database on many Microsoft Windows machines, thereby forcing the computers to reboot incessantly. Although this worm was rather benign, it caused huge damage to businesses who were unable to use their IT infrastructure for hours or even days after the appearance of the worm. A more malicious worm is certainly conceivable [187] due to the fact that worms are executed as part of a dæmon (also known as "service" on Windows machines) and thereby run at a privileged level, allowing access to any data stored on the remote computer. While the deletion of data presents a looming threat to valuable information, even more serious uses are espionage and theft, in particular because worms do not have to affect the running system and hence may be impossible to detect.

Guidelines for computer security in general practice.

PubMed

Schattner, Peter; Pleteshner, Catherine; Bhend, Heinz; Brouns, Johan

2007-01-01

As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template that is also relevant for other countries. Current data on computer security measures was sought from Australian divisions of general practice. Semi-structured interviews were conducted with general practitioners (GPs), the medical software industry, senior managers within government responsible for health IT (information technology) initiatives, technical IT experts, divisions of general practice and a member of a health information consumer group. The respondents were asked to assess both the likelihood and the consequences of potential risks in computer security being breached. The study suggested that the most important computer security issues in general practice were: the need for a nominated IT security coordinator; having written IT policies, including a practice disaster recovery plan; controlling access to different levels of electronic data; doing and testing backups; protecting against viruses and other malicious codes; installing firewalls; undertaking routine maintenance of hardware and software; and securing electronic communication, for example via encryption. This information led to the production of computer security guidelines, including a one-page summary checklist, which were subsequently distributed to all GPs in Australia. This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

What makes a cell face-selective: the importance of contrast

PubMed Central

Ohayon, Shay; Freiwald, Winrich A; Tsao, Doris Y

2012-01-01

Summary Faces are robustly detected by computer vision algorithms that search for characteristic coarse contrast features. Here, we investigated whether face-selective cells in the primate brain exploit contrast features as well. We recorded from face-selective neurons in macaque inferotemporal cortex, while presenting a face-like collage of regions whose luminances were changed randomly. Modulating contrast combinations between regions induced activity changes ranging from no response to a response greater than that to a real face in 50% of cells. The critical stimulus factor determining response magnitude was contrast polarity, e.g., nose region brighter than left eye. Contrast polarity preferences were consistent across cells, suggesting a common computational strategy across the population, and matched features used by computer vision algorithms for face detection. Furthermore, most cells were tuned both for contrast polarity and for the geometry of facial features, suggesting cells encode information useful both for detection and recognition. PMID:22578507

78 FR 65923 - Schedules of Controlled Substances: Placement of Tramadol Into Schedule IV

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-04

... own motion; (2) at the request of the Secretary of the HHS; or (3) on the petition of any interested... reaction, overmedication, malicious poisoning, and accidental ingestion). Non-medical use may involve...

Consensus-Based Cooperative Spectrum Sensing with Improved Robustness Against SSDF Attacks

NASA Astrophysics Data System (ADS)

Liu, Quan; Gao, Jun; Guo, Yunwei; Liu, Siyang

2011-05-01

Based on the consensus algorithm, an attack-proof cooperative spectrum sensing (CSS) scheme is presented for decentralized cognitive radio networks (CRNs), where a common fusion center is not available and some malicious users may launch attacks with spectrum sensing data falsification (SSDF). Local energy detection is firstly performed by each secondary user (SU), and then, utilizing the consensus notions, each SU can make its own decision individually only by local information exchange with its neighbors rather than any centralized fusion used in most existing schemes. With the help of some anti-attack tricks, each authentic SU can generally identify and exclude those malicious reports during the interactions within the neighborhood. Compared with the existing solutions, the proposed scheme is proved to have much better robustness against three categories of SSDF attack, without requiring any a priori knowledge of the whole network.

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

The emotional responses of browsing Facebook: Happiness, envy, and the role of tie strength.

PubMed

Lin, Ruoyun; Utz, Sonja

2015-11-01

On Facebook, users are exposed to posts from both strong and weak ties. Even though several studies have examined the emotional consequences of using Facebook, less attention has been paid to the role of tie strength. This paper aims to explore the emotional outcomes of reading a post on Facebook and examine the role of tie strength in predicting happiness and envy. Two studies - one correlational, based on a sample of 207 American participants and the other experimental, based on a sample of 194 German participants - were conducted in 2014. In Study 2, envy was further distinguished into benign and malicious envy. Based on a multi-method approach, the results showed that positive emotions are more prevalent than negative emotions while browsing Facebook. Moreover, tie strength is positively associated with the feeling of happiness and benign envy, whereas malicious envy is independent of tie strength after reading a (positive) post on Facebook.

Radiological Exposure Devices (RED) Technical Basis for Threat Profile.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bland, Jesse John; Potter, Charles A.; Homann, Steven

Facilities that manufacture, store or transport significant quantities of radiological material must protect against the risk posed by sabotage events. Much of the analysis of this type of event has been focused on the threat from a radiological dispersion device (RDD) or "dirty bomb" scenario, in which a malicious assailant would, by explosives or other means, loft a significant quantity of radioactive material into a plume that would expose and contaminate people and property. Although the consequences in cost and psychological terror would be severe, no intentional RDD terrorism events are on record. Conversely, incidents in which a victim ormore » victims were maliciously exposed to a Radiological Exposure Device (RED), without dispersal of radioactive material, are well documented. This paper represents a technical basis for the threat profile related to the risk of nefarious use of an RED, including assailant and material characterization. Radioactive materials of concern are detailed in Appendix A.« less

Detecting malicious chaotic signals in wireless sensor network

NASA Astrophysics Data System (ADS)

Upadhyay, Ranjit Kumar; Kumari, Sangeeta

2018-02-01

In this paper, an e-epidemic Susceptible-Infected-Vaccinated (SIV) model has been proposed to analyze the effect of node immunization and worms attacking dynamics in wireless sensor network. A modified nonlinear incidence rate with cyrtoid type functional response has been considered using sleep and active mode approach. Detailed stability analysis and the sufficient criteria for the persistence of the model system have been established. We also established different types of bifurcation analysis for different equilibria at different critical points of the control parameters. We performed a detailed Hopf bifurcation analysis and determine the direction and stability of the bifurcating periodic solutions using center manifold theorem. Numerical simulations are carried out to confirm the theoretical results. The impact of the control parameters on the dynamics of the model system has been investigated and malicious chaotic signals are detected. Finally, we have analyzed the effect of time delay on the dynamics of the model system.

Acceptance of Cloud Services in Face-to-Face Computer-Supported Collaborative Learning: A Comparison between Single-User Mode and Multi-User Mode

ERIC Educational Resources Information Center

Wang, Chia-Sui; Huang, Yong-Ming

2016-01-01

Face-to-face computer-supported collaborative learning (CSCL) was used extensively to facilitate learning in classrooms. Cloud services not only allow a single user to edit a document, but they also enable multiple users to simultaneously edit a shared document. However, few researchers have compared student acceptance of such services in…

The Effects of Face-to-Face and Computer-Mediated Peer Review on EFL Writers' Comments and Revisions

ERIC Educational Resources Information Center

Ho, Mei-ching

2015-01-01

This study investigates the use of face-to-face and computer-mediated peer review in an English as a Foreign Language (EFL) writing course to examine how different interaction modes affect comment categories, students' revisions, and their perceptions of peer feedback. The participants were an intact class of 13 students at a Taiwanese university.…

Discourse Markers in Italian as L2 in Face to Face vs. Computer Mediated Settings

ERIC Educational Resources Information Center

De Marco, Anna; Leone, Paola

2013-01-01

This pilot study aims to highlight a) differences in pragmatic function and distribution of discourse markers (DMs) in computer mediated and face to face (FtF) settings and b) any correlation of DM uses and language competence. The data have been collected by video-recording and analysing three speakers of Italian L2 (language level competence:…

A Qualitative Case Study Comparing a Computer-Mediated Delivery System to a Face-to-Face Mediated Delivery System for Teaching Creative Writing Fiction Workshops

ERIC Educational Resources Information Center

Daniels, Mindy A.

2012-01-01

The purpose of this case study was to compare the pedagogical and affective efficiency and efficacy of creative prose fiction writing workshops taught via asynchronous computer-mediated online distance education with creative prose fiction writing workshops taught face-to-face in order to better understand their operational pedagogy and…

Linguistic Analysis of Natural Language Communication with Computers.

ERIC Educational Resources Information Center

Thompson, Bozena Henisz

Interaction with computers in natural language requires a language that is flexible and suited to the task. This study of natural dialogue was undertaken to reveal those characteristics which can make computer English more natural. Experiments were made in three modes of communication: face-to-face, terminal-to-terminal, and human-to-computer,…

Source Listings for Computer Code SPIRALI Incompressible, Turbulent Spiral Grooved Cylindrical and Face Seals

NASA Technical Reports Server (NTRS)

Walowit, Jed A.; Shapiro, Wibur

2005-01-01

This is the source listing of the computer code SPIRALI which predicts the performance characteristics of incompressible cylindrical and face seals with or without the inclusion of spiral grooves. Performance characteristics include load capacity (for face seals), leakage flow, power requirements and dynamic characteristics in the form of stiffness, damping and apparent mass coefficients in 4 degrees of freedom for cylindrical seals and 3 degrees of freedom for face seals. These performance characteristics are computed as functions of seal and groove geometry, load or film thickness, running and disturbance speeds, fluid viscosity, and boundary pressures.

An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment

PubMed Central

Muthurajan, Vinothkumar; Narayanasamy, Balaji

2016-01-01

Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation. PMID:26981584

An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment.

PubMed

Muthurajan, Vinothkumar; Narayanasamy, Balaji

2016-01-01

Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

Image authentication by means of fragile CGH watermarking

NASA Astrophysics Data System (ADS)

Schirripa Spagnolo, Giuseppe; Simonetti, Carla; Cozzella, Lorenzo

2005-09-01

In this paper we propose a fragile marking system based on Computer Generated Hologram coding techniques, which is able to detect malicious tampering while tolerating some incidental distortions. A fragile watermark is a mark that is readily altered or destroyed when the host image is modified through a linear or nonlinear transformation. A fragile watermark monitors the integrity of the content of the image but not its numerical representation. Therefore the watermark is designed so that the integrity is proven if the content of the image has not been tampered. Since digital images can be altered or manipulated with ease, the ability to detect changes to digital images is very important for many applications such as news reporting, medical archiving, or legal usages. The proposed technique could be applied to Color Images as well as to Gray Scale ones. Using Computer Generated Hologram watermarking, the embedded mark could be easily recovered by means of a Fourier Transform. Due to this fact host image can be tampered and watermarked with the same holographic pattern. To avoid this possibility we have introduced an encryption method using a asymmetric Cryptography. The proposed schema is based on the knowledge of original mark from the Authentication

Network traffic anomaly prediction using Artificial Neural Network

NASA Astrophysics Data System (ADS)

Ciptaningtyas, Hening Titi; Fatichah, Chastine; Sabila, Altea

2017-03-01

As the excessive increase of internet usage, the malicious software (malware) has also increase significantly. Malware is software developed by hacker for illegal purpose(s), such as stealing data and identity, causing computer damage, or denying service to other user[1]. Malware which attack computer or server often triggers network traffic anomaly phenomena. Based on Sophos's report[2], Indonesia is the riskiest country of malware attack and it also has high network traffic anomaly. This research uses Artificial Neural Network (ANN) to predict network traffic anomaly based on malware attack in Indonesia which is recorded by Id-SIRTII/CC (Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center). The case study is the highest malware attack (SQL injection) which has happened in three consecutive years: 2012, 2013, and 2014[4]. The data series is preprocessed first, then the network traffic anomaly is predicted using Artificial Neural Network and using two weight update algorithms: Gradient Descent and Momentum. Error of prediction is calculated using Mean Squared Error (MSE) [7]. The experimental result shows that MSE for SQL Injection is 0.03856. So, this approach can be used to predict network traffic anomaly.

Real-Time SCADA Cyber Protection Using Compression Techniques

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lyle G. Roybal; Gordon H Rueff

2013-11-01

The Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OE’s Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welchmore » (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.« less

A robust cooperative spectrum sensing scheme based on Dempster-Shafer theory and trustworthiness degree calculation in cognitive radio networks

NASA Astrophysics Data System (ADS)

Wang, Jinlong; Feng, Shuo; Wu, Qihui; Zheng, Xueqiang; Xu, Yuhua; Ding, Guoru

2014-12-01

Cognitive radio (CR) is a promising technology that brings about remarkable improvement in spectrum utilization. To tackle the hidden terminal problem, cooperative spectrum sensing (CSS) which benefits from the spatial diversity has been studied extensively. Since CSS is vulnerable to the attacks initiated by malicious secondary users (SUs), several secure CSS schemes based on Dempster-Shafer theory have been proposed. However, the existing works only utilize the current difference of SUs, such as the difference in SNR or similarity degree, to evaluate the trustworthiness of each SU. As the current difference is only one-sided and sometimes inaccurate, the statistical information contained in each SU's historical behavior should not be overlooked. In this article, we propose a robust CSS scheme based on Dempster-Shafer theory and trustworthiness degree calculation. It is carried out in four successive steps, which are basic probability assignment (BPA), trustworthiness degree calculation, selection and adjustment of BPA, and combination by Dempster-Shafer rule, respectively. Our proposed scheme evaluates the trustworthiness degree of SUs from both current difference aspect and historical behavior aspect and exploits Dempster-Shafer theory's potential to establish a `soft update' approach for the reputation value maintenance. It can not only differentiate malicious SUs from honest ones based on their historical behaviors but also reserve the current difference for each SU to achieve a better real-time performance. Abundant simulation results have validated that the proposed scheme outperforms the existing ones under the impact of different attack patterns and different number of malicious SUs.

Comparison of face types in Chinese women using three-dimensional computed tomography.

PubMed

Zhou, Rong-Rong; Zhao, Qi-Ming; Liu, Miao

2015-04-01

This study compared inverted triangle and square faces of 21 young Chinese Han women (18-25 years old) using three-dimensional computed tomography images retrieved from a records database. In this study, 11 patients had inverted triangle faces and 10 had square faces. The anatomic features were examined and compared. There were significant differences in lower face width, lower face height, masseter thickness, middle/lower face width ratio, and lower face width/height ratio between the two facial types (p < 0.01). Lower face width was positively correlated with masseter thickness and negatively correlated with gonial angle. Lower face height was positively correlated with gonial angle and negatively correlated with masseter thickness, and gonial angle was negatively correlated with masseter thickness. In young Chinese Han women, inverted triangle faces and square faces differ significantly in masseter thickness and lower face height. Thieme Medical Publishers 333 Seventh Avenue, New York, NY 10001, USA.

25 CFR 1000.272 - Do Tribes/Consortia need to be aware of areas which FTCA does not cover?

Code of Federal Regulations, 2010 CFR

2010-04-01

... imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, unless otherwise authorized by 28 U.S.C. 2680(h). (b) What...

A Study of Gaps in Attack Analysis

DTIC Science & Technology

2016-10-12

2014. [86] Shobha Venkataraman , David Brumley, Subhabrata Sen, and Oliver Spatscheck. Automati- cally Inferring the Evolution of Malicious Activity on...Shobha Venkataraman , Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, and Dawn Song. Exploiting Network Structure for Proactive Spam Mitigation. In

Face Processing: Models For Recognition

NASA Astrophysics Data System (ADS)

Turk, Matthew A.; Pentland, Alexander P.

1990-03-01

The human ability to process faces is remarkable. We can identify perhaps thousands of faces learned throughout our lifetime and read facial expression to understand such subtle qualities as emotion. These skills are quite robust, despite sometimes large changes in the visual stimulus due to expression, aging, and distractions such as glasses or changes in hairstyle or facial hair. Computers which model and recognize faces will be useful in a variety of applications, including criminal identification, human-computer interface, and animation. We discuss models for representing faces and their applicability to the task of recognition, and present techniques for identifying faces and detecting eye blinks.

Information hiding techniques for infrared images: exploring the state-of-the art and challenges

NASA Astrophysics Data System (ADS)

Pomponiu, Victor; Cavagnino, Davide; Botta, Marco; Nejati, Hossein

2015-10-01

The proliferation of Infrared technology and imaging systems enables a different perspective to tackle many computer vision problems in defense and security applications. Infrared images are widely used by the law enforcement, Homeland Security and military organizations to achieve a significant advantage or situational awareness, and thus is vital to protect these data against malicious attacks. Concurrently, sophisticated malware are developed which are able to disrupt the security and integrity of these digital media. For instance, illegal distribution and manipulation are possible malicious attacks to the digital objects. In this paper we explore the use of a new layer of defense for the integrity of the infrared images through the aid of information hiding techniques such as watermarking. In this context, we analyze the efficiency of several optimal decoding schemes for the watermark inserted into the Singular Value Decomposition (SVD) domain of the IR images using an additive spread spectrum (SS) embedding framework. In order to use the singular values (SVs) of the IR images with the SS embedding we adopt several restrictions that ensure that the values of the SVs will maintain their statistics. For both the optimal maximum likelihood decoder and sub-optimal decoders we assume that the PDF of SVs can be modeled by the Weibull distribution. Furthermore, we investigate the challenges involved in protecting and assuring the integrity of IR images such as data complexity and the error probability behavior, i.e., the probability of detection and the probability of false detection, for the applied optimal decoders. By taking into account the efficiency and the necessary auxiliary information for decoding the watermark, we discuss the suitable decoder for various operating situations. Experimental results are carried out on a large dataset of IR images to show the imperceptibility and efficiency of the proposed scheme against various attack scenarios.

Politeness Theory in Computer Mediated Communication: Face Threatening Acts in a "Faceless" Medium.

ERIC Educational Resources Information Center

Simmons, Thomas L.

A study of distinctive characteristics of the style in which people communicate in computer-mediated communication (CMC), focusing on use of politeness conventions, is reported. Aspects of the concept of "face" and politeness in social interaction are first reviewed, and threats to speaker's and hearer's face are outlined. The…

Augmenting Trust Establishment in Dynamic Systems with Social Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lagesse, Brent J; Kumar, Mohan; Venkatesh, Svetha

2010-01-01

Social networking has recently flourished in popularity through the use of social websites. Pervasive computing resources have allowed people stay well-connected to each other through access to social networking resources. We take the position that utilizing information produced by relationships within social networks can assist in the establishment of trust for other pervasive computing applications. Furthermore, we describe how such a system can augment a sensor infrastructure used for event observation with information from mobile sensors (ie, mobile phones with cameras) controlled by potentially untrusted third parties. Pervasive computing systems are invisible systems, oriented around the user. As a result,more » many future pervasive systems are likely to include a social aspect to the system. The social communities that are developed in these systems can augment existing trust mechanisms with information about pre-trusted entities or entities to initially consider when beginning to establish trust. An example of such a system is the Collaborative Virtual Observation (CoVO) system fuses sensor information from disaparate sources in soft real-time to recreate a scene that provides observation of an event that has recently transpired. To accomplish this, CoVO must efficently access services whilst protecting the data from corruption from unknown remote nodes. CoVO combines dynamic service composition with virtual observation to utilize existing infrastructure with third party services available in the environment. Since these services are not under the control of the system, they may be unreliable or malicious. When an event of interest occurs, the given infrastructure (bus cameras, etc.) may not sufficiently cover the necessary information (be it in space, time, or sensor type). To enhance observation of the event, infrastructure is augmented with information from sensors in the environment that the infrastructure does not control. These sensors may be unreliable, uncooperative, or even malicious. Additionally, to execute queries in soft real-time, processing must be distributed to available systems in the environment. We propose to use information from social networks to satisfy these requirements. In this paper, we present our position that knowledge gained from social activities can be used to augment trust mechanisms in pervasive computing. The system uses social behavior of nodes to predict a subset that it wants to query for information. In this context, social behavior such as transit patterns and schedules (which can be used to determine if a queried node is likely to be reliable) or known relationships, such as a phone's address book, that can be used to determine networks of nodes that may also be able to assist in retrieving information. Neither implicit nor explicit relationships necessarily imply that the user trusts an entity, but rather will provide a starting place for establishing trust. The proposed framework utilizes social network information to assist in trust establishment when third-party sensors are used for sensing events.« less

Predictive codes of familiarity and context during the perceptual learning of facial identities

NASA Astrophysics Data System (ADS)

Apps, Matthew A. J.; Tsakiris, Manos

2013-11-01

Face recognition is a key component of successful social behaviour. However, the computational processes that underpin perceptual learning and recognition as faces transition from unfamiliar to familiar are poorly understood. In predictive coding, learning occurs through prediction errors that update stimulus familiarity, but recognition is a function of both stimulus and contextual familiarity. Here we show that behavioural responses on a two-option face recognition task can be predicted by the level of contextual and facial familiarity in a computational model derived from predictive-coding principles. Using fMRI, we show that activity in the superior temporal sulcus varies with the contextual familiarity in the model, whereas activity in the fusiform face area covaries with the prediction error parameter that updated facial familiarity. Our results characterize the key computations underpinning the perceptual learning of faces, highlighting that the functional properties of face-processing areas conform to the principles of predictive coding.

Does the medium matter? The interaction of task type and technology on group performance and member reactions.

PubMed

Straus, S G; McGrath, J E

1994-02-01

The authors investigated the hypothesis that as group tasks pose greater requirements for member interdependence, communication media that transmit more social context cues will foster group performance and satisfaction. Seventy-two 3-person groups of undergraduate students worked in either computer-mediated or face-to-face meetings on 3 tasks with increasing levels of interdependence: an idea-generation task, an intellective task, and a judgment task. Results showed few differences between computer-mediated and face-to-face groups in the quality of the work completed but large differences in productivity favoring face-to-face groups. Analysis of productivity and of members' reactions supported the predicted interaction of tasks and media, with greater discrepancies between media conditions for tasks requiring higher levels of coordination. Results are discussed in terms of the implications of using computer-mediated communications systems for group work.

Kruskal-Wallis-based computationally efficient feature selection for face recognition.

PubMed

Ali Khan, Sajid; Hussain, Ayyaz; Basit, Abdul; Akram, Sheeraz

2014-01-01

Face recognition in today's technological world, and face recognition applications attain much more importance. Most of the existing work used frontal face images to classify face image. However these techniques fail when applied on real world face images. The proposed technique effectively extracts the prominent facial features. Most of the features are redundant and do not contribute to representing face. In order to eliminate those redundant features, computationally efficient algorithm is used to select the more discriminative face features. Extracted features are then passed to classification step. In the classification step, different classifiers are ensemble to enhance the recognition accuracy rate as single classifier is unable to achieve the high accuracy. Experiments are performed on standard face database images and results are compared with existing techniques.

A guide to California's breaches. First year of state reporting requirement reveals common privacy violations.

PubMed

Dimick, Chris

2010-04-01

Effective January 1, 2009, California healthcare providers were required to report every breach of patient information to the state. They have sent a flood of mishaps and a steady stream of malicious acts.

12 CFR 263.94 - Conduct warranting sanctions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... an attorney, or debarment or suspension from practice as a certified public accountant or public... that individual's period of suspension, debarment, or ineligibility; (f) Contemptuous conduct in... circulating or publishing malicious or libelous matter; (g) Suspension or debarment from practice before the...

76 FR 22925 - Assumption Buster Workshop: Abnormal Behavior Detection Finds Malicious Actors

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-25

... Technology Research and Development (NITRD) Program, National Science Foundation. ACTION: Call for... NATIONAL SCIENCE FOUNDATION Assumption Buster Workshop: Abnormal Behavior Detection Finds...: The NCO, on behalf of the Special Cyber Operations Research and Engineering (SCORE) Committee, an...

Data Integrity: Backup

ERIC Educational Resources Information Center

Bergren, Martha Dewey

2005-01-01

School nurses and health office staff have an ethical and legal obligation to protect the integrity of electronic student health records. Various sources, both accidental and malicious, can threaten student health data. School nurses must employ regular and reliable methods to back up student health data.

Finding Malicious Cyber Discussions in Social Media

DTIC Science & Technology

2015-12-11

automatically filter cyber discussions from Stack Exchange, Reddit, and Twitter posts written in English. Criminal hackers often use social media...monitoring hackers on Facebook and in private chat rooms. As a result, system administrators were prepared to counter distributed denial-of-service

Adjudicating between face-coding models with individual-face fMRI responses

PubMed Central

Kriegeskorte, Nikolaus

2017-01-01

The perceptual representation of individual faces is often explained with reference to a norm-based face space. In such spaces, individuals are encoded as vectors where identity is primarily conveyed by direction and distinctiveness by eccentricity. Here we measured human fMRI responses and psychophysical similarity judgments of individual face exemplars, which were generated as realistic 3D animations using a computer-graphics model. We developed and evaluated multiple neurobiologically plausible computational models, each of which predicts a representational distance matrix and a regional-mean activation profile for 24 face stimuli. In the fusiform face area, a face-space coding model with sigmoidal ramp tuning provided a better account of the data than one based on exemplar tuning. However, an image-processing model with weighted banks of Gabor filters performed similarly. Accounting for the data required the inclusion of a measurement-level population averaging mechanism that approximates how fMRI voxels locally average distinct neuronal tunings. Our study demonstrates the importance of comparing multiple models and of modeling the measurement process in computational neuroimaging. PMID:28746335

Analysis of Five Instructional Methods for Teaching Sketchpad to Junior High Students

ERIC Educational Resources Information Center

Wright, Geoffrey; Shumway, Steve; Terry, Ronald; Bartholomew, Scott

2012-01-01

This manuscript addresses a problem teachers of computer software applications face today: What is an effective method for teaching new computer software? Technology and engineering teachers, specifically those with communications and other related courses that involve computer software applications, face this problem when teaching computer…

Computer-Assisted Face Processing Instruction Improves Emotion Recognition, Mentalizing, and Social Skills in Students with ASD

ERIC Educational Resources Information Center

Rice, Linda Marie; Wall, Carla Anne; Fogel, Adam; Shic, Frederick

2015-01-01

This study examined the extent to which a computer-based social skills intervention called "FaceSay"™ was associated with improvements in affect recognition, mentalizing, and social skills of school-aged children with Autism Spectrum Disorder (ASD). "FaceSay"™ offers students simulated practice with eye gaze, joint attention,…

Computer-mediated and face-to-face communication in metastatic cancer support groups.

PubMed

Vilhauer, Ruvanee P

2014-08-01

To compare the experiences of women with metastatic breast cancer (MBC) in computer-mediated and face-to-face support groups. Interviews from 18 women with MBC, who were currently in computer-mediated support groups (CMSGs), were examined using interpretative phenomenological analysis. The CMSGs were in an asynchronous mailing list format; women communicated exclusively via email. All the women were also, or had previously been, in a face-to-face support group (FTFG). CMSGs had both advantages and drawbacks, relative to face-to-face groups (FTFGs), for this population. Themes examined included convenience, level of support, intimacy, ease of expression, range of information, and dealing with debilitation and dying. CMSGs may provide a sense of control and a greater level of support. Intimacy may take longer to develop in a CMSG, but women may have more opportunities to get to know each other. CMSGs may be helpful while adjusting to a diagnosis of MBC, because women can receive support without being overwhelmed by physical evidence of disability in others or exposure to discussions about dying before they are ready. However, the absence of nonverbal cues in CMSGs also led to avoidance of topics related to death and dying when women were ready to face them. Agendas for discussion, the presence of a facilitator or more time in CMSGs may attenuate this problem. The findings were discussed in light of prevailing research and theories about computer-mediated communication. They have implications for designing CMSGs for this population.

Decision Accuracy in Computer-Mediated versus Face-to-Face Decision-Making Teams.

PubMed

Hedlund; Ilgen; Hollenbeck

1998-10-01

Changes in the way organizations are structured and advances in communication technologies are two factors that have altered the conditions under which group decisions are made. Decisions are increasingly made by teams that have a hierarchical structure and whose members have different areas of expertise. In addition, many decisions are no longer made via strictly face-to-face interaction. The present study examines the effects of two modes of communication (face-to-face or computer-mediated) on the accuracy of teams' decisions. The teams are characterized by a hierarchical structure and their members differ in expertise consistent with the framework outlined in the Multilevel Theory of team decision making presented by Hollenbeck, Ilgen, Sego, Hedlund, Major, and Phillips (1995). Sixty-four four-person teams worked for 3 h on a computer simulation interacting either face-to-face (FtF) or over a computer network. The communication mode had mixed effects on team processes in that members of FtF teams were better informed and made recommendations that were more predictive of the correct team decision, but leaders of CM teams were better able to differentiate staff members on the quality of their decisions. Controlling for the negative impact of FtF communication on staff member differentiation increased the beneficial effect of the FtF mode on overall decision making accuracy. Copyright 1998 Academic Press.

From Disinformation to Wishful Thinking

NASA Astrophysics Data System (ADS)

Oreskes, N.; Conway, E. M.

2014-12-01

In our book, Merchants of Doubt, we documented how deliberate disinformation campaigns served to confuse the American people about the reality and significance of climate change over more than two decades. We showed how a variety of strategies were used to persuade the public that the scientific "jury was still out" on climate change, including deliberate mispresentation of facts, cherry-picking of evidence, and personal attacks on scientists. And we documented the links, both conceptual and actual, between doubt-mongering about climate change and the rejection of scientific evidence of the harms of tobacco, acid rain, the ozone hole, nuclear winter, and DDT. These tactics are still in use today, but they are now reinforced by a new problem, the problem of wishful thinking. Increasingly, we see commentators who accept the reality of climate change assuring us that the problem can be solved by natural gas, or even by some as yet unknown and uninvented technological innovations. In this paper we argue that these forms of wishful thinking, while not malicious in the same way that previous doubt-mongering campaigns have been, contribute substantially to scientific illiteracy and misunderstanding both of the character of the challenges that we face and of the history of technological innovation.

ReTrust: attack-resistant and lightweight trust management for medical sensor networks.

PubMed

He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Vasilakos, Athanasios V

2012-07-01

Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.

32 CFR 536.45 - Statutory exceptions.

Code of Federal Regulations, 2010 CFR

2010-07-01

... employee of the government, whether or not the discretion is abused. This exclusion does not apply to a... imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, except for acts or omissions of investigation of law...

25 CFR 900.183 - Do Indian tribes and tribal organizations need to be aware of areas which FTCA does not cover?

Code of Federal Regulations, 2010 CFR

2010-04-01

..., battery, false imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, unless otherwise authorized by 28 U.S.C. 2680(h...

Malicious Activity Simulation Tool (MAST) and Trust

DTIC Science & Technology

2015-06-01

application through discovery and remediation of flaws. B. DESIGN AND DEVELOPMENT CONSIDERATIONS Design and development focuses on the actual...protection of the backup and restoration of the application. COBR -1 X V-16846 The IAO will ensure a disaster recovery plan exists in accordance

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2010-04-01 2010-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2014-04-01 2014-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2011-04-01 2011-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2013-04-01 2013-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

75 FR 35508 - Draft Regulatory Guide: Issuance, Availability

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-22

... Systems and Networks,'' requires licensees to develop cyber-security plans and programs to protect critical digital assets, including digital safety systems, from malicious cyber attacks. Regulatory Guide 5.71, ``Cyber Security Programs for Nuclear Facilities,'' provides guidance to meet the requirements of...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

Teleoperated control system for underground room and pillar mining

DOEpatents

Mayercheck, William D.; Kwitowski, August J.; Brautigam, Albert L.; Mueller, Brian K.

1992-01-01

A teleoperated mining system is provided for remotely controlling the various machines involved with thin seam mining. A thin seam continuous miner located at a mining face includes a camera mounted thereon and a slave computer for controlling the miner and the camera. A plurality of sensors for relaying information about the miner and the face to the slave computer. A slave computer controlled ventilation sub-system which removes combustible material from the mining face. A haulage sub-system removes material mined by the continuous miner from the mining face to a collection site and is also controlled by the slave computer. A base station, which controls the supply of power and water to the continuous miner, haulage system, and ventilation systems, includes cable/hose handling module for winding or unwinding cables/hoses connected to the miner, an operator control module, and a hydraulic power and air compressor module for supplying air to the miner. An operator controlled host computer housed in the operator control module is connected to the slave computer via a two wire communications line.

Users' Manual for Computer Code SPIRALI Incompressible, Turbulent Spiral Grooved Cylindrical and Face Seals

NASA Technical Reports Server (NTRS)

Walowit, Jed A.; Shapiro, Wilbur

2005-01-01

The SPIRALI code predicts the performance characteristics of incompressible cylindrical and face seals with or without the inclusion of spiral grooves. Performance characteristics include load capacity (for face seals), leakage flow, power requirements and dynamic characteristics in the form of stiffness, damping and apparent mass coefficients in 4 degrees of freedom for cylindrical seals and 3 degrees of freedom for face seals. These performance characteristics are computed as functions of seal and groove geometry, load or film thickness, running and disturbance speeds, fluid viscosity, and boundary pressures. A derivation of the equations governing the performance of turbulent, incompressible, spiral groove cylindrical and face seals along with a description of their solution is given. The computer codes are described, including an input description, sample cases, and comparisons with results of other codes.

Face pose tracking using the four-point algorithm

NASA Astrophysics Data System (ADS)

Fung, Ho Yin; Wong, Kin Hong; Yu, Ying Kin; Tsui, Kwan Pang; Kam, Ho Chuen

2017-06-01

In this paper, we have developed an algorithm to track the pose of a human face robustly and efficiently. Face pose estimation is very useful in many applications such as building virtual reality systems and creating an alternative input method for the disabled. Firstly, we have modified a face detection toolbox called DLib for the detection of a face in front of a camera. The detected face features are passed to a pose estimation method, known as the four-point algorithm, for pose computation. The theory applied and the technical problems encountered during system development are discussed in the paper. It is demonstrated that the system is able to track the pose of a face in real time using a consumer grade laptop computer.

A Cross-Layer, Anomaly-Based IDS for WSN and MANET

PubMed Central

Amouri, Amar; Manthena, Raju

2018-01-01

Intrusion detection system (IDS) design for mobile adhoc networks (MANET) is a crucial component for maintaining the integrity of the network. The need for rapid deployment of IDS capability with minimal data availability for training and testing is an important requirement of such systems, especially for MANETs deployed in highly dynamic scenarios, such as battlefields. This work proposes a two-level detection scheme for detecting malicious nodes in MANETs. The first level deploys dedicated sniffers working in promiscuous mode. Each sniffer utilizes a decision-tree-based classifier that generates quantities which we refer to as correctly classified instances (CCIs) every reporting time. In the second level, the CCIs are sent to an algorithmically run supernode that calculates quantities, which we refer to as the accumulated measure of fluctuation (AMoF) of the received CCIs for each node under test (NUT). A key concept that is used in this work is that the variability of the smaller size population which represents the number of malicious nodes in the network is greater than the variance of the larger size population which represents the number of normal nodes in the network. A linear regression process is then performed in parallel with the calculation of the AMoF for fitting purposes and to set a proper threshold based on the slope of the fitted lines. As a result, the malicious nodes are efficiently and effectively separated from the normal nodes. The proposed scheme is tested for various node velocities and power levels and shows promising detection performance even at low-power levels. The results presented also apply to wireless sensor networks (WSN) and represent a novel IDS scheme for such networks. PMID:29470446

A Cross-Layer, Anomaly-Based IDS for WSN and MANET.

PubMed

Amouri, Amar; Morgera, Salvatore D; Bencherif, Mohamed A; Manthena, Raju

2018-02-22

Intrusion detection system (IDS) design for mobile adhoc networks (MANET) is a crucial component for maintaining the integrity of the network. The need for rapid deployment of IDS capability with minimal data availability for training and testing is an important requirement of such systems, especially for MANETs deployed in highly dynamic scenarios, such as battlefields. This work proposes a two-level detection scheme for detecting malicious nodes in MANETs. The first level deploys dedicated sniffers working in promiscuous mode. Each sniffer utilizes a decision-tree-based classifier that generates quantities which we refer to as correctly classified instances (CCIs) every reporting time. In the second level, the CCIs are sent to an algorithmically run supernode that calculates quantities, which we refer to as the accumulated measure of fluctuation (AMoF) of the received CCIs for each node under test (NUT). A key concept that is used in this work is that the variability of the smaller size population which represents the number of malicious nodes in the network is greater than the variance of the larger size population which represents the number of normal nodes in the network. A linear regression process is then performed in parallel with the calculation of the AMoF for fitting purposes and to set a proper threshold based on the slope of the fitted lines. As a result, the malicious nodes are efficiently and effectively separated from the normal nodes. The proposed scheme is tested for various node velocities and power levels and shows promising detection performance even at low-power levels. The results presented also apply to wireless sensor networks (WSN) and represent a novel IDS scheme for such networks.

Parkinson Patients' Initial Trust in Avatars: Theory and Evidence.

PubMed

Javor, Andrija; Ransmayr, Gerhard; Struhal, Walter; Riedl, René

2016-01-01

Parkinson's disease (PD) is a neurodegenerative disease that affects the motor system and cognitive and behavioral functions. Due to these impairments, PD patients also have problems in using the computer. However, using computers and the Internet could help these patients to overcome social isolation and enhance information search. Specifically, avatars (defined as virtual representations of humans) are increasingly used in online environments to enhance human-computer interaction by simulating face-to-face interaction. Our laboratory experiment investigated how PD patients behave in a trust game played with human and avatar counterparts, and we compared this behavior to the behavior of age, income, education and gender matched healthy controls. The results of our study show that PD patients trust avatar faces significantly more than human faces. Moreover, there was no significant difference between initial trust of PD patients and healthy controls in avatar faces, while PD patients trusted human faces significantly less than healthy controls. Our data suggests that PD patients' interaction with avatars may constitute an effective way of communication in situations in which trust is required (e.g., a physician recommends intake of medication). We discuss the implications of these results for several areas of human-computer interaction and neurological research.

Parkinson Patients’ Initial Trust in Avatars: Theory and Evidence

PubMed Central

Javor, Andrija; Ransmayr, Gerhard; Struhal, Walter; Riedl, René

2016-01-01

Parkinson’s disease (PD) is a neurodegenerative disease that affects the motor system and cognitive and behavioral functions. Due to these impairments, PD patients also have problems in using the computer. However, using computers and the Internet could help these patients to overcome social isolation and enhance information search. Specifically, avatars (defined as virtual representations of humans) are increasingly used in online environments to enhance human-computer interaction by simulating face-to-face interaction. Our laboratory experiment investigated how PD patients behave in a trust game played with human and avatar counterparts, and we compared this behavior to the behavior of age, income, education and gender matched healthy controls. The results of our study show that PD patients trust avatar faces significantly more than human faces. Moreover, there was no significant difference between initial trust of PD patients and healthy controls in avatar faces, while PD patients trusted human faces significantly less than healthy controls. Our data suggests that PD patients’ interaction with avatars may constitute an effective way of communication in situations in which trust is required (e.g., a physician recommends intake of medication). We discuss the implications of these results for several areas of human-computer interaction and neurological research. PMID:27820864

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2012-04-01 2011-04-01 true Supervision. 70.609 Section... Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When allowance has... or made unmarketable, the liquors shall be destroyed by suitable means under supervision satisfactory...

Unintentional Insider Threats: A Review of Phishing and Malware Incidents

DTIC Science & Technology

2014-07-01

their agency as deliberate, malicious hackers [1]. This research supports the conclusions in the 2013 Verizon Data Breach Report that 47% of...References [1] SolarWinds. SolarWinds Federal Cybersecurity Survey Summary Report. SolarWinds, 2014. [2] Verizon. 2013 Data Breach Investigations

The emotional responses of browsing Facebook: Happiness, envy, and the role of tie strength

PubMed Central

Lin, Ruoyun; Utz, Sonja

2015-01-01

On Facebook, users are exposed to posts from both strong and weak ties. Even though several studies have examined the emotional consequences of using Facebook, less attention has been paid to the role of tie strength. This paper aims to explore the emotional outcomes of reading a post on Facebook and examine the role of tie strength in predicting happiness and envy. Two studies – one correlational, based on a sample of 207 American participants and the other experimental, based on a sample of 194 German participants – were conducted in 2014. In Study 2, envy was further distinguished into benign and malicious envy. Based on a multi-method approach, the results showed that positive emotions are more prevalent than negative emotions while browsing Facebook. Moreover, tie strength is positively associated with the feeling of happiness and benign envy, whereas malicious envy is independent of tie strength after reading a (positive) post on Facebook. PMID:26877584

Application distribution model and related security attacks in VANET

NASA Astrophysics Data System (ADS)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Evil acts and malicious gossip: a multiagent model of the effects of gossip in socially distributed person perception.

PubMed

Smith, Eliot R

2014-11-01

Although person perception is central to virtually all human social behavior, it is ordinarily studied in isolated individual perceivers. Conceptualizing it as a socially distributed process opens up a variety of novel issues, which have been addressed in scattered literatures mostly outside of social psychology. This article examines some of these issues using a series of multiagent models. Perceivers can use gossip (information from others about social targets) to improve their ability to detect targets who perform rare negative behaviors. The model suggests that they can simultaneously protect themselves against being influenced by malicious gossip intended to defame specific targets. They can balance these potentially conflicting goals by using specific strategies including disregarding gossip that differs from a personally obtained impression. Multiagent modeling demonstrates the outcomes produced by different combinations of assumptions about gossip, and suggests directions for further research and theoretical development. © 2014 by the Society for Personality and Social Psychology, Inc.

DCT-based cyber defense techniques

NASA Astrophysics Data System (ADS)

Amsalem, Yaron; Puzanov, Anton; Bedinerman, Anton; Kutcher, Maxim; Hadar, Ofer

2015-09-01

With the increasing popularity of video streaming services and multimedia sharing via social networks, there is a need to protect the multimedia from malicious use. An attacker may use steganography and watermarking techniques to embed malicious content, in order to attack the end user. Most of the attack algorithms are robust to basic image processing techniques such as filtering, compression, noise addition, etc. Hence, in this article two novel, real-time, defense techniques are proposed: Smart threshold and anomaly correction. Both techniques operate at the DCT domain, and are applicable for JPEG images and H.264 I-Frames. The defense performance was evaluated against a highly robust attack, and the perceptual quality degradation was measured by the well-known PSNR and SSIM quality assessment metrics. A set of defense techniques is suggested for improving the defense efficiency. For the most aggressive attack configuration, the combination of all the defense techniques results in 80% protection against cyber-attacks with PSNR of 25.74 db.

A robust trust establishment scheme for wireless sensor networks.

PubMed

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2015-03-23

Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

Classifier fusion for VoIP attacks classification

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Rezac, Filip

2017-05-01

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Age synthesis and estimation via faces: a survey.

PubMed

Fu, Yun; Guo, Guodong; Huang, Thomas S

2010-11-01

Human age, as an important personal trait, can be directly inferred by distinct patterns emerging from the facial appearance. Derived from rapid advances in computer graphics and machine vision, computer-based age synthesis and estimation via faces have become particularly prevalent topics recently because of their explosively emerging real-world applications, such as forensic art, electronic customer relationship management, security control and surveillance monitoring, biometrics, entertainment, and cosmetology. Age synthesis is defined to rerender a face image aesthetically with natural aging and rejuvenating effects on the individual face. Age estimation is defined to label a face image automatically with the exact age (year) or the age group (year range) of the individual face. Because of their particularity and complexity, both problems are attractive yet challenging to computer-based application system designers. Large efforts from both academia and industry have been devoted in the last a few decades. In this paper, we survey the complete state-of-the-art techniques in the face image-based age synthesis and estimation topics. Existing models, popular algorithms, system performances, technical difficulties, popular face aging databases, evaluation protocols, and promising future directions are also provided with systematic discussions.

Analysing Test-Takers' Views on a Computer-Based Speaking Test

ERIC Educational Resources Information Center

Amengual-Pizarro, Marian; García-Laborda, Jesús

2017-01-01

This study examines test-takers' views on a computer-delivered speaking test in order to investigate the aspects they consider most relevant in technology-based oral assessment, and to explore the main advantages and disadvantages computer-based tests may offer as compared to face-to-face speaking tests. A small-scale open questionnaire was…

Collaborative Defense of Transmission and Distribution Protection and Control Devices Against Cyber Attacks (CODEF) DE-OE0000674. ABB Inc. Final Scientific/Technical Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nuqui, Reynaldo

This report summarizes the activities conducted under the DOE-OE funded project DEOE0000674, where ABB Inc. (ABB), in collaboration with University of Illinois at Urbana-Champaign (UIUC), Bonneville Power Administration (BPA), and Ameren-Illinois (Ameren-IL) pursued the development of a system of collaborative defense of electrical substation’s intelligent electronic devices against cyber-attacks (CODEF). An electrical substation with CODEF features will be more capable of mitigating cyber-attacks especially those that seek to control switching devices. It leverages the security extensions of IEC 61850 to empower existing devices to collaborate in identifying and blocking malicious intents to trip circuit breakers, mis-coordinate devices settings, even thoughmore » the commands and the measurements comply with correct syntax. The CODEF functions utilize the physics of electromagnetic systems, electric power engineering principles, and computer science to bring more in depth cyber defense closer to the protected substation devices.« less

Design and Implementation of Website Information Disclosure Assessment System

PubMed Central

Cho, Ying-Chiang; Pan, Jen-Yi

2015-01-01

Internet application technologies, such as cloud computing and cloud storage, have increasingly changed people’s lives. Websites contain vast amounts of personal privacy information. In order to protect this information, network security technologies, such as database protection and data encryption, attract many researchers. The most serious problems concerning web vulnerability are e-mail address and network database leakages. These leakages have many causes. For example, malicious users can steal database contents, taking advantage of mistakes made by programmers and administrators. In order to mitigate this type of abuse, a website information disclosure assessment system is proposed in this study. This system utilizes a series of technologies, such as web crawler algorithms, SQL injection attack detection, and web vulnerability mining, to assess a website’s information disclosure. Thirty websites, randomly sampled from the top 50 world colleges, were used to collect leakage information. This testing showed the importance of increasing the security and privacy of website information for academic websites. PMID:25768434

TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones

NASA Astrophysics Data System (ADS)

Nauman, Mohammad; Ali, Tamleek

Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

A Survey on Anomaly Based Host Intrusion Detection System

NASA Astrophysics Data System (ADS)

Jose, Shijoe; Malathi, D.; Reddy, Bharath; Jayaseeli, Dorathi

2018-04-01

An intrusion detection system (IDS) is hardware, software or a combination of two, for monitoring network or system activities to detect malicious signs. In computer security, designing a robust intrusion detection system is one of the most fundamental and important problems. The primary function of system is detecting intrusion and gives alerts when user tries to intrusion on timely manner. In these techniques when IDS find out intrusion it will send alert massage to the system administrator. Anomaly detection is an important problem that has been researched within diverse research areas and application domains. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. From the existing anomaly detection techniques, each technique has relative strengths and weaknesses. The current state of the experiment practice in the field of anomaly-based intrusion detection is reviewed and survey recent studies in this. This survey provides a study of existing anomaly detection techniques, and how the techniques used in one area can be applied in another application domain.

DHCP Origin Traceback

NASA Astrophysics Data System (ADS)

Majumdar, Saugat; Kulkarni, Dhananjay; Ravishankar, Chinya V.

Imagine that the DHCP server is under attack from malicious hosts in your network. How would you know where these DHCP packets are coming from, or which path they took in the network? This paper investigates the problem of determining the origin of a DHCP packet in a network. We propose a practical method for adding a new option field that does not violate any RFC's, which we believe should be a crucial requirement while proposing any related solution. The new DHCP option will contain the ingress port and the switch MAC address. We recommend that this new option be added at the edge so that we can use the recorded value for performing traceback. The computational overhead of our solution is low, and the related network management tasks are low as well. We also address issues related to securing the field in order to maintain privacy of switch MAC addresses, fragmentation of packets, and possible attack scenarios. Our study shows that the traceback scheme is effective and practical to use in most network environments.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

PubMed

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

Computer-Assisted Face Processing Instruction Improves Emotion Recognition, Mentalizing, and Social Skills in Students with ASD.

PubMed

Rice, Linda Marie; Wall, Carla Anne; Fogel, Adam; Shic, Frederick

2015-07-01

This study examined the extent to which a computer-based social skills intervention called FaceSay was associated with improvements in affect recognition, mentalizing, and social skills of school-aged children with Autism Spectrum Disorder (ASD). FaceSay offers students simulated practice with eye gaze, joint attention, and facial recognition skills. This randomized control trial included school-aged children meeting educational criteria for autism (N = 31). Results demonstrated that participants who received the intervention improved their affect recognition and mentalizing skills, as well as their social skills. These findings suggest that, by targeting face-processing skills, computer-based interventions may produce changes in broader cognitive and social-skills domains in a cost- and time-efficient manner.

Have Computer, Will Not Travel: Meeting Electronically.

ERIC Educational Resources Information Center

Kurland, Norman D.

1983-01-01

Beginning with two different scenarios depicting a face-to-face conference on the one hand and, on the other, a computer or electronic conference, the author argues the advantages of electronic conferencing and describes some of its uses. (JBM)

Investigating Face-to-Face Peer Interaction Patterns in a Collaborative Web Discovery Task: The Bene?ts of a Shared Display

ERIC Educational Resources Information Center

Chung, C-W.; Lee, C-C.; Liu, C-C.

2013-01-01

Mobile computers are now increasingly applied to facilitate face-to-face collaborative learning. However, the factors affecting face-to-face peer interactions are complex as they involve rich communication media. In particular, non-verbal interactions are necessary to convey critical communication messages in face-to-face communication. Through…

A specialized face-processing model inspired by the organization of monkey face patches explains several face-specific phenomena observed in humans.

PubMed

Farzmahdi, Amirhossein; Rajaei, Karim; Ghodrati, Masoud; Ebrahimpour, Reza; Khaligh-Razavi, Seyed-Mahdi

2016-04-26

Converging reports indicate that face images are processed through specialized neural networks in the brain -i.e. face patches in monkeys and the fusiform face area (FFA) in humans. These studies were designed to find out how faces are processed in visual system compared to other objects. Yet, the underlying mechanism of face processing is not completely revealed. Here, we show that a hierarchical computational model, inspired by electrophysiological evidence on face processing in primates, is able to generate representational properties similar to those observed in monkey face patches (posterior, middle and anterior patches). Since the most important goal of sensory neuroscience is linking the neural responses with behavioral outputs, we test whether the proposed model, which is designed to account for neural responses in monkey face patches, is also able to predict well-documented behavioral face phenomena observed in humans. We show that the proposed model satisfies several cognitive face effects such as: composite face effect and the idea of canonical face views. Our model provides insights about the underlying computations that transfer visual information from posterior to anterior face patches.

A specialized face-processing model inspired by the organization of monkey face patches explains several face-specific phenomena observed in humans

PubMed Central

Farzmahdi, Amirhossein; Rajaei, Karim; Ghodrati, Masoud; Ebrahimpour, Reza; Khaligh-Razavi, Seyed-Mahdi

2016-01-01

Converging reports indicate that face images are processed through specialized neural networks in the brain –i.e. face patches in monkeys and the fusiform face area (FFA) in humans. These studies were designed to find out how faces are processed in visual system compared to other objects. Yet, the underlying mechanism of face processing is not completely revealed. Here, we show that a hierarchical computational model, inspired by electrophysiological evidence on face processing in primates, is able to generate representational properties similar to those observed in monkey face patches (posterior, middle and anterior patches). Since the most important goal of sensory neuroscience is linking the neural responses with behavioral outputs, we test whether the proposed model, which is designed to account for neural responses in monkey face patches, is also able to predict well-documented behavioral face phenomena observed in humans. We show that the proposed model satisfies several cognitive face effects such as: composite face effect and the idea of canonical face views. Our model provides insights about the underlying computations that transfer visual information from posterior to anterior face patches. PMID:27113635

Dynamic Encoding of Face Information in the Human Fusiform Gyrus

PubMed Central

Ghuman, Avniel Singh; Brunet, Nicolas M.; Li, Yuanning; Konecky, Roma O.; Pyles, John A.; Walls, Shawn A.; Destefino, Vincent; Wang, Wei; Richardson, R. Mark

2014-01-01

Humans’ ability to rapidly and accurately detect, identify, and classify faces under variable conditions derives from a network of brain regions highly tuned to face information. The fusiform face area (FFA) is thought to be a computational hub for face processing, however temporal dynamics of face information processing in FFA remains unclear. Here we use multivariate pattern classification to decode the temporal dynamics of expression-invariant face information processing using electrodes placed directly upon FFA in humans. Early FFA activity (50-75 ms) contained information regarding whether participants were viewing a face. Activity between 200-500 ms contained expression-invariant information about which of 70 faces participants were viewing along with the individual differences in facial features and their configurations. Long-lasting (500+ ms) broadband gamma frequency activity predicted task performance. These results elucidate the dynamic computational role FFA plays in multiple face processing stages and indicate what information is used in performing these visual analyses. PMID:25482825

Dynamic encoding of face information in the human fusiform gyrus.

PubMed

Ghuman, Avniel Singh; Brunet, Nicolas M; Li, Yuanning; Konecky, Roma O; Pyles, John A; Walls, Shawn A; Destefino, Vincent; Wang, Wei; Richardson, R Mark

2014-12-08

Humans' ability to rapidly and accurately detect, identify and classify faces under variable conditions derives from a network of brain regions highly tuned to face information. The fusiform face area (FFA) is thought to be a computational hub for face processing; however, temporal dynamics of face information processing in FFA remains unclear. Here we use multivariate pattern classification to decode the temporal dynamics of expression-invariant face information processing using electrodes placed directly on FFA in humans. Early FFA activity (50-75 ms) contained information regarding whether participants were viewing a face. Activity between 200 and 500 ms contained expression-invariant information about which of 70 faces participants were viewing along with the individual differences in facial features and their configurations. Long-lasting (500+ms) broadband gamma frequency activity predicted task performance. These results elucidate the dynamic computational role FFA plays in multiple face processing stages and indicate what information is used in performing these visual analyses.

Presentation of computer code SPIRALI for incompressible, turbulent, plane and spiral grooved cylindrical and face seals

NASA Technical Reports Server (NTRS)

Walowit, Jed A.

1994-01-01

A viewgraph presentation is made showing the capabilities of the computer code SPIRALI. Overall capabilities of SPIRALI include: computes rotor dynamic coefficients, flow, and power loss for cylindrical and face seals; treats turbulent, laminar, Couette, and Poiseuille dominated flows; fluid inertia effects are included; rotor dynamic coefficients in three (face) or four (cylindrical) degrees of freedom; includes effects of spiral grooves; user definable transverse film geometry including circular steps and grooves; independent user definable friction factor models for rotor and stator; and user definable loss coefficients for sudden expansions and contractions.

A psychosocial comparison of computer-mediated and face-to-face language use among severely disturbed adolescents.

PubMed

Zimmerman, D P

1987-01-01

This study analyzes the content of communications among 18 severely disturbed adolescents. Interactions were recorded from two sources: computer-based "conferences" for the group, and small group face-to-face sessions which addressed similar topics. The purpose was to determine whether there are important differences in indications of psychological state, interpersonal interest, and expressive style. The research was significant, given the strong attraction of computers to many adolescents and the paucity of research on social-psychological effects of this technology. A content analysis based on a total sample of 10,224 words was performed using the Harvard IV Psychosociological Dictionary. Results indicated that computer-mediated communication was more expressive of feelings and made more frequent mention of interpersonal issues. Further, it displayed a more positive object-relations stance, was less negative in expressive style, and appeared to diminish certain traditional gender differences in group communication. These findings suggest that the computer may have an interesting adjunct role to play in reducing communication deficits commonly observed in severely disturbed adolescent clinical populations.

2020 Vision Project Summary

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon, K.W.; Scott, K.P.

2000-11-01

Since the 2020 Vision project began in 1996, students from participating schools have completed and submitted a variety of scenarios describing potential world and regional conditions in the year 2020 and their possible effect on US national security. This report summarizes the students' views and describes trends observed over the course of the 2020 Vision project's five years. It also highlights the main organizational features of the project. An analysis of thematic trends among the scenarios showed interesting shifts in students' thinking, particularly in their views of computer technology, US relations with China, and globalization. In 1996, most students perceivedmore » computer technology as highly beneficial to society, but as the year 2000 approached, this technology was viewed with fear and suspicion, even personified as a malicious, uncontrollable being. Yet, after New Year's passed with little disruption, students generally again perceived computer technology as beneficial. Also in 1996, students tended to see US relations with China as potentially positive, with economic interaction proving favorable to both countries. By 2000, this view had transformed into a perception of China emerging as the US' main rival and ''enemy'' in the global geopolitical realm. Regarding globalization, students in the first two years of the project tended to perceive world events as dependent on US action. However, by the end of the project, they saw the US as having little control over world events and therefore, we Americans would need to cooperate and compromise with other nations in order to maintain our own well-being.« less

Integrating Computer-Mediated Communication Strategy Instruction

ERIC Educational Resources Information Center

McNeil, Levi

2016-01-01

Communication strategies (CSs) play important roles in resolving problematic second language interaction and facilitating language learning. While studies in face-to-face contexts demonstrate the benefits of communication strategy instruction (CSI), there have been few attempts to integrate computer-mediated communication and CSI. The study…

Bayesian Face Recognition and Perceptual Narrowing in Face-Space

PubMed Central

Balas, Benjamin

2012-01-01

During the first year of life, infants’ face recognition abilities are subject to “perceptual narrowing,” the end result of which is that observers lose the ability to distinguish previously discriminable faces (e.g. other-race faces) from one another. Perceptual narrowing has been reported for faces of different species and different races, in developing humans and primates. Though the phenomenon is highly robust and replicable, there have been few efforts to model the emergence of perceptual narrowing as a function of the accumulation of experience with faces during infancy. The goal of the current study is to examine how perceptual narrowing might manifest as statistical estimation in “face space,” a geometric framework for describing face recognition that has been successfully applied to adult face perception. Here, I use a computer vision algorithm for Bayesian face recognition to study how the acquisition of experience in face space and the presence of race categories affect performance for own and other-race faces. Perceptual narrowing follows from the establishment of distinct race categories, suggesting that the acquisition of category boundaries for race is a key computational mechanism in developing face expertise. PMID:22709406

Online help: cancer patients participate in a computer-mediated support group.

PubMed

Weinberg, N; Schmale, J; Uken, J; Wessel, K

1996-02-01

This study investigated a computer mediated support group of six breast cancer patients. For a three-month period, patients used home computers to connect to a computer bulletin board on which they read messages from and posted messages to each other. The patients had no difficulty learning to use the computer and used it an average of one hour a week. The patients discussed their medical conditions, shared personal concerns, and offered support. This online approach provided many features of traditional face-to-face support groups.

SecureCore Security Architecture: Authority Mode and Emergency Management

DTIC Science & Technology

2007-10-16

can shield first responders from social vultures (e.g., “ambulance chasers”) or malicious parties who could intentionally interfere with emergency...hierarchical design Communications Management: network communication Process Management...and Emergency Management 1 I. Introduction During many crises, first- responder access to sensitive, restricted emergency information is

Understanding and Mitigating Forum Spam

ERIC Educational Resources Information Center

Shin, Youngsang

2011-01-01

The Web is large and expanding, making it challenging to attract new visitors to websites. Website operators often use Search Engine Optimization (SEO) techniques to boost the search engine rankings of their sites, thereby maximizing the inflow of visitors. Malicious operators take SEO to the extreme through many unsavory techniques that are often…

Development and Validation of the Family Beliefs Inventory: A Measure of Unrealistic Beliefs among Parents and Adolescents.

ERIC Educational Resources Information Center

Roehling, Patricia Vincent; Robin, Arthur L.

1986-01-01

Evaluated the criterion-related validity of the Family Beliefs Inventory, a new self-report measure of unreasonable beliefs regarding parent-adolescent relationships. Distressed fathers displayed more unreasonable beliefs concerning ruination, obedience, perfectionism, and malicious intent than nondistressed fathers. Distressed adolescents…

Using Semantic Templates to Study Vulnerabilities Recorded in Large Software Repositories

ERIC Educational Resources Information Center

Wu, Yan

2011-01-01

Software vulnerabilities allow an attacker to reduce a system's Confidentiality, Availability, and Integrity by exposing information, executing malicious code, and undermine system functionalities that contribute to the overall system purpose and need. With new vulnerabilities discovered everyday in a variety of applications and user environments,…

Security Implications of Third-Party Accelerators

DTIC Science & Technology

2015-06-11

G. Wheeler, “Undocumented M6800 instructions,” BYTE Magazine, vol. 2, no. 12, pp. 46–47, Dec. 1977. [20] x0r1, “ jellyfish ,” https://github.com/x0r1... jellyfish , 2015. [21] A. Young and M. Yung, Malicious Cryptography: Exposing Cryptovi- rology. John Wiley & Sons, 2004.

Partners or Competitors?: The Evolution of the DoD/CIA Relationship Since Desert Storm and its Prospects for the Future

DTIC Science & Technology

2013-05-23

Afghanistan.” 39 the shoulders of these two organizations, but on Congressional choices as well. It...Christopher J. Lamb . United States Special Operations Forces. New York, NY: Columbia University Press, 2007. Walker, Stephen G, Akan Malici, and Mark

On Tradeoffs between Trust Accuracy and Resource Consumption in Communications and Social Networks

DTIC Science & Technology

2016-04-11

length, the use of indirect information to establish trust values, and the impact of misbehaving nodes on both communication overhead and the...evaluated). We consider the impact of misbehaving (selfish or malicious) nodes on the evaluation of trust. We also consider the interaction between

Bringing out the Best Board Behavior

ERIC Educational Resources Information Center

Caruso, Nicholas

2004-01-01

The author's advice for for a school board superintendent is to assume incompetence instead of malevolence. Board members who behave inappropriately are a minority, and those with malicious intent are extremely rare. Most misbehaving board members act out of frustration. They may not understand the appropriate role of a board member.…

Integrated Social and Quality of Service Trust Management of Mobile Groups in Ad Hoc Networks

DTIC Science & Technology

2013-01-01

high resiliency to malicious attacks and misbehaving nodes. Keywords—trust management; mobile ad hoc networks; QoS trust; social trust; trust...paper we address an importance issue of trust management protocol design for MANETs: trust bias minimization despite misbehaving nodes performing

Scalability Assessments for the Malicious Activity Simulation Tool (MAST)

DTIC Science & Technology

2012-09-01

the scalability characteristics of MAST. Specifically, we show that an exponential increase in clients using the MAST software does not impact...an exponential increase in clients using the MAST software does not impact network and system resources significantly. Additionally, we...31 1. Hardware .....................................31 2. Software .....................................32 3. Common PC

Multi-Directional Multi-Level Dual-Cross Patterns for Robust Face Recognition.

PubMed

Ding, Changxing; Choi, Jonghyun; Tao, Dacheng; Davis, Larry S

2016-03-01

To perform unconstrained face recognition robust to variations in illumination, pose and expression, this paper presents a new scheme to extract "Multi-Directional Multi-Level Dual-Cross Patterns" (MDML-DCPs) from face images. Specifically, the MDML-DCPs scheme exploits the first derivative of Gaussian operator to reduce the impact of differences in illumination and then computes the DCP feature at both the holistic and component levels. DCP is a novel face image descriptor inspired by the unique textural structure of human faces. It is computationally efficient and only doubles the cost of computing local binary patterns, yet is extremely robust to pose and expression variations. MDML-DCPs comprehensively yet efficiently encodes the invariant characteristics of a face image from multiple levels into patterns that are highly discriminative of inter-personal differences but robust to intra-personal variations. Experimental results on the FERET, CAS-PERL-R1, FRGC 2.0, and LFW databases indicate that DCP outperforms the state-of-the-art local descriptors (e.g., LBP, LTP, LPQ, POEM, tLBP, and LGXP) for both face identification and face verification tasks. More impressively, the best performance is achieved on the challenging LFW and FRGC 2.0 databases by deploying MDML-DCPs in a simple recognition scheme.

How Well Do Computer-Generated Faces Tap Face Expertise?

PubMed

Crookes, Kate; Ewing, Louise; Gildenhuys, Ju-Dith; Kloth, Nadine; Hayward, William G; Oxner, Matt; Pond, Stephen; Rhodes, Gillian

2015-01-01

The use of computer-generated (CG) stimuli in face processing research is proliferating due to the ease with which faces can be generated, standardised and manipulated. However there has been surprisingly little research into whether CG faces are processed in the same way as photographs of real faces. The present study assessed how well CG faces tap face identity expertise by investigating whether two indicators of face expertise are reduced for CG faces when compared to face photographs. These indicators were accuracy for identification of own-race faces and the other-race effect (ORE)-the well-established finding that own-race faces are recognised more accurately than other-race faces. In Experiment 1 Caucasian and Asian participants completed a recognition memory task for own- and other-race real and CG faces. Overall accuracy for own-race faces was dramatically reduced for CG compared to real faces and the ORE was significantly and substantially attenuated for CG faces. Experiment 2 investigated perceptual discrimination for own- and other-race real and CG faces with Caucasian and Asian participants. Here again, accuracy for own-race faces was significantly reduced for CG compared to real faces. However the ORE was not affected by format. Together these results signal that CG faces of the type tested here do not fully tap face expertise. Technological advancement may, in the future, produce CG faces that are equivalent to real photographs. Until then caution is advised when interpreting results obtained using CG faces.

Computing Surface Coordinates Of Face-Milled Spiral-Bevel Gear Teeth

NASA Technical Reports Server (NTRS)

Handschuh, Robert F.; Litvin, Faydor L.

1995-01-01

Surface coordinates of face-milled spiral-bevel gear teeth computed by method involving numerical solution of governing equations. Needed to generate mathematical models of tooth surfaces for use in finite-element analyses of stresses, strains, and vibrations in meshing spiral-bevel gears.

Baby, Where Did You Get Those Eyes?: IEEE Pulse talks with Mark Sagar about the new face of artificial intelligence.

PubMed

Campbell, Sarah

2015-01-01

Mark Sagar is changing the way we look at computers by giving them faces?disconcertingly realistic human faces. Sagar first gained widespread recognition for his pioneering work in rendering faces for Hollywood movies, including Avatar and King Kong. With a Ph.D. degree in bioengineering and two Academy Awards under his belt, Sagar now directs a research lab at the University of Auckland, New Zealand, a combinatorial hub where artificial intelligence (AI), neuroscience, computer science, philosophy, and cognitive psychology intersect in creating interactive, intelligent technologies.

Brain Activity Associated with Emoticons: An fMRI Study

NASA Astrophysics Data System (ADS)

Yuasa, Masahide; Saito, Keiichi; Mukawa, Naoki

In this paper, we describe that brain activities associated with emoticons by using fMRI. In communication over a computer network, we use abstract faces such as computer graphics (CG) avatars and emoticons. These faces convey users' emotions and enrich their communications. However, the manner in which these faces influence the mental process is as yet unknown. The human brain may perceive the abstract face in an entirely different manner, depending on its level of reality. We conducted an experiment using fMRI in order to investigate the effects of emoticons. The results show that right inferior frontal gyrus, which associated with nonverbal communication, is activated by emoticons. Since the emoticons were created to reflect the real human facial expressions as accurately as possible, we believed that they would activate the right fusiform gyrus. However, this region was not found to be activated during the experiment. This finding is useful in understanding how abstract faces affect our behaviors and decision-making in communication over a computer network.

Challenges facing developers of CAD/CAM models that seek to predict human working postures

NASA Astrophysics Data System (ADS)

Wiker, Steven F.

2005-11-01

This paper outlines the need for development of human posture prediction models for Computer Aided Design (CAD) and Computer Aided Manufacturing (CAM) design applications in product, facility and work design. Challenges facing developers of posture prediction algorithms are presented and discussed.

Computer vision and soft computing for automatic skull-face overlay in craniofacial superimposition.

PubMed

Campomanes-Álvarez, B Rosario; Ibáñez, O; Navarro, F; Alemán, I; Botella, M; Damas, S; Cordón, O

2014-12-01

Craniofacial superimposition can provide evidence to support that some human skeletal remains belong or not to a missing person. It involves the process of overlaying a skull with a number of ante mortem images of an individual and the analysis of their morphological correspondence. Within the craniofacial superimposition process, the skull-face overlay stage just focuses on achieving the best possible overlay of the skull and a single ante mortem image of the suspect. Although craniofacial superimposition has been in use for over a century, skull-face overlay is still applied by means of a trial-and-error approach without an automatic method. Practitioners finish the process once they consider that a good enough overlay has been attained. Hence, skull-face overlay is a very challenging, subjective, error prone, and time consuming part of the whole process. Though the numerical assessment of the method quality has not been achieved yet, computer vision and soft computing arise as powerful tools to automate it, dramatically reducing the time taken by the expert and obtaining an unbiased overlay result. In this manuscript, we justify and analyze the use of these techniques to properly model the skull-face overlay problem. We also present the automatic technical procedure we have developed using these computational methods and show the four overlays obtained in two craniofacial superimposition cases. This automatic procedure can be thus considered as a tool to aid forensic anthropologists to develop the skull-face overlay, automating and avoiding subjectivity of the most tedious task within craniofacial superimposition. Copyright © 2014 Elsevier Ireland Ltd. All rights reserved.

Energy conservation using face detection

NASA Astrophysics Data System (ADS)

Deotale, Nilesh T.; Kalbande, Dhananjay R.; Mishra, Akassh A.

2011-10-01

Computerized Face Detection, is concerned with the difficult task of converting a video signal of a person to written text. It has several applications like face recognition, simultaneous multiple face processing, biometrics, security, video surveillance, human computer interface, image database management, digital cameras use face detection for autofocus, selecting regions of interest in photo slideshows that use a pan-and-scale and The Present Paper deals with energy conservation using face detection. Automating the process to a computer requires the use of various image processing techniques. There are various methods that can be used for Face Detection such as Contour tracking methods, Template matching, Controlled background, Model based, Motion based and color based. Basically, the video of the subject are converted into images are further selected manually for processing. However, several factors like poor illumination, movement of face, viewpoint-dependent Physical appearance, Acquisition geometry, Imaging conditions, Compression artifacts makes Face detection difficult. This paper reports an algorithm for conservation of energy using face detection for various devices. The present paper suggests Energy Conservation can be done by Detecting the Face and reducing the brightness of complete image and then adjusting the brightness of the particular area of an image where the face is located using histogram equalization.

Effect of face-to-face interview versus computer-assisted self-interview on disclosure of intimate partner violence among African American women in WIC clinics.

PubMed

Fincher, Danielle; VanderEnde, Kristin; Colbert, Kia; Houry, Debra; Smith, L Shakiyla; Yount, Kathryn M

2015-03-01

African American women in the United States report intimate partner violence (IPV) more often than the general population of women. Overall, women underreport IPV because of shame, embarrassment, fear of retribution, or low expectation of legal support. African American women may be especially unlikely to report IPV because of poverty, low social support, and past experiences of discrimination. The purpose of this article is to determine the context in which low-income African American women disclose IPV. Consenting African American women receiving Special Supplemental Nutrition Program for Women, Infants, and Children (WIC) services in WIC clinics were randomized to complete an IPV screening (Revised Conflict Tactics Scales-Short Form) via computer-assisted self-interview (CASI) or face-to-face interview (FTFI). Women (n = 368) reported high rates of lifetime and prior-year verbal (48%, 34%), physical (12%, 7%), sexual (10%, 7%), and any (49%, 36%) IPV, as well as IPV-related injury (13%, 7%). Mode of screening, but not interviewer race, affected disclosure. Women screened via FTFI reported significantly more lifetime and prior-year negotiation (adjusted odds ratio [aOR] = 10.54, 3.97) and more prior-year verbal (aOR = 2.10), sexual (aOR = 4.31), and any (aOR = 2.02) IPV than CASI-screened women. African American women in a WIC setting disclosed IPV more often in face-to-face than computer screening, and race-matching of client and interviewer did not affect disclosure. Findings highlight the potential value of face-to-face screening to identify women at risk of IPV. Programs should weigh the costs and benefits of training staff versus using computer-based technologies to screen for IPV in WIC settings. © The Author(s) 2014.

Influence of using a single facial vein as outflow in full-face transplantation: A three-dimensional computed tomographic study.

PubMed

Rodriguez-Lorenzo, Andres; Audolfsson, Thorir; Wong, Corrine; Cheng, Angela; Arbique, Gary; Nowinski, Daniel; Rozen, Shai

2015-10-01

The aim of this study was to evaluate the contribution of a single unilateral facial vein in the venous outflow of total-face allograft using three-dimensional computed tomographic imaging techniques to further elucidate the mechanisms of venous complications following total-face transplant. Full-face soft-tissue flaps were harvested from fresh adult human cadavers. A single facial vein was identified and injected distally to the submandibular gland with a radiopaque contrast (barium sulfate/gelatin mixture) in every specimen. Following vascular injections, three-dimensional computed tomographic venographies of the faces were performed. Images were viewed using TeraRecon Software (Teracon, Inc., San Mateo, CA, USA) allowing analysis of the venous anatomy and perfusion in different facial subunits by observing radiopaque filling venous patterns. Three-dimensional computed tomographic venographies demonstrated a venous network with different degrees of perfusion in subunits of the face in relation to the facial vein injection side: 100% of ipsilateral and contralateral forehead units, 100% of ipsilateral and 75% of contralateral periorbital units, 100% of ipsilateral and 25% of contralateral cheek units, 100% of ipsilateral and 75% of contralateral nose units, 100% of ipsilateral and 75% of contralateral upper lip units, 100% of ipsilateral and 25% of contralateral lower lip units, and 50% of ipsilateral and 25% of contralateral chin units. Venographies of the full-face grafts revealed better perfusion in the ipsilateral hemifaces from the facial vein in comparison with the contralateral hemifaces. Reduced perfusion was observed mostly in the contralateral cheek unit and contralateral lower face including the lower lip and chin units. Copyright © 2015 British Association of Plastic, Reconstructive and Aesthetic Surgeons. Published by Elsevier Ltd. All rights reserved.

A brain-computer interface for potential non-verbal facial communication based on EEG signals related to specific emotions

PubMed Central

Kashihara, Koji

2014-01-01

Unlike assistive technology for verbal communication, the brain-machine or brain-computer interface (BMI/BCI) has not been established as a non-verbal communication tool for amyotrophic lateral sclerosis (ALS) patients. Face-to-face communication enables access to rich emotional information, but individuals suffering from neurological disorders, such as ALS and autism, may not express their emotions or communicate their negative feelings. Although emotions may be inferred by looking at facial expressions, emotional prediction for neutral faces necessitates advanced judgment. The process that underlies brain neuronal responses to neutral faces and causes emotional changes remains unknown. To address this problem, therefore, this study attempted to decode conditioned emotional reactions to neutral face stimuli. This direction was motivated by the assumption that if electroencephalogram (EEG) signals can be used to detect patients' emotional responses to specific inexpressive faces, the results could be incorporated into the design and development of BMI/BCI-based non-verbal communication tools. To these ends, this study investigated how a neutral face associated with a negative emotion modulates rapid central responses in face processing and then identified cortical activities. The conditioned neutral face-triggered event-related potentials that originated from the posterior temporal lobe statistically significantly changed during late face processing (600–700 ms) after stimulus, rather than in early face processing activities, such as P1 and N170 responses. Source localization revealed that the conditioned neutral faces increased activity in the right fusiform gyrus (FG). This study also developed an efficient method for detecting implicit negative emotional responses to specific faces by using EEG signals. A classification method based on a support vector machine enables the easy classification of neutral faces that trigger specific individual emotions. In accordance with this classification, a face on a computer morphs into a sad or displeased countenance. The proposed method could be incorporated as a part of non-verbal communication tools to enable emotional expression. PMID:25206321

A brain-computer interface for potential non-verbal facial communication based on EEG signals related to specific emotions.

PubMed

Kashihara, Koji

2014-01-01

Unlike assistive technology for verbal communication, the brain-machine or brain-computer interface (BMI/BCI) has not been established as a non-verbal communication tool for amyotrophic lateral sclerosis (ALS) patients. Face-to-face communication enables access to rich emotional information, but individuals suffering from neurological disorders, such as ALS and autism, may not express their emotions or communicate their negative feelings. Although emotions may be inferred by looking at facial expressions, emotional prediction for neutral faces necessitates advanced judgment. The process that underlies brain neuronal responses to neutral faces and causes emotional changes remains unknown. To address this problem, therefore, this study attempted to decode conditioned emotional reactions to neutral face stimuli. This direction was motivated by the assumption that if electroencephalogram (EEG) signals can be used to detect patients' emotional responses to specific inexpressive faces, the results could be incorporated into the design and development of BMI/BCI-based non-verbal communication tools. To these ends, this study investigated how a neutral face associated with a negative emotion modulates rapid central responses in face processing and then identified cortical activities. The conditioned neutral face-triggered event-related potentials that originated from the posterior temporal lobe statistically significantly changed during late face processing (600-700 ms) after stimulus, rather than in early face processing activities, such as P1 and N170 responses. Source localization revealed that the conditioned neutral faces increased activity in the right fusiform gyrus (FG). This study also developed an efficient method for detecting implicit negative emotional responses to specific faces by using EEG signals. A classification method based on a support vector machine enables the easy classification of neutral faces that trigger specific individual emotions. In accordance with this classification, a face on a computer morphs into a sad or displeased countenance. The proposed method could be incorporated as a part of non-verbal communication tools to enable emotional expression.

Classic Conversational Norms in Modern Computer-Mediated Collaboration

ERIC Educational Resources Information Center

Oeberst, Aileen; Moskaliuk, Johannes

2016-01-01

This paper examines whether conversational norms that have been observed for face-to-face communication also hold in the context of a specific type of computer-mediated communication: collaboration (such as in Wikipedia). Specifically, we tested adherence to Grice's (1975) maxim of relation--the implicit demand to contribute information that is…

Synchronous Computer-Mediated Communication and Interaction

ERIC Educational Resources Information Center

Ziegler, Nicole

2016-01-01

The current study reports on a meta-analysis of the relative effectiveness of interaction in synchronous computer-mediated communication (SCMC) and face-to-face (FTF) contexts. The primary studies included in the analysis were journal articles and dissertations completed between 1990 and 2012 (k = 14). Results demonstrate that interaction in SCMC…

Effects of Belongingness and Synchronicity on Face-to-Face and Computer-Mediated Online Cooperative Pedagogy

ERIC Educational Resources Information Center

Saltarelli, Andrew John

2012-01-01

Previous research suggests asynchronous online computer-mediated communication (CMC) has deleterious effects on certain cooperative learning pedagogies (e.g., constructive controversy), but the processes underlying this effect and how it may be ameliorated remain unclear. This study tests whether asynchronous CMC thwarts belongingness needs…

Two Studies Examining Argumentation in Asynchronous Computer Mediated Communication

ERIC Educational Resources Information Center

Joiner, Richard; Jones, Sarah; Doherty, John

2008-01-01

Asynchronous computer mediated communication (CMC) would seem to be an ideal medium for supporting development in student argumentation. This paper investigates this assumption through two studies. The first study compared asynchronous CMC with face-to-face discussions. The transactional and strategic level of the argumentation (i.e. measures of…

Maintaining Pedagogical Integrity of a Computer Mediated Course Delivery in Social Foundations

ERIC Educational Resources Information Center

Stewart, Shelley; Cobb-Roberts, Deirdre; Shircliffe, Barbara J.

2013-01-01

Transforming a face to face course to a computer mediated format in social foundations (interdisciplinary field in education), while maintaining pedagogical integrity, involves strategic collaboration between instructional technologists and content area experts. This type of planned partnership requires open dialogue and a mutual respect for prior…

Interpersonal Presence in Computer-Mediated Conferencing Courses.

ERIC Educational Resources Information Center

Herod, L.

Interpersonal presence refers to the cues individuals use to form impressions of one another and form/maintain relationships. The physical cues used to convey interpersonal presence in face-to-face learning environments are absent in text-based computer-mediated conferencing (CMC) courses. Learners' perceptions of interpersonal presence in CMC…

Face-to-Face Collaborative Learning Supported by Mobile Phones

ERIC Educational Resources Information Center

Echeverria, Alejandro; Nussbaum, Miguel; Calderon, Juan Felipe; Bravo, Claudio; Infante, Cristian; Vasquez, Andrea

2011-01-01

The use of handheld computers in educational contexts has increased considerably in recent years and their value as a teaching tool has been confirmed by many positive experiences, particular within collaborative learning systems (Mobile Computer Supported Collaborative Learning [MCSCL]). The cost of the devices has hindered widespread use in…

Mobile Konami Codes: Analysis of Android Malware Services Utilizing Sensor and Resource-Based State Changes

DTIC Science & Technology

2015-03-01

our focus will remain on Android rather than being all-inclusive of others such as iOS, Blackberry 10, and Windows Phone. The proof-of-concept...the attack surface for malicious applications to compromise vulnerable Services grows . Additionally, Services also have a life cycle with

Characteristics of forest fuels, fire and emissions

Treesearch

Charles K. McMahon

1983-01-01

Introduction Forest fires can be divided into two broad classes--wildfires and prescribed fires. Wildfires, whether caused by nature (lightning, etc.) or by the accidental or malicious acts of man, are not planned by forest managers and do not occur under controlled conditions. They can be relatively tame, covering only a few hectares and burning...

4 Steps to Combat Malware Enterprisewide

ERIC Educational Resources Information Center

Zeltser, Lenny

2011-01-01

Too often, organizations make the mistake of treating malware infections as a series of independent occurrences. Each time a malicious program is discovered, IT simply cleans up or rebuilds the affected host, and then moves on with routine operational tasks. Yet, this approach doesn't allow the institution to keep up with the increasingly…

Transformative Rendering of Internet Resources

DTIC Science & Technology

2012-10-01

4 Securing WiFi Connections...comes from legitimate web sites that have themselves been hacked . There is no way of anticipating which of these sites have been hacked and therefore...pose a security threat to visitors. The purpose of most of this web page hacking is to plant malicious code on the web site that will attack any

Caught on Camera: Special Education Classrooms and Video Surveillance

ERIC Educational Resources Information Center

Heintzelman, Sara C.; Bathon, Justin M.

2017-01-01

In Texas, state policy anticipates that installing video cameras in special education classrooms will decrease student abuse inflicted by teachers. Lawmakers assume that collecting video footage will prevent teachers from engaging in malicious actions and prosecute those who choose to harm children. At the request of a parent, Section 29.022 of…

MalWebID-Autodetection and Identification of Malicious Web Hosts Through Live Traffic Analysis

DTIC Science & Technology

2013-03-01

blogs, video services, and popular social media sites. In December 2000, there were near 361 million Internet users and by the end of December 2012...site (i.e., Porn , Rx/Pharmaceutical, illegal activity, etc.) – propagate or contain viruses, spyware, or other harmful programs, participate in spamming

3 CFR 8427 - Proclamation 8427 of October 1, 2009. National Cybersecurity Awareness Month, 2009

Code of Federal Regulations, 2010 CFR

2010-01-01

... solutions at work and at home. Our Nation’s growing dependence on cyber and information-related technologies, coupled with an increasing threat of malicious cyber attacks and loss of privacy, has given rise to the... digital infrastructures. Cyber attacks and their viral ability to infect networks, devices, and software...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

TIUPAM: A Framework for Trustworthiness-Centric Information Sharing

NASA Astrophysics Data System (ADS)

Xu, Shouhuai; Sandhu, Ravi; Bertino, Elisa

Information is essential to decision making. Nowadays, decision makers are often overwhelmed with large volumes of information, some of which may be inaccurate, incorrect, inappropriate, misleading, or maliciously introduced. With the advocated shift of information sharing paradigm from “need to know” to “need to share” this problem will be further compounded. This poses the challenge of achieving assured information sharing so that decision makers can always get and utilize the up-to-date information for making the right decisions, despite the existence of malicious attacks and without breaching privacy of honest participants. As a first step towards answering this challenge this paper proposes a systematic framework we call TIUPAM, which stands for “Trustworthiness-centric Identity, Usage, Provenance, and Attack Management.” The framework is centered at the need of trustworthiness and risk management for decision makers, and supported by four key components: identity management, usage management, provenance management and attack management. We explore the characterization of both the core functions and the supporting components in the TIUPAM framework, which may guide the design and realization of concrete schemes in the future.

Index of cyber integrity

NASA Astrophysics Data System (ADS)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

A Secure Trust Establishment Scheme for Wireless Sensor Networks

PubMed Central

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2014-01-01

Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior. PMID:24451471

Privacy preservation and authentication on secure geographical routing in VANET

NASA Astrophysics Data System (ADS)

Punitha, A.; Manickam, J. Martin Leo

2017-05-01

Vehicular Ad hoc Networks (VANETs) play an important role in vehicle-to-vehicle communication as it offers a high level of safety and convenience to drivers. In order to increase the level of security and safety in VANETs, in this paper, we propose a Privacy Preservation and Authentication on Secure Geographical Routing Protocol (PPASGR) for VANET. It provides security by detecting and preventing malicious nodes through two directional antennas such as forward (f-antenna) and backward (b-antenna). The malicious nodes are detected by direction detection, consistency detection and conflict detection. The location of the trusted neighbour is identified using TNT-based location verification scheme after the implementation of the Vehicle Tamper Proof Device (VTPD), Trusted Authority (TA) is generated that produces the anonymous credentials. Finally, VTPD generates pseudo-identity using TA which retrieves the real identity of the sender. Through this approach, the authentication, integrity and confidentiality for routing packets can be achieved. The simulation results show that the proposed approach reduces the packet drop due to attack and improves the packet delivery ratio.

Ultrabroadband photonic internet: safety aspects

NASA Astrophysics Data System (ADS)

Kalicki, Arkadiusz; Romaniuk, Ryszard

2008-11-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. There are several techniques to mitigate attacks. Most important are web application strong design, correct input validation, defined data types for each field and parameterized statements in SQL queries. Server hardening with firewall, modern security policies systems and safe web framework interpreter configuration are essential. It is advised to keep proper security level on client side, keep updated software and install personal web firewalls or IDS/IPS systems. Good habits are logging out from services just after finishing work and using even separate web browser for most important sites, like e-banking.

Microorganisms: Good or Evil, MIRRI Provides Biosecurity Awareness.

PubMed

Smith, David; Martin, Dunja; Novossiolova, Tatyana

2017-03-01

The life-science community is a key stakeholder in the effort to ensure that the advances in biotechnology are not misused. Unfortunately, to date, the engagement of life scientists with issues of biosecurity has been limited. Microorganisms have been harnessed for the benefit of humankind but in the wrong hands could be used in direct or indirect acts against humans, livestock, crops, food, water infrastructure and other economically valuable entities. The Microbial Resources Research Infrastructure in its preparatory phase has addressed the topic implementing a code of conduct as part of its programme of prevention of malicious use and continues to work with the international community to raise awareness of best practice to avoid misuse of microorganisms. Biosecurity has become a major concern for several countries creating numerous activities to put in place counter measures, risk assessment, legislation and emergency response. The goal is to implement measures to protect us against malicious use of microorganisms, their products, information and technology transfer. Through this paper, we wish to discuss some of the activities that are underway, mention key educational tools and provide scientists with information on addressing biosecurity issues.

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

Security Assessment of Cyberphysical Digital Microfluidic Biochips.

PubMed

Ali, Sk Subidh; Ibrahim, Mohamed; Sinanoglu, Ozgur; Chakrabarty, Krishnendu; Karri, Ramesh

2016-01-01

A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.

Pose Invariant Face Recognition Based on Hybrid Dominant Frequency Features

NASA Astrophysics Data System (ADS)

Wijaya, I. Gede Pasek Suta; Uchimura, Keiichi; Hu, Zhencheng

Face recognition is one of the most active research areas in pattern recognition, not only because the face is a human biometric characteristics of human being but also because there are many potential applications of the face recognition which range from human-computer interactions to authentication, security, and surveillance. This paper presents an approach to pose invariant human face image recognition. The proposed scheme is based on the analysis of discrete cosine transforms (DCT) and discrete wavelet transforms (DWT) of face images. From both the DCT and DWT domain coefficients, which describe the facial information, we build compact and meaningful features vector, using simple statistical measures and quantization. This feature vector is called as the hybrid dominant frequency features. Then, we apply a combination of the L2 and Lq metric to classify the hybrid dominant frequency features to a person's class. The aim of the proposed system is to overcome the high memory space requirement, the high computational load, and the retraining problems of previous methods. The proposed system is tested using several face databases and the experimental results are compared to a well-known Eigenface method. The proposed method shows good performance, robustness, stability, and accuracy without requiring geometrical normalization. Furthermore, the purposed method has low computational cost, requires little memory space, and can overcome retraining problem.

Quantum And Relativistic Protocols For Secure Multi-Party Computation

NASA Astrophysics Data System (ADS)

Colbeck, Roger

2009-11-01

After a general introduction, the thesis is divided into four parts. In the first, we discuss the task of coin tossing, principally in order to highlight the effect different physical theories have on security in a straightforward manner, but, also, to introduce a new protocol for non-relativistic strong coin tossing. This protocol matches the security of the best protocol known to date while using a conceptually different approach to achieve the task. In the second part variable bias coin tossing is introduced. This is a variant of coin tossing in which one party secretly chooses one of two biased coins to toss. It is shown that this can be achieved with unconditional security for a specified range of biases, and with cheat-evident security for any bias. We also discuss two further protocols which are conjectured to be unconditionally secure for any bias. The third section looks at other two-party secure computations for which, prior to our work, protocols and no-go theorems were unknown. We introduce a general model for such computations, and show that, within this model, a wide range of functions are impossible to compute securely. We give explicit cheating attacks for such functions. In the final chapter we discuss the task of expanding a private random string, while dropping the usual assumption that the protocol's user trusts her devices. Instead we assume that all quantum devices are supplied by an arbitrarily malicious adversary. We give two protocols that we conjecture securely perform this task. The first allows a private random string to be expanded by a finite amount, while the second generates an arbitrarily large expansion of such a string.

Introduction

NASA Astrophysics Data System (ADS)

Thoma, Klaus; Hiller, Daniel

Security research as a practical discipline has a long-standing history. Faced with myriad hazards throughout its past, mankind has developed sophisticated means to counter such threats. The latter include natural disasters such as earthquakes, floods and fires, but also encompass man-made hazards such as military aggression, terrorist attacks or threats resulting from the malicious application of technological developments. Since the end of the Cold War major armed conflicts between nations of the Western hemisphere have become highly unlikely and genuinely different security issues have become the focus of concern. The terrorist attacks of 2001 against the United States, the train bombings of Madrid in 2004 and the bombings of London in 2005 were horrific embodiments of a new security environment that has evolved on a global scale. One could list numerous other examples of both executed attacks and successfully deterred attempts from around the world. Our modern industrial societies are interlinked with infrastructure networks, providing citizens with mobility, energy and information flows, which also open the door to a whole new dimension of vulnerabilities. Security research, once anything but a practical discipline with a capacity for reacting to short-term demands, has in the span of only a few years evolved into an entirely new scientific discipline uniting various fields of research. Today, security research (in Europe) encompasses a broad community of natural/engineering and social sciences.

Performance improvement of continuous-variable quantum key distribution with an entangled source in the middle via photon subtraction

NASA Astrophysics Data System (ADS)

Guo, Ying; Liao, Qin; Wang, Yijun; Huang, Duan; Huang, Peng; Zeng, Guihua

2017-03-01

A suitable photon-subtraction operation can be exploited to improve the maximal transmission of continuous-variable quantum key distribution (CVQKD) in point-to-point quantum communication. Unfortunately, the photon-subtraction operation faces solving the improvement transmission problem of practical quantum networks, where the entangled source is located in the third part, which may be controlled by a malicious eavesdropper, instead of in one of the trusted parts, controlled by Alice or Bob. In this paper, we show that a solution can come from using a non-Gaussian operation, in particular, the photon-subtraction operation, which provides a method to enhance the performance of entanglement-based (EB) CVQKD. Photon subtraction not only can lengthen the maximal transmission distance by increasing the signal-to-noise rate but also can be easily implemented with existing technologies. Security analysis shows that CVQKD with an entangled source in the middle (ESIM) from applying photon subtraction can well increase the secure transmission distance in both direct and reverse reconciliations of the EB-CVQKD scheme, even if the entangled source originates from an untrusted part. Moreover, it can defend against the inner-source attack, which is a specific attack by an untrusted entangled source in the framework of ESIM.

Software Systems for High-performance Quantum Computing

DOE Office of Scientific and Technical Information (OSTI.GOV)

Humble, Travis S; Britt, Keith A

Quantum computing promises new opportunities for solving hard computational problems, but harnessing this novelty requires breakthrough concepts in the design, operation, and application of computing systems. We define some of the challenges facing the development of quantum computing systems as well as software-based approaches that can be used to overcome these challenges. Following a brief overview of the state of the art, we present models for the quantum programming and execution models, the development of architectures for hybrid high-performance computing systems, and the realization of software stacks for quantum networking. This leads to a discussion of the role that conventionalmore » computing plays in the quantum paradigm and how some of the current challenges for exascale computing overlap with those facing quantum computing.« less

Experiences of HIV-related stigma among HIV-positive older persons in Uganda – a mixed methods analysis

PubMed Central

Kuteesa, Monica O.; Wright, Stuart; Seeley, Janet; Mugisha, Joseph; Kinyanda, Eugene; Kakembo, Frederick; Mwesigwa, Richard; Scholten, Francis

2014-01-01

Abstract There is limited data on stigma among older HIV-infected adults in sub-Saharan Africa. We describe the experiences of stigma and disclosure in a cohort of HIV-positive older people in Uganda. Using data from the Wellbeing of Older Peoples' Study of Kalungu (rural site) and Wakiso district (peri-urban site) residents, we measured self-reported stigma levels for 183 respondents (94 on antiretroviral therapy (ART); 88, not on ART) using a stigma score generated using three questions on stigma perceptions where 0 meant no stigma at all and 100 was maximum stigma. Based on two questions on disclosure, an overall score was computed. High disclosure was assigned to those who often or very often disclosed to the family and were never or seldom afraid to disclose elsewhere. We examined the experiences of HIV stigma of 25 adults (52% females) using semi-structured, open-ended interviews and monthly oral diaries over one year. Mean age of the respondents was 70 years (range 60–80 years) and 80% of all respondents were enrolled in ART. Interview transcripts were analysed using thematic content analysis. Overall, 55% of respondents had a high disclosure score, meaning they disclosed easily, and 47% had a high stigma score. The stigma scores were similar among those with high and low disclosure scores. In multivariate analyses with disclosure and stigma scores as dependent variables none of the respondents' characteristics had a significant effect at the 5% level. Qualitative data revealed that stigma ranges from: (1) perceptions (relatively passive, but leading to behaviour such as gossip, especially if not intended maliciously); to (2) discriminatory behaviour (active or enacted stigma; from malicious gossip to outright discrimination). Despite the relatively high levels of disclosure, older people suffer from high levels of stigma of various forms apart from HIV-related stigma. Efforts to assess for different forms of stigma at an individual level deserve greater attention from service providers and researchers, and must be context specific. PMID:25053275

FORCEnet Net Centric Architecture - A Standards View

DTIC Science & Technology

2006-06-01

SHARED SERVICES NETWORKING/COMMUNICATIONS STORAGE COMPUTING PLATFORM DATA INTERCHANGE/INTEGRATION DATA MANAGEMENT APPLICATION...R V I C E P L A T F O R M S E R V I C E F R A M E W O R K USER-FACING SERVICES SHARED SERVICES NETWORKING/COMMUNICATIONS STORAGE COMPUTING PLATFORM...E F R A M E W O R K USER-FACING SERVICES SHARED SERVICES NETWORKING/COMMUNICATIONS STORAGE COMPUTING PLATFORM DATA INTERCHANGE/INTEGRATION

Differential effects of face-realism and emotion on event-related brain potentials and their implications for the uncanny valley theory

NASA Astrophysics Data System (ADS)

Schindler, Sebastian; Zell, Eduard; Botsch, Mario; Kissler, Johanna

2017-03-01

Cartoon characters are omnipresent in popular media. While few studies have scientifically investigated their processing, in computer graphics, efforts are made to increase realism. Yet, close approximations of reality have been suggested to evoke sometimes a feeling of eeriness, the “uncanny valley” effect. Here, we used high-density electroencephalography to investigate brain responses to professionally stylized happy, angry, and neutral character faces. We employed six face-stylization levels varying from abstract to realistic and investigated the N170, early posterior negativity (EPN), and late positive potential (LPP) event-related components. The face-specific N170 showed a u-shaped modulation, with stronger reactions towards both most abstract and most realistic compared to medium-stylized faces. For abstract faces, N170 was generated more occipitally than for real faces, implying stronger reliance on structural processing. Although emotional faces elicited highest amplitudes on both N170 and EPN, on the N170 realism and expression interacted. Finally, LPP increased linearly with face realism, reflecting activity increase in visual and parietal cortex for more realistic faces. Results reveal differential effects of face stylization on distinct face processing stages and suggest a perceptual basis to the uncanny valley hypothesis. They are discussed in relation to face perception, media design, and computer graphics.

Differential effects of face-realism and emotion on event-related brain potentials and their implications for the uncanny valley theory

PubMed Central

Schindler, Sebastian; Zell, Eduard; Botsch, Mario; Kissler, Johanna

2017-01-01

Cartoon characters are omnipresent in popular media. While few studies have scientifically investigated their processing, in computer graphics, efforts are made to increase realism. Yet, close approximations of reality have been suggested to evoke sometimes a feeling of eeriness, the “uncanny valley” effect. Here, we used high-density electroencephalography to investigate brain responses to professionally stylized happy, angry, and neutral character faces. We employed six face-stylization levels varying from abstract to realistic and investigated the N170, early posterior negativity (EPN), and late positive potential (LPP) event-related components. The face-specific N170 showed a u-shaped modulation, with stronger reactions towards both most abstract and most realistic compared to medium-stylized faces. For abstract faces, N170 was generated more occipitally than for real faces, implying stronger reliance on structural processing. Although emotional faces elicited highest amplitudes on both N170 and EPN, on the N170 realism and expression interacted. Finally, LPP increased linearly with face realism, reflecting activity increase in visual and parietal cortex for more realistic faces. Results reveal differential effects of face stylization on distinct face processing stages and suggest a perceptual basis to the uncanny valley hypothesis. They are discussed in relation to face perception, media design, and computer graphics. PMID:28332557

Convolutional neural networks and face recognition task

NASA Astrophysics Data System (ADS)

Sochenkova, A.; Sochenkov, I.; Makovetskii, A.; Vokhmintsev, A.; Melnikov, A.

2017-09-01

Computer vision tasks are remaining very important for the last couple of years. One of the most complicated problems in computer vision is face recognition that could be used in security systems to provide safety and to identify person among the others. There is a variety of different approaches to solve this task, but there is still no universal solution that would give adequate results in some cases. Current paper presents following approach. Firstly, we extract an area containing face, then we use Canny edge detector. On the next stage we use convolutional neural networks (CNN) to finally solve face recognition and person identification task.

The associations among computer-mediated communication, relationships, and well-being.

PubMed

Schiffrin, Holly; Edelman, Anna; Falkenstern, Melissa; Stewart, Cassandra

2010-06-01

Social support provided by interpersonal relationships is one of the most robust correlates of well-being. Self-disclosure serves as a basic building block of these relationships. With the rapid growth of the Internet in recent years, the question remains how self-disclosure, and subsequently relationships and well-being, differ when people communicate over the Internet rather than in person. The purpose of this article is to describe current Internet usage patterns as well as explore the association of Internet usage and well-being. Additionally, it directly compares the perceived benefits of face-to-face communication and computer-mediated communication. A questionnaire was administered to 99 undergraduates to measure Internet usage patterns, communication partners, self-disclosure, extraversion, and subjective well-being. Although Internet communication was found to be common, individuals perceived computer-mediated communication to be less useful than face-to-face communication. In addition, increased Internet usage was associated with decreased well-being. Implications are discussed in terms of a new Internet paradox in which people increasingly use the Internet for communication, although they perceive it to be less beneficial than face-to-face interactions and it is associated with reduced well-being.

An Efficient ERP-Based Brain-Computer Interface Using Random Set Presentation and Face Familiarity

PubMed Central

Müller, Klaus-Robert; Lee, Seong-Whan

2014-01-01

Event-related potential (ERP)-based P300 spellers are commonly used in the field of brain-computer interfaces as an alternative channel of communication for people with severe neuro-muscular diseases. This study introduces a novel P300 based brain-computer interface (BCI) stimulus paradigm using a random set presentation pattern and exploiting the effects of face familiarity. The effect of face familiarity is widely studied in the cognitive neurosciences and has recently been addressed for the purpose of BCI. In this study we compare P300-based BCI performances of a conventional row-column (RC)-based paradigm with our approach that combines a random set presentation paradigm with (non-) self-face stimuli. Our experimental results indicate stronger deflections of the ERPs in response to face stimuli, which are further enhanced when using the self-face images, and thereby improving P300-based spelling performance. This lead to a significant reduction of stimulus sequences required for correct character classification. These findings demonstrate a promising new approach for improving the speed and thus fluency of BCI-enhanced communication with the widely used P300-based BCI setup. PMID:25384045

An efficient ERP-based brain-computer interface using random set presentation and face familiarity.

PubMed

Yeom, Seul-Ki; Fazli, Siamac; Müller, Klaus-Robert; Lee, Seong-Whan

2014-01-01

Event-related potential (ERP)-based P300 spellers are commonly used in the field of brain-computer interfaces as an alternative channel of communication for people with severe neuro-muscular diseases. This study introduces a novel P300 based brain-computer interface (BCI) stimulus paradigm using a random set presentation pattern and exploiting the effects of face familiarity. The effect of face familiarity is widely studied in the cognitive neurosciences and has recently been addressed for the purpose of BCI. In this study we compare P300-based BCI performances of a conventional row-column (RC)-based paradigm with our approach that combines a random set presentation paradigm with (non-) self-face stimuli. Our experimental results indicate stronger deflections of the ERPs in response to face stimuli, which are further enhanced when using the self-face images, and thereby improving P300-based spelling performance. This lead to a significant reduction of stimulus sequences required for correct character classification. These findings demonstrate a promising new approach for improving the speed and thus fluency of BCI-enhanced communication with the widely used P300-based BCI setup.

An evaluation of a solution focused computer game in adolescent interventions.

PubMed

Coyle, David; Doherty, Gavin; Sharry, John

2009-07-01

Many adolescents experience difficulties with traditional face-to-face mental health care approaches. Personal Investigator (PI) is a 3D computer game specifically designed for use in adolescent interventions. The game implements a model of Solution Focused Therapy. It aims to assist in easing the difficulties experienced by adolescents with direct face-to-face approaches. In sessions a therapist and adolescent sit together at a computer and play PI. Issues raised in the game serve as a context for more detailed discussions between the therapist and client. This article describes a study in which PI was used with 22 adolescent clients, attending mental health care services due to a variety of difficulties. Whilst further trials are required, results indicate positive benefits of using PI. PI can help in building an effective client-therapist relationship, can assist in structuring sessions, and can assist in improving client engagement in the therapeutic process.

Combating QR-Code-Based Compromised Accounts in Mobile Social Networks.

PubMed

Guo, Dong; Cao, Jian; Wang, Xiaoqi; Fu, Qiang; Li, Qiang

2016-09-20

Cyber Physical Social Sensing makes mobile social networks (MSNs) popular with users. However, such attacks are rampant as malicious URLs are spread covertly through quick response (QR) codes to control compromised accounts in MSNs to propagate malicious messages. Currently, there are generally two types of methods to identify compromised accounts in MSNs: one type is to analyze the potential threats on wireless access points and the potential threats on handheld devices' operation systems so as to stop compromised accounts from spreading malicious messages; the other type is to apply the method of detecting compromised accounts in online social networks to MSNs. The above types of methods above focus neither on the problems of MSNs themselves nor on the interaction of sensors' messages, which leads to the restrictiveness of platforms and the simplification of methods. In order to stop the spreading of compromised accounts in MSNs effectively, the attacks have to be traced to their sources first. Through sensors, users exchange information in MSNs and acquire information by scanning QR codes. Therefore, analyzing the traces of sensor-related information helps to identify the compromised accounts in MSNs. This paper analyzes the diversity of information sending modes of compromised accounts and normal accounts, analyzes the regularity of GPS (Global Positioning System)-based location information, and introduces the concepts of entropy and conditional entropy so as to construct an entropy-based model based on machine learning strategies. To achieve the goal, about 500,000 accounts of Sina Weibo and about 100 million corresponding messages are collected. Through the validation, the accuracy rate of the model is proved to be as high as 87.6%, and the false positive rate is only 3.7%. Meanwhile, the comparative experiments of the feature sets prove that sensor-based location information can be applied to detect the compromised accounts in MSNs.

Combating QR-Code-Based Compromised Accounts in Mobile Social Networks

PubMed Central

Guo, Dong; Cao, Jian; Wang, Xiaoqi; Fu, Qiang; Li, Qiang

2016-01-01

Cyber Physical Social Sensing makes mobile social networks (MSNs) popular with users. However, such attacks are rampant as malicious URLs are spread covertly through quick response (QR) codes to control compromised accounts in MSNs to propagate malicious messages. Currently, there are generally two types of methods to identify compromised accounts in MSNs: one type is to analyze the potential threats on wireless access points and the potential threats on handheld devices’ operation systems so as to stop compromised accounts from spreading malicious messages; the other type is to apply the method of detecting compromised accounts in online social networks to MSNs. The above types of methods above focus neither on the problems of MSNs themselves nor on the interaction of sensors’ messages, which leads to the restrictiveness of platforms and the simplification of methods. In order to stop the spreading of compromised accounts in MSNs effectively, the attacks have to be traced to their sources first. Through sensors, users exchange information in MSNs and acquire information by scanning QR codes. Therefore, analyzing the traces of sensor-related information helps to identify the compromised accounts in MSNs. This paper analyzes the diversity of information sending modes of compromised accounts and normal accounts, analyzes the regularity of GPS (Global Positioning System)-based location information, and introduces the concepts of entropy and conditional entropy so as to construct an entropy-based model based on machine learning strategies. To achieve the goal, about 500,000 accounts of Sina Weibo and about 100 million corresponding messages are collected. Through the validation, the accuracy rate of the model is proved to be as high as 87.6%, and the false positive rate is only 3.7%. Meanwhile, the comparative experiments of the feature sets prove that sensor-based location information can be applied to detect the compromised accounts in MSNs. PMID:27657071

Constructing a Deconstructed Campus: Instructional Design as Vital Bricks and Mortar

ERIC Educational Resources Information Center

Ross, Steven M.; Morrison, Gary R.

2012-01-01

In this rejoinder to Mazoue ("J Comput High Educ," 2012) article, "the deconstructed campus," we react to his arguments regarding the replacement of face-to-face teaching on college campuses with computer-supported approaches, including on-line learning, intelligent cognitive tutors, and open-ended learning environments where, rather than being…

A Computer Game-Based Method for Studying Bullying and Cyberbullying

ERIC Educational Resources Information Center

Mancilla-Caceres, Juan F.; Espelage, Dorothy; Amir, Eyal

2015-01-01

Even though previous studies have addressed the relation between face-to-face bullying and cyberbullying, none have studied both phenomena simultaneously. In this article, we present a computer game-based method to study both types of peer aggression among youth. Study participants included fifth graders (N = 93) in two U.S. Midwestern middle…

Computer tools for face seal analyses developed at John Crane

NASA Technical Reports Server (NTRS)

Wu, Shifeng

1994-01-01

The purposes of the computer tools for face seal analysis are new product optimization, existing seals on new applications, existing seals on off-duty conditions, and trouble-shooting. Discussed in this viewgraph presentation are interface forces, friction/heat generation, heat transfer/temperature distribution, axisymmetric pressure/thermal distortion, leakage, and an example case.

How To Achieve Better Impressions in Computer-Mediated Communication?

ERIC Educational Resources Information Center

Liu, Yuliang; Ginther, Dean

This paper presents a review of the literature on impression formation in face-to-face (FtF) and computer-mediated communication (CMC) and provides impression management recommendations for CMC users in a variety of environments. The first section provides an introduction to impression formation. Factors affecting impression formation in FtF and…

Anticipated Ongoing Interaction versus Channel Effects of Relational Communication in Computer-Mediated Interaction.

ERIC Educational Resources Information Center

Walther, Joseph B.

1994-01-01

Assesses the related effects of anticipated future interaction and different communication media (computer-mediated versus face-to-face communication) on the communication of relational intimacy and composure. Shows that the assignment of long-term versus short-term partnerships has a larger impact on anticipated future interaction reported by…

The Disclosure-Intimacy Link in Computer-Mediated Communication: An Attributional Extension of the Hyperpersonal Model

ERIC Educational Resources Information Center

Jiang, L. Crystal; Bazarova, Natalie N.; Hancock, Jeffrey T.

2011-01-01

The present research investigated whether the attribution process through which people explain self-disclosures differs in text-based computer-mediated interactions versus face to face, and whether differences in causal attributions account for the increased intimacy frequently observed in mediated communication. In the experiment participants…

Software Application for Computer Aided Vocabulary Learning in a Blended Learning Environment

ERIC Educational Resources Information Center

Essam, Rasha

2010-01-01

This study focuses on the effect of computer-aided vocabulary learning software called "ArabCAVL" on students' vocabulary acquisition. It was hypothesized that students who use the ArabCAVL software in blended learning environment will surpass students who use traditional vocabulary learning strategies in face-to-face learning…

Risk in the Clouds?: Security Issues Facing Government Use of Cloud Computing

NASA Astrophysics Data System (ADS)

Wyld, David C.

Cloud computing is poised to become one of the most important and fundamental shifts in how computing is consumed and used. Forecasts show that government will play a lead role in adopting cloud computing - for data storage, applications, and processing power, as IT executives seek to maximize their returns on limited procurement budgets in these challenging economic times. After an overview of the cloud computing concept, this article explores the security issues facing public sector use of cloud computing and looks to the risk and benefits of shifting to cloud-based models. It concludes with an analysis of the challenges that lie ahead for government use of cloud resources.

Training facial expression production in children on the autism spectrum.

PubMed

Gordon, Iris; Pierce, Matthew D; Bartlett, Marian S; Tanaka, James W

2014-10-01

Children with autism spectrum disorder (ASD) show deficits in their ability to produce facial expressions. In this study, a group of children with ASD and IQ-matched, typically developing (TD) children were trained to produce "happy" and "angry" expressions with the FaceMaze computer game. FaceMaze uses an automated computer recognition system that analyzes the child's facial expression in real time. Before and after playing the Angry and Happy versions of FaceMaze, children posed "happy" and "angry" expressions. Naïve raters judged the post-FaceMaze "happy" and "angry" expressions of the ASD group as higher in quality than their pre-FaceMaze productions. Moreover, the post-game expressions of the ASD group were rated as equal in quality as the expressions of the TD group.

Fast hierarchical knowledge-based approach for human face detection in color images

NASA Astrophysics Data System (ADS)

Jiang, Jun; Gong, Jie; Zhang, Guilin; Hu, Ruolan

2001-09-01

This paper presents a fast hierarchical knowledge-based approach for automatically detecting multi-scale upright faces in still color images. The approach consists of three levels. At the highest level, skin-like regions are determinated by skin model, which is based on the color attributes hue and saturation in HSV color space, as well color attributes red and green in normalized color space. In level 2, a new eye model is devised to select human face candidates in segmented skin-like regions. An important feature of the eye model is that it is independent of the scale of human face. So it is possible for finding human faces in different scale with scanning image only once, and it leads to reduction the computation time of face detection greatly. In level 3, a human face mosaic image model, which is consistent with physical structure features of human face well, is applied to judge whether there are face detects in human face candidate regions. This model includes edge and gray rules. Experiment results show that the approach has high robustness and fast speed. It has wide application perspective at human-computer interactions and visual telephone etc.

Embedded wavelet-based face recognition under variable position

NASA Astrophysics Data System (ADS)

Cotret, Pascal; Chevobbe, Stéphane; Darouich, Mehdi

2015-02-01

For several years, face recognition has been a hot topic in the image processing field: this technique is applied in several domains such as CCTV, electronic devices delocking and so on. In this context, this work studies the efficiency of a wavelet-based face recognition method in terms of subject position robustness and performance on various systems. The use of wavelet transform has a limited impact on the position robustness of PCA-based face recognition. This work shows, for a well-known database (Yale face database B*), that subject position in a 3D space can vary up to 10% of the original ROI size without decreasing recognition rates. Face recognition is performed on approximation coefficients of the image wavelet transform: results are still satisfying after 3 levels of decomposition. Furthermore, face database size can be divided by a factor 64 (22K with K = 3). In the context of ultra-embedded vision systems, memory footprint is one of the key points to be addressed; that is the reason why compression techniques such as wavelet transform are interesting. Furthermore, it leads to a low-complexity face detection stage compliant with limited computation resources available on such systems. The approach described in this work is tested on three platforms from a standard x86-based computer towards nanocomputers such as RaspberryPi and SECO boards. For K = 3 and a database with 40 faces, the execution mean time for one frame is 0.64 ms on a x86-based computer, 9 ms on a SECO board and 26 ms on a RaspberryPi (B model).

SMARTbot: A Behavioral Analysis Framework Augmented with Machine Learning to Identify Mobile Botnet Applications

PubMed Central

Karim, Ahmad; Salleh, Rosli; Khan, Muhammad Khurram

2016-01-01

Botnet phenomenon in smartphones is evolving with the proliferation in mobile phone technologies after leaving imperative impact on personal computers. It refers to the network of computers, laptops, mobile devices or tablets which is remotely controlled by the cybercriminals to initiate various distributed coordinated attacks including spam emails, ad-click fraud, Bitcoin mining, Distributed Denial of Service (DDoS), disseminating other malwares and much more. Likewise traditional PC based botnet, Mobile botnets have the same operational impact except the target audience is particular to smartphone users. Therefore, it is import to uncover this security issue prior to its widespread adaptation. We propose SMARTbot, a novel dynamic analysis framework augmented with machine learning techniques to automatically detect botnet binaries from malicious corpus. SMARTbot is a component based off-device behavioral analysis framework which can generate mobile botnet learning model by inducing Artificial Neural Networks’ back-propagation method. Moreover, this framework can detect mobile botnet binaries with remarkable accuracy even in case of obfuscated program code. The results conclude that, a classifier model based on simple logistic regression outperform other machine learning classifier for botnet apps’ detection, i.e 99.49% accuracy is achieved. Further, from manual inspection of botnet dataset we have extracted interesting trends in those applications. As an outcome of this research, a mobile botnet dataset is devised which will become the benchmark for future studies. PMID:26978523

SMARTbot: A Behavioral Analysis Framework Augmented with Machine Learning to Identify Mobile Botnet Applications.

PubMed

Karim, Ahmad; Salleh, Rosli; Khan, Muhammad Khurram

2016-01-01

Botnet phenomenon in smartphones is evolving with the proliferation in mobile phone technologies after leaving imperative impact on personal computers. It refers to the network of computers, laptops, mobile devices or tablets which is remotely controlled by the cybercriminals to initiate various distributed coordinated attacks including spam emails, ad-click fraud, Bitcoin mining, Distributed Denial of Service (DDoS), disseminating other malwares and much more. Likewise traditional PC based botnet, Mobile botnets have the same operational impact except the target audience is particular to smartphone users. Therefore, it is import to uncover this security issue prior to its widespread adaptation. We propose SMARTbot, a novel dynamic analysis framework augmented with machine learning techniques to automatically detect botnet binaries from malicious corpus. SMARTbot is a component based off-device behavioral analysis framework which can generate mobile botnet learning model by inducing Artificial Neural Networks' back-propagation method. Moreover, this framework can detect mobile botnet binaries with remarkable accuracy even in case of obfuscated program code. The results conclude that, a classifier model based on simple logistic regression outperform other machine learning classifier for botnet apps' detection, i.e 99.49% accuracy is achieved. Further, from manual inspection of botnet dataset we have extracted interesting trends in those applications. As an outcome of this research, a mobile botnet dataset is devised which will become the benchmark for future studies.

DARKDROID: Exposing the Dark Side of Android Marketplaces

DTIC Science & Technology

2016-06-01

Moreover, our approaches can detect apps containing both intentional and unintentional vulnerabilities, such as unsafe code loading mechanisms and...Security, Static Analysis, Dynamic Analysis, Malware Detection , Vulnerability Scanning 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18...applications in a DoD context. ................... 1 1.2.2 Develop sophisticated whole-system static analyses to detect malicious Android applications

Privacy and Integrity in the Untrusted Cloud

DTIC Science & Technology

2012-06-01

TYPE 3. DATES COVERED 00-00-2012 to 00-00-2012 4 . TITLE AND SUBTITLE Privacy and Integrity in the Untrusted Cloud 5a. CONTRACT NUMBER 5b...54 4 Frientegrity 55 4.1 Introduction...but still showing them to the user [105]. This behavior is 4 an example of provider equivocation [74, 67], in which a malicious service presents

The Bystander's Dilemma: How Can We Turn Our Students into Upstanders?

ERIC Educational Resources Information Center

Woglom, Lauren; Pennington, Kim

2010-01-01

While bullying is often accepted as an integral aspect of "growing up," it can have detrimental and lasting effects on its victims. Bullying can occur in a variety of forms, including direct teasing and threatening, the use of physical violence, and in the spreading of malicious gossip and rumors. With the proliferation of new technology, bullying…

Shaping the Bamboo from the Shoot: Elementary Level Character Education in Malaysia

ERIC Educational Resources Information Center

Thambusamy, Roslind; Elier, Adzura Ahmad

2013-01-01

This article emphasizes the importance of introducing/providing character education during the early years of child development in order to raise morally responsive citizens. Noting the rampant acts of violence and malicious crime at a time marked with deep global turmoil in many societies, the authors argue for an exhaustive study of the recently…

Physics Does Thrive under the Strangest of Circumstances

ERIC Educational Resources Information Center

Khoon, Koh Aik; Abd-Shukor, R.; Jalal, Azman; Talib, Ibrahim Abu; Daud, Abdul Razak; Samat, Supian; Yatim, Baharudin; Radiman, Shahidan

2008-01-01

Albert Einstein had famously said that Nature is subtle but not malicious. He should know better because he had unravelled some of the secrets of Nature at a relatively young age as an obscure patent clerk working in isolation. This paper tells of stories of other scientists who had also made ground-breaking discoveries in forced or self-imposed…

Malicious Use of Technology: What Schools, Parents, and Teachers Can Do to Prevent Cyberbullying

ERIC Educational Resources Information Center

Morgan, Hani

2013-01-01

In today's hyper-connected world, children's exposure to technology as a tool to communicate, learn, and socialize has increased exponentially. As teachers and parents recognize the demands for increased use of technology among young children, they should be able to identify and address the challenges associated with such exposure. Cyberbullying,…

Cyber Exercise Playbook

DTIC Science & Technology

2014-11-01

unclassified tools and techniques that can be shared with PNs, to include social engineering, spear phishing , fake web sites, physical access attempts, and...and instead rely on commercial services such as Yahoo or Google . Some nations have quite advanced cyber security practices, but may take vastly...unauthorized access to data/systems Inject external network scanning, email phishing , malicious website access, social engineering Sample

A Software Assurance Framework for Mitigating the Risks of Malicious Software in Embedded Systems Used in Aircraft

DTIC Science & Technology

2011-09-01

to show cryptographic signature # generation on a UNIX system # SHA=/bin/ sha256 CSDB=/tmp/csdb CODEBASE=. touch "$CSDB" find "$CODEBASE" -type f...artifacts generated earlier. 81 #! /bin/sh # # Demo program to show cryptographic signature # verification on a UNIX system # SHA=/bin/ sha256 CSDB=/tmp

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2010 CFR

2010-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2011 CFR

2011-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2012 CFR

2012-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2013 CFR

2013-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2014 CFR

2014-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

Building Trust-Based Sustainable Networks

DTIC Science & Technology

2013-06-05

entities to build sustainable networks with limited resources or misbehaving entities by learning from the lessons in the social sciences. We discuss...their individuality); and ■ Misbehaving nodes in terms of environmental, economic, and social perspectives. The sustainable network concerns...equitable access to particular services which are otherwise abused by misbehaving or malicious users. Such approaches provide a fair and

The Insider Threat Security Architecture: An Integrated, Inseparable, and Uninterrupted Self-Protection Autonomic Framework

ERIC Educational Resources Information Center

Jabbour, Ghassan

2010-01-01

The increasing proliferation of globally interconnected complex information systems has elevated the magnitude of attacks and the level of damage that they inflict on such systems. This open environment of intertwined financial, medical, defense, and other systems has attracted hackers to increase their malicious activities to cause harm or to…

Comparing Online to Face-To-Face Delivery of Undergraduate Digital Circuits Content

ERIC Educational Resources Information Center

LaMeres, Brock J.; Plumb, Carolyn

2014-01-01

This paper presents a comparison of online to traditional face-to-face delivery of undergraduate digital systems material. Two specific components of digital content were compared and evaluated: a sophomore logic circuits course with no laboratory, and a microprocessor laboratory component of a junior-level computer systems course. For each of…

A Comparison of Web-Based and Face-to-Face Functional Measurement Experiments

ERIC Educational Resources Information Center

Van Acker, Frederik; Theuns, Peter

2010-01-01

Information Integration Theory (IIT) is concerned with how people combine information into an overall judgment. A method is hereby presented to perform Functional Measurement (FM) experiments, the methodological counterpart of IIT, on the Web. In a comparison of Web-based FM experiments, face-to-face experiments, and computer-based experiments in…

Three-Dimensional Computer-Assisted Two-Layer Elastic Models of the Face.

PubMed

Ueda, Koichi; Shigemura, Yuka; Otsuki, Yuki; Fuse, Asuka; Mitsuno, Daisuke

2017-11-01

To make three-dimensional computer-assisted elastic models for the face, we decided on five requirements: (1) an elastic texture like skin and subcutaneous tissue; (2) the ability to take pen marking for incisions; (3) the ability to be cut with a surgical knife; (4) the ability to keep stitches in place for a long time; and (5) a layered structure. After testing many elastic solvents, we have made realistic three-dimensional computer-assisted two-layer elastic models of the face and cleft lip from the computed tomographic and magnetic resonance imaging stereolithographic data. The surface layer is made of polyurethane and the inner layer is silicone. Using this elastic model, we taught residents and young doctors how to make several typical local flaps and to perform cheiloplasty. They could experience realistic simulated surgery and understand three-dimensional movement of the flaps.

Establishing an Empirical Link between Computer-Mediated Communication (CMC) and SLA: A Meta-Analysis of the Research

ERIC Educational Resources Information Center

Lin, Huifen

2014-01-01

Drawing on interactionist and socio-cultural theories, tools provided in computer-mediated communication (CMC) environments have long been considered able to create an environment that shares many communicative features with face-to-face communication. Over the past two decades, researchers have employed a variety of strategies to examine the…

Cultural and Global Linkages of Emotional Support through Online Support Groups.

ERIC Educational Resources Information Center

Gary, Juneau Mahan

Computer technology is altering the way people cope with emotional distress. Computers enable people worldwide and from all cultural groups to give and receive emotional support when it may be culturally stigmatizing to seek face-to-face support or when support services are limited or non-existent. Online support groups attract a broad range of…

Using a Virtual Class to Demonstrate Computer-Mediated Group Dynamics Concepts

ERIC Educational Resources Information Center

Franz, Timothy M.; Vicker, Lauren A.

2010-01-01

We report about an active learning demonstration designed to use a virtual class to present computer-mediated group communication course concepts to show that students can learn about these concepts in a virtual class. We designated 1 class period as a virtual rather than face-to-face class, when class members "attended" virtually using…

Low Proficiency Learners in Synchronous Computer-Assisted and Face-to-Face Interactions

ERIC Educational Resources Information Center

Tam, Shu Sim; Kan, Ngat Har; Ng, Lee Luan

2010-01-01

This experimental study offers empirical evidence of the effect of the computer-mediated environment on the linguistic output of low proficiency learners. The subjects were 32 female undergraduates with high and low proficiency in ESL. A within-subject repeated measures concurrent nested QUAN-qual (Creswell, 2003) mixed methods approach was used.…

Impact of the Digital Divide on Computer Use and Internet Access on the Poor in Nigeria

ERIC Educational Resources Information Center

Tayo, Omolara; Thompson, Randall; Thompson, Elizabeth

2016-01-01

We recruited 20 community members in Ido Local Government Area, Oyo state and Yewa Local Government Area, Ogun state in Nigeria to explore experiences and perceptions of Internet access and computer use. Face-to-face interviews were conducted using open-ended questions to collect qualitative data regarding accessibility of information and…

Simulation and visualization of face seal motion stability by means of computer generated movies

NASA Technical Reports Server (NTRS)

Etsion, I.; Auer, B. M.

1980-01-01

A computer aided design method for mechanical face seals is described. Based on computer simulation, the actual motion of the flexibly mounted element of the seal can be visualized. This is achieved by solving the equations of motion of this element, calculating the displacements in its various degrees of freedom vs. time, and displaying the transient behavior in the form of a motion picture. Incorporating such a method in the design phase allows one to detect instabilities and to correct undesirable behavior of the seal. A theoretical background is presented. Details of the motion display technique are described, and the usefulness of the method is demonstrated by an example of a noncontacting conical face seal.

Simulation and visualization of face seal motion stability by means of computer generated movies

NASA Technical Reports Server (NTRS)

Etsion, I.; Auer, B. M.

1981-01-01

A computer aided design method for mechanical face seals is described. Based on computer simulation, the actual motion of the flexibly mounted element of the seal can be visualized. This is achieved by solving the equations of motion of this element, calculating the displacements in its various degrees of freedom vs. time, and displaying the transient behavior in the form of a motion picture. Incorporating such a method in the design phase allows one to detect instabilities and to correct undesirable behavior of the seal. A theoretical background is presented. Details of the motion display technique are described, and the usefulness of the method is demonstrated by an example of a noncontacting conical face seal.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

PubMed Central

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

Securely Measuring the Overlap between Private Datasets with Cryptosets

PubMed Central

Swamidass, S. Joshua; Matlock, Matthew; Rozenblit, Leon

2015-01-01

Many scientific questions are best approached by sharing data—collected by different groups or across large collaborative networks—into a combined analysis. Unfortunately, some of the most interesting and powerful datasets—like health records, genetic data, and drug discovery data—cannot be freely shared because they contain sensitive information. In many situations, knowing if private datasets overlap determines if it is worthwhile to navigate the institutional, ethical, and legal barriers that govern access to sensitive, private data. We report the first method of publicly measuring the overlap between private datasets that is secure under a malicious model without relying on private protocols or message passing. This method uses a publicly shareable summary of a dataset’s contents, its cryptoset, to estimate its overlap with other datasets. Cryptosets approach “information-theoretic” security, the strongest type of security possible in cryptography, which is not even crackable with infinite computing power. We empirically and theoretically assess both the accuracy of these estimates and the security of the approach, demonstrating that cryptosets are informative, with a stable accuracy, and secure. PMID:25714898

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version

PubMed Central

Babu, M. Rajesh; Dian, S. Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things. PMID:26495430

Quantum rewinding via phase estimation

NASA Astrophysics Data System (ADS)

Tabia, Gelo Noel

2015-03-01

In cryptography, the notion of a zero-knowledge proof was introduced by Goldwasser, Micali, and Rackoff. An interactive proof system is said to be zero-knowledge if any verifier interacting with an honest prover learns nothing beyond the validity of the statement being proven. With recent advances in quantum information technologies, it has become interesting to ask if classical zero-knowledge proof systems remain secure against adversaries with quantum computers. The standard approach to show the zero-knowledge property involves constructing a simulator for a malicious verifier that can be rewinded to a previous step when the simulation fails. In the quantum setting, the simulator can be described by a quantum circuit that takes an arbitrary quantum state as auxiliary input but rewinding becomes a nontrivial issue. Watrous proposed a quantum rewinding technique in the case where the simulation's success probability is independent of the auxiliary input. Here I present a more general quantum rewinding scheme that employs the quantum phase estimation algorithm. This work was funded by institutional research grant IUT2-1 from the Estonian Research Council and by the European Union through the European Regional Development Fund.

Image manipulation: Fraudulence in digital dental records: Study and review

PubMed Central

Chowdhry, Aman; Sircar, Keya; Popli, Deepika Bablani; Tandon, Ankita

2014-01-01

Introduction: In present-day times, freely available software allows dentists to tweak their digital records as never before. But, there is a fine line between acceptable enhancements and scientific delinquency. Aims and Objective: To manipulate digital images (used in forensic dentistry) of casts, lip prints, and bite marks in order to highlight tampering techniques and methods of detecting and preventing manipulation of digital images. Materials and Methods: Digital image records of forensic data (casts, lip prints, and bite marks photographed using Samsung Techwin L77 digital camera) were manipulated using freely available software. Results: Fake digital images can be created either by merging two or more digital images, or by altering an existing image. Discussion and Conclusion: Retouched digital images can be used for fraudulent purposes in forensic investigations. However, tools are available to detect such digital frauds, which are extremely difficult to assess visually. Thus, all digital content should mandatorily have attached metadata and preferably watermarking in order to avert their malicious re-use. Also, computer alertness, especially about imaging software's, should be promoted among forensic odontologists/dental professionals. PMID:24696587

The opportunistic transmission of wireless worms between mobile devices

NASA Astrophysics Data System (ADS)

Rhodes, C. J.; Nekovee, M.

2008-12-01

The ubiquity of portable wireless-enabled computing and communications devices has stimulated the emergence of malicious codes (wireless worms) that are capable of spreading between spatially proximal devices. The potential exists for worms to be opportunistically transmitted between devices as they move around, so human mobility patterns will have an impact on epidemic spread. The scenario we address in this paper is proximity attacks from fleetingly in-contact wireless devices with short-range communication range, such as Bluetooth-enabled smart phones. An individual-based model of mobile devices is introduced and the effect of population characteristics and device behaviour on the outbreak dynamics is investigated. The model uses straight-line motion to achieve population, though it is recognised that this is a highly simplified representation of human mobility patterns. We show that the contact rate can be derived from the underlying mobility model and, through extensive simulation, that mass-action epidemic models remain applicable to worm spreading in the low density regime studied here. The model gives useful analytical expressions against which more refined simulations of worm spread can be developed and tested.

Automated intelligent video surveillance system for ships

NASA Astrophysics Data System (ADS)

Wei, Hai; Nguyen, Hieu; Ramu, Prakash; Raju, Chaitanya; Liu, Xiaoqing; Yadegar, Jacob

2009-05-01

To protect naval and commercial ships from attack by terrorists and pirates, it is important to have automatic surveillance systems able to detect, identify, track and alert the crew on small watercrafts that might pursue malicious intentions, while ruling out non-threat entities. Radar systems have limitations on the minimum detectable range and lack high-level classification power. In this paper, we present an innovative Automated Intelligent Video Surveillance System for Ships (AIVS3) as a vision-based solution for ship security. Capitalizing on advanced computer vision algorithms and practical machine learning methodologies, the developed AIVS3 is not only capable of efficiently and robustly detecting, classifying, and tracking various maritime targets, but also able to fuse heterogeneous target information to interpret scene activities, associate targets with levels of threat, and issue the corresponding alerts/recommendations to the man-in- the-loop (MITL). AIVS3 has been tested in various maritime scenarios and shown accurate and effective threat detection performance. By reducing the reliance on human eyes to monitor cluttered scenes, AIVS3 will save the manpower while increasing the accuracy in detection and identification of asymmetric attacks for ship protection.

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version.

PubMed

Babu, M Rajesh; Dian, S Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.

Anomaly-based intrusion detection for SCADA systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, D.; Usynin, A.; Hines, J. W.

2006-07-01

Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper willmore » briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)« less

Evaluating data distribution and drift vulnerabilities of machine learning algorithms in secure and adversarial environments

NASA Astrophysics Data System (ADS)

Nelson, Kevin; Corbin, George; Blowers, Misty

2014-05-01

Machine learning is continuing to gain popularity due to its ability to solve problems that are difficult to model using conventional computer programming logic. Much of the current and past work has focused on algorithm development, data processing, and optimization. Lately, a subset of research has emerged which explores issues related to security. This research is gaining traction as systems employing these methods are being applied to both secure and adversarial environments. One of machine learning's biggest benefits, its data-driven versus logic-driven approach, is also a weakness if the data on which the models rely are corrupted. Adversaries could maliciously influence systems which address drift and data distribution changes using re-training and online learning. Our work is focused on exploring the resilience of various machine learning algorithms to these data-driven attacks. In this paper, we present our initial findings using Monte Carlo simulations, and statistical analysis, to explore the maximal achievable shift to a classification model, as well as the required amount of control over the data.

Uyghur face recognition method combining 2DDCT with POEM

NASA Astrophysics Data System (ADS)

Yi, Lihamu; Ya, Ermaimaiti

2017-11-01

In this paper, in light of the reduced recognition rate and poor robustness of Uyghur face under illumination and partial occlusion, a Uyghur face recognition method combining Two Dimension Discrete Cosine Transform (2DDCT) with Patterns Oriented Edge Magnitudes (POEM) was proposed. Firstly, the Uyghur face images were divided into 8×8 block matrix, and the Uyghur face images after block processing were converted into frequency-domain status using 2DDCT; secondly, the Uyghur face images were compressed to exclude non-sensitive medium frequency parts and non-high frequency parts, so it can reduce the feature dimensions necessary for the Uyghur face images, and further reduce the amount of computation; thirdly, the corresponding POEM histograms of the Uyghur face images were obtained by calculating the feature quantity of POEM; fourthly, the POEM histograms were cascaded together as the texture histogram of the center feature point to obtain the texture features of the Uyghur face feature points; finally, classification of the training samples was carried out using deep learning algorithm. The simulation experiment results showed that the proposed algorithm further improved the recognition rate of the self-built Uyghur face database, and greatly improved the computing speed of the self-built Uyghur face database, and had strong robustness.

A robust human face detection algorithm

NASA Astrophysics Data System (ADS)

Raviteja, Thaluru; Karanam, Srikrishna; Yeduguru, Dinesh Reddy V.

2012-01-01

Human face detection plays a vital role in many applications like video surveillance, managing a face image database, human computer interface among others. This paper proposes a robust algorithm for face detection in still color images that works well even in a crowded environment. The algorithm uses conjunction of skin color histogram, morphological processing and geometrical analysis for detecting human faces. To reinforce the accuracy of face detection, we further identify mouth and eye regions to establish the presence/absence of face in a particular region of interest.

Quasi-one-dimensional compressible flow across face seals and narrow slots. 2: Computer program

NASA Technical Reports Server (NTRS)

Zuk, J.; Smith, P. J.

1972-01-01

A computer program is presented for compressible fluid flow with friction across face seals and through narrow slots. The computer program carries out a quasi-one-dimensional flow analysis which is valid for laminar and turbulent flows under both subsonic and choked flow conditions for parallel surfaces. The program is written in FORTRAN IV. The input and output variables are in either the International System of Units (SI) or the U.S. customary system.

The influence of multiple trials and computer-mediated communication on collaborative and individual semantic recall.

PubMed

Hinds, Joanne M; Payne, Stephen J

2018-04-01

Collaborative inhibition is a phenomenon where collaborating groups experience a decrement in recall when interacting with others. Despite this, collaboration has been found to improve subsequent individual recall. We explore these effects in semantic recall, which is seldom studied in collaborative retrieval. We also examine "parallel CMC", a synchronous form of computer-mediated communication that has previously been found to improve collaborative recall [Hinds, J. M., & Payne, S. J. (2016). Collaborative inhibition and semantic recall: Improving collaboration through computer-mediated communication. Applied Cognitive Psychology, 30(4), 554-565]. Sixty three triads completed a semantic recall task, which involved generating words beginning with "PO" or "HE" across three recall trials, in one of three retrieval conditions: Individual-Individual-Individual (III), Face-to-face-Face-to-Face-Individual (FFI) and Parallel-Parallel-Individual (PPI). Collaborative inhibition was present across both collaborative conditions. Individual recall in Recall 3 was higher when participants had previously collaborated in comparison to recalling three times individually. There was no difference between face-to-face and parallel CMC recall, however subsidiary analyses of instance repetitions and subjective organisation highlighted differences in group members' approaches to recall in terms of organisation and attention to others' contributions. We discuss the implications of these findings in relation to retrieval strategy disruption.

Qualitatively similar processing for own- and other-race faces: Evidence from efficiency and equivalent input noise.

PubMed

Shafai, Fakhri; Oruc, Ipek

2018-02-01

The other-race effect is the finding of diminished performance in recognition of other-race faces compared to those of own-race. It has been suggested that the other-race effect stems from specialized expert processes being tuned exclusively to own-race faces. In the present study, we measured recognition contrast thresholds for own- and other-race faces as well as houses for Caucasian observers. We have factored face recognition performance into two invariant aspects of visual function: efficiency, which is related to neural computations and processing demanded by the task, and equivalent input noise, related to signal degradation within the visual system. We hypothesized that if expert processes are available only to own-race faces, this should translate into substantially greater recognition efficiencies for own-race compared to other-race faces. Instead, we found similar recognition efficiencies for both own- and other-race faces. The other-race effect manifested as increased equivalent input noise. These results argue against qualitatively distinct perceptual processes. Instead they suggest that for Caucasian observers, similar neural computations underlie recognition of own- and other-race faces. Copyright © 2018 Elsevier Ltd. All rights reserved.

Face-to-Face versus Computer-Mediated Discussion of Teaching Cases: Impacts on Preservice Teachers' Engagement, Critical Analyses, and Self-Efficacy

ERIC Educational Resources Information Center

PytlikZillig, Lisa M.; Horn, Christy A.; Bruning, Roger; Bell, Stephanie; Liu, Xiongyi; Siwatu, Kamau O.; Bodvarsson, Mary C.; Kim, Doyoung; Carlson, Deborah

2011-01-01

Two frequently-used discussion protocols were investigated as part of a program to implement teaching cases in undergraduate educational psychology classes designed for preservice teachers. One protocol involved synchronous face-to-face (FTF) discussion of teaching cases, which occurred in class after students had individually completed written…

Emotional Design Tutoring System Based on Multimodal Affective Computing Techniques

ERIC Educational Resources Information Center

Wang, Cheng-Hung; Lin, Hao-Chiang Koong

2018-01-01

In a traditional class, the role of the teacher is to teach and that of the students is to learn. However, the constant and rapid technological advancements have transformed education in numerous ways. For instance, in addition to traditional, face to face teaching, E-learning is now possible. Nevertheless, face to face teaching is unavailable in…

Perceived Benefits and Drawbacks of Synchronous Voice-Based Computer-Mediated Communication in the Foreign Language Classroom

ERIC Educational Resources Information Center

Bueno Alastuey, M. C.

2011-01-01

This study explored the benefits and drawbacks of synchronous voice-based computer-mediated communication (CMC) in a blended course of English for specific purposes. Quantitative and qualitative data from two groups following the same syllabus, except for the oral component, were compared. Oral tasks were carried out face-to-face with same L1…

Examining Information Problem-Solving, Knowledge, and Application Gains within Two Instructional Methods: Problem-Based and Computer-Mediated Participatory Simulation

ERIC Educational Resources Information Center

Newell, Terrance S.

2008-01-01

This study compared the effectiveness of two instructional methods--problem-based instruction within a face-to-face context and computer-mediated participatory simulation--in increasing students' content knowledge and application gains in the area of information problem-solving. The instructional methods were implemented over a four-week period. A…

Small-Group, Computer-Mediated Argumentation in Middle-School Classrooms: The Effects of Gender and Different Types of Online Teacher Guidance

ERIC Educational Resources Information Center

Asterhan, Christa S. C.; Schwarz, Baruch B.; Gil, Julia

2012-01-01

CoBackground: Research has shown the importance of careful teacher support during collaborative group work to promote productive discourse between students (Webb, 2009). However, this research has traditionally focused on face-to-face communication. The role of online teacher guidance of small-group computer-mediated discussions has received…

FACE computer simulation. [Flexible Arm Controls Experiment

NASA Technical Reports Server (NTRS)

Sadeh, Willy Z.; Szmyd, Jeffrey A.

1990-01-01

A computer simulation of the FACE (Flexible Arm Controls Experiment) was conducted to assess its design for use in the Space Shuttle. The FACE is supposed to be a 14-ft long articulate structure with 4 degrees of freedom, consisting of shoulder pitch and yaw, elbow pitch, and wrist pitch. Kinematics of the FACE was simulated to obtain data on arm operation, function, workspace and interaction. Payload capture ability was modeled. The simulation indicates the capability for detailed kinematic simulation and payload capture ability analysis, and the feasibility of real-time simulation was determined. In addition, the potential for interactive real-time training through integration of the simulation with various interface controllers was revealed. At this stage, the flexibility of the arm was not yet considered.

Webcam mouse using face and eye tracking in various illumination environments.

PubMed

Lin, Yuan-Pin; Chao, Yi-Ping; Lin, Chung-Chih; Chen, Jyh-Horng

2005-01-01

Nowadays, due to enhancement of computer performance and popular usage of webcam devices, it has become possible to acquire users' gestures for the human-computer-interface with PC via webcam. However, the effects of illumination variation would dramatically decrease the stability and accuracy of skin-based face tracking system; especially for a notebook or portable platform. In this study we present an effective illumination recognition technique, combining K-Nearest Neighbor classifier and adaptive skin model, to realize the real-time tracking system. We have demonstrated that the accuracy of face detection based on the KNN classifier is higher than 92% in various illumination environments. In real-time implementation, the system successfully tracks user face and eyes features at 15 fps under standard notebook platforms. Although KNN classifier only initiates five environments at preliminary stage, the system permits users to define and add their favorite environments to KNN for computer access. Eventually, based on this efficient tracking algorithm, we have developed a "Webcam Mouse" system to control the PC cursor using face and eye tracking. Preliminary studies in "point and click" style PC web games also shows promising applications in consumer electronic markets in the future.

Minimizing liability during internal investigations.

PubMed

Morris, Cole

2010-01-01

Today's security professional must appreciate the potential landmines in any investigative effort and work collaboratively with others to minimize liability risks, the author points out. In this article he examines six civil torts that commonly arise from unprofessionally planned or poorly executed internal investigations-defamation, false imprisonment. intentional infliction of emotional distress, assault and battery, invasion of privacy, and malicious prosecution and abuse of process.

R&D100: IC ID

ScienceCinema

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

2018-06-25

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

DSB Task Force on Cyber Supply Chain

DTIC Science & Technology

2017-04-01

seeking to exploit a maliciously inserted vulnerability must execute each step in the kill chain:  Intelligence and planning: gathering...are intended to take a comprehensive approach in considering all aspects of system security, including cybersecurity , and address initial steps to...specific integrated circuits (ASICs). That need is likely to grow for systems that support intelligent or autonomous capabilities. The current

Measuring Cyber Operations Effectiveness

DTIC Science & Technology

2014-11-01

are advanced firewalls capable of taking limited action to block malicious traffic or hacking attempts. Their capabilities vary widely and must be...using many automated tools, included in the defense hardware and software itself. These devices include hardware and software firewalls , Network...DoD networks are probed millions of times per day…the Air Force blocks roughly two billion threats and denies two million emails each week

A Study of Covert Communications in Space Platforms Hosting Government Payloads

DTIC Science & Technology

2015-02-01

possible adversarial actions (e.g., malicious software co- resident on the commercial host). Threats to the commercial supply chain are just one... supply chain to either create or exploit channel vulnerabilities. For government hosted payload missions, the critical payload data are encrypted...access to space by hosting government- supplied payloads on commercial space platforms. These commercially hosted payloads require stringent

Thermal remote sensing of active vegetation fires and biomass burning events [Chapter 18

Treesearch

Martin J. Wooster; Gareth Roberts; Alistair M.S. Smith; Joshua Johnston; Patrick Freeborn; Stefania Amici; Andrew T. Hudak

2013-01-01

Thermal remote sensing is widely used in the detection, study, and management of biomass burning occurring in open vegetation fires. Such fires may be planned for land management purposes, may occur as a result of a malicious or accidental ignition by humans, or may result from lightning or other natural phenomena. Under suitable conditions, fires may spread rapidly...

Automated Program Analysis for Cybersecurity (APAC)

DTIC Science & Technology

2016-07-14

AUTOMATED PROGRAM ANALYSIS FOR CYBERSECURITY (APAC) FIVE DIRECTIONS, INC JULY 2016 FINAL TECHNICAL REPORT APPROVED... CYBERSECURITY (APAC) 5a. CONTRACT NUMBER FA8750-14-C-0050 5b. GRANT NUMBER N/A 5c. PROGRAM ELEMENT NUMBER 61101E 6. AUTHOR(S) William Arbaugh...AC Team Adversarial Challenge Team, responsible for creating malicious applications APAC Automated Program Analysis for Cybersecurity BAE BAE Systems

Debugging classification and anti-debugging strategies

NASA Astrophysics Data System (ADS)

Gao, Shang; Lin, Qian; Xia, Mingyuan; Yu, Miao; Qi, Zhengwei; Guan, Haibing

2011-12-01

Debugging, albeit useful for software development, is also a double-edge sword since it could also be exploited by malicious attackers. This paper analyzes the prevailing debuggers and classifies them into 4 categories based on the debugging mechanism. Furthermore, as an opposite, we list 13 typical anti-debugging strategies adopted in Windows. These methods intercept specific execution points which expose the diagnostic behavior of debuggers.

Phishing E-Mails--Six Month Investigation into What People Click

ERIC Educational Resources Information Center

Lehrfeld, Michael R.

2014-01-01

Phishing and SPAM emails have been used by marketers and hackers alike since the inception of email and the Internet. Phishing messages have become so common that many legitimate emails often get flagged and placed in a user's spam bucket. No one is denying that these messages are at a minimum a nuisance, and in many cases malicious. But what is…

Verification and Validation of the Malicious Activity Simulation Tool (MAST) for Network Administrator Training and Evaluation

DTIC Science & Technology

2012-03-01

to sell fake antivirus software ; Gammima, which was used to steal gaming login information; and Zeus, which was used to steal banking information...13 3. Viruses ......................................14 C. PROOF OF CONCEPT OF SOFTWARE TRAINING USING MALWARE MIMICS...33 2. Software .....................................34 3. COMPOSE CG-71 Virtual Machines ...............37 a. Integrated Shipboard Network System

Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

PubMed Central

Paramasivan, B.; Kaliappan, M.

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP. PMID:25143986

Design and Implementation of High Interaction Client Honeypot for Drive-by-Download Attacks

NASA Astrophysics Data System (ADS)

Akiyama, Mitsuaki; Iwamura, Makoto; Kawakoya, Yuhei; Aoki, Kazufumi; Itoh, Mitsutaka

Nowadays, the number of web-browser targeted attacks that lead users to adversaries' web sites and exploit web browser vulnerabilities is increasing, and a clarification of their methods and countermeasures is urgently needed. In this paper, we introduce the design and implementation of a new client honeypot for drive-by-download attacks that has the capacity to detect and investigate a variety of malicious web sites. On the basis of the problems of existing client honeypots, we enumerate the requirements of a client honeypot: 1) detection accuracy and variety, 2) collection variety, 3) performance efficiency, and 4) safety and stability. We improve our system with regard to these requirements. The key features of our developed system are stepwise detection focusing on exploit phases, multiple crawler processing, tracking of malware distribution networks, and malware infection prevention. Our evaluation of our developed system in a laboratory experiment and field experiment indicated that its detection variety and crawling performance are higher than those of existing client honeypots. In addition, our system is able to collect information for countermeasures and is secure and stable for continuous operation. We conclude that our system can investigate malicious web sites comprehensively and support countermeasures.

Impact of Information based Classification on Network Epidemics

PubMed Central

Mishra, Bimal Kumar; Haldar, Kaushik; Sinha, Durgesh Nandini

2016-01-01

Formulating mathematical models for accurate approximation of malicious propagation in a network is a difficult process because of our inherent lack of understanding of several underlying physical processes that intrinsically characterize the broader picture. The aim of this paper is to understand the impact of available information in the control of malicious network epidemics. A 1-n-n-1 type differential epidemic model is proposed, where the differentiality allows a symptom based classification. This is the first such attempt to add such a classification into the existing epidemic framework. The model is incorporated into a five class system called the DifEpGoss architecture. Analysis reveals an epidemic threshold, based on which the long-term behavior of the system is analyzed. In this work three real network datasets with 22002, 22469 and 22607 undirected edges respectively, are used. The datasets show that classification based prevention given in the model can have a good role in containing network epidemics. Further simulation based experiments are used with a three category classification of attack and defense strengths, which allows us to consider 27 different possibilities. These experiments further corroborate the utility of the proposed model. The paper concludes with several interesting results. PMID:27329348

Time Pattern Locking Scheme for Secure Multimedia Contents in Human-Centric Device

PubMed Central

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties. PMID:25202737

Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

PubMed

Paramasivan, B; Kaliappan, M

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

Time pattern locking scheme for secure multimedia contents in human-centric device.

PubMed

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties.

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks

PubMed Central

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A.; Zulkarnain, Zuriati A.

2016-01-01

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol’s semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery. PMID:27338411

Social/Ethical Issues in Predictive Insider Threat Monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Frincke, Deborah A.; Zabriskie, Mariah

2011-01-01

Combining traditionally monitored cybersecurity data with other kinds of organizational data is one option for inferring the motivations of individuals, which may in turn allow early prediction and mitigation of insider threats. While unproven, some researchers believe that this combination of data may yield better results than either cybersecurity or organizational data would in isolation. However, this nontraditional approach creates a potential conflict between goals, such as conflicts between organizational security improvements and individual privacy considerations. There are many facets to debate. Should warning signs of a potential malicious insider be addressed before a malicious event has occurred to preventmore » harm to the organization and discourage the insider from violating the organization’s rules? Would intervention violate employee trust or legal guidelines? What about the possibilities of misuse? Predictive approaches cannot be validated a priori; false accusations can affect the career of the accused; and collection/monitoring of certain types of data may affect employee morale. In this chapter, we explore some of the social and ethical issues stemming from predictive insider threat monitoring and discuss ways that a predictive modeling approach brings to the forefront social and ethical issues that should be considered and resolved by stakeholders and communities of interest.« less

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

PubMed

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

2016-06-22

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

Task effects, performance levels, features, configurations, and holistic face processing: A reply to Rossion

PubMed Central

Riesenhuber, Maximilian; Wolff, Brian S.

2009-01-01

Summary A recent article in Acta Psychologica (“Picture-plane inversion leads to qualitative changes of face perception” by B. Rossion, 2008) criticized several aspects of an earlier paper of ours (Riesenhuber et al., “Face processing in humans is compatible with a simple shape-based model of vision”, Proc Biol Sci, 2004). We here address Rossion’s criticisms and correct some misunderstandings. To frame the discussion, we first review our previously presented computational model of face recognition in cortex (Jiang et al., “Evaluation of a shape-based model of human face discrimination using fMRI and behavioral techniques”, Neuron, 2006) that provides a concrete biologically plausible computational substrate for holistic coding, namely a neural representation learned for upright faces, in the spirit of the original simple-to-complex hierarchical model of vision by Hubel and Wiesel. We show that Rossion’s and others’ data support the model, and that there is actually a convergence of views on the mechanisms underlying face recognition, in particular regarding holistic processing. PMID:19665104

A computer-generated animated face stimulus set for psychophysiological research

PubMed Central

Naples, Adam; Nguyen-Phuc, Alyssa; Coffman, Marika; Kresse, Anna; Faja, Susan; Bernier, Raphael; McPartland., James

2014-01-01

Human faces are fundamentally dynamic, but experimental investigations of face perception traditionally rely on static images of faces. While naturalistic videos of actors have been used with success in some contexts, much research in neuroscience and psychophysics demands carefully controlled stimuli. In this paper, we describe a novel set of computer generated, dynamic, face stimuli. These grayscale faces are tightly controlled for low- and high-level visual properties. All faces are standardized in terms of size, luminance, and location and size of facial features. Each face begins with a neutral pose and transitions to an expression over the course of 30 frames. Altogether there are 222 stimuli spanning 3 different categories of movement: (1) an affective movement (fearful face); (2) a neutral movement (close-lipped, puffed cheeks with open eyes); and (3) a biologically impossible movement (upward dislocation of eyes and mouth). To determine whether early brain responses sensitive to low-level visual features differed between expressions, we measured the occipital P100 event related potential (ERP), which is known to reflect differences in early stages of visual processing and the N170, which reflects structural encoding of faces. We found no differences between faces at the P100, indicating that different face categories were well matched on low-level image properties. This database provides researchers with a well-controlled set of dynamic faces controlled on low-level image characteristics that are applicable to a range of research questions in social perception. PMID:25028164

Angry facial expressions bias gender categorization in children and adults: behavioral and computational evidence

PubMed Central

Bayet, Laurie; Pascalis, Olivier; Quinn, Paul C.; Lee, Kang; Gentaz, Édouard; Tanaka, James W.

2015-01-01

Angry faces are perceived as more masculine by adults. However, the developmental course and underlying mechanism (bottom-up stimulus driven or top-down belief driven) associated with the angry-male bias remain unclear. Here we report that anger biases face gender categorization toward “male” responding in children as young as 5–6 years. The bias is observed for both own- and other-race faces, and is remarkably unchanged across development (into adulthood) as revealed by signal detection analyses (Experiments 1–2). The developmental course of the angry-male bias, along with its extension to other-race faces, combine to suggest that it is not rooted in extensive experience, e.g., observing males engaging in aggressive acts during the school years. Based on several computational simulations of gender categorization (Experiment 3), we further conclude that (1) the angry-male bias results, at least partially, from a strategy of attending to facial features or their second-order relations when categorizing face gender, and (2) any single choice of computational representation (e.g., Principal Component Analysis) is insufficient to assess resemblances between face categories, as different representations of the very same faces suggest different bases for the angry-male bias. Our findings are thus consistent with stimulus-and stereotyped-belief driven accounts of the angry-male bias. Taken together, the evidence suggests considerable stability in the interaction between some facial dimensions in social categorization that is present prior to the onset of formal schooling. PMID:25859238

Centre-based restricted nearest feature plane with angle classifier for face recognition

NASA Astrophysics Data System (ADS)

Tang, Linlin; Lu, Huifen; Zhao, Liang; Li, Zuohua

2017-10-01

An improved classifier based on the nearest feature plane (NFP), called the centre-based restricted nearest feature plane with the angle (RNFPA) classifier, is proposed for the face recognition problems here. The famous NFP uses the geometrical information of samples to increase the number of training samples, but it increases the computation complexity and it also has an inaccuracy problem coursed by the extended feature plane. To solve the above problems, RNFPA exploits a centre-based feature plane and utilizes a threshold of angle to restrict extended feature space. By choosing the appropriate angle threshold, RNFPA can improve the performance and decrease computation complexity. Experiments in the AT&T face database, AR face database and FERET face database are used to evaluate the proposed classifier. Compared with the original NFP classifier, the nearest feature line (NFL) classifier, the nearest neighbour (NN) classifier and some other improved NFP classifiers, the proposed one achieves competitive performance.

Video Chat vs. Face-to-Face Recasts, Learners' Interpretations and L2 Development: A Case of Persian EFL Learners

ERIC Educational Resources Information Center

Rassaei, Ehsan

2017-01-01

This study investigated the effects of two modes of corrective feedback, namely, face-to-face recasts and computer-mediated recasts during video-conferencing on Iranian English as a foreign language (EFL) learners' second language (L2) development. Moreover, the accuracy of the learners' interpretations of recasts in the two modalities was…