Commercial Grade Item (CGI) Dedication for Leak Detection Relays

DOE Office of Scientific and Technical Information (OSTI.GOV)

KOCH, M.R.

1999-10-26

This Test Plan provides a test method to dedicate the leak detection relays used on the new Pumping and Instrumentation Control (PIC) skids. The new skids are fabricated on-site. The leak detection system is a safety class system per the Authorization Basis.

Commercial Grade Item (CGI) Dedication for Leak Detection Relays

DOE Office of Scientific and Technical Information (OSTI.GOV)

JOHNS, B.R.; KOCH, M.R.

2000-01-28

This Test Plan provides a test method to dedicate the leak detection relays used on the new Pumping Instrumentation and Control (PIC) skids. The new skids are fabricated on-site. The leak detection system is a safety class system per the Authorization Basis.

Transmission line relay mis-operation detection based on time-synchronized field data

DOE PAGES

Esmaeilian, Ahad; Popovic, Tomo; Kezunovic, Mladen

2015-05-04

In this paper, a real-time tool to detect transmission line relay mis-operation is implemented. The tool uses time-synchronized measurements obtained from both ends of the line during disturbances. The proposed fault analysis tool comes into the picture only after the protective device has operated and tripped the line. The proposed methodology is able not only to detect, classify, and locate transmission line faults, but also to accurately confirm whether the line was tripped due to a mis-operation of protective relays. The analysis report includes either detailed description of the fault type and location or detection of relay mis-operation. As such,more » it can be a source of very useful information to support the system restoration. The focus of the paper is on the implementation requirements that allow practical application of the methodology, which is illustrated using the field data obtained the real power system. Testing and validation is done using the field data recorded by digital fault recorders and protective relays. The test data included several hundreds of event records corresponding to both relay mis-operations and actual faults. The discussion of results addresses various challenges encountered during the implementation and validation of the presented methodology.« less

Intelligent Power Swing Detection Scheme to Prevent False Relay Tripping Using S-Transform

NASA Astrophysics Data System (ADS)

Mohamad, Nor Z.; Abidin, Ahmad F.; Musirin, Ismail

2014-06-01

Distance relay design is equipped with out-of-step tripping scheme to ensure correct distance relay operation during power swing. The out-of-step condition is a consequence result from unstable power swing. It requires proper detection of power swing to initiate a tripping signal followed by separation of unstable part from the entire power system. The distinguishing process of unstable swing from stable swing poses a challenging task. This paper presents an intelligent approach to detect power swing based on S-Transform signal processing tool. The proposed scheme is based on the use of S-Transform feature of active power at the distance relay measurement point. It is demonstrated that the proposed scheme is able to detect and discriminate the unstable swing from stable swing occurring in the system. To ascertain validity of the proposed scheme, simulations were carried out with the IEEE 39 bus system and its performance has been compared with the wavelet transform-based power swing detection scheme.

Continuous-variable Measurement-device-independent Quantum Relay Network with Phase-sensitive Amplifiers

NASA Astrophysics Data System (ADS)

Li, Fei; Zhao, Wei; Guo, Ying

2018-01-01

Continuous-variable (CV) measurement-device-independent (MDI) quantum cryptography is now heading towards solving the practical problem of implementing scalable quantum networks. In this paper, we show that a solution can come from deploying an optical amplifier in the CV-MDI system, aiming to establish a high-rate quantum network. We suggest an improved CV-MDI protocol using the EPR states coupled with optical amplifiers. It can implement a practical quantum network scheme, where the legal participants create the secret correlations by using EPR states connecting to an untrusted relay via insecure links and applying the multi-entangled Greenberger-Horne-Zeilinger (GHZ) state analysis at relay station. Despite the possibility that the relay could be completely tampered with and imperfect links are subject to the powerful attacks, the legal participants are still able to extract a secret key from network communication. The numerical simulation indicates that the quantum network communication can be achieved in an asymmetric scenario, fulfilling the demands of a practical quantum network. Furthermore, we show that the use of optical amplifiers can compensate the inherent imperfections and improve the secret key rate of the CV-MDI system.

Towards a Low-Cost Remote Memory Attestation for the Smart Grid

PubMed Central

Yang, Xinyu; He, Xiaofei; Yu, Wei; Lin, Jie; Li, Rui; Yang, Qingyu; Song, Houbing

2015-01-01

In the smart grid, measurement devices may be compromised by adversaries, and their operations could be disrupted by attacks. A number of schemes to efficiently and accurately detect these compromised devices remotely have been proposed. Nonetheless, most of the existing schemes detecting compromised devices depend on the incremental response time in the attestation process, which are sensitive to data transmission delay and lead to high computation and network overhead. To address the issue, in this paper, we propose a low-cost remote memory attestation scheme (LRMA), which can efficiently and accurately detect compromised smart meters considering real-time network delay and achieve low computation and network overhead. In LRMA, the impact of real-time network delay on detecting compromised nodes can be eliminated via investigating the time differences reported from relay nodes. Furthermore, the attestation frequency in LRMA is dynamically adjusted with the compromised probability of each node, and then, the total number of attestations could be reduced while low computation and network overhead can be achieved. Through a combination of extensive theoretical analysis and evaluations, our data demonstrate that our proposed scheme can achieve better detection capacity and lower computation and network overhead in comparison to existing schemes. PMID:26307998

Towards a Low-Cost Remote Memory Attestation for the Smart Grid.

PubMed

Yang, Xinyu; He, Xiaofei; Yu, Wei; Lin, Jie; Li, Rui; Yang, Qingyu; Song, Houbing

2015-08-21

In the smart grid, measurement devices may be compromised by adversaries, and their operations could be disrupted by attacks. A number of schemes to efficiently and accurately detect these compromised devices remotely have been proposed. Nonetheless, most of the existing schemes detecting compromised devices depend on the incremental response time in the attestation process, which are sensitive to data transmission delay and lead to high computation and network overhead. To address the issue, in this paper, we propose a low-cost remote memory attestation scheme (LRMA), which can efficiently and accurately detect compromised smart meters considering real-time network delay and achieve low computation and network overhead. In LRMA, the impact of real-time network delay on detecting compromised nodes can be eliminated via investigating the time differences reported from relay nodes. Furthermore, the attestation frequency in LRMA is dynamically adjusted with the compromised probability of each node, and then, the total number of attestations could be reduced while low computation and network overhead can be achieved. Through a combination of extensive theoretical analysis and evaluations, our data demonstrate that our proposed scheme can achieve better detection capacity and lower computation and network overhead in comparison to existing schemes.

The Consequences of the Trojan Horse Affair and a Possible Way Forward for Birmingham

ERIC Educational Resources Information Center

Barton, Sarah; Hatcher, Richard

2014-01-01

The UK government seized the opportunity of the Trojan Horse affair to launch a damaging Islamophobic attack, eagerly relayed by a racist press, on the Muslim community in Birmingham and beyond, abusing Ofsted and the Prevent strategy as blatant instruments of ideologically-driven policy. The various reports found no evidence of radicalisation or…

Light-Actuated Micromechanical Relays for Zero-Power Infrared Detection

DTIC Science & Technology

2017-03-01

Light-Actuated Micromechanical Relays for Zero-Power Infrared Detection Zhenyun Qian, Sungho Kang, Vageeswar Rajaram, Cristian Cassella, Nicol E...near-zero power infrared (IR) detection . Differently from any existing switching element, the proposed LMR relies on a plasmonically-enhanced...chip enabling the monolithic fabrication of multiple LMRs connected together to form a logic topology suitable for the detection of specific

Heart Monitoring By Satellite

NASA Technical Reports Server (NTRS)

1978-01-01

The ambulance antenna shown is a specially designed system that allows satellite-relayed two-way communications between a moving emergency vehicle and a hospital emergency room. It is a key component of a demonstration program aimed at showing how emergency medical service can be provided to people in remote rural areas. Satellite communication permits immediate, hospital- guided treatment of heart attacks or other emergencies by ambulance personnel, saving vital time when the scene of the emergency is remote from the hospital. If widely adopted, the system could save tens of thousands of lives annually in the U.S. alone, medical experts say. The problem in conventional communication with rural areas is the fact that radio signals travel in line of sight. They may be blocked by tall buildings, hills and mountains, or even by the curvature of the Earth, so signal range is sharply limited. Microwave relay towers could solve the problem, but a complete network of repeater towers would be extremely expensive. The satellite provides an obstruction-free relay station in space.

Ground wave emergency network final operational capability. Environmental assessment for southern Arkansas relay node site no. RN 8C912AR

NASA Astrophysics Data System (ADS)

1993-02-01

The Ground Wave Emergency Network (GWEN) is a radio communication system designed to relay emergency messages between strategic military areas in the continental United States. The system is immune to the effects of high-attitude electromagnetic pulse (HEMP) energy surges caused by nuclear bursts in the ionosphere that would disrupt conventional communications equipment such as telephones and shortwave radios. A failure of such equipment would prevent timely communications among top military and civilian leaders and strategic Air Force locations and prevent U.S. assessment and retaliation during an attack. GWEN is an essential part of a defense modernization program to upgrade and improve our nation's communications system, thereby strengthening deterrence.

Application of Advanced Wide Area Early Warning Systems with Adaptive Protection

DOE Office of Scientific and Technical Information (OSTI.GOV)

Blumstein, Carl; Cibulka, Lloyd; Thorp, James

2014-09-30

Recent blackouts of power systems in North America and throughout the world have shown how critical a reliable power system is to modern societies, and the enormous economic and societal damage a blackout can cause. It has been noted that unanticipated operation of protection systems can contribute to cascading phenomena and, ultimately, blackouts. This project developed and field-tested two methods of Adaptive Protection systems utilizing synchrophasor data. One method detects conditions of system stress that can lead to unintended relay operation, and initiates a supervisory signal to modify relay response in real time to avoid false trips. The second methodmore » detects the possibility of false trips of impedance relays as stable system swings “encroach” on the relays’ impedance zones, and produces an early warning so that relay engineers can re-evaluate relay settings. In addition, real-time synchrophasor data produced by this project was used to develop advanced visualization techniques for display of synchrophasor data to utility operators and engineers.« less

Increased Amplitude of Thalamocortical Low-Frequency Oscillations in Patients with Migraine

PubMed Central

Wilcox, Sophie L.; Veggeberg, Rosanna; Noseda, Rodrigo; Burstein, Rami; Borsook, David; Becerra, Lino

2016-01-01

For many years, neurobiological theories have emphasized the importance of neuronal oscillations in the emergence of brain function. At the same time, clinical studies have shown that disturbances or irregularities in brain rhythms may relate to various common neurological conditions, including migraine. Increasing evidence suggests that the CNS plays a fundamental role in the predisposition to develop different forms of headache. Here, we present human imaging data that strongly support the presence of abnormal low-frequency oscillations (LFOs) in thalamocortical networks of patients in the interictal phase of migraine. Our results show that the main source of arrhythmic activity was localized to the higher-order thalamic relays of the medial dorsal nucleus. In addition, spontaneous LFOs in the thalamus were selectively associated with the headache attack frequency, meaning that the varying amplitude of dysrhythmia could predispose patients to recurrent attacks. Rhythmic cortical feedback to the thalamus is a major factor in the amplification of thalamocortical oscillations, making it a strong candidate for influencing neuronal excitability. We further speculate that the intrinsic dynamics of thalamocortical network oscillations are crucial for early sensory processing and therefore could underlie important pathophysiological processes involved in multisensory integration. SIGNIFICANCE STATEMENT In many cases, migraine attacks are thought to begin centrally. A major obstacle to studying intrinsic brain activity has been the identification of the precise anatomical structures and functional networks that are involved in migraine. Here, we present imaging data that strongly support the presence of abnormal low-frequency oscillations in thalamocortical networks of patients in the interictal phase of migraine. This arrhythmic activity was localized to the higher-order thalamic relays of the medial dorsal nucleus and was selectively associated with headache attack frequency. Rhythmic cortical feedback to the thalamus is a major factor in the amplification of thalamocortical oscillations, making it a strong candidate for influencing neuronal excitability and higher-level processes involved in multisensory integration. PMID:27466345

Bacteriophage as models for virus removal from Pacific oysters (Crassostrea gigas) during re-laying.

PubMed Central

Humphrey, T. J.; Martin, K.

1993-01-01

A study was undertaken to examine the feasibility of using naturally-occurring bacteriophages to assess the impact of re-laying on levels of viral contamination in Crassostrea gigas, the Pacific oyster. Two phages were chosen. One, male-specific (F+), was enumerated using Salmonella typhimurium. The other, a somatic phage, was detected using an, as yet, uncharacterized Escherichia coli. Investigations, using a variety of re-laying sites, demonstrated that numbers of F+ phage in oyster tissue declined more rapidly than those of somatic phage. For example, in oysters placed in commercially-used sea water ponds, F+ phage reached undetectable levels within 2-3 weeks, whereas somatic phage could still be detected 5 weeks after re-laying. The studies suggest that F+ phage may not be a suitable indicator for virus removal and that somatic phage may be better suited to this role. PMID:8405159

Pearl Harbor: Failure of Intelligence?

DTIC Science & Technology

1997-04-01

N.E.I.), “NISHI.” The above will be repeated five times and included at beginning and end. Relay to Rio de Janeiro , Buenos Aires, Mexico City, and San...limits of their equipment. ( e ) To effect a state of readiness throughout the Army and Navy establishments designed to meet all possible attacks. (f...a timely manner to the national command authorities, the War and Navy Departments, and Admiral Husband E . Kimmel and Lieutenant General Walter C

Machine Learning Methods for Attack Detection in the Smart Grid.

PubMed

Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

2016-08-01

Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

Localization and cooperative communication methods for cognitive radio

NASA Astrophysics Data System (ADS)

Duval, Olivier

We study localization of nearby nodes and cooperative communication for cognitive radios. Cognitive radios sensing their environment to estimate the channel gain between nodes can cooperate and adapt their transmission power to maximize the capacity of the communication between two nodes. We study the end-to-end capacity of a cooperative relaying scheme using orthogonal frequency-division modulation (OFDM) modulation, under power constraints for both the base station and the relay station. The relay uses amplify-and-forward and decode-and-forward cooperative relaying techniques to retransmit messages on a subset of the available subcarriers. The power used in the base station and the relay station transmitters is allocated to maximize the overall system capacity. The subcarrier selection and power allocation are obtained based on convex optimization formulations and an iterative algorithm. Additionally, decode-and-forward relaying schemes are allowed to pair source and relayed subcarriers to increase further the capacity of the system. The proposed techniques outperforms non-selective relaying schemes over a range of relay power budgets. Cognitive radios can be used for opportunistic access of the radio spectrum by detecting spectrum holes left unused by licensed primary users. We introduce a spectrum holes detection approach, which combines blind modulation classification, angle of arrival estimation and number of sources detection. We perform eigenspace analysis to determine the number of sources, and estimate their angles of arrival (AOA). In addition, we classify detected sources as primary or secondary users with their distinct second-orde one-conjugate cyclostationarity features. Extensive simulations carried out indicate that the proposed system identifies and locates individual sources correctly, even at -4 dB signal-to-noise ratios (SNR). In environments with a high density of scatterers, several wireless channels experience nonline-of-sight (NLOS) condition, increasing the localization error, even when the AOA estimate is accurate. We present a real-time localization solver (RTLS) for time-of-arrival (TOA) estimates using ray-tracing methods on the map of the geometry of walls and compare its performance with classical TOA trilateration localization methods. Extensive simulations and field trials for indoor environments show that our method increases the coverage area from 1.9% of the floor to 82.3 % and the accuracy by a 10-fold factor when compared with trilateration. We implemented our ray tracing model in C++ using the CGAL computational geometry algorithm library. We illustrate the real-time property of our RTLS that performs most ray tracing tasks in a preprocessing phase with time and space complexity analyses and profiling of our software.

Improved BDF Relaying Scheme Using Time Diversity over Atmospheric Turbulence and Misalignment Fading Channels

PubMed Central

García-Zambrana, Antonio; Castillo-Vázquez, Carmen; Castillo-Vázquez, Beatriz

2014-01-01

A novel bit-detect-and-forward (BDF) relaying scheme based on repetition coding with the relay is proposed, significantly improving the robustness to impairments proper to free-space optical (FSO) communications such as unsuitable alignment between transmitter and receiver as well as fluctuations in the irradiance of the transmitted optical beam due to the atmospheric turbulence. Closed-form asymptotic bit-error-rate (BER) expressions are derived for a 3-way FSO communication setup. Fully exploiting the potential time-diversity available in the relay turbulent channel, a relevant better performance is achieved, showing a greater robustness to the relay location since a high diversity gain is provided regardless of the source-destination link distance. PMID:24587711

Target-specific NMR detection of protein-ligand interactions with antibody-relayed 15N-group selective STD.

PubMed

Hetényi, Anasztázia; Hegedűs, Zsófia; Fajka-Boja, Roberta; Monostori, Éva; Kövér, Katalin E; Martinek, Tamás A

2016-12-01

Fragment-based drug design has been successfully applied to challenging targets where the detection of the weak protein-ligand interactions is a key element. 1 H saturation transfer difference (STD) NMR spectroscopy is a powerful technique for this work but it requires pure homogeneous proteins as targets. Monoclonal antibody (mAb)-relayed 15 N-GS STD spectroscopy has been developed to resolve the problem of protein mixtures and impure proteins. A 15 N-labelled target-specific mAb is selectively irradiated and the saturation is relayed through the target to the ligand. Tests on the anti-Gal-1 mAb/Gal-1/lactose system showed that the approach is experimentally feasible in a reasonable time frame. This method allows detection and identification of binding molecules directly from a protein mixture in a multicomponent system.

Breaking the Myth That Relay Swimming Is Faster Than Individual Swimming.

PubMed

Skorski, Sabrina; Etxebarria, Naroa; Thompson, Kevin G

2016-04-01

To investigate if swimming performance is better in a relay race than in the corresponding individual race. The authors analyzed 166 elite male swimmers from 15 nations in the same competition (downloaded from www.swimrankings.net). Of 778 observed races, 144 were Olympic Games performances (2000, 2004, 2012), with the remaining 634 performed in national or international competitions. The races were 100-m (n = 436) and 200-m (n = 342) freestyle events. Relay performance times for the 2nd-4th swimmers were adjusted (+ 0.73 s) to allow for the "flying start." Without any adjustment, mean individual relay performances were significantly faster for the first 50 m and overall time in the 100-m events. Furthermore, the first 100 m of the 200-m relay was significantly faster (P > .001). During relays, swimmers competing in 1st position did not show any difference compared with their corresponding individual performance (P > .16). However, swimmers competing in 2nd-4th relay-team positions demonstrated significantly faster times in the 100-m (P < .001) and first half of the 200-m relays than in their individual events (P < .001, ES: 0.28-1.77). However, when finishing times for 2nd-4th relay team positions were adjusted for the flying start no differences were detected between relay and individual race performance for any event or split time (P > .17). Highly trained swimmers do not swim (or turn) faster in relay events than in their individual races. Relay exchange times account for the difference observed in individual vs relay performance.

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis

PubMed Central

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim’ based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks. PMID:26222882

Detecting Pulsing Denial-of-Service Attacks with Nondeterministic Attack Intervals

NASA Astrophysics Data System (ADS)

Luo, Xiapu; Chan, Edmond W. W.; Chang, Rocky K. C.

2009-12-01

This paper addresses the important problem of detecting pulsing denial of service (PDoS) attacks which send a sequence of attack pulses to reduce TCP throughput. Unlike previous works which focused on a restricted form of attacks, we consider a very broad class of attacks. In particular, our attack model admits any attack interval between two adjacent pulses, whether deterministic or not. It also includes the traditional flooding-based attacks as a limiting case (i.e., zero attack interval). Our main contribution is Vanguard, a new anomaly-based detection scheme for this class of PDoS attacks. The Vanguard detection is based on three traffic anomalies induced by the attacks, and it detects them using a CUSUM algorithm. We have prototyped Vanguard and evaluated it on a testbed. The experiment results show that Vanguard is more effective than the previous methods that are based on other traffic anomalies (after a transformation using wavelet transform, Fourier transform, and autocorrelation) and detection algorithms (e.g., dynamic time warping).

Programming A Molecular Relay for Ultrasensitive Biodetection through 129 Xe NMR

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wang, Yanfei; Roose, Benjamin W.; Philbin, John P.

2015-12-21

We reported a supramolecular strategy for detecting specific proteins in complex media by using hyperpolarized 129Xe NMR. A cucurbit[6]uril (CB[6])-based molecular relay was programmed for three sequential equilibrium conditions by designing a two-faced guest (TFG) that initially binds CB[6] and blocks the CB[6]–Xe interaction. Moreover, the protein analyte recruits the TFG and frees CB[6] for Xe binding. TFGs containing CB[6]- and carbonic anhydrase II (CAII)-binding domains were synthesized in one or two steps. X-ray crystallography confirmed TFG binding to Zn 2+ in the deep CAII active-site cleft, which precludes simultaneous CB[6] binding. The molecular relay was reprogrammed to detect avidinmore » by using a different TFG. Finally, Xe binding by CB[6] was detected in buffer and in E. coli cultures expressing CAII through ultrasensitive 129Xe NMR spectroscopy.« less

Relayed 13C magnetization transfer: Detection of malate dehydrogenase reaction in vivo

NASA Astrophysics Data System (ADS)

Yang, Jehoon; Shen, Jun

2007-02-01

Malate dehydrogenase catalyzes rapid interconversion between dilute metabolites oxaloacetate and malate. Both oxaloacetate and malate are below the detection threshold of in vivo MRS. Oxaloacetate is also in rapid exchange with aspartate catalyzed by aspartate aminotransferase, the latter metabolite is observable in vivo using 13C MRS. We hypothesized that the rapid turnover of oxaloacetate can effectively relay perturbation of magnetization between malate and aspartate. Here, we report indirect observation of the malate dehydrogenase reaction by saturating malate C2 resonance at 71.2 ppm and detecting a reduced aspartate C2 signal at 53.2 ppm due to relayed magnetization transfer via oxaloacetate C2 at 201.3 ppm. Using this strategy the rate of the cerebral malate dehydrogenase reaction was determined to be 9 ± 2 μmol/g wet weight/min (means ± SD, n = 5) at 11.7 Tesla in anesthetized adult rats infused with [1,6- 13C 2]glucose.

Vulnerabilities in First-Generation RFID-enabled Credit Cards

NASA Astrophysics Data System (ADS)

Heydt-Benjamin, Thomas S.; Bailey, Daniel V.; Fu, Kevin; Juels, Ari; O'Hare, Tom

RFID-enabled credit cards are widely deployed in the United States and other countries, but no public study has thoroughly analyzed the mechanisms that provide both security and privacy. Using samples from a variety of RFID-enabled credit cards, our study observes that (1) the cardholder's name and often credit card number and expiration are leaked in plaintext to unauthenticated readers, (2) our homemade device costing around 150 effectively clones one type of skimmed cards thus providing a proof-of-concept implementation for the RF replay attack, (3) information revealed by the RFID transmission cross contaminates the security of RFID and non-RFID payment contexts, and (4) RFID-enabled credit cards are susceptible in various degrees to a range of other traditional RFID attacks such as skimming and relaying.

Quantum network with trusted and untrusted relays

NASA Astrophysics Data System (ADS)

Ma, Xiongfeng; Annabestani, Razieh; Fung, Chi-Hang Fred; Lo, Hoi-Kwong; Lütkenhaus, Norbert; PitkäNen, David; Razavi, Mohsen

2012-02-01

Quantum key distribution offers two distant users to establish a random secure key by exploiting properties of quantum mechanics, whose security has proven in theory. In practice, many lab and field demonstrations have been performed in the last 20 years. Nowadays, quantum network with quantum key distribution systems are tested around the world, such as in China, Europe, Japan and US. In this talk, I will give a brief introduction of recent development for quantum network. For the untrusted relay part, I will introduce the measurement-device-independent quantum key distribution scheme and a quantum relay with linear optics. The security of such scheme is proven without assumptions on the detection devices, where most of quantum hacking strategies are launched. This scheme can be realized with current technology. For the trusted relay part, I will introduce so-called delayed privacy amplification, with which no error correction and privacy amplification is necessarily to be performed between users and the relay. In this way, classical communications and computational power requirement on the relay site will be reduced.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things

PubMed Central

Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

2017-01-01

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework. PMID:29065461

Command Disaggregation Attack and Mitigation in Industrial Internet of Things.

PubMed

Xun, Peng; Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

2017-10-21

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

A fluorescein-based chemosensor for relay fluorescence recognition of Cu(ii) ions and biothiols in water and its applications to a molecular logic gate and living cell imaging.

PubMed

Fu, Zhen-Hai; Yan, Lu-Bin; Zhang, Xiaolong; Zhu, Fan-Fan; Han, Xin-Long; Fang, Jianguo; Wang, Ya-Wen; Peng, Yu

2017-05-16

Relay recognition of copper(ii) ions and biothiols via a fluorescence "on-off-on" cascade was designed and realized as a new sequential combination of cations and small molecules. Probe 1 bearing a fluorescein skeleton was thus synthesized, which performed well in 100% HEPES buffer (pH = 7.0) solution, as a highly sensitive, selective fluorescence sensor for Cu 2+ . The limit of detection (LOD, 0.017 ppm) was obtained, and this value is much lower than 1.3 ppm, allowed by US EPA. The 1 : 1 complex generated from fast sensing of Cu 2+ when excited at 491 nm, showed good relay recognition for biothiols (i.e., Cys, Hcy and GSH with low detection limits of 0.12 μM, 0.036 μM and 0.024 μM, respectively) via remarkable fluorescence enhancement. The origin of this relay process was disclosed through ESI-MS and corresponding density functional theory (DFT) computations. Notably, probe 1 can be utilized for the construction of a molecular logic gate with the IMPLICATION function by using the above fluorescence changes. Moreover, this relay recognition was also applied to HepG2 cell imaging successfully.

On resilience studies of system detection and recovery techniques against stealthy insider attacks

NASA Astrophysics Data System (ADS)

Wei, Sixiao; Zhang, Hanlin; Chen, Genshe; Shen, Dan; Yu, Wei; Pham, Khanh D.; Blasch, Erik P.; Cruz, Jose B.

2016-05-01

With the explosive growth of network technologies, insider attacks have become a major concern to business operations that largely rely on computer networks. To better detect insider attacks that marginally manipulate network traffic over time, and to recover the system from attacks, in this paper we implement a temporal-based detection scheme using the sequential hypothesis testing technique. Two hypothetical states are considered: the null hypothesis that the collected information is from benign historical traffic and the alternative hypothesis that the network is under attack. The objective of such a detection scheme is to recognize the change within the shortest time by comparing the two defined hypotheses. In addition, once the attack is detected, a server migration-based system recovery scheme can be triggered to recover the system to the state prior to the attack. To understand mitigation of insider attacks, a multi-functional web display of the detection analysis was developed for real-time analytic. Experiments using real-world traffic traces evaluate the effectiveness of Detection System and Recovery (DeSyAR) scheme. The evaluation data validates the detection scheme based on sequential hypothesis testing and the server migration-based system recovery scheme can perform well in effectively detecting insider attacks and recovering the system under attack.

77 FR 4948 - Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-01

... difficult to detect on an ex post basis, particularly when comingled with legitimate minutes or submitted by... ``permit-but-disclose'' proceeding in accordance with the Commission's ex parte rules. Persons making ex... Sunshine period applies). Persons making oral ex parte presentations are reminded that memoranda...

78 FR 22802 - Airworthiness Directives; the Boeing Company Airplanes

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-17

... indication system and wiring on each engine; and repetitive operational checks of that installation to detect... wiring. Installation of a second locking gearbox 754 work-hours x $85 per hour = $0 $64,090 system. $64... proposed AD would require replacing certain relays and relay sockets, and doing wiring changes. For certain...

Novel Method For Low-Rate Ddos Attack Detection

NASA Astrophysics Data System (ADS)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

Application of Cellular Automata to Detection of Malicious Network Packets

ERIC Educational Resources Information Center

Brown, Robert L.

2014-01-01

A problem in computer security is identification of attack signatures in network packets. An attack signature is a pattern of bits that characterizes a particular attack. Because there are many kinds of attacks, there are potentially many attack signatures. Furthermore, attackers may seek to avoid detection by altering the attack mechanism so that…

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

PubMed Central

Alajmi, Naser; Elleithy, Khaled

2015-01-01

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable. PMID:26610499

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

PubMed

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Investigation on iterative multiuser detection physical layer network coding in two-way relay free-space optical links with turbulences and pointing errors.

PubMed

Abu-Almaalie, Zina; Ghassemlooy, Zabih; Bhatnagar, Manav R; Le-Minh, Hoa; Aslam, Nauman; Liaw, Shien-Kuei; Lee, It Ee

2016-11-20

Physical layer network coding (PNC) improves the throughput in wireless networks by enabling two nodes to exchange information using a minimum number of time slots. The PNC technique is proposed for two-way relay channel free space optical (TWR-FSO) communications with the aim of maximizing the utilization of network resources. The multipair TWR-FSO is considered in this paper, where a single antenna on each pair seeks to communicate via a common receiver aperture at the relay. Therefore, chip interleaving is adopted as a technique to separate the different transmitted signals at the relay node to perform PNC mapping. Accordingly, this scheme relies on the iterative multiuser technique for detection of users at the receiver. The bit error rate (BER) performance of the proposed system is examined under the combined influences of atmospheric loss, turbulence-induced channel fading, and pointing errors (PEs). By adopting the joint PNC mapping with interleaving and multiuser detection techniques, the BER results show that the proposed scheme can achieve a significant performance improvement against the degrading effects of turbulences and PEs. It is also demonstrated that a larger number of simultaneous users can be supported with this new scheme in establishing a communication link between multiple pairs of nodes in two time slots, thereby improving the channel capacity.

Unsupervised Anomaly Detection Based on Clustering and Multiple One-Class SVM

NASA Astrophysics Data System (ADS)

Song, Jungsuk; Takakura, Hiroki; Okabe, Yasuo; Kwon, Yongjin

Intrusion detection system (IDS) has played an important role as a device to defend our networks from cyber attacks. However, since it is unable to detect unknown attacks, i.e., 0-day attacks, the ultimate challenge in intrusion detection field is how we can exactly identify such an attack by an automated manner. Over the past few years, several studies on solving these problems have been made on anomaly detection using unsupervised learning techniques such as clustering, one-class support vector machine (SVM), etc. Although they enable one to construct intrusion detection models at low cost and effort, and have capability to detect unforeseen attacks, they still have mainly two problems in intrusion detection: a low detection rate and a high false positive rate. In this paper, we propose a new anomaly detection method based on clustering and multiple one-class SVM in order to improve the detection rate while maintaining a low false positive rate. We evaluated our method using KDD Cup 1999 data set. Evaluation results show that our approach outperforms the existing algorithms reported in the literature; especially in detection of unknown attacks.

Face liveness detection for face recognition based on cardiac features of skin color image

NASA Astrophysics Data System (ADS)

Suh, Kun Ha; Lee, Eui Chul

2016-07-01

With the growth of biometric technology, spoofing attacks have been emerged a threat to the security of the system. Main spoofing scenarios in the face recognition system include the printing attack, replay attack, and 3D mask attack. To prevent such attacks, techniques that evaluating liveness of the biometric data can be considered as a solution. In this paper, a novel face liveness detection method based on cardiac signal extracted from face is presented. The key point of proposed method is that the cardiac characteristic is detected in live faces but not detected in non-live faces. Experimental results showed that the proposed method can be effective way for determining printing attack or 3D mask attack.

Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarmmore » rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.« less

Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

DOE PAGES

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

2017-03-31

This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarmmore » rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.« less

Topological Interference Management for K-User Downlink Massive MIMO Relay Network Channel.

PubMed

Selvaprabhu, Poongundran; Chinnadurai, Sunil; Li, Jun; Lee, Moon Ho

2017-08-17

In this paper, we study the emergence of topological interference alignment and the characterizing features of a multi-user broadcast interference relay channel. We propose an alternative transmission strategy named the relay space-time interference alignment (R-STIA) technique, in which a K -user multiple-input-multiple-output (MIMO) interference channel has massive antennas at the transmitter and relay. Severe interference from unknown transmitters affects the downlink relay network channel and degrades the system performance. An additional (unintended) receiver is introduced in the proposed R-STIA technique to overcome the above problem, since it has the ability to decode the desired signals for the intended receiver by considering cooperation between the receivers. The additional receiver also helps in recovering and reconstructing the interference signals with limited channel state information at the relay (CSIR). The Alamouti space-time transmission technique and minimum mean square error (MMSE) linear precoder are also used in the proposed scheme to detect the presence of interference signals. Numerical results show that the proposed R-STIA technique achieves a better performance in terms of the bit error rate (BER) and sum-rate compared to the existing broadcast channel schemes.

Topological Interference Management for K-User Downlink Massive MIMO Relay Network Channel

PubMed Central

Li, Jun; Lee, Moon Ho

2017-01-01

In this paper, we study the emergence of topological interference alignment and the characterizing features of a multi-user broadcast interference relay channel. We propose an alternative transmission strategy named the relay space-time interference alignment (R-STIA) technique, in which a K-user multiple-input-multiple-output (MIMO) interference channel has massive antennas at the transmitter and relay. Severe interference from unknown transmitters affects the downlink relay network channel and degrades the system performance. An additional (unintended) receiver is introduced in the proposed R-STIA technique to overcome the above problem, since it has the ability to decode the desired signals for the intended receiver by considering cooperation between the receivers. The additional receiver also helps in recovering and reconstructing the interference signals with limited channel state information at the relay (CSIR). The Alamouti space-time transmission technique and minimum mean square error (MMSE) linear precoder are also used in the proposed scheme to detect the presence of interference signals. Numerical results show that the proposed R-STIA technique achieves a better performance in terms of the bit error rate (BER) and sum-rate compared to the existing broadcast channel schemes. PMID:28817071

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

NASA Technical Reports Server (NTRS)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information.

PubMed

Wang, Chundong; Zhu, Likun; Gong, Liangyi; Zhao, Zhentang; Yang, Lei; Liu, Zheli; Cheng, Xiaochun

2018-03-15

With the development of the Internet-of-Things (IoT), wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI). This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI). Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks.

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information

PubMed Central

Wang, Chundong; Zhao, Zhentang; Yang, Lei; Liu, Zheli; Cheng, Xiaochun

2018-01-01

With the development of the Internet-of-Things (IoT), wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI). This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI). Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks. PMID:29543773

CPAD: Cyber-Physical Attack Detection

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ferragut, Erik M; Laska, Jason A

The CPAD technology relates to anomaly detection and more specifically to cyber physical attack detection. It infers underlying physical relationships between components by analyzing the sensor measurements of a system. It then uses these measurements to detect signs of a non-physically realizable state, which is indicative of an integrity attack on the system. CPAD can be used on any highly-instrumented cyber-physical system to detect integrity attacks and identify the component or components compromised. It has applications to power transmission and distribution, nuclear and industrial plants, and complex vehicles.

A performance study of unmanned aerial vehicle-based sensor networks under cyber attack

NASA Astrophysics Data System (ADS)

Puchaty, Ethan M.

In UAV-based sensor networks, an emerging area of interest is the performance of these networks under cyber attack. This study seeks to evaluate the performance trade-offs from a System-of-Systems (SoS) perspective between various UAV communications architecture options in the context two missions: tracking ballistic missiles and tracking insurgents. An agent-based discrete event simulation is used to model a sensor communication network consisting of UAVs, military communications satellites, ground relay stations, and a mission control center. Network susceptibility to cyber attack is modeled with probabilistic failures and induced data variability, with performance metrics focusing on information availability, latency, and trustworthiness. Results demonstrated that using UAVs as routers increased network availability with a minimal latency penalty and communications satellite networks were best for long distance operations. Redundancy in the number of links between communication nodes helped mitigate cyber-caused link failures and add robustness in cases of induced data variability by an adversary. However, when failures were not independent, redundancy and UAV routing were detrimental in some cases to network performance. Sensitivity studies indicated that long cyber-caused downtimes and increasing failure dependencies resulted in build-ups of failures and caused significant degradations in network performance.

Identifying and tracking attacks on networks: C3I displays and related technologies

NASA Astrophysics Data System (ADS)

Manes, Gavin W.; Dawkins, J.; Shenoi, Sujeet; Hale, John C.

2003-09-01

Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

Attack-tolerant networked control system: an approach for detection the controller stealthy hijacking attack

NASA Astrophysics Data System (ADS)

Atta Yaseen, Amer; Bayart, Mireille

2017-01-01

In this work, a new approach will be introduced as a development for the attack-tolerant scheme in the Networked Control System (NCS). The objective is to be able to detect an attack such as the Stuxnet case where the controller is reprogrammed and hijacked. Besides the ability to detect the stealthy controller hijacking attack, the advantage of this approach is that there is no need for a priori mathematical model of the controller. In order to implement the proposed scheme, a specific detector for the controller hijacking attack is designed. The performance of this scheme is evaluated be connected the detector to NCS with basic security elements such as Data Encryption Standard (DES), Message Digest (MD5), and timestamp. The detector is tested along with networked PI controller under stealthy hijacking attack. The test results of the proposed method show that the hijacked controller can be significantly detected and recovered.

Geographic Wormhole Detection in Wireless Sensor Networks

PubMed Central

Sookhak, Mehdi; Akhundzada, Adnan; Sookhak, Alireza; Eslaminejad, Mohammadreza; Gani, Abdullah; Khurram Khan, Muhammad; Li, Xiong; Wang, Xiaomin

2015-01-01

Wireless sensor networks (WSNs) are ubiquitous and pervasive, and therefore; highly susceptible to a number of security attacks. Denial of Service (DoS) attack is considered the most dominant and a major threat to WSNs. Moreover, the wormhole attack represents one of the potential forms of the Denial of Service (DoS) attack. Besides, crafting the wormhole attack is comparatively simple; though, its detection is nontrivial. On the contrary, the extant wormhole defense methods need both specialized hardware and strong assumptions to defend against static and dynamic wormhole attack. The ensuing paper introduces a novel scheme to detect wormhole attacks in a geographic routing protocol (DWGRP). The main contribution of this paper is to detect malicious nodes and select the best and the most reliable neighbors based on pairwise key pre-distribution technique and the beacon packet. Moreover, this novel technique is not subject to any specific assumption, requirement, or specialized hardware, such as a precise synchronized clock. The proposed detection method is validated by comparisons with several related techniques in the literature, such as Received Signal Strength (RSS), Authentication of Nodes Scheme (ANS), Wormhole Detection uses Hound Packet (WHOP), and Wormhole Detection with Neighborhood Information (WDI) using the NS-2 simulator. The analysis of the simulations shows promising results with low False Detection Rate (FDR) in the geographic routing protocols. PMID:25602616

Heavy-tailed distribution of the SSH Brute-force attack duration in a multi-user environment

NASA Astrophysics Data System (ADS)

Lee, Jae-Kook; Kim, Sung-Jun; Park, Chan Yeol; Hong, Taeyoung; Chae, Huiseung

2016-07-01

Quite a number of cyber-attacks to be place against supercomputers that provide highperformance computing (HPC) services to public researcher. Particularly, although the secure shell protocol (SSH) brute-force attack is one of the traditional attack methods, it is still being used. Because stealth attacks that feign regular access may occur, they are even harder to detect. In this paper, we introduce methods to detect SSH brute-force attacks by analyzing the server's unsuccessful access logs and the firewall's drop events in a multi-user environment. Then, we analyze the durations of the SSH brute-force attacks that are detected by applying these methods. The results of an analysis of about 10 thousands attack source IP addresses show that the behaviors of abnormal users using SSH brute-force attacks are based on human dynamic characteristics of a typical heavy-tailed distribution.

Towards an integrated defense system for cyber security situation awareness experiment

NASA Astrophysics Data System (ADS)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Design of Cyber Attack Precursor Symptom Detection Algorithm through System Base Behavior Analysis and Memory Monitoring

NASA Astrophysics Data System (ADS)

Jung, Sungmo; Kim, Jong Hyun; Cagalaban, Giovanni; Lim, Ji-Hoon; Kim, Seoksoo

More recently, botnet-based cyber attacks, including a spam mail or a DDos attack, have sharply increased, which poses a fatal threat to Internet services. At present, antivirus businesses make it top priority to detect malicious code in the shortest time possible (Lv.2), based on the graph showing a relation between spread of malicious code and time, which allows them to detect after malicious code occurs. Despite early detection, however, it is not possible to prevent malicious code from occurring. Thus, we have developed an algorithm that can detect precursor symptoms at Lv.1 to prevent a cyber attack using an evasion method of 'an executing environment aware attack' by analyzing system behaviors and monitoring memory.

Attacks and intrusion detection in wireless sensor networks of industrial SCADA systems

NASA Astrophysics Data System (ADS)

Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

2017-01-01

The effectiveness of automated process control systems (APCS) and supervisory control and data acquisition systems (SCADA) information security depends on the applied protection technologies of transport environment data transmission components. This article investigates the problems of detecting attacks in wireless sensor networks (WSN) of SCADA systems. As a result of analytical studies, the authors developed the detailed classification of external attacks and intrusion detection in sensor networks and brought a detailed description of attacking impacts on components of SCADA systems in accordance with the selected directions of attacks.

Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection

PubMed Central

Kaliappan, Jayakumar; Thiagarajan, Revathi; Sundararajan, Karpagam

2015-01-01

An intrusion detection system (IDS) helps to identify different types of attacks in general, and the detection rate will be higher for some specific category of attacks. This paper is designed on the idea that each IDS is efficient in detecting a specific type of attack. In proposed Multiple IDS Unit (MIU), there are five IDS units, and each IDS follows a unique algorithm to detect attacks. The feature selection is done with the help of genetic algorithm. The selected features of the input traffic are passed on to the MIU for processing. The decision from each IDS is termed as local decision. The fusion unit inside the MIU processes all the local decisions with the help of majority voting rule and makes the final decision. The proposed system shows a very good improvement in detection rate and reduces the false alarm rate. PMID:26295058

Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection.

PubMed

Kaliappan, Jayakumar; Thiagarajan, Revathi; Sundararajan, Karpagam

2015-01-01

An intrusion detection system (IDS) helps to identify different types of attacks in general, and the detection rate will be higher for some specific category of attacks. This paper is designed on the idea that each IDS is efficient in detecting a specific type of attack. In proposed Multiple IDS Unit (MIU), there are five IDS units, and each IDS follows a unique algorithm to detect attacks. The feature selection is done with the help of genetic algorithm. The selected features of the input traffic are passed on to the MIU for processing. The decision from each IDS is termed as local decision. The fusion unit inside the MIU processes all the local decisions with the help of majority voting rule and makes the final decision. The proposed system shows a very good improvement in detection rate and reduces the false alarm rate.

Cyber-Physical Attacks With Control Objectives

DOE PAGES

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

2017-08-18

This study studies attackers with control objectives against cyber-physical systems (CPSs). The goal of the attacker is to counteract the CPS's controller and move the system to a target state while evading detection. We formulate a cost function that reflects the attacker's goals, and, using dynamic programming, we show that the optimal attack strategy reduces to a linear feedback of the attacker's state estimate. By changing the parameters of the cost function, we show how an attacker can design optimal attacks to balance the control objective and the detection avoidance objective. In conclusion, we provide a numerical illustration based onmore » a remotely controlled helicopter under attack.« less

Cyber-Physical Attacks With Control Objectives

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

This study studies attackers with control objectives against cyber-physical systems (CPSs). The goal of the attacker is to counteract the CPS's controller and move the system to a target state while evading detection. We formulate a cost function that reflects the attacker's goals, and, using dynamic programming, we show that the optimal attack strategy reduces to a linear feedback of the attacker's state estimate. By changing the parameters of the cost function, we show how an attacker can design optimal attacks to balance the control objective and the detection avoidance objective. In conclusion, we provide a numerical illustration based onmore » a remotely controlled helicopter under attack.« less

VoIP attacks detection engine based on neural network

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

Advanced Cyber Industrial Control System Tactics, Techniques, and Procedures (ACI TTP) for Department of Defense (DOD) Industrial Control Systems (ICS)

DTIC Science & Technology

2016-08-10

enable JCS managers to detect advanced cyber attacks, mitigate the effects of those attacks, and recover their networks following an attack. It also... managers of ICS networks to Detect, Mitigate, and Recover from nation-state-level cyber attacks (strategic, deliberate, well-trained, and funded...Successful Detection of cyber anomalies is best achieved when IT and ICS managers remain in close coordination. The Integrity Checks Table

High salinity relay as a postharvest processing strategy to reduce vibrio vulnificus levels in Chesapeake Bay oysters (Crassostrea virginica).

PubMed

Audemard, Corinne; Kator, Howard I; Rhodes, Martha W; Gallivan, Thomas; Erskine, A J; Leggett, A Thomas; Reece, Kimberly S

2011-11-01

In 2009 the U.S. Food and Drug Administration (FDA) announced its intention to implement postharvest processing (PHP) methods to eliminate Vibrio vulnificus from oysters intended for the raw, half-shell market that are harvested from the Gulf of Mexico during warmer months. FDA-approved PHP methods can be expensive and may be associated with unfavorable responses from some consumers. A relatively unexplored PHP method that uses relaying to high salinity waters could be an alternative strategy, considering that high salinities appear to negatively affect the survival of V. vulnificus. During relay, however, oysters may be exposed to rapid and large salinity increases that could cause increased mortality. In this study, the effectiveness of high salinity relay to reduce V. vulnificus to <30 most probable number (MPN) per g and the impact on oyster mortality were assessed in the lower Chesapeake Bay. Two relay experiments were performed during the summer and fall of 2010. Oysters collected from three grow-out sites, a low salinity site (14 to 15 practical salinity units [psu]) and two moderate salinity sites (22 to 25 psu), were relayed directly to a high salinity site (≥30 psu) on Virginia's Eastern Shore. Oysters were assayed for V. vulnificus and Vibrio parahaemolyticus (another Vibrio species of concern) densities at time 0 prior to relay and after 7 and 14 days of relay, using the FDA MPN enrichment method combined with detection by real-time PCR. After 14 days, both V. vulnificus and V. parahaemolyticus densities were ≤0.8 MPN/g, and decreases of 2 to 3 log in V. vulnificus densities were observed. Oyster mortalities were low (≤4%) even for oysters from the low salinity harvest site, which experienced a salinity increase of approximately 15 psu. Results, although preliminary and requiring formal validation and economic analysis, suggest that high salinity relay could be an effective PHP method.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yan, Guanhua; Eidenbenz, Stephan; Ha, Duc T

Botnets, which are networks of compromised machines that are controlled by one or a group of attackers, have emerged as one of the most serious security threats on the Internet. With an army of bots at the scale of tens of thousands of hosts or even as large as 1.5 million PCs, the computational power of botnets can be leveraged to launch large-scale DDoS (Distributed Denial of Service) attacks, sending spamming emails, stealing identities and financial information, etc. As detection and mitigation techniques against botnets have been stepped up in recent years, attackers are also constantly improving their strategies tomore » operate these botnets. The first generation of botnets typically employ IRC (Internet Relay Chat) channels as their command and control (C&C) centers. Though simple and easy to deploy, the centralized C&C mechanism of such botnets has made them prone to being detected and disabled. Against this backdrop, peer-to-peer (P2P) based botnets have emerged as a new generation of botnets which can conceal their C&C communication. Recently, P2P networks have emerged as a covert communication platform for malicious programs known as bots. As popular distributed systems, they allow bots to communicate easily while protecting the botmaster from being discovered. Existing work on P2P-based hotnets mainly focuses on measurement of botnet sizes. In this work, through simulation, we study extensively the structure of P2P networks running Kademlia, one of a few widely used P2P protocols in practice. Our simulation testbed incorporates the actual code of a real Kademlia client software to achieve great realism, and distributed event-driven simulation techniques to achieve high scalability. Using this testbed, we analyze the scaling, reachability, clustering, and centrality properties of P2P-based botnets from a graph-theoretical perspective. We further demonstrate experimentally and theoretically that monitoring bot activities in a P2P network is difficult, suggesting that the P2P mechanism indeed helps botnets hide their communication effectively. Finally, we evaluate the effectiveness of some potential mitigation techniques, such as content poisoning, Sybil-based and Eclipse-based mitigation. Conclusions drawn from this work shed light on the structure of P2P botnets, how to monitor bot activities in P2P networks, and how to mitigate botnet operations effectively.« less

Randomized Prediction Games for Adversarial Machine Learning.

PubMed

Rota Bulo, Samuel; Biggio, Battista; Pillai, Ignazio; Pelillo, Marcello; Roli, Fabio

In spam and malware detection, attackers exploit randomization to obfuscate malicious data and increase their chances of evading detection at test time, e.g., malware code is typically obfuscated using random strings or byte sequences to hide known exploits. Interestingly, randomization has also been proposed to improve security of learning algorithms against evasion attacks, as it results in hiding information about the classifier to the attacker. Recent work has proposed game-theoretical formulations to learn secure classifiers, by simulating different evasion attacks and modifying the classification function accordingly. However, both the classification function and the simulated data manipulations have been modeled in a deterministic manner, without accounting for any form of randomization. In this paper, we overcome this limitation by proposing a randomized prediction game, namely, a noncooperative game-theoretic formulation in which the classifier and the attacker make randomized strategy selections according to some probability distribution defined over the respective strategy set. We show that our approach allows one to improve the tradeoff between attack detection and false alarms with respect to the state-of-the-art secure classifiers, even against attacks that are different from those hypothesized during design, on application examples including handwritten digit recognition, spam, and malware detection.In spam and malware detection, attackers exploit randomization to obfuscate malicious data and increase their chances of evading detection at test time, e.g., malware code is typically obfuscated using random strings or byte sequences to hide known exploits. Interestingly, randomization has also been proposed to improve security of learning algorithms against evasion attacks, as it results in hiding information about the classifier to the attacker. Recent work has proposed game-theoretical formulations to learn secure classifiers, by simulating different evasion attacks and modifying the classification function accordingly. However, both the classification function and the simulated data manipulations have been modeled in a deterministic manner, without accounting for any form of randomization. In this paper, we overcome this limitation by proposing a randomized prediction game, namely, a noncooperative game-theoretic formulation in which the classifier and the attacker make randomized strategy selections according to some probability distribution defined over the respective strategy set. We show that our approach allows one to improve the tradeoff between attack detection and false alarms with respect to the state-of-the-art secure classifiers, even against attacks that are different from those hypothesized during design, on application examples including handwritten digit recognition, spam, and malware detection.

A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems.

PubMed

Seo, Jung Woo; Lee, Sang Jin

2016-01-01

Large-scale network environments require effective detection and response methods against DDoS attacks. Depending on the advancement of IT infrastructure such as the server or network equipment, DDoS attack traffic arising from a few malware-infected systems capable of crippling the organization's internal network has become a significant threat. This study calculates the frequency of network-based packet attributes and analyzes the anomalies of the attributes in order to detect IP-spoofed DDoS attacks. Also, a method is proposed for the effective detection of malware infection systems triggering IP-spoofed DDoS attacks on an edge network. Detection accuracy and performance of the collected real-time traffic on a core network is analyzed thru the use of the proposed algorithm, and a prototype was developed to evaluate the performance of the algorithm. As a result, DDoS attacks on the internal network were detected in real-time and whether or not IP addresses were spoofed was confirmed. Detecting hosts infected by malware in real-time allowed the execution of intrusion responses before stoppage of the internal network caused by large-scale attack traffic.

Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets

NASA Astrophysics Data System (ADS)

Teramura, Ryoichi; Asakura, Yasuo; Ohigashi, Toshihiro; Kuwakado, Hidenori; Morii, Masakatu

Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36, 500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.

Large Efficient Intelligent Heating Relay Station System

NASA Astrophysics Data System (ADS)

Wu, C. Z.; Wei, X. G.; Wu, M. Q.

2017-12-01

The design of large efficient intelligent heating relay station system aims at the improvement of the existing heating system in our country, such as low heating efficiency, waste of energy and serious pollution, and the control still depends on the artificial problem. In this design, we first improve the existing plate heat exchanger. Secondly, the ATM89C51 is used to control the whole system and realize the intelligent control. The detection part is using the PT100 temperature sensor, pressure sensor, turbine flowmeter, heating temperature, detection of user end liquid flow, hydraulic, and real-time feedback, feedback signal to the microcontroller through the heating for users to adjust, realize the whole system more efficient, intelligent and energy-saving.

Arc fault detection system

DOEpatents

Jha, Kamal N.

1999-01-01

An arc fault detection system for use on ungrounded or high-resistance-grounded power distribution systems is provided which can be retrofitted outside electrical switchboard circuits having limited space constraints. The system includes a differential current relay that senses a current differential between current flowing from secondary windings located in a current transformer coupled to a power supply side of a switchboard, and a total current induced in secondary windings coupled to a load side of the switchboard. When such a current differential is experienced, a current travels through a operating coil of the differential current relay, which in turn opens an upstream circuit breaker located between the switchboard and a power supply to remove the supply of power to the switchboard.

On effectiveness of network sensor-based defense framework

NASA Astrophysics Data System (ADS)

Zhang, Difan; Zhang, Hanlin; Ge, Linqiang; Yu, Wei; Lu, Chao; Chen, Genshe; Pham, Khanh

2012-06-01

Cyber attacks are increasing in frequency, impact, and complexity, which demonstrate extensive network vulnerabilities with the potential for serious damage. Defending against cyber attacks calls for the distributed collaborative monitoring, detection, and mitigation. To this end, we develop a network sensor-based defense framework, with the aim of handling network security awareness, mitigation, and prediction. We implement the prototypical system and show its effectiveness on detecting known attacks, such as port-scanning and distributed denial-of-service (DDoS). Based on this framework, we also implement the statistical-based detection and sequential testing-based detection techniques and compare their respective detection performance. The future implementation of defensive algorithms can be provisioned in our proposed framework for combating cyber attacks.

Quantum measurements of signals from the Alphasat TDP1 laser communication terminal

NASA Astrophysics Data System (ADS)

Elser, D.; Günthner, K.; Khan, I.; Stiller, B.; Bayraktar, Ö.; Müller, C. R.; Saucke, K.; Tröndle, D.; Heine, F.; Seel, S.; Greulich, P.; Zech, H.; Gütlich, B.; Richter, I.; Philipp-May, S.; Marquardt, Ch.; Leuchs, G.

2017-09-01

Quantum optics [1] can be harnessed to implement cryptographic protocols that are verifiably immune against any conceivable attack [2]. Even quantum computers, that will break most current public keys [3, 4], cannot harm quantum encryption. Based on these intriguing quantum features, metropolitan quantum networks have been implemented around the world [5-15]. However, the long-haul link between metropolitan networks is currently missing [16]. Existing fiber infrastructure is not suitable for this purpose since classical telecom repeaters cannot relay quantum states [2]. Therefore, optical satellite-to-ground communication [17-22] lends itself to bridge intercontinental distances for quantum communication [23-40].

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the computational cost. The proposed algorithm is validated through a linearized longitudinal motion of a UAV example. Finally, we propose an attack attenuation strategy via the controller design for CPSs that are robust to various types of cyber attacks. While the previous studies have investigated a secure control by assuming a specific attack strategy, in this research we propose a hybrid robust control scheme that contains multiple sub-controllers, each matched to a specific type of cyber attacks. Then the system can be adapted to various cyber attacks (including those that are not assumed for sub-controller design) by switching its sub-controllers to achieve the best performance. Then, a method for designing a secure switching logic to counter all possible cyber attacks is proposed and it verifies mathematically the system's performance and stability as well. The performance of the proposed control scheme is demonstrated by an example with the hybrid H2 - H-infinity controller applied to a UAV example.

Deep Learning Method for Denial of Service Attack Detection Based on Restricted Boltzmann Machine.

PubMed

Imamverdiyev, Yadigar; Abdullayeva, Fargana

2018-06-01

In this article, the application of the deep learning method based on Gaussian-Bernoulli type restricted Boltzmann machine (RBM) to the detection of denial of service (DoS) attacks is considered. To increase the DoS attack detection accuracy, seven additional layers are added between the visible and the hidden layers of the RBM. Accurate results in DoS attack detection are obtained by optimization of the hyperparameters of the proposed deep RBM model. The form of the RBM that allows application of the continuous data is used. In this type of RBM, the probability distribution of the visible layer is replaced by a Gaussian distribution. Comparative analysis of the accuracy of the proposed method with Bernoulli-Bernoulli RBM, Gaussian-Bernoulli RBM, deep belief network type deep learning methods on DoS attack detection is provided. Detection accuracy of the methods is verified on the NSL-KDD data set. Higher accuracy from the proposed multilayer deep Gaussian-Bernoulli type RBM is obtained.

Item Anomaly Detection Based on Dynamic Partition for Time Series in Recommender Systems

PubMed Central

Gao, Min; Tian, Renli; Wen, Junhao; Xiong, Qingyu; Ling, Bin; Yang, Linda

2015-01-01

In recent years, recommender systems have become an effective method to process information overload. However, recommendation technology still suffers from many problems. One of the problems is shilling attacks-attackers inject spam user profiles to disturb the list of recommendation items. There are two characteristics of all types of shilling attacks: 1) Item abnormality: The rating of target items is always maximum or minimum; and 2) Attack promptness: It takes only a very short period time to inject attack profiles. Some papers have proposed item anomaly detection methods based on these two characteristics, but their detection rate, false alarm rate, and universality need to be further improved. To solve these problems, this paper proposes an item anomaly detection method based on dynamic partitioning for time series. This method first dynamically partitions item-rating time series based on important points. Then, we use chi square distribution (χ2) to detect abnormal intervals. The experimental results on MovieLens 100K and 1M indicate that this approach has a high detection rate and a low false alarm rate and is stable toward different attack models and filler sizes. PMID:26267477

Item Anomaly Detection Based on Dynamic Partition for Time Series in Recommender Systems.

PubMed

Gao, Min; Tian, Renli; Wen, Junhao; Xiong, Qingyu; Ling, Bin; Yang, Linda

2015-01-01

In recent years, recommender systems have become an effective method to process information overload. However, recommendation technology still suffers from many problems. One of the problems is shilling attacks-attackers inject spam user profiles to disturb the list of recommendation items. There are two characteristics of all types of shilling attacks: 1) Item abnormality: The rating of target items is always maximum or minimum; and 2) Attack promptness: It takes only a very short period time to inject attack profiles. Some papers have proposed item anomaly detection methods based on these two characteristics, but their detection rate, false alarm rate, and universality need to be further improved. To solve these problems, this paper proposes an item anomaly detection method based on dynamic partitioning for time series. This method first dynamically partitions item-rating time series based on important points. Then, we use chi square distribution (χ2) to detect abnormal intervals. The experimental results on MovieLens 100K and 1M indicate that this approach has a high detection rate and a low false alarm rate and is stable toward different attack models and filler sizes.

Detection of abnormal item based on time intervals for recommender systems.

PubMed

Gao, Min; Yuan, Quan; Ling, Bin; Xiong, Qingyu

2014-01-01

With the rapid development of e-business, personalized recommendation has become core competence for enterprises to gain profits and improve customer satisfaction. Although collaborative filtering is the most successful approach for building a recommender system, it suffers from "shilling" attacks. In recent years, the research on shilling attacks has been greatly improved. However, the approaches suffer from serious problem in attack model dependency and high computational cost. To solve the problem, an approach for the detection of abnormal item is proposed in this paper. In the paper, two common features of all attack models are analyzed at first. A revised bottom-up discretized approach is then proposed based on time intervals and the features for the detection. The distributions of ratings in different time intervals are compared to detect anomaly based on the calculation of chi square distribution (χ(2)). We evaluated our approach on four types of items which are defined according to the life cycles of these items. The experimental results show that the proposed approach achieves a high detection rate with low computational cost when the number of attack profiles is more than 15. It improves the efficiency in shilling attacks detection by narrowing down the suspicious users.

Presentation Attack Detection for Iris Recognition System Using NIR Camera Sensor

PubMed Central

Nguyen, Dat Tien; Baek, Na Rae; Pham, Tuyen Danh; Park, Kang Ryoung

2018-01-01

Among biometric recognition systems such as fingerprint, finger-vein, or face, the iris recognition system has proven to be effective for achieving a high recognition accuracy and security level. However, several recent studies have indicated that an iris recognition system can be fooled by using presentation attack images that are recaptured using high-quality printed images or by contact lenses with printed iris patterns. As a result, this potential threat can reduce the security level of an iris recognition system. In this study, we propose a new presentation attack detection (PAD) method for an iris recognition system (iPAD) using a near infrared light (NIR) camera image. To detect presentation attack images, we first localized the iris region of the input iris image using circular edge detection (CED). Based on the result of iris localization, we extracted the image features using deep learning-based and handcrafted-based methods. The input iris images were then classified into real and presentation attack categories using support vector machines (SVM). Through extensive experiments with two public datasets, we show that our proposed method effectively solves the iris recognition presentation attack detection problem and produces detection accuracy superior to previous studies. PMID:29695113

Presentation Attack Detection for Iris Recognition System Using NIR Camera Sensor.

PubMed

Nguyen, Dat Tien; Baek, Na Rae; Pham, Tuyen Danh; Park, Kang Ryoung

2018-04-24

Among biometric recognition systems such as fingerprint, finger-vein, or face, the iris recognition system has proven to be effective for achieving a high recognition accuracy and security level. However, several recent studies have indicated that an iris recognition system can be fooled by using presentation attack images that are recaptured using high-quality printed images or by contact lenses with printed iris patterns. As a result, this potential threat can reduce the security level of an iris recognition system. In this study, we propose a new presentation attack detection (PAD) method for an iris recognition system (iPAD) using a near infrared light (NIR) camera image. To detect presentation attack images, we first localized the iris region of the input iris image using circular edge detection (CED). Based on the result of iris localization, we extracted the image features using deep learning-based and handcrafted-based methods. The input iris images were then classified into real and presentation attack categories using support vector machines (SVM). Through extensive experiments with two public datasets, we show that our proposed method effectively solves the iris recognition presentation attack detection problem and produces detection accuracy superior to previous studies.

Protecting against cyber threats in networked information systems

NASA Astrophysics Data System (ADS)

Ertoz, Levent; Lazarevic, Aleksandar; Eilertson, Eric; Tan, Pang-Ning; Dokas, Paul; Kumar, Vipin; Srivastava, Jaideep

2003-07-01

This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

A hybrid protection approaches for denial of service (DoS) attacks in wireless sensor networks

NASA Astrophysics Data System (ADS)

Gunasekaran, Mahalakshmi; Periakaruppan, Subathra

2017-06-01

Wireless sensor network (WSN) contains the distributed autonomous devices with the sensing capability of physical and environmental conditions. During the clustering operation, the consumption of more energy causes the draining in battery power that leads to minimum network lifetime. Hence, the WSN devices are initially operated on low-power sleep mode to maximise the lifetime. But, the attacks arrival cause the disruption in low-power operating called denial of service (DoS) attacks. The conventional intrusion detection (ID) approaches such as rule-based and anomaly-based methods effectively detect the DoS attacks. But, the energy consumption and false detection rate are more. The absence of attack information and broadcast of its impact to the other cluster head (CH) leads to easy DoS attacks arrival. This article combines the isolation and routing tables to detect the attack in the specific cluster and broadcasts the information to other CH. The intercommunication between the CHs prevents the DoS attacks effectively. In addition, the swarm-based defence approach is proposed to migrate the fault channel to normal operating channel through frequency hop approaches. The comparative analysis between the proposed table-based intrusion detection systems (IDSs) and swarm-based defence approaches with the traditional IDS regarding the parameters of transmission overhead/efficiency, energy consumption, and false positive/negative rates proves the capability of DoS prediction/prevention in WSN.

Protection of Renewable-dominated Microgrids: Challenges and Potential Solutions.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Elkhatib, Mohamed; Ellis, Abraham; Milan Biswal

keywords : Microgrid Protection, Impedance Relay, Signal Processing-based Fault Detec- tion, Networked Microgrids, Communication-Assisted Protection In this report we address the challenge of designing efficient protection system for inverter- dominated microgrids. These microgrids are characterised with limited fault current capacity as a result of current-limiting protection functions of inverters. Typically, inverters limit their fault contribution in sub-cycle time frame to as low as 1.1 per unit. As a result, overcurrent protection could fail completely to detect faults in inverter-dominated microgrids. As part of this project a detailed literature survey of existing and proposed microgrid protection schemes were conducted. The surveymore » concluded that there is a gap in the available microgrid protection methods. The only credible protection solution available in literature for low- fault inverter-dominated microgrids is the differential protection scheme which represents a robust transmission-grade protection solution but at a very high cost. Two non-overcurrent protection schemes were investigated as part of this project; impedance-based protection and transient-based protection. Impedance-based protection depends on monitoring impedance trajectories at feeder relays to detect faults. Two communication-based impedance-based protection schemes were developed. the first scheme utilizes directional elements and pilot signals to locate the fault. The second scheme depends on a Central Protection Unit that communicates with all feeder relays to locate the fault based on directional flags received from feeder relays. The later approach could potentially be adapted to protect networked microgrids and dynamic topology microgrids. Transient-based protection relies on analyzing high frequency transients to detect and locate faults. This approach is very promising but its implementation in the filed faces several challenges. For example, high frequency transients due to faults can be confused with transients due to other events such as capacitor switching. Additionally, while detecting faults by analyzing transients could be doable, locating faults based on analyzing transients is still an open question.« less

Content modification attacks on consensus seeking multi-agent system with double-integrator dynamics.

PubMed

Dong, Yimeng; Gupta, Nirupam; Chopra, Nikhil

2016-11-01

In this paper, vulnerability of a distributed consensus seeking multi-agent system (MAS) with double-integrator dynamics against edge-bound content modification cyber attacks is studied. In particular, we define a specific edge-bound content modification cyber attack called malignant content modification attack (MCoMA), which results in unbounded growth of an appropriately defined group disagreement vector. Properties of MCoMA are utilized to design detection and mitigation algorithms so as to impart resilience in the considered MAS against MCoMA. Additionally, the proposed detection mechanism is extended to detect the general edge-bound content modification attacks (not just MCoMA). Finally, the efficacies of the proposed results are illustrated through numerical simulations.

Content modification attacks on consensus seeking multi-agent system with double-integrator dynamics

NASA Astrophysics Data System (ADS)

Dong, Yimeng; Gupta, Nirupam; Chopra, Nikhil

2016-11-01

In this paper, vulnerability of a distributed consensus seeking multi-agent system (MAS) with double-integrator dynamics against edge-bound content modification cyber attacks is studied. In particular, we define a specific edge-bound content modification cyber attack called malignant content modification attack (MCoMA), which results in unbounded growth of an appropriately defined group disagreement vector. Properties of MCoMA are utilized to design detection and mitigation algorithms so as to impart resilience in the considered MAS against MCoMA. Additionally, the proposed detection mechanism is extended to detect the general edge-bound content modification attacks (not just MCoMA). Finally, the efficacies of the proposed results are illustrated through numerical simulations.

Arc fault detection system

DOEpatents

Jha, K.N.

1999-05-18

An arc fault detection system for use on ungrounded or high-resistance-grounded power distribution systems is provided which can be retrofitted outside electrical switchboard circuits having limited space constraints. The system includes a differential current relay that senses a current differential between current flowing from secondary windings located in a current transformer coupled to a power supply side of a switchboard, and a total current induced in secondary windings coupled to a load side of the switchboard. When such a current differential is experienced, a current travels through a operating coil of the differential current relay, which in turn opens an upstream circuit breaker located between the switchboard and a power supply to remove the supply of power to the switchboard. 1 fig.

Detection of network attacks based on adaptive resonance theory

NASA Astrophysics Data System (ADS)

Bukhanov, D. G.; Polyakov, V. M.

2018-05-01

The paper considers an approach to intrusion detection systems using a neural network of adaptive resonant theory. It suggests the structure of an intrusion detection system consisting of two types of program modules. The first module manages connections of user applications by preventing the undesirable ones. The second analyzes the incoming network traffic parameters to check potential network attacks. After attack detection, it notifies the required stations using a secure transmission channel. The paper describes the experiment on the detection and recognition of network attacks using the test selection. It also compares the obtained results with similar experiments carried out by other authors. It gives findings and conclusions on the sufficiency of the proposed approach. The obtained information confirms the sufficiency of applying the neural networks of adaptive resonant theory to analyze network traffic within the intrusion detection system.

Method and apparatus for detecting cyber attacks on an alternating current power grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

McEachern, Alexander; Hofmann, Ronald

A method and apparatus for detecting cyber attacks on remotely-operable elements of an alternating current distribution grid. Two state estimates of the distribution grid are prepared, one of which uses micro-synchrophasors. A difference between the two state estimates indicates a possible cyber attack.

Sleep Deprivation Attack Detection in Wireless Sensor Network

NASA Astrophysics Data System (ADS)

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-02-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Detecting Heap-Spraying Code Injection Attacks in Malicious Web Pages Using Runtime Execution

NASA Astrophysics Data System (ADS)

Choi, Younghan; Kim, Hyoungchun; Lee, Donghoon

The growing use of web services is increasing web browser attacks exponentially. Most attacks use a technique called heap spraying because of its high success rate. Heap spraying executes a malicious code without indicating the exact address of the code by copying it into many heap objects. For this reason, the attack has a high potential to succeed if only the vulnerability is exploited. Thus, attackers have recently begun using this technique because it is easy to use JavaScript to allocate the heap memory area. This paper proposes a novel technique that detects heap spraying attacks by executing a heap object in a real environment, irrespective of the version and patch status of the web browser. This runtime execution is used to detect various forms of heap spraying attacks, such as encoding and polymorphism. Heap objects are executed after being filtered on the basis of patterns of heap spraying attacks in order to reduce the overhead of the runtime execution. Patterns of heap spraying attacks are based on analysis of how an web browser accesses benign web sites. The heap objects are executed forcibly by changing the instruction register into the address of them after being loaded into memory. Thus, we can execute the malicious code without having to consider the version and patch status of the browser. An object is considered to contain a malicious code if the execution reaches a call instruction and then the instruction accesses the API of system libraries, such as kernel32.dll and ws_32.dll. To change registers and monitor execution flow, we used a debugger engine. A prototype, named HERAD(HEap spRAying Detector), is implemented and evaluated. In experiments, HERAD detects various forms of exploit code that an emulation cannot detect, and some heap spraying attacks that NOZZLE cannot detect. Although it has an execution overhead, HERAD produces a low number of false alarms. The processing time of several minutes is negligible because our research focuses on detecting heap spraying. This research can be applied to existing systems that collect malicious codes, such as Honeypot.

A Cyber-Attack Detection Model Based on Multivariate Analyses

NASA Astrophysics Data System (ADS)

Sakai, Yuto; Rinsaka, Koichiro; Dohi, Tadashi

In the present paper, we propose a novel cyber-attack detection model based on two multivariate-analysis methods to the audit data observed on a host machine. The statistical techniques used here are the well-known Hayashi's quantification method IV and cluster analysis method. We quantify the observed qualitative audit event sequence via the quantification method IV, and collect similar audit event sequence in the same groups based on the cluster analysis. It is shown in simulation experiments that our model can improve the cyber-attack detection accuracy in some realistic cases where both normal and attack activities are intermingled.

Cyber Security Audit and Attack Detection Toolkit

DOE Office of Scientific and Technical Information (OSTI.GOV)

Peterson, Dale

2012-05-31

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Detecting Payload Attacks on Programmable Logic Controllers (PLCs)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, Huan

Programmable logic controllers (PLCs) play critical roles in industrial control systems (ICS). Providing hardware peripherals and firmware support for control programs (i.e., a PLC’s “payload”) written in languages such as ladder logic, PLCs directly receive sensor readings and control ICS physical processes. An attacker with access to PLC development software (e.g., by compromising an engineering workstation) can modify the payload program and cause severe physical damages to the ICS. To protect critical ICS infrastructure, we propose to model runtime behaviors of legitimate PLC payload program and use runtime behavior monitoring in PLC firmware to detect payload attacks. By monitoring themore » I/O access patterns, network access patterns, as well as payload program timing characteristics, our proposed firmware-level detection mechanism can detect abnormal runtime behaviors of malicious PLC payload. Using our proof-of-concept implementation, we evaluate the memory and execution time overhead of implementing our proposed method and find that it is feasible to incorporate our method into existing PLC firmware. In addition, our evaluation results show that a wide variety of payload attacks can be effectively detected by our proposed approach. The proposed firmware-level payload attack detection scheme complements existing bumpin- the-wire solutions (e.g., external temporal-logic-based model checkers) in that it can detect payload attacks that violate realtime requirements of ICS operations and does not require any additional apparatus.« less

Adaptive selective relaying in cooperative free-space optical systems over atmospheric turbulence and misalignment fading channels.

PubMed

Boluda-Ruiz, Rubén; García-Zambrana, Antonio; Castillo-Vázquez, Carmen; Castillo-Vázquez, Beatriz

2014-06-30

In this paper, a novel adaptive cooperative protocol with multiple relays using detect-and-forward (DF) over atmospheric turbulence channels with pointing errors is proposed. The adaptive DF cooperative protocol here analyzed is based on the selection of the optical path, source-destination or different source-relay links, with a greater value of fading gain or irradiance, maintaining a high diversity order. Closed-form asymptotic bit error-rate (BER) expressions are obtained for a cooperative free-space optical (FSO) communication system with Nr relays, when the irradiance of the transmitted optical beam is susceptible to either a wide range of turbulence conditions, following a gamma-gamma distribution of parameters α and β, or pointing errors, following a misalignment fading model where the effect of beam width, detector size and jitter variance is considered. A greater robustness for different link distances and pointing errors is corroborated by the obtained results if compared with similar cooperative schemes or equivalent multiple-input multiple-output (MIMO) systems. Simulation results are further demonstrated to confirm the accuracy and usefulness of the derived results.

Lack of relay toxicity in ferret hybrids fed carbaryl-treated prairie dogs.

PubMed

Orsted, K M; Dubay, S A; Raisbeck, M F; Siemion, R S; Sanchez, D A; Williams, E S

1998-04-01

Carbaryl (1-napthol methylcarbamate) is being considered for control of fleas on prairie dogs (Cynomys spp.) used in black-footed ferret (Mustela nigripes) recovery in the western United States. The potential for relay toxicity in ferrets was determined by feeding carbaryl treated prairie dogs to black-footed ferret x Siberian polecat (M. eversmanni) hybrids. Adult prairie dogs were treated topically with 2.5 g of commercial 5% carbaryl dust sold as flea powder. After 14 days prairie dogs were killed and fed to ferrets. Potential for relay toxicity was evaluated by analyzing ferret blood cholinesterase (CHe), prairie dog brain Che, and hepatic carbamate concentration. There was no difference between pre- and post-exposure blood CHe activity, nor did treated prairie dog brain CHe differ significantly from controls. Post-exposure blood CHe did not exhibit reactivation after dilution in aqueous buffer. Hepatic carbaryl concentrations were less than detection limits (50 ppb). Based on these results, we conclude that short-term use of carbaryl for flea control on prairie dogs does not pose a hazard of relay toxicity in black-footed ferrets.

Active Detection for Exposing Intelligent Attacks in Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Weerakkody, Sean; Ozel, Omur; Griffioen, Paul

In this paper, we consider approaches for detecting integrity attacks carried out by intelligent and resourceful adversaries in control systems. Passive detection techniques are often incorporated to identify malicious behavior. Here, the defender utilizes finely-tuned algorithms to process information and make a binary decision, whether the system is healthy or under attack. We demonstrate that passive detection can be ineffective against adversaries with model knowledge and access to a set of input/output channels. We then propose active detection as a tool to detect attacks. In active detection, the defender leverages degrees of freedom he has in the system to detectmore » the adversary. Specifically, the defender will introduce a physical secret kept hidden from the adversary, which can be utilized to authenticate the dynamics. In this regard, we carefully review two approaches for active detection: physical watermarking at the control input, and a moving target approach for generating system dynamics. We examine practical considerations for implementing these technologies and discuss future research directions.« less

Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hernandez Jimenez, Jarilyn M; Chen, Qian; Nichols, Jeff A.

Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report bymore » Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.« less

Detecting unknown attacks in wireless sensor networks that contain mobile nodes.

PubMed

Banković, Zorana; Fraga, David; Moya, José M; Vallejo, Juan Carlos

2012-01-01

As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Coding/modulation trade-offs for Shuttle wideband data links

NASA Technical Reports Server (NTRS)

Batson, B. H.; Huth, G. K.; Trumpis, B. D.

1974-01-01

This paper describes various modulation and coding schemes which are potentially applicable to the Shuttle wideband data relay communications link. This link will be capable of accommodating up to 50 Mbps of scientific data and will be subject to a power constraint which forces the use of channel coding. Although convolutionally encoded coherent binary PSK is the tentative signal design choice for the wideband data relay link, FM techniques are of interest because of the associated hardware simplicity and because an FM system is already planned to be available for transmission of television via relay satellite to the ground. Binary and M-ary FSK are considered as candidate modulation techniques, and both coherent and noncoherent ground station detection schemes are examined. The potential use of convolutional coding is considered in conjunction with each of the candidate modulation techniques.

Enhancing the cyber-security of smart grids with applications to synchrophasor data

NASA Astrophysics Data System (ADS)

Pal, Seemita

In the power grids, Supervisory Control and Data Acquisition (SCADA) systems are used as part of the Energy Management System (EMS) for enabling grid monitoring, control and protection. In recent times, with the ongoing installation of thousands of Phasor Measurement Units (PMUs), system operators are becoming increasingly reliant on PMU-generated synchrophasor measurements for executing wide-area monitoring and real-time control. The availability of PMU data facilitates dynamic state estimation of the system, thus improving the efficiency and resiliency of the grid. Since the SCADA and PMU data are used to make critical control decisions including actuation of physical systems, the timely availability and integrity of this networked data is of paramount importance. Absence or wrong control actions can potentially lead to disruption of operations, monetary loss, damage to equipments or surroundings or even blackout. This has posed new challenges to information security especially in this age of ever-increasing cyber-attacks. In this thesis, potential cyber-attacks on smart grids are presented and effective and implementable schemes are proposed for detecting them. The focus is mainly on three kinds of cyber-attacks and their detection: (i) gray-hole attacks on synchrophasor systems, (ii) PMU data manipulation attacks and (iii) data integrity attacks on SCADA systems. In the case of gray-hole attacks, also known as packet-drop attacks, the adversary may arbitrarily drop PMU data packets as they traverse the network, resulting in unavailability of time-sensitive data for the various critical power system applications. The fundamental challenge is to distinguish packets dropped by the adversary from those that occur naturally due to network congestion.The proposed gray-hole attack detection technique is based on exploiting the inherent timing information in the GPS time-stamped PMU data packets and using the temporal trends of the latencies to classify the cause of packet-drops and finally detect attacks, if any. In the case of PMU data manipulation attacks, the attacker may modify the data in the PMU packets in order to bias the system states and influence the control center into taking wrong decisions. The proposed detection technique is based on evaluating the equivalent impedances of the transmission lines and classifying the observed anomalies to determine the presence of attack and its location. The scheme for detecting data integrity attacks on SCADA systems is based on utilizing synchrophasor measurements from available PMUs in the grid. The proposed method uses a difference measure, developed in this thesis, to determine the relative divergence and mis-correlation between the datasets. Based on the estimated difference measure, tampered and genuine data can be distinguished. The proposed detection mechanisms have demonstrated high accuracy in real-time detection of attacks of various magnitudes, simulated on real PMU data obtained from the NY grid. By performing alarm clustering, the occurrence of false alarms has been reduced to almost zero. The solutions are computationally inexpensive, low on cost, do not add any overhead, and do not require any feedback from the network.

Simple circuit monitors "third wire" in ac lines

NASA Technical Reports Server (NTRS)

Kojima, T. T.; Stuck, D. E.

1980-01-01

Device detects interruption of ground connection in three-wire electrical equipment and shuts off ac power to prevent shock hazard. Silicon-controlled rectifiers detect floating ground, and deenergize optoelectric relays thereby breaking power connections. Circuit could be incorporated into hand tools, appliances, and other electrical equipment.

Outage probability of a relay strategy allowing intra-link errors utilizing Slepian-Wolf theorem

NASA Astrophysics Data System (ADS)

Cheng, Meng; Anwar, Khoirul; Matsumoto, Tad

2013-12-01

In conventional decode-and-forward (DF) one-way relay systems, a data block received at the relay node is discarded, if the information part is found to have errors after decoding. Such errors are referred to as intra-link errors in this article. However, in a setup where the relay forwards data blocks despite possible intra-link errors, the two data blocks, one from the source node and the other from the relay node, are highly correlated because they were transmitted from the same source. In this article, we focus on the outage probability analysis of such a relay transmission system, where source-destination and relay-destination links, Link 1 and Link 2, respectively, are assumed to suffer from the correlated fading variation due to block Rayleigh fading. The intra-link is assumed to be represented by a simple bit-flipping model, where some of the information bits recovered at the relay node are the flipped version of their corresponding original information bits at the source. The correlated bit streams are encoded separately by the source and relay nodes, and transmitted block-by-block to a common destination using different time slots, where the information sequence transmitted over Link 2 may be a noise-corrupted interleaved version of the original sequence. The joint decoding takes place at the destination by exploiting the correlation knowledge of the intra-link (source-relay link). It is shown that the outage probability of the proposed transmission technique can be expressed by a set of double integrals over the admissible rate range, given by the Slepian-Wolf theorem, with respect to the probability density function ( pdf) of the instantaneous signal-to-noise power ratios (SNR) of Link 1 and Link 2. It is found that, with the Slepian-Wolf relay technique, so far as the correlation ρ of the complex fading variation is | ρ|<1, the 2nd order diversity can be achieved only if the two bit streams are fully correlated. This indicates that the diversity order exhibited in the outage curve converges to 1 when the bit streams are not fully correlated. Moreover, the Slepian-Wolf outage probability is proved to be smaller than that of the 2nd order maximum ratio combining (MRC) diversity, if the average SNRs of the two independent links are the same. Exact as well as asymptotic expressions of the outage probability are theoretically derived in the article. In addition, the theoretical outage results are compared with the frame-error-rate (FER) curves, obtained by a series of simulations for the Slepian-Wolf relay system based on bit-interleaved coded modulation with iterative detection (BICM-ID). It is shown that the FER curves exhibit the same tendency as the theoretical results.

Reduced Baroreflex Sensitivity in Cluster Headache Patients.

PubMed

Barloese, Mads C J; Mehlsen, Jesper; Brinth, Louise; Lundberg, Helena I S; Jennum, Poul J; Jensen, Rigmor H

2015-06-01

Important elements of cluster headache (CH) pathophysiology may be seated in the posterior hypothalamus. Cranial autonomic features are inherent, but involvement of systemic autonomic control is still debated. We aimed to characterize autonomic function as investigated by baroreflex sensitivity (BRS) in CH patients. Twenty-six active CH patients and an equal number of age-, sex-, and BMI-matched controls underwent head-up tilt table test and BRS was determined by the sequence method. Compared with controls, patients exhibited a blunted reactivity of RR intervals in response to falls and increases in systolic blood pressure (SBP) (15.3 vs. 20.0 ms/mmHg, P = .0041) in the supine position. Also, compared with controls, BRS was lower in patients having suffered an attack within the past 12 hours (n = 13, 12.5 vs. 22.3 ms/mmHg, P = .0091), opposed to those patients who had not (n = 13, 16.0 ms/mmHg, P = .1523). In the tilted position, the drop in SBP at the carotid sinuses was higher in patients who had recently suffered an attack. Despite this, they exhibited a less marked shortening of RR intervals when compared with patients who had been attack free for longer. CH patients exhibit a subclinical blunting of BRS that may be affected by the attacks themselves. The fast RR interval fluctuations used in this method reflects cardiovagal responses, thus the blunted responses are suggestive of dysfunction in the parasympathetic division of the autonomic nervous system or in the central relay of impulses from the baroreceptors. © 2015 American Headache Society.

State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept

NASA Astrophysics Data System (ADS)

Carcano, Andrea; Fovino, Igor Nai; Masera, Marcelo; Trombetta, Alberto

We present a novel Intrusion Detection System able to detect complex attacks to SCADA systems. By complex attack, we mean a set of commands (carried in Modbus packets) that, while licit when considered in isolation on a single-packet basis, interfere with the correct behavior of the system. The proposed IDS detects such attacks thanks to an internal representation of the controlled SCADA system and a corresponding rule language, powerful enough to express the system's critical states. Furthermore, we detail the implementation and provide experimental comparative results.

Identification of Malicious Web Pages by Inductive Learning

NASA Astrophysics Data System (ADS)

Liu, Peishun; Wang, Xuefang

Malicious web pages are an increasing threat to current computer systems in recent years. Traditional anti-virus techniques focus typically on detection of the static signatures of Malware and are ineffective against these new threats because they cannot deal with zero-day attacks. In this paper, a novel classification method for detecting malicious web pages is presented. This method is generalization and specialization of attack pattern based on inductive learning, which can be used for updating and expanding knowledge database. The attack pattern is established from an example and generalized by inductive learning, which can be used to detect unknown attacks whose behavior is similar to the example.

TANDI: threat assessment of network data and information

NASA Astrophysics Data System (ADS)

Holsopple, Jared; Yang, Shanchieh Jay; Sudit, Moises

2006-04-01

Current practice for combating cyber attacks typically use Intrusion Detection Sensors (IDSs) to passively detect and block multi-stage attacks. This work leverages Level-2 fusion that correlates IDS alerts belonging to the same attacker, and proposes a threat assessment algorithm to predict potential future attacker actions. The algorithm, TANDI, reduces the problem complexity by separating the models of the attacker's capability and opportunity, and fuse the two to determine the attacker's intent. Unlike traditional Bayesian-based approaches, which require assigning a large number of edge probabilities, the proposed Level-3 fusion procedure uses only 4 parameters. TANDI has been implemented and tested with randomly created attack sequences. The results demonstrate that TANDI predicts future attack actions accurately as long as the attack is not part of a coordinated attack and contains no insider threats. In the presence of abnormal attack events, TANDI will alarm the network analyst for further analysis. The attempt to evaluate a threat assessment algorithm via simulation is the first in the literature, and shall open up a new avenue in the area of high level fusion.

Dynamic defense and network randomization for computer systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Stout, William M. S.; Hamlet, Jason R.

The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissancemore » stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.« less

Detection of complex cyber attacks

NASA Astrophysics Data System (ADS)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Generalised Category Attack—Improving Histogram-Based Attack on JPEG LSB Embedding

NASA Astrophysics Data System (ADS)

Lee, Kwangsoo; Westfeld, Andreas; Lee, Sangjin

We present a generalised and improved version of the category attack on LSB steganography in JPEG images with straddled embedding path. It detects more reliably low embedding rates and is also less disturbed by double compressed images. The proposed methods are evaluated on several thousand images. The results are compared to both recent blind and specific attacks for JPEG embedding. The proposed attack permits a more reliable detection, although it is based on first order statistics only. Its simple structure makes it very fast.

Necessary detection efficiencies for secure quantum key distribution and bound randomness

NASA Astrophysics Data System (ADS)

Acín, Antonio; Cavalcanti, Daniel; Passaro, Elsa; Pironio, Stefano; Skrzypczyk, Paul

2016-01-01

In recent years, several hacking attacks have broken the security of quantum cryptography implementations by exploiting the presence of losses and the ability of the eavesdropper to tune detection efficiencies. We present a simple attack of this form that applies to any protocol in which the key is constructed from the results of untrusted measurements performed on particles coming from an insecure source or channel. Because of its generality, the attack applies to a large class of protocols, from standard prepare-and-measure to device-independent schemes. Our attack gives bounds on the critical detection efficiencies necessary for secure quantum key distribution, which show that the implementation of most partly device-independent solutions is, from the point of view of detection efficiency, almost as demanding as fully device-independent ones. We also show how our attack implies the existence of a form of bound randomness, namely nonlocal correlations in which a nonsignalling eavesdropper can find out a posteriori the result of any implemented measurement.

SiC: An Agent Based Architecture for Preventing and Detecting Attacks to Ubiquitous Databases

NASA Astrophysics Data System (ADS)

Pinzón, Cristian; de Paz, Yanira; Bajo, Javier; Abraham, Ajith; Corchado, Juan M.

One of the main attacks to ubiquitous databases is the structure query language (SQL) injection attack, which causes severe damages both in the commercial aspect and in the user’s confidence. This chapter proposes the SiC architecture as a solution to the SQL injection attack problem. This is a hierarchical distributed multiagent architecture, which involves an entirely new approach with respect to existing architectures for the prevention and detection of SQL injections. SiC incorporates a kind of intelligent agent, which integrates a case-based reasoning system. This agent, which is the core of the architecture, allows the application of detection techniques based on anomalies as well as those based on patterns, providing a great degree of autonomy, flexibility, robustness and dynamic scalability. The characteristics of the multiagent system allow an architecture to detect attacks from different types of devices, regardless of the physical location. The architecture has been tested on a medical database, guaranteeing safe access from various devices such as PDAs and notebook computers.

PV Systems Reliability Final Technical Report: Ground Fault Detection

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lavrova, Olga; Flicker, Jack David; Johnson, Jay

We have examined ground faults in PhotoVoltaic (PV) arrays and the efficacy of fuse, current detection (RCD), current sense monitoring/relays (CSM), isolation/insulation (Riso) monitoring, and Ground Fault Detection and Isolation (GFID) using simulations based on a Simulation Program with Integrated Circuit Emphasis SPICE ground fault circuit model, experimental ground faults installed on real arrays, and theoretical equations.

Research on the technology of detecting the SQL injection attack and non-intrusive prevention in WEB system

NASA Astrophysics Data System (ADS)

Hu, Haibin

2017-05-01

Among numerous WEB security issues, SQL injection is the most notable and dangerous. In this study, characteristics and procedures of SQL injection are analyzed, and the method for detecting the SQL injection attack is illustrated. The defense resistance and remedy model of SQL injection attack is established from the perspective of non-intrusive SQL injection attack and defense. Moreover, the ability of resisting the SQL injection attack of the server has been comprehensively improved through the security strategies on operation system, IIS and database, etc.. Corresponding codes are realized. The method is well applied in the actual projects.

A Method of Synchrophasor Technology for Detecting and Analyzing Cyber-Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCann, Roy; Al-Sarray, Muthanna

Studying cybersecurity events and analyzing their impacts encourage planners and operators to develop innovative approaches for preventing attacks in order to avoid outages and other disruptions. This work considers two parts in security studies; detecting an integrity attack and examining its effects on power system generators. The detection was conducted through employing synchrophasor technology to provide authentication of ACG commands based on observed system operating characteristics. The examination of an attack is completed via a detailed simulation of a modified IEEE 68-bus benchmark model to show the associated power system dynamic response. The results of the simulation are discussed formore » assessing the impacts of cyber threats.« less

Using Unix system auditing for detecting network intrusions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Christensen, M.J.

1993-03-01

Intrusion Detection Systems (IDSs) are designed to detect actions of individuals who use computer resources without authorization as well as legitimate users who exceed their privileges. This paper describes a novel approach to IDS research, namely a decision aiding approach to intrusion detection. The introduction of a decision tree represents the logical steps necessary to distinguish and identify different types of attacks. This tool, the Intrusion Decision Aiding Tool (IDAT), utilizes IDS-based attack models and standard Unix audit data. Since attacks have certain characteristics and are based on already developed signature attack models, experienced and knowledgeable Unix system administrators knowmore » what to look for in system audit logs to determine if a system has been attacked. Others, however, are usually less able to recognize common signatures of unauthorized access. Users can traverse the tree using available audit data displayed by IDAT and general knowledge they possess to reach a conclusion regarding suspicious activity. IDAT is an easy-to-use window based application that gathers, analyzes, and displays pertinent system data according to Unix attack characteristics. IDAT offers a more practical approach and allows the user to make an informed decision regarding suspicious activity.« less

Reset Tree-Based Optical Fault Detection

PubMed Central

Lee, Dong-Geon; Choi, Dooho; Seo, Jungtaek; Kim, Howon

2013-01-01

In this paper, we present a new reset tree-based scheme to protect cryptographic hardware against optical fault injection attacks. As one of the most powerful invasive attacks on cryptographic hardware, optical fault attacks cause semiconductors to misbehave by injecting high-energy light into a decapped integrated circuit. The contaminated result from the affected chip is then used to reveal secret information, such as a key, from the cryptographic hardware. Since the advent of such attacks, various countermeasures have been proposed. Although most of these countermeasures are strong, there is still the possibility of attack. In this paper, we present a novel optical fault detection scheme that utilizes the buffers on a circuit's reset signal tree as a fault detection sensor. To evaluate our proposal, we model radiation-induced currents into circuit components and perform a SPICE simulation. The proposed scheme is expected to be used as a supplemental security tool. PMID:23698267

Spoof Detection for Finger-Vein Recognition System Using NIR Camera.

PubMed

Nguyen, Dat Tien; Yoon, Hyo Sik; Pham, Tuyen Danh; Park, Kang Ryoung

2017-10-01

Finger-vein recognition, a new and advanced biometrics recognition method, is attracting the attention of researchers because of its advantages such as high recognition performance and lesser likelihood of theft and inaccuracies occurring on account of skin condition defects. However, as reported by previous researchers, it is possible to attack a finger-vein recognition system by using presentation attack (fake) finger-vein images. As a result, spoof detection, named as presentation attack detection (PAD), is necessary in such recognition systems. Previous attempts to establish PAD methods primarily focused on designing feature extractors by hand (handcrafted feature extractor) based on the observations of the researchers about the difference between real (live) and presentation attack finger-vein images. Therefore, the detection performance was limited. Recently, the deep learning framework has been successfully applied in computer vision and delivered superior results compared to traditional handcrafted methods on various computer vision applications such as image-based face recognition, gender recognition and image classification. In this paper, we propose a PAD method for near-infrared (NIR) camera-based finger-vein recognition system using convolutional neural network (CNN) to enhance the detection ability of previous handcrafted methods. Using the CNN method, we can derive a more suitable feature extractor for PAD than the other handcrafted methods using a training procedure. We further process the extracted image features to enhance the presentation attack finger-vein image detection ability of the CNN method using principal component analysis method (PCA) for dimensionality reduction of feature space and support vector machine (SVM) for classification. Through extensive experimental results, we confirm that our proposed method is adequate for presentation attack finger-vein image detection and it can deliver superior detection results compared to CNN-based methods and other previous handcrafted methods.

Spoof Detection for Finger-Vein Recognition System Using NIR Camera

PubMed Central

Nguyen, Dat Tien; Yoon, Hyo Sik; Pham, Tuyen Danh; Park, Kang Ryoung

2017-01-01

Finger-vein recognition, a new and advanced biometrics recognition method, is attracting the attention of researchers because of its advantages such as high recognition performance and lesser likelihood of theft and inaccuracies occurring on account of skin condition defects. However, as reported by previous researchers, it is possible to attack a finger-vein recognition system by using presentation attack (fake) finger-vein images. As a result, spoof detection, named as presentation attack detection (PAD), is necessary in such recognition systems. Previous attempts to establish PAD methods primarily focused on designing feature extractors by hand (handcrafted feature extractor) based on the observations of the researchers about the difference between real (live) and presentation attack finger-vein images. Therefore, the detection performance was limited. Recently, the deep learning framework has been successfully applied in computer vision and delivered superior results compared to traditional handcrafted methods on various computer vision applications such as image-based face recognition, gender recognition and image classification. In this paper, we propose a PAD method for near-infrared (NIR) camera-based finger-vein recognition system using convolutional neural network (CNN) to enhance the detection ability of previous handcrafted methods. Using the CNN method, we can derive a more suitable feature extractor for PAD than the other handcrafted methods using a training procedure. We further process the extracted image features to enhance the presentation attack finger-vein image detection ability of the CNN method using principal component analysis method (PCA) for dimensionality reduction of feature space and support vector machine (SVM) for classification. Through extensive experimental results, we confirm that our proposed method is adequate for presentation attack finger-vein image detection and it can deliver superior detection results compared to CNN-based methods and other previous handcrafted methods. PMID:28974031

On the Adaptive Protection of Microgrids: A Review on How to Mitigate Cyber Attacks and Communication Failures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Habib, Hany F; Lashway, Christopher R; Mohammed, Osama A

One main challenge in the practical implementation of a microgrid is the design of an adequate protection scheme in both grid connected and islanded modes. Conventional overcurrent protection schemes face selectivity and sensitivity issues during grid and microgrid faults since the fault current level is different in both cases for the same relay. Various approaches have been implemented in the past to deal with this problem, yet the most promising ones are the implementation of adaptive protection techniques abiding by the IEC 61850 communication standard. This paper presents a critical review of existing adaptive protection schemes, the technical challenges formore » the use of classical protection techniques and the need for an adaptive, smart protection system. However, the risk of communication link failures and cyber security threats still remain a challenge in implementing a reliable adaptive protection scheme. A contingency is needed where a communication issue prevents the relay from adjusting to a lower current level during islanded mode. An adaptive protection scheme is proposed that utilizes energy storage (ES) and hybrid ES (HESS) already available in the network as a mechanism to source the higher fault current. Four common grid ES and HESS are reviewed for their suitability in feeding the fault while some solutions are proposed.« less

Methods, media, and systems for detecting attack on a digital processing device

DOEpatents

Stolfo, Salvatore J.; Li, Wei-Jen; Keromylis, Angelos D.; Androulaki, Elli

2014-07-22

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack. In some embodiments, the methods include: selecting a data segment in at least one portion of an electronic document; determining whether the arbitrarily selected data segment can be altered without causing the electronic document to result in an error when processed by a corresponding program; in response to determining that the arbitrarily selected data segment can be altered, arbitrarily altering the data segment in the at least one portion of the electronic document to produce an altered electronic document; and determining whether the corresponding program produces an error state when the altered electronic document is processed by the corresponding program.

Methods, media, and systems for detecting attack on a digital processing device

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document tomore » the static detection model and the execution of the at least part of the document, reporting the presence of an attack. In some embodiments, the methods include: selecting a data segment in at least one portion of an electronic document; determining whether the arbitrarily selected data segment can be altered without causing the electronic document to result in an error when processed by a corresponding program; in response to determining that the arbitrarily selected data segment can be altered, arbitrarily altering the data segment in the at least one portion of the electronic document to produce an altered electronic document; and determining whether the corresponding program produces an error state when the altered electronic document is processed by the corresponding program.« less

Localization-Free Detection of Replica Node Attacks in Wireless Sensor Networks Using Similarity Estimation with Group Deployment Knowledge

PubMed Central

Ding, Chao; Yang, Lijun; Wu, Meng

2017-01-01

Due to the unattended nature and poor security guarantee of the wireless sensor networks (WSNs), adversaries can easily make replicas of compromised nodes, and place them throughout the network to launch various types of attacks. Such an attack is dangerous because it enables the adversaries to control large numbers of nodes and extend the damage of attacks to most of the network with quite limited cost. To stop the node replica attack, we propose a location similarity-based detection scheme using deployment knowledge. Compared with prior solutions, our scheme provides extra functionalities that prevent replicas from generating false location claims without deploying resource-consuming localization techniques on the resource-constraint sensor nodes. We evaluate the security performance of our proposal under different attack strategies through heuristic analysis, and show that our scheme achieves secure and robust replica detection by increasing the cost of node replication. Additionally, we evaluate the impact of network environment on the proposed scheme through theoretic analysis and simulation experiments, and indicate that our scheme achieves effectiveness and efficiency with substantially lower communication, computational, and storage overhead than prior works under different situations and attack strategies. PMID:28098846

Localization-Free Detection of Replica Node Attacks in Wireless Sensor Networks Using Similarity Estimation with Group Deployment Knowledge.

PubMed

Ding, Chao; Yang, Lijun; Wu, Meng

2017-01-15

Due to the unattended nature and poor security guarantee of the wireless sensor networks (WSNs), adversaries can easily make replicas of compromised nodes, and place them throughout the network to launch various types of attacks. Such an attack is dangerous because it enables the adversaries to control large numbers of nodes and extend the damage of attacks to most of the network with quite limited cost. To stop the node replica attack, we propose a location similarity-based detection scheme using deployment knowledge. Compared with prior solutions, our scheme provides extra functionalities that prevent replicas from generating false location claims without deploying resource-consuming localization techniques on the resource-constraint sensor nodes. We evaluate the security performance of our proposal under different attack strategies through heuristic analysis, and show that our scheme achieves secure and robust replica detection by increasing the cost of node replication. Additionally, we evaluate the impact of network environment on the proposed scheme through theoretic analysis and simulation experiments, and indicate that our scheme achieves effectiveness and efficiency with substantially lower communication, computational, and storage overhead than prior works under different situations and attack strategies.

Cyber attacks against state estimation in power systems: Vulnerability analysis and protection strategies

NASA Astrophysics Data System (ADS)

Liu, Xuan

Power grid is one of the most critical infrastructures in a nation and could suffer a variety of cyber attacks. With the development of Smart Grid, false data injection attack has recently attracted wide research interest. This thesis proposes a false data attack model with incomplete network information and develops optimal attack strategies for attacking load measurements and the real-time topology of a power grid. The impacts of false data on the economic and reliable operations of power systems are quantitatively analyzed in this thesis. To mitigate the risk of cyber attacks, a distributed protection strategies are also developed. It has been shown that an attacker can design false data to avoid being detected by the control center if the network information of a power grid is known to the attacker. In practice, however, it is very hard or even impossible for an attacker to obtain all network information of a power grid. In this thesis, we propose a local load redistribution attacking model based on incomplete network information and show that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator. A heuristic algorithm is developed to determine a feasible attacking region by obtaining reduced network information. This thesis investigates the impacts of false data on the operations of power systems. It has been shown that false data can be designed by an attacker to: 1) mask the real-time topology of a power grid; 2) overload a transmission line; 3) disturb the line outage detection based on PMU data. To mitigate the risk of cyber attacks, this thesis proposes a new protection strategy, which intends to mitigate the damage effects of false data injection attacks by protecting a small set of critical measurements. To further reduce the computation complexity, a mixed integer linear programming approach is also proposed to separate the power grid into several subnetworks, then distributed protection strategy is applied to each subnetwork.

Automated Network Anomaly Detection with Learning, Control and Mitigation

ERIC Educational Resources Information Center

Ippoliti, Dennis

2014-01-01

Anomaly detection is a challenging problem that has been researched within a variety of application domains. In network intrusion detection, anomaly based techniques are particularly attractive because of their ability to identify previously unknown attacks without the need to be programmed with the specific signatures of every possible attack.…

A model for anomaly classification in intrusion detection systems

NASA Astrophysics Data System (ADS)

Ferreira, V. O.; Galhardi, V. V.; Gonçalves, L. B. L.; Silva, R. C.; Cansian, A. M.

2015-09-01

Intrusion Detection Systems (IDS) are traditionally divided into two types according to the detection methods they employ, namely (i) misuse detection and (ii) anomaly detection. Anomaly detection has been widely used and its main advantage is the ability to detect new attacks. However, the analysis of anomalies generated can become expensive, since they often have no clear information about the malicious events they represent. In this context, this paper presents a model for automated classification of alerts generated by an anomaly based IDS. The main goal is either the classification of the detected anomalies in well-defined taxonomies of attacks or to identify whether it is a false positive misclassified by the IDS. Some common attacks to computer networks were considered and we achieved important results that can equip security analysts with best resources for their analyses.

Improved Fake-State Attack to the Quantum Key Distribution Systems

NASA Astrophysics Data System (ADS)

Zhang, Sheng; Wang, Jian; Tang, Chao-jing

2012-09-01

It has been showed that most commercial quantum cryptosystems are vulnerable to the fake-state attacks, which employ the loophole that the avalanche photodiodes as single photon detectors still produce detection events in the linear mode. However, previous fake-state attacks may be easily prevented by either installing a watch dog or reconfiguring the dead-time assigning component. In this paper, we present a new technique to counteract the after-pulse effect ever enhanced by the fake-state attacks, in order to lower the quantum bit error rate. Obviously, it is more difficult to detect the presented attack scheme. Indeed, it contributes to promoting of implementing a secure quantum cryptosystem in real life.

Performance Improvement of Power Analysis Attacks on AES with Encryption-Related Signals

NASA Astrophysics Data System (ADS)

Lee, You-Seok; Lee, Young-Jun; Han, Dong-Guk; Kim, Ho-Won; Kim, Hyoung-Nam

A power analysis attack is a well-known side-channel attack but the efficiency of the attack is frequently degraded by the existence of power components, irrelative to the encryption included in signals used for the attack. To enhance the performance of the power analysis attack, we propose a preprocessing method based on extracting encryption-related parts from the measured power signals. Experimental results show that the attacks with the preprocessed signals detect correct keys with much fewer signals, compared to the conventional power analysis attacks.

Attacks on public telephone networks: technologies and challenges

NASA Astrophysics Data System (ADS)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers.

PubMed

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A

2016-08-17

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers

PubMed Central

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A.

2016-01-01

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers. PMID:27548169

Design of a novel Hyper-spectral riflescope system

NASA Astrophysics Data System (ADS)

Huang, YunHan; Fu, YueGang

2016-10-01

Hyper-spectral imaging involves many research areas, such as optics, spectroscopy, mechanical, microelectronics, and computers, etc. Hyper-spectral imaging system has an irreplaceable role in the detection field. At present, due to the improvement of camouflage technology, characteristic of target in battlefield becomes more complex and the targets became more and more difficult to be detected, According to this phenomenon the author designed a novel hyper-spectral riflescope optical system. In general, the riflescope optical system is composed of two parts front object lens and zoom relay system. Firstly, dispersion characteristics of the typical optical glasses varies during band 400nm 1 000nm, the author derived apochromatic theory that suitable to the front system and relay system without using special glass, and make a example to testify its correctness. In general, the zoom mode of relay system lens is different from the objective lens system, so we should take consideration of them separately. Secondly, based on the above theory, the articles designed a hyper-spectral riflescope system, which has a continuous zoom curve, zoom ratio is 4 times and the F number of the system is 4.8;Full field of view varies during 1.8° 7.2°.Structure of the system is relatively compact, and has not used special glass, eventually the article give the schematic of system MTF and zoom curves of relay movable parts. the curve is smooth and can be applied to practical engineering. The author adopt ZEMAX design software to analyses the results .Design result shows that, in the visible and near-infrared wavelengths, the MTF of imaging system at 60lp / mm during all bands are greater than 0.3, which prove the correctness of the design theory and good performance of system.

Application of stochastic discrete event system framework for detection of induced low rate TCP attack.

PubMed

Barbhuiya, F A; Agarwal, Mayank; Purwar, Sanketh; Biswas, Santosh; Nandi, Sukumar

2015-09-01

TCP is the most widely accepted transport layer protocol. The major emphasis during the development of TCP was its functionality and efficiency. However, not much consideration was given on studying the possibility of attackers exploiting the protocol, which has lead to several attacks on TCP. This paper deals with the induced low rate TCP attack. Since the attack is relatively new, only a few schemes have been proposed to mitigate it. However, the main issues with these schemes are scalability, change in TCP header, lack of formal frameworks, etc. In this paper, we have adapted the stochastic DES framework for detecting the attack, which addresses most of these issues. We have successfully deployed and tested the proposed DES based IDS on a test bed. Copyright © 2015 ISA. Published by Elsevier Ltd. All rights reserved.

Deep Learning-Based Data Forgery Detection in Automatic Generation Control

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zhang, Fengli; Li, Qinghua

Automatic Generation Control (AGC) is a key control system in the power grid. It is used to calculate the Area Control Error (ACE) based on frequency and tie-line power flow between balancing areas, and then adjust power generation to maintain the power system frequency in an acceptable range. However, attackers might inject malicious frequency or tie-line power flow measurements to mislead AGC to do false generation correction which will harm the power grid operation. Such attacks are hard to be detected since they do not violate physical power system models. In this work, we propose algorithms based on Neural Networkmore » and Fourier Transform to detect data forgery attacks in AGC. Different from the few previous work that rely on accurate load prediction to detect data forgery, our solution only uses the ACE data already available in existing AGC systems. In particular, our solution learns the normal patterns of ACE time series and detects abnormal patterns caused by artificial attacks. Evaluations on the real ACE dataset show that our methods have high detection accuracy.« less

Cyber situation awareness: modeling detection of cyber attacks with instance-based learning theory.

PubMed

Dutt, Varun; Ahn, Young-Suk; Gonzalez, Cleotilde

2013-06-01

To determine the effects of an adversary's behavior on the defender's accurate and timely detection of network threats. Cyber attacks cause major work disruption. It is important to understand how a defender's behavior (experience and tolerance to threats), as well as adversarial behavior (attack strategy), might impact the detection of threats. In this article, we use cognitive modeling to make predictions regarding these factors. Different model types representing a defender, based on Instance-Based Learning Theory (IBLT), faced different adversarial behaviors. A defender's model was defined by experience of threats: threat-prone (90% threats and 10% nonthreats) and nonthreat-prone (10% threats and 90% nonthreats); and different tolerance levels to threats: risk-averse (model declares a cyber attack after perceiving one threat out of eight total) and risk-seeking (model declares a cyber attack after perceiving seven threats out of eight total). Adversarial behavior is simulated by considering different attack strategies: patient (threats occur late) and impatient (threats occur early). For an impatient strategy, risk-averse models with threat-prone experiences show improved detection compared with risk-seeking models with nonthreat-prone experiences; however, the same is not true for a patient strategy. Based upon model predictions, a defender's prior threat experiences and his or her tolerance to threats are likely to predict detection accuracy; but considering the nature of adversarial behavior is also important. Decision-support tools that consider the role of a defender's experience and tolerance to threats along with the nature of adversarial behavior are likely to improve a defender's overall threat detection.

G. Marconi: A Data Relay Satellite for Mars Communications

NASA Astrophysics Data System (ADS)

Dionisio, C.; Marcozzi, M.; Landriani, C.

2002-01-01

Mars has always been a source of intrigue and fascination. Recent scientific discoveries have stimulated this longstanding interest, leading to a renaissance in Mars exploration. Future missions to Mars will be capable of long-distance surface mobility, hyperspectral imaging, subsurface exploration, and even life-detection. Manned missions and, eventually, colonies may follow. No mission to the Red Planet stands alone. New scientific and technological knowledge is passed on from one mission to the next, not only improving the journey into space, but also providing benefits here on Earth. The Mars Relay Network, an international constellation of Mars orbiters with relay radios, directly supports other Mars missions by relaying communications between robotic vehicles at Mars and ground stations on Earth. The ability of robotic visitors from Earth to explore Mars will take a gigantic leap forward in 2007 with the launch of the Guglielmo Marconi Orbiter (GMO), the first spacecraft primarily dedicated to providing communication relay, navigation and timing services at Mars. GMO will be the preeminent node of the Mars Relay Network. GMO will relay communications between Earth and robotic vehicles near Mars. GMO will also provide navigation services to spacecraft approaching Mars. GMO will receive transmissions from ground stations on Earth at X-band and will transmit to ground stations on Earth at X- and Ka-bands. GMO will transmit to robotic vehicles at Mars at UHF and receive from these vehicles at UHF and X-band. GMO's baseline 4450 km circular orbit provides complete coverage of the planet for telecommunication and navigation support. GMO will arrive at Mars in mid-2008, just before the NetLander and Mars Scout missions that will be its first users. GMO is designed for a nominal operating lifetime of 10 years and will support nominal commanding and data acquisition, as well as mission critical events such as Mars Orbit Insertion, Entry, Descent and Landing, and Mars Ascent Vehicle launch and Orbiting Sample Canister detection for the Mars Sample Return mission. The GMO mission is a close collaboration between the Italian and American national space agencies and two implementing organizations: Alenia Spazio in Italy and JPL in the United States. As the Italian prime contractor, Alenia Spazio is to design and fabricate the spacecraft bus, integrate the Italian and JPL payloads, support integration of the spacecraft with the launch vehicle, support launch, and conduct mission operations. GMO will use Alenia' s PRIMA spacecraft bus in a deep space configuration. The PRIMA bus is a new design concept, developed under ASI funding, that combines flexibility, low cost and high efficiency. Its modular design makes it adaptable for several classes of missions, including interplanetary.

A Bernoulli Gaussian Watermark for Detecting Integrity Attacks in Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Weerakkody, Sean; Ozel, Omur; Sinopoli, Bruno

We examine the merit of Bernoulli packet drops in actively detecting integrity attacks on control systems. The aim is to detect an adversary who delivers fake sensor measurements to a system operator in order to conceal their effect on the plant. Physical watermarks, or noisy additive Gaussian inputs, have been previously used to detect several classes of integrity attacks in control systems. In this paper, we consider the analysis and design of Gaussian physical watermarks in the presence of packet drops at the control input. On one hand, this enables analysis in a more general network setting. On the othermore » hand, we observe that in certain cases, Bernoulli packet drops can improve detection performance relative to a purely Gaussian watermark. This motivates the joint design of a Bernoulli-Gaussian watermark which incorporates both an additive Gaussian input and a Bernoulli drop process. We characterize the effect of such a watermark on system performance as well as attack detectability in two separate design scenarios. Here, we consider a correlation detector for attack recognition. We then propose efficiently solvable optimization problems to intelligently select parameters of the Gaussian input and the Bernoulli drop process while addressing security and performance trade-offs. Finally, we provide numerical results which illustrate that a watermark with packet drops can indeed outperform a Gaussian watermark.« less

Security attack detection algorithm for electric power gis system based on mobile application

NASA Astrophysics Data System (ADS)

Zhou, Chao; Feng, Renjun; Wang, Liming; Huang, Wei; Guo, Yajuan

2017-05-01

Electric power GIS is one of the key information technologies to satisfy the power grid construction in China, and widely used in power grid construction planning, weather, and power distribution management. The introduction of electric power GIS based on mobile applications is an effective extension of the geographic information system that has been widely used in the electric power industry. It provides reliable, cheap and sustainable power service for the country. The accurate state estimation is the important conditions to maintain the normal operation of the electric power GIS. Recent research has shown that attackers can inject the complex false data into the power system. The injection attack of this new type of false data (load integrity attack LIA) can successfully bypass the routine detection to achieve the purpose of attack, so that the control center will make a series of wrong decision. Eventually, leading to uneven distribution of power in the grid. In order to ensure the safety of the electric power GIS system based on mobile application, it is very important to analyze the attack mechanism and propose a new type of attack, and to study the corresponding detection method and prevention strategy in the environment of electric power GIS system based on mobile application.

Application of the PageRank Algorithm to Alarm Graphs

NASA Astrophysics Data System (ADS)

Treinen, James J.; Thurimella, Ramakrishna

The task of separating genuine attacks from false alarms in large intrusion detection infrastructures is extremely difficult. The number of alarms received in such environments can easily enter into the millions of alerts per day. The overwhelming noise created by these alarms can cause genuine attacks to go unnoticed. As means of highlighting these attacks, we introduce a host ranking technique utilizing Alarm Graphs. Rather than enumerate all potential attack paths as in Attack Graphs, we build and analyze graphs based on the alarms generated by the intrusion detection sensors installed on a network. Given that the alarms are predominantly false positives, the challenge is to identify, separate, and ideally predict future attacks. In this paper, we propose a novel approach to tackle this problem based on the PageRank algorithm. By elevating the rank of known attackers and victims we are able to observe the effect that these hosts have on the other nodes in the Alarm Graph. Using this information we are able to discover previously overlooked attacks, as well as defend against future intrusions.

How the oxygen tolerance of a [NiFe]-hydrogenase depends on quaternary structure.

PubMed

Wulff, Philip; Thomas, Claudia; Sargent, Frank; Armstrong, Fraser A

2016-03-01

'Oxygen-tolerant' [NiFe]-hydrogenases can catalyze H2 oxidation under aerobic conditions, avoiding oxygenation and destruction of the active site. In one mechanism accounting for this special property, membrane-bound [NiFe]-hydrogenases accommodate a pool of electrons that allows an O2 molecule attacking the active site to be converted rapidly to harmless water. An important advantage may stem from having a dimeric or higher-order quaternary structure in which the electron-transfer relay chain of one partner is electronically coupled to that in the other. Hydrogenase-1 from E. coli has a dimeric structure in which the distal [4Fe-4S] clusters in each monomer are located approximately 12 Å apart, a distance conducive to fast electron tunneling. Such an arrangement can ensure that electrons from H2 oxidation released at the active site of one partner are immediately transferred to its counterpart when an O2 molecule attacks. This paper addresses the role of long-range, inter-domain electron transfer in the mechanism of O2-tolerance by comparing the properties of monomeric and dimeric forms of Hydrogenase-1. The results reveal a further interesting advantage that quaternary structure affords to proteins.

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

PubMed

Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

2015-01-01

Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

PubMed Central

Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

2015-01-01

Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting. PMID:26236773

Attack Detection in Sensor Network Target Localization Systems With Quantized Data

NASA Astrophysics Data System (ADS)

Zhang, Jiangfan; Wang, Xiaodong; Blum, Rick S.; Kaplan, Lance M.

2018-04-01

We consider a sensor network focused on target localization, where sensors measure the signal strength emitted from the target. Each measurement is quantized to one bit and sent to the fusion center. A general attack is considered at some sensors that attempts to cause the fusion center to produce an inaccurate estimation of the target location with a large mean-square-error. The attack is a combination of man-in-the-middle, hacking, and spoofing attacks that can effectively change both signals going into and coming out of the sensor nodes in a realistic manner. We show that the essential effect of attacks is to alter the estimated distance between the target and each attacked sensor to a different extent, giving rise to a geometric inconsistency among the attacked and unattacked sensors. Hence, with the help of two secure sensors, a class of detectors are proposed to detect the attacked sensors by scrutinizing the existence of the geometric inconsistency. We show that the false alarm and miss probabilities of the proposed detectors decrease exponentially as the number of measurement samples increases, which implies that for sufficiently large number of samples, the proposed detectors can identify the attacked and unattacked sensors with any required accuracy.

78 FR 40407 - Structure and Practices of the Video Relay Service Program: Telecommunications Relay Services and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-05

...] Structure and Practices of the Video Relay Service Program: Telecommunications Relay Services and Speech-to... telecommunications relay services (TRS) program continues to offer functional equivalence to all eligible users and... Practices of the Video Relay Service Program; Telecommunications Relay Services and Speech-to-Speech...

Network Anomaly Detection Based on Wavelet Analysis

NASA Astrophysics Data System (ADS)

Lu, Wei; Ghorbani, Ali A.

2008-12-01

Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal modelling technique for detecting network anomalies, combining the wavelet approximation and system identification theory. In order to characterize network traffic behaviors, we present fifteen features and use them as the input signals in our system. We then evaluate our approach with the 1999 DARPA intrusion detection dataset and conduct a comprehensive analysis of the intrusions in the dataset. Evaluation results show that the approach achieves high-detection rates in terms of both attack instances and attack types. Furthermore, we conduct a full day's evaluation in a real large-scale WiFi ISP network where five attack types are successfully detected from over 30 millions flows.

Novel Duplicate Address Detection with Hash Function

PubMed Central

Song, GuangJia; Ji, ZhenZhou

2016-01-01

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution. PMID:26991901

A Comparative Study of Unsupervised Anomaly Detection Techniques Using Honeypot Data

NASA Astrophysics Data System (ADS)

Song, Jungsuk; Takakura, Hiroki; Okabe, Yasuo; Inoue, Daisuke; Eto, Masashi; Nakao, Koji

Intrusion Detection Systems (IDS) have been received considerable attention among the network security researchers as one of the most promising countermeasures to defend our crucial computer systems or networks against attackers on the Internet. Over the past few years, many machine learning techniques have been applied to IDSs so as to improve their performance and to construct them with low cost and effort. Especially, unsupervised anomaly detection techniques have a significant advantage in their capability to identify unforeseen attacks, i.e., 0-day attacks, and to build intrusion detection models without any labeled (i.e., pre-classified) training data in an automated manner. In this paper, we conduct a set of experiments to evaluate and analyze performance of the major unsupervised anomaly detection techniques using real traffic data which are obtained at our honeypots deployed inside and outside of the campus network of Kyoto University, and using various evaluation criteria, i.e., performance evaluation by similarity measurements and the size of training data, overall performance, detection ability for unknown attacks, and time complexity. Our experimental results give some practical and useful guidelines to IDS researchers and operators, so that they can acquire insight to apply these techniques to the area of intrusion detection, and devise more effective intrusion detection models.

Case-Based Multi-Sensor Intrusion Detection

NASA Astrophysics Data System (ADS)

Schwartz, Daniel G.; Long, Jidong

2009-08-01

Multi-sensor intrusion detection systems (IDSs) combine the alerts raised by individual IDSs and possibly other kinds of devices such as firewalls and antivirus software. A critical issue in building a multi-sensor IDS is alert-correlation, i.e., determining which alerts are caused by the same attack. This paper explores a novel approach to alert correlation using case-based reasoning (CBR). Each case in the CBR system's library contains a pattern of alerts raised by some known attack type, together with the identity of the attack. Then during run time, the alert streams gleaned from the sensors are compared with the patterns in the cases, and a match indicates that the attack described by that case has occurred. For this purpose the design of a fast and accurate matching algorithm is imperative. Two such algorithms were explored: (i) the well-known Hungarian algorithm, and (ii) an order-preserving matching of our own device. Tests were conducted using the DARPA Grand Challenge Problem attack simulator. These showed that the both matching algorithms are effective in detecting attacks; but the Hungarian algorithm is inefficient; whereas the order-preserving one is very efficient, in fact runs in linear time.

Application of graph-based semi-supervised learning for development of cyber COP and network intrusion detection

NASA Astrophysics Data System (ADS)

Levchuk, Georgiy; Colonna-Romano, John; Eslami, Mohammed

2017-05-01

The United States increasingly relies on cyber-physical systems to conduct military and commercial operations. Attacks on these systems have increased dramatically around the globe. The attackers constantly change their methods, making state-of-the-art commercial and military intrusion detection systems ineffective. In this paper, we present a model to identify functional behavior of network devices from netflow traces. Our model includes two innovations. First, we define novel features for a host IP using detection of application graph patterns in IP's host graph constructed from 5-min aggregated packet flows. Second, we present the first application, to the best of our knowledge, of Graph Semi-Supervised Learning (GSSL) to the space of IP behavior classification. Using a cyber-attack dataset collected from NetFlow packet traces, we show that GSSL trained with only 20% of the data achieves higher attack detection rates than Support Vector Machines (SVM) and Naïve Bayes (NB) classifiers trained with 80% of data points. We also show how to improve detection quality by filtering out web browsing data, and conclude with discussion of future research directions.

Testbed-based Performance Evaluation of Attack Resilient Control for AGC

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Sridhar, Siddharth; McKinnon, Archibald D.

The modern electric power grid is a complex cyber-physical system whose reliable operation is enabled by a wide-area monitoring and control infrastructure. This infrastructure, supported by an extensive communication backbone, enables several control applications functioning at multiple time scales to ensure the grid is maintained within stable operating limits. Recent events have shown that vulnerabilities in this infrastructure may be exploited to manipulate the data being exchanged. Such a scenario could cause the associated control application to mis-operate, potentially causing system-wide instabilities. There is a growing emphasis on looking beyond traditional cybersecurity solutions to mitigate such threats. In this papermore » we perform a testbed-based validation of one such solution - Attack Resilient Control (ARC) - on Iowa State University's \\textit{PowerCyber} testbed. ARC is a cyber-physical security solution that combines domain-specific anomaly detection and model-based mitigation to detect stealthy attacks on Automatic Generation Control (AGC). In this paper, we first describe the implementation architecture of the experiment on the testbed. Next, we demonstrate the capability of stealthy attack templates to cause forced under-frequency load shedding in a 3-area test system. We then validate the performance of ARC by measuring its ability to detect and mitigate these attacks. Our results reveal that ARC is efficient in detecting stealthy attacks and enables AGC to maintain system operating frequency close to its nominal value during an attack. Our studies also highlight the importance of testbed-based experimentation for evaluating the performance of cyber-physical security and control applications.« less

DETECTION OF TOXICANT(S) ON BUILDING SURFACES FOLLOWING CHEMICAL ATTACK

EPA Science Inventory

A critical step prior to reoccupation of any facility following a chemical attack is monitoring for toxic compounds on surfaces within that facility. Low level detection of toxicant(s) is necessary to ensure that these compounds have been eliminated after building decontaminatio...

DETECTION OF TOXICANTS ON BUILDING SURFACES FOLLOWING CHEMICAL ATTACK

EPA Science Inventory

A critical step prior to reoccupation of any facility following a chemical attack will be the monitoring of toxic compounds on surfaces within that facility. Low level detection of toxicant(s) is necessary to ensure that these compounds have been eliminated after decontamination...

Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Moore, Michael Roy; Bridges, Robert A; Combs, Frank L

Modern vehicles rely on hundreds of on-board electronic control units (ECUs) communicating over in-vehicle networks. As external interfaces to the car control networks (such as the on-board diagnostic (OBD) port, auxiliary media ports, etc.) become common, and vehicle-to-vehicle / vehicle-to-infrastructure technology is in the near future, the attack surface for vehicles grows, exposing control networks to potentially life-critical attacks. This paper addresses the need for securing the CAN bus by detecting anomalous traffic patterns via unusual refresh rates of certain commands. While previous works have identified signal frequency as an important feature for CAN bus intrusion detection, this paper providesmore » the first such algorithm with experiments on five attack scenarios. Our data-driven anomaly detection algorithm requires only five seconds of training time (on normal data) and achieves true positive / false discovery rates of 0.9998/0.00298, respectively (micro-averaged across the five experimental tests).« less

STBC AF relay for unmanned aircraft system

NASA Astrophysics Data System (ADS)

Adachi, Fumiyuki; Miyazaki, Hiroyuki; Endo, Chikara

2015-01-01

If a large scale disaster similar to the Great East Japan Earthquake 2011 happens, some areas may be isolated from the communications network. Recently, unmanned aircraft system (UAS) based wireless relay communication has been attracting much attention since it is able to quickly re-establish the connection between isolated areas and the network. However, the channel between ground station (GS) and unmanned aircraft (UA) is unreliable due to UA's swing motion and as consequence, the relay communication quality degrades. In this paper, we introduce space-time block coded (STBC) amplify-and-forward (AF) relay for UAS based wireless relay communication to improve relay communication quality. A group of UAs forms single frequency network (SFN) to perform STBC-AF cooperative relay. In STBC-AF relay, only conjugate operation, block exchange and amplifying are required at UAs. Therefore, STBC-AF relay improves the relay communication quality while alleviating the complexity problem at UAs. It is shown by computer simulation that STBC-AF relay can achieve better throughput performance than conventional AF relay.

Variable Delay Multi-Pulse Train for Fast Chemical Exchange Saturation Transfer and Relayed-Nuclear Overhauser Enhancement MRI

PubMed Central

Xu, Jiadi; Yadav, Nirbhay N.; Bar-Shir, Amnon; Jones, Craig K.; Chan, Kannie W. Y.; Zhang, Jiangyang; Walczak, P.; McMahon, Michael T.; van Zijl, Peter C. M.

2013-01-01

Purpose Chemical exchange saturation transfer (CEST) imaging is a new MRI technology allowing the detection of low concentration endogenous cellular proteins and metabolites indirectly through their exchangeable protons. A new technique, variable delay multi-pulse CEST (VDMP-CEST), is proposed to eliminate the need for recording full Z-spectra and performing asymmetry analysis to obtain CEST contrast. Methods The VDMP-CEST scheme involves acquiring images with two (or more) delays between radiofrequency saturation pulses in pulsed CEST, producing a series of CEST images sensitive to the speed of saturation transfer. Subtracting two images or fitting a time series produces CEST and relayed-nuclear Overhauser enhancement CEST maps without effects of direct water saturation and, when using low radiofrequency power, minimal magnetization transfer contrast interference. Results When applied to several model systems (bovine serum albumin, crosslinked bovine serum albumin, l-glutamic acid) and in vivo on healthy rat brain, VDMP-CEST showed sensitivity to slow to intermediate range magnetization transfer processes (rate < 100–150 Hz), such as amide proton transfer and relayed nuclear Overhauser enhancement-CEST. Images for these contrasts could be acquired in short scan times by using a single radiofrequency frequency. Conclusions VDMP-CEST provides an approach to detect CEST effect by sensitizing saturation experiments to slower exchange processes without interference of direct water saturation and without need to acquire Z-spectra and perform asymmetry analysis. PMID:23813483

78 FR 49717 - Speech-to-Speech and Internet Protocol (IP) Speech-to-Speech Telecommunications Relay Services...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-15

...] Speech-to-Speech and Internet Protocol (IP) Speech-to-Speech Telecommunications Relay Services... Internet Protocol (IP) Speech-to-Speech Telecommunications Relay Services; Telecommunications Relay... (IP Relay) and video relay service (VRS), the Commission should bundle national STS outreach efforts...

GABAB receptor-mediated responses in GABAergic projection neurones of rat nucleus reticularis thalami in vitro.

PubMed

Ulrich, D; Huguenard, J R

1996-06-15

1. Whole-cell voltage-clamp recordings were obtained from GABAergic neurones of rat nucleus reticularis thalami (NRT) in vitro to assess pre- and postsynaptic GABAB receptor-mediated responses. Presynaptic inhibition of GABA release was studied at terminals on local axon collaterals within NRT as well as on projection fibres in the somatosensory relay nuclei. 2. The GABAB receptor agonist (R)-baclofen (10 microM) reduced monosynaptically evoked GABAA-mediated inhibitory postsynaptic currents (IPSCs) in NRT and somatosensory relay cells to 11 and 12% of control, respectively. 3. Action potential-independent miniature IPSCs (mIPSCs) were observed in both cell types. Mean mIPSC amplitude was 20 pA in both NRT and relay cells at a holding potential of 0 mV. The mean mIPSC frequencies were 0.83 and 2.2 Hz in NRT and relay cells, respectively. Baclofen decreased mIPSP frequency by about half in each cell type without affecting amplitude. 4. Paired-burst inhibition of evoked IPSCs was studied in relay and NRT cells by applying pairs of 100 Hz stimulus bursts separated by 600 ms. The mean ratio of second to first peak IPSC amplitudes was 0.77. 5. In NRT cells baclofen induced a linear postsynaptic conductance increase of 0.82 nS with an associated reversal potential of -121 mV. A small (0.14 nS) GABAB component of the evoked IPSC was detected in only a minority of NRT cells (3 of 18). 6. All pre- and postsynaptic effects of baclofen, as well as PBI, were largely reversed by the specific GABAB receptor antagonist CGP 35348 (0.5 mM). 7. We conclude that activation of GABAB receptors in NRT leads to presynaptic autoinhibition of IPSCs in both NRT and relay cells, and to direct activation of a small linear K+ conductance. In addition our experiments suggest that reciprocal connectivity within NRT can be partially mediated by a small GABAB inhibitory event.

Spear Phishing Attack Detection

DTIC Science & Technology

2011-03-24

the insider amongst senior leaders of an organization [Mes08], the undercover detective within a drug cartel, or the classic secret agent planted in...to a mimicry attack that shapes the embedded malware to have a statistical distribution similar to "normal" or benign behavior. 2.3.1.3

A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks.

PubMed

Mi, Shichao; Han, Hui; Chen, Cailian; Yan, Jian; Guan, Xinping

2016-02-19

Heterogeneous wireless sensor networks (HWSNs) can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs) have more computation power, while relay nodes (RNs) with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS) to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

Design of Provider-Provisioned Website Protection Scheme against Malware Distribution

NASA Astrophysics Data System (ADS)

Yagi, Takeshi; Tanimoto, Naoto; Hariu, Takeo; Itoh, Mitsutaka

Vulnerabilities in web applications expose computer networks to security threats, and many websites are used by attackers as hopping sites to attack other websites and user terminals. These incidents prevent service providers from constructing secure networking environments. To protect websites from attacks exploiting vulnerabilities in web applications, service providers use web application firewalls (WAFs). WAFs filter accesses from attackers by using signatures, which are generated based on the exploit codes of previous attacks. However, WAFs cannot filter unknown attacks because the signatures cannot reflect new types of attacks. In service provider environments, the number of exploit codes has recently increased rapidly because of the spread of vulnerable web applications that have been developed through cloud computing. Thus, generating signatures for all exploit codes is difficult. To solve these problems, our proposed scheme detects and filters malware downloads that are sent from websites which have already received exploit codes. In addition, to collect information for detecting malware downloads, web honeypots, which automatically extract the communication records of exploit codes, are used. According to the results of experiments using a prototype, our scheme can filter attacks automatically so that service providers can provide secure and cost-effective network environments.

Securing mobile ad hoc networks using danger theory-based artificial immune algorithm.

PubMed

Abdelhaq, Maha; Alsaqour, Raed; Abdelhaq, Shawkat

2015-01-01

A mobile ad hoc network (MANET) is a set of mobile, decentralized, and self-organizing nodes that are used in special cases, such as in the military. MANET properties render the environment of this network vulnerable to different types of attacks, including black hole, wormhole and flooding-based attacks. Flooding-based attacks are one of the most dangerous attacks that aim to consume all network resources and thus paralyze the functionality of the whole network. Therefore, the objective of this paper is to investigate the capability of a danger theory-based artificial immune algorithm called the mobile dendritic cell algorithm (MDCA) to detect flooding-based attacks in MANETs. The MDCA applies the dendritic cell algorithm (DCA) to secure the MANET with additional improvements. The MDCA is tested and validated using Qualnet v7.1 simulation tool. This work also introduces a new simulation module for a flooding attack called the resource consumption attack (RCA) using Qualnet v7.1. The results highlight the high efficiency of the MDCA in detecting RCAs in MANETs.

Securing Mobile Ad Hoc Networks Using Danger Theory-Based Artificial Immune Algorithm

PubMed Central

2015-01-01

A mobile ad hoc network (MANET) is a set of mobile, decentralized, and self-organizing nodes that are used in special cases, such as in the military. MANET properties render the environment of this network vulnerable to different types of attacks, including black hole, wormhole and flooding-based attacks. Flooding-based attacks are one of the most dangerous attacks that aim to consume all network resources and thus paralyze the functionality of the whole network. Therefore, the objective of this paper is to investigate the capability of a danger theory-based artificial immune algorithm called the mobile dendritic cell algorithm (MDCA) to detect flooding-based attacks in MANETs. The MDCA applies the dendritic cell algorithm (DCA) to secure the MANET with additional improvements. The MDCA is tested and validated using Qualnet v7.1 simulation tool. This work also introduces a new simulation module for a flooding attack called the resource consumption attack (RCA) using Qualnet v7.1. The results highlight the high efficiency of the MDCA in detecting RCAs in MANETs. PMID:25946001

Robust Structural Analysis and Design of Distributed Control Systems to Prevent Zero Dynamics Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Weerakkody, Sean; Liu, Xiaofei; Sinopoli, Bruno

We consider the design and analysis of robust distributed control systems (DCSs) to ensure the detection of integrity attacks. DCSs are often managed by independent agents and are implemented using a diverse set of sensors and controllers. However, the heterogeneous nature of DCSs along with their scale leave such systems vulnerable to adversarial behavior. To mitigate this reality, we provide tools that allow operators to prevent zero dynamics attacks when as many as p agents and sensors are corrupted. Such a design ensures attack detectability in deterministic systems while removing the threat of a class of stealthy attacks in stochasticmore » systems. To achieve this goal, we use graph theory to obtain necessary and sufficient conditions for the presence of zero dynamics attacks in terms of the structural interactions between agents and sensors. We then formulate and solve optimization problems which minimize communication networks while also ensuring a resource limited adversary cannot perform a zero dynamics attacks. Polynomial time algorithms for design and analysis are provided.« less

Real-time monitoring of single-photon detectors against eavesdropping in quantum key distribution systems.

PubMed

da Silva, Thiago Ferreira; Xavier, Guilherme B; Temporão, Guilherme P; von der Weid, Jean Pierre

2012-08-13

By employing real-time monitoring of single-photon avalanche photodiodes we demonstrate how two types of practical eavesdropping strategies, the after-gate and time-shift attacks, may be detected. Both attacks are identified with the detectors operating without any special modifications, making this proposal well suited for real-world applications. The monitoring system is based on accumulating statistics of the times between consecutive detection events, and extracting the afterpulse and overall efficiency of the detectors in real-time using mathematical models fit to the measured data. We are able to directly observe changes in the afterpulse probabilities generated from the after-gate and faint after-gate attacks, as well as different timing signatures in the time-shift attack. We also discuss the applicability of our scheme to other general blinding attacks.

Adversarial Feature Selection Against Evasion Attacks.

PubMed

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

78 FR 40581 - Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-05

... Relay Service (IP Relay) providers; Adopts rules to protect the privacy of customer information relating... Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and Speech Disabilities; Final Rule #0;#0;Federal Register...

Intrusion Detection in Control Systems using Sequence Characteristics

NASA Astrophysics Data System (ADS)

Kiuchi, Mai; Onoda, Takashi

Intrusion detection is considered effective in control systems. Sequences of the control application behavior observed in the communication, such as the order of the control device to be controlled, are important in control systems. However, most intrusion detection systems do not effectively reflect sequences in the application layer into the detection rules. In our previous work, we considered utilizing sequences for intrusion detection in control systems, and demonstrated the usefulness of sequences for intrusion detection. However, manually writing the detection rules for a large system can be difficult, so using machine learning methods becomes feasible. Also, in the case of control systems, there have been very few observed cyber attacks, so we have very little knowledge of the attack data that should be used to train the intrusion detection system. In this paper, we use an approach that combines CRF (Conditional Random Field) considering the sequence of the system, thus able to reflect the characteristics of control system sequences into the intrusion detection system, and also does not need the knowledge of attack data to construct the detection rules.

Novel mechanism of network protection against the new generation of cyber attacks

NASA Astrophysics Data System (ADS)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit

2012-06-01

A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.

Netwar

NASA Astrophysics Data System (ADS)

Keen, Arthur A.

2006-04-01

This paper describes technology being developed at 21st Century Technologies to automate Computer Network Operations (CNO). CNO refers to DoD activities related to Attacking and Defending Computer Networks (CNA & CND). Next generation cyber threats are emerging in the form of powerful Internet services and tools that automate intelligence gathering, planning, testing, and surveillance. We will focus on "Search-Engine Hacks", queries that can retrieve lists of router/switch/server passwords, control panels, accessible cameras, software keys, VPN connection files, and vulnerable web applications. Examples include "Titan Rain" attacks against DoD facilities and the Santy worm, which identifies vulnerable sites by searching Google for URLs containing application-specific strings. This trend will result in increasingly sophisticated and automated intelligence-driven cyber attacks coordinated across multiple domains that are difficult to defeat or even understand with current technology. One traditional method of CNO relies on surveillance detection as an attack predictor. Unfortunately, surveillance detection is difficult because attackers can perform search engine-driven surveillance such as with Google Hacks, and avoid touching the target site. Therefore, attack observables represent only about 5% of the attacker's total attack time, and are inadequate to provide warning. In order to predict attacks and defend against them, CNO must also employ more sophisticated techniques and work to understand the attacker's Motives, Means and Opportunities (MMO). CNO must use automated reconnaissance tools, such as Google, to identify information vulnerabilities, and then utilize Internet tools to observe the intelligence gathering, planning, testing, and collaboration activities that represent 95% of the attacker's effort.

Shilling attack detection for recommender systems based on credibility of group users and rating time series.

PubMed

Zhou, Wei; Wen, Junhao; Qu, Qiang; Zeng, Jun; Cheng, Tian

2018-01-01

Recommender systems are vulnerable to shilling attacks. Forged user-generated content data, such as user ratings and reviews, are used by attackers to manipulate recommendation rankings. Shilling attack detection in recommender systems is of great significance to maintain the fairness and sustainability of recommender systems. The current studies have problems in terms of the poor universality of algorithms, difficulty in selection of user profile attributes, and lack of an optimization mechanism. In this paper, a shilling behaviour detection structure based on abnormal group user findings and rating time series analysis is proposed. This paper adds to the current understanding in the field by studying the credibility evaluation model in-depth based on the rating prediction model to derive proximity-based predictions. A method for detecting suspicious ratings based on suspicious time windows and target item analysis is proposed. Suspicious rating time segments are determined by constructing a time series, and data streams of the rating items are examined and suspicious rating segments are checked. To analyse features of shilling attacks by a group user's credibility, an abnormal group user discovery method based on time series and time window is proposed. Standard testing datasets are used to verify the effect of the proposed method.

Shilling attack detection for recommender systems based on credibility of group users and rating time series

PubMed Central

Wen, Junhao; Qu, Qiang; Zeng, Jun; Cheng, Tian

2018-01-01

Recommender systems are vulnerable to shilling attacks. Forged user-generated content data, such as user ratings and reviews, are used by attackers to manipulate recommendation rankings. Shilling attack detection in recommender systems is of great significance to maintain the fairness and sustainability of recommender systems. The current studies have problems in terms of the poor universality of algorithms, difficulty in selection of user profile attributes, and lack of an optimization mechanism. In this paper, a shilling behaviour detection structure based on abnormal group user findings and rating time series analysis is proposed. This paper adds to the current understanding in the field by studying the credibility evaluation model in-depth based on the rating prediction model to derive proximity-based predictions. A method for detecting suspicious ratings based on suspicious time windows and target item analysis is proposed. Suspicious rating time segments are determined by constructing a time series, and data streams of the rating items are examined and suspicious rating segments are checked. To analyse features of shilling attacks by a group user’s credibility, an abnormal group user discovery method based on time series and time window is proposed. Standard testing datasets are used to verify the effect of the proposed method. PMID:29742134

A high-sensitivity optical device for the early monitoring of plant pathogen attack via the in vivo detection of ROS bursts

PubMed Central

Zeng, Lizhang; Zhou, Jun; Li, Bo; Xing, Da

2015-01-01

Biotic stressors, especially pathogenic microorganisms, are rather difficult to detect. In plants, one of the earliest cellular responses following pathogen infection is the production of reactive oxygen species (ROS). In this study, a novel optical device for the early monitoring of Pseudomonas attack was developed; this device measures the ROS level via oxidation-sensitive 2′, 7′-dichlorodihydrofluorescein diacetate (H2DCFDA)-mediated fluorescence, which could provide early monitoring of attacks by a range of plant pathogen; ROS bursts were detected in vivo in Arabidopsis thaliana with higher sensitivity and accuracy than those of a commercial luminescence spectrophotometer. Additionally, the DCF fluorescence truly reflected early changes in the ROS level, as indicated by an evaluation of the H2O2 content and the tight association between the ROS and Pseudomonas concentration. Moreover, compared with traditional methods for detecting plant pathogen attacks based on physiological and biochemical measurements, our proposed technique also offers significant advantages, such as low cost, simplicity, convenient operation and quick turnaround. These results therefore suggest that the proposed optical device could be useful for the rapid monitoring of attacks by plant pathogen and yield results considerably earlier than the appearance of visual changes in plant morphology or growth. PMID:25767474

Quantum hacking on a practical continuous-variable quantum cryptosystem by inserting an external light

NASA Astrophysics Data System (ADS)

Qin, Hao; Kumar, Rupesh; Alleaume, Romain

2015-10-01

We report here a new side channel attack on a practical continuous-variable (CV) quantum key distribution (QKD) system. Inspired by blinding attack in discrete-variable QKD, we formalize an attack strategy by inserting an external light into a CV QKD system implemented Gaussian-modulated coherent state protocol and show that our attack can compromise its practical security. In this attack, we concern imperfections of a balanced homodyne detector used in CV QKD. According to our analysis, if one inserts an external light into Bob's signal port, due to the imperfect subtraction from the homodyne detector, the leakage of the external light contributes a displacement on the homodyne signal which causes detector electronics saturation. In consequence, Bob's quadrature measurement is not linear with the quadrature sent by Alice. By considering such vulnerability, a potential Eve can launch a full intercept-resend attack meanwhile she inserts an external light into Bob's signal port. By selecting proper properties of the external light, Eve actively controls the induced displacement value from the inserted light which results saturation of homodyne detection. In consequence, Eve can bias the excess noise due to the intercept-resend attack and the external light, such that Alice and Bob believe their excess noise estimation is below the null key threshold and they can still share a secret key. Our attack shows that the detector loopholes also exist in CV QKD, and it seems influence all the CV QKD systems using homodyne detection, since all the practical detectors have finite detection range.

Optimal space-time attacks on system state estimation under a sparsity constraint

NASA Astrophysics Data System (ADS)

Lu, Jingyang; Niu, Ruixin; Han, Puxiao

2016-05-01

System state estimation in the presence of an adversary that injects false information into sensor readings has attracted much attention in wide application areas, such as target tracking with compromised sensors, secure monitoring of dynamic electric power systems, secure driverless cars, and radar tracking and detection in the presence of jammers. From a malicious adversary's perspective, the optimal strategy for attacking a multi-sensor dynamic system over sensors and over time is investigated. It is assumed that the system defender can perfectly detect the attacks and identify and remove sensor data once they are corrupted by false information injected by the adversary. With this in mind, the adversary's goal is to maximize the covariance matrix of the system state estimate by the end of attack period under a sparse attack constraint such that the adversary can only attack the system a few times over time and over sensors. The sparsity assumption is due to the adversary's limited resources and his/her intention to reduce the chance of being detected by the system defender. This becomes an integer programming problem and its optimal solution, the exhaustive search, is intractable with a prohibitive complexity, especially for a system with a large number of sensors and over a large number of time steps. Several suboptimal solutions, such as those based on greedy search and dynamic programming are proposed to find the attack strategies. Examples and numerical results are provided in order to illustrate the effectiveness and the reduced computational complexities of the proposed attack strategies.

Performance Analysis of MIMO Relay Network via Propagation Measurement in L-Shaped Corridor Environment

NASA Astrophysics Data System (ADS)

Lertwiram, Namzilp; Tran, Gia Khanh; Mizutani, Keiichi; Sakaguchi, Kei; Araki, Kiyomichi

Setting relays can address the shadowing problem between a transmitter (Tx) and a receiver (Rx). Moreover, the Multiple-Input Multiple-Output (MIMO) technique has been introduced to improve wireless link capacity. The MIMO technique can be applied in relay network to enhance system performance. However, the efficiency of relaying schemes and relay placement have not been well investigated with experiment-based study. This paper provides a propagation measurement campaign of a MIMO two-hop relay network in 5GHz band in an L-shaped corridor environment with various relay locations. Furthermore, this paper proposes a Relay Placement Estimation (RPE) scheme to identify the optimum relay location, i.e. the point at which the network performance is highest. Analysis results of channel capacity show that relaying technique is beneficial over direct transmission in strong shadowing environment while it is ineffective in non-shadowing environment. In addition, the optimum relay location estimated with the RPE scheme also agrees with the location where the network achieves the highest performance as identified by network capacity. Finally, the capacity analysis shows that two-way MIMO relay employing network coding has the best performance while cooperative relaying scheme is not effective due to shadowing effect weakening the signal strength of the direct link.

Non-harmful insertion of data mimicking computer network attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Neil, Joshua Charles; Kent, Alexander; Hash, Jr, Curtis Lee

Non-harmful data mimicking computer network attacks may be inserted in a computer network. Anomalous real network connections may be generated between a plurality of computing systems in the network. Data mimicking an attack may also be generated. The generated data may be transmitted between the plurality of computing systems using the real network connections and measured to determine whether an attack is detected.

Identifying Electromagnetic Attacks against Airports

NASA Astrophysics Data System (ADS)

Kreth, A.; Genender, E.; Doering, O.; Garbe, H.

2012-05-01

This work presents a new and sophisticated approach to detect and locate the origin of electromagnetic attacks. At the example of an airport, a normal electromagnetic environment is defined, in which electromagnetic attacks shall be identified. After a brief consideration of the capabilities of high power electromagnetic sources to produce high field strength values, this contribution finally presents the approach of a sensor network, realizing the identification of electromagnetic attacks.

A Blind Reversible Robust Watermarking Scheme for Relational Databases

PubMed Central

Chang, Chin-Chen; Nguyen, Thai-Son; Lin, Chia-Chen

2013-01-01

Protecting the ownership and controlling the copies of digital data have become very important issues in Internet-based applications. Reversible watermark technology allows the distortion-free recovery of relational databases after the embedded watermark data are detected or verified. In this paper, we propose a new, blind, reversible, robust watermarking scheme that can be used to provide proof of ownership for the owner of a relational database. In the proposed scheme, a reversible data-embedding algorithm, which is referred to as “histogram shifting of adjacent pixel difference” (APD), is used to obtain reversibility. The proposed scheme can detect successfully 100% of the embedded watermark data, even if as much as 80% of the watermarked relational database is altered. Our extensive analysis and experimental results show that the proposed scheme is robust against a variety of data attacks, for example, alteration attacks, deletion attacks, mix-match attacks, and sorting attacks. PMID:24223033

A blind reversible robust watermarking scheme for relational databases.

PubMed

Chang, Chin-Chen; Nguyen, Thai-Son; Lin, Chia-Chen

2013-01-01

Protecting the ownership and controlling the copies of digital data have become very important issues in Internet-based applications. Reversible watermark technology allows the distortion-free recovery of relational databases after the embedded watermark data are detected or verified. In this paper, we propose a new, blind, reversible, robust watermarking scheme that can be used to provide proof of ownership for the owner of a relational database. In the proposed scheme, a reversible data-embedding algorithm, which is referred to as "histogram shifting of adjacent pixel difference" (APD), is used to obtain reversibility. The proposed scheme can detect successfully 100% of the embedded watermark data, even if as much as 80% of the watermarked relational database is altered. Our extensive analysis and experimental results show that the proposed scheme is robust against a variety of data attacks, for example, alteration attacks, deletion attacks, mix-match attacks, and sorting attacks.

An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

NASA Astrophysics Data System (ADS)

Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

2018-04-01

A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

Experimental implementation of non-Gaussian attacks on a continuous-variable quantum-key-distribution system.

PubMed

Lodewyck, Jérôme; Debuisschert, Thierry; García-Patrón, Raúl; Tualle-Brouri, Rosa; Cerf, Nicolas J; Grangier, Philippe

2007-01-19

An intercept-resend attack on a continuous-variable quantum-key-distribution protocol is investigated experimentally. By varying the interception fraction, one can implement a family of attacks where the eavesdropper totally controls the channel parameters. In general, such attacks add excess noise in the channel, and may also result in non-Gaussian output distributions. We implement and characterize the measurements needed to detect these attacks, and evaluate experimentally the information rates available to the legitimate users and the eavesdropper. The results are consistent with the optimality of Gaussian attacks resulting from the security proofs.

Replacement Attack: A New Zero Text Watermarking Attack

NASA Astrophysics Data System (ADS)

Bashardoost, Morteza; Mohd Rahim, Mohd Shafry; Saba, Tanzila; Rehman, Amjad

2017-03-01

The main objective of zero watermarking methods that are suggested for the authentication of textual properties is to increase the fragility of produced watermarks against tampering attacks. On the other hand, zero watermarking attacks intend to alter the contents of document without changing the watermark. In this paper, the Replacement attack is proposed, which focuses on maintaining the location of the words in the document. The proposed text watermarking attack is specifically effective on watermarking approaches that exploit words' transition in the document. The evaluation outcomes prove that tested word-based method are unable to detect the existence of replacement attack in the document. Moreover, the comparison results show that the size of Replacement attack is estimated less accurate than other common types of zero text watermarking attacks.

A Black Hole Attack Model for Reactive Ad-Hoc Protocols

DTIC Science & Technology

2012-03-01

Technology Conference. IEEE, 2003. pp. 2286-2290. [BhS09] N. Bhalaji, and A. Shanmugam. "Association Between Nodes to Combat Blackhole Attack in DSR...2012. 102 [PSA09] A. Prathapani, L. Santhanam, and P. Agrawal. "Intelligent Honeypot Agent for Blackhole Attack Detection in Wireless Mesh

Protection of Renewable-dominated Microgrids: Challenges and Potential Solutions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Elkhatib, Mohamed; Ellis, Abraham; Biswal, Milan

In this report we address the challenge of designing efficient protection system for inverter- dominated microgrids. These microgrids are characterised with limited fault current capacity as a result of current-limiting protection functions of inverters. Typically, inverters limit their fault contribution in sub-cycle time frame to as low as 1.1 per unit. As a result, overcurrent protection could fail completely to detect faults in inverter-dominated microgrids. As part of this project a detailed literature survey of existing and proposed microgrid protection schemes were conducted. The survey concluded that there is a gap in the available microgrid protection methods. The only crediblemore » protection solution available in literature for low- fault inverter-dominated microgrids is the differential protection scheme which represents a robust transmission-grade protection solution but at a very high cost. Two non-overcurrent protection schemes were investigated as part of this project; impedance-based protection and transient-based protection. Impedance-based protection depends on monitoring impedance trajectories at feeder relays to detect faults. Two communication-based impedance-based protection schemes were developed. the first scheme utilizes directional elements and pilot signals to locate the fault. The second scheme depends on a Central Protection Unit that communicates with all feeder relays to locate the fault based on directional flags received from feeder relays. The later approach could potentially be adapted to protect networked microgrids and dynamic topology microgrids. Transient-based protection relies on analyzing high frequency transients to detect and locate faults. This approach is very promising but its implementation in the filed faces several challenges. For example, high frequency transients due to faults can be confused with transients due to other events such as capacitor switching. Additionally, while detecting faults by analyzing transients could be doable, locating faults based on analyzing transients is still an open question.« less

Diversity Order Analysis of Dual-Hop Relaying with Partial Relay Selection

NASA Astrophysics Data System (ADS)

Bao, Vo Nguyen Quoc; Kong, Hyung Yun

In this paper, we study the performance of dual hop relaying in which the best relay selected by partial relay selection will help the source-destination link to overcome the channel impairment. Specifically, closed-form expressions for outage probability, symbol error probability and achievable diversity gain are derived using the statistical characteristic of the signal-to-noise ratio. Numerical investigation shows that the system achieves diversity of two regardless of relay number and also confirms the correctness of the analytical results. Furthermore, the performance loss due to partial relay selection is investigated.

A relay identification fluorescence probe for Fe3 + and phosphate anion and its applications

NASA Astrophysics Data System (ADS)

Tang, Xu; Wang, Yun; Han, Juan; Ni, Liang; Wang, Lei; Li, Longhua; Zhang, Huiqin; Li, Cheng; Li, Jing; Li, Haoran

2018-02-01

A simple relay identification fluorescence probe for Fe3 + and phosphate anion with ;on-off-on; switching was designed and synthesized based on the phenylthiazole and biphenylcarbonitrile. Probe 1 displayed highly selective and sensitive recognition to Fe3 + in HEPES aqueous buffer (EtOH/H2O = 2:8, v/v, pH = 7.4) solutions. The optimized structures and HOMO and LUMO of probe 1 and [1-Fe3 +] complex were obtained by the density functional theory (DFT) calculations with B3LYP as the exchange and correlation functional using a suite of Gaussian 09 programs. The [1-Fe3 +] complex solution also showed a high selectivity toward PO43 -. The lower limits of detection of probe 1 to Fe3 + and [1-Fe3 +] complex to PO43 - were estimated to 1.09 × 10- 7 M and 1.86 × 10- 7 M. Besides, the probe 1 also was used to detected the target ions in real water sample and living cells successfully.

Quantum hacking: Saturation attack on practical continuous-variable quantum key distribution

NASA Astrophysics Data System (ADS)

Qin, Hao; Kumar, Rupesh; Alléaume, Romain

2016-07-01

We identify and study a security loophole in continuous-variable quantum key distribution (CVQKD) implementations, related to the imperfect linearity of the homodyne detector. By exploiting this loophole, we propose an active side-channel attack on the Gaussian-modulated coherent-state CVQKD protocol combining an intercept-resend attack with an induced saturation of the homodyne detection on the receiver side (Bob). We show that an attacker can bias the excess noise estimation by displacing the quadratures of the coherent states received by Bob. We propose a saturation model that matches experimental measurements on the homodyne detection and use this model to study the impact of the saturation attack on parameter estimation in CVQKD. We demonstrate that this attack can bias the excess noise estimation beyond the null key threshold for any system parameter, thus leading to a full security break. If we consider an additional criterion imposing that the channel transmission estimation should not be affected by the attack, then the saturation attack can only be launched if the attenuation on the quantum channel is sufficient, corresponding to attenuations larger than approximately 6 dB. We moreover discuss the possible countermeasures against the saturation attack and propose a countermeasure based on Gaussian postselection that can be implemented by classical postprocessing and may allow one to distill the secret key when the raw measurement data are partly saturated.

Securing Cooperative Spectrum Sensing Against Collusive SSDF Attack using XOR Distance Analysis in Cognitive Radio Networks

PubMed Central

Feng, Jingyu; Zhang, Man; Xiao, Yun; Yue, Hongzhou

2018-01-01

Cooperative spectrum sensing (CSS) is considered as a powerful approach to improve the utilization of scarce spectrum resources. However, if CSS assumes that all secondary users (SU) are honest, it may offer opportunities for attackers to conduct a spectrum sensing data falsification (SSDF) attack. To suppress such a threat, recent efforts have been made to develop trust mechanisms. Currently, some attackers can collude with each other to form a collusive clique, and thus not only increase the power of SSDF attack but also avoid the detection of a trust mechanism. Noting the duality of sensing data, we propose a defense scheme called XDA from the perspective of XOR distance analysis to suppress a collusive SSDF attack. In the XDA scheme, the XOR distance calculation in line with the type of “0” and “1” historical sensing data is used to measure the similarity between any two SUs. Noting that collusive SSDF attackers hold high trust value and the minimum XOR distance, the algorithm to detect collusive SSDF attackers is designed. Meanwhile, the XDA scheme can perfect the trust mechanism to correct collusive SSDF attackers’ trust value. Simulation results show that the XDA scheme can enhance the accuracy of trust evaluation, and thus successfully reduce the power of collusive SSDF attack against CSS. PMID:29382061

Insecurity of Wireless Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Weber, John Mark; Yoo, Seong-Moo

Wireless is a powerful core technology enabling our global digital infrastructure. Wi-Fi networks are susceptible to attacks on Wired Equivalency Privacy, Wi-Fi Protected Access (WPA), and WPA2. These attack signatures can be profiled into a system that defends against such attacks on the basis of their inherent characteristics. Wi-Fi is the standard protocol for wireless networks used extensively in US critical infrastructures. Since the Wired Equivalency Privacy (WEP) security protocol was broken, the Wi-Fi Protected Access (WPA) protocol has been considered the secure alternative compatible with hardware developed for WEP. However, in November 2008, researchers developed an attack on WPA,more » allowing forgery of Address Resolution Protocol (ARP) packets. Subsequent enhancements have enabled ARP poisoning, cryptosystem denial of service, and man-in-the-middle attacks. Open source systems and methods (OSSM) have long been used to secure networks against such attacks. This article reviews OSSMs and the results of experimental attacks on WPA. These experiments re-created current attacks in a laboratory setting, recording both wired and wireless traffic. The article discusses methods of intrusion detection and prevention in the context of cyber physical protection of critical Internet infrastructure. The basis for this research is a specialized (and undoubtedly incomplete) taxonomy of Wi-Fi attacks and their adaptations to existing countermeasures and protocol revisions. Ultimately, this article aims to provide a clearer picture of how and why wireless protection protocols and encryption must achieve a more scientific basis for detecting and preventing such attacks.« less

47 CFR 74.635 - Unattended operation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Stations § 74.635 Unattended operation. (a) TV relay stations, TV translator relay stations, TV STL... persons; (3) TV relay stations, TV STL stations, TV translator relay stations, and TV microwave booster... control point. Additionally, a TV translator relay station (and any associated TV microwave booster...

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks

PubMed Central

Abdulqader Hussein, Ahmed; Rahman, Tharek A.; Leow, Chee Yen

2015-01-01

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks. PMID:26690159

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks.

PubMed

Hussein, Ahmed Abdulqader; Rahman, Tharek A; Leow, Chee Yen

2015-12-04

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks.

Mars Express Forward Link Capabilities for the Mars Relay Operations Service (MaROS)

NASA Technical Reports Server (NTRS)

Allard, Daniel A.; Wallick, Michael N.; Gladden, Roy E.; Wang, Paul

2012-01-01

This software provides a new capability for landed Mars assets to perform forward link relay through the Mars Express (MEX) European Union orbital spacecraft. It solves the problem of standardizing the relay interface between lander missions and MEX. The Mars Operations Relay Service (MaROS) is intended as a central point for relay planning and post-pass analysis for all Mars landed and orbital assets. Through the first two phases of implementation, MaROS supports relay coordination through the Odyssey orbiter and the Mars Reconnaissance Orbiter (MRO). With this new software, MaROS now fully integrates the Mars Express spacecraft into the relay picture. This new software generates and manages a new set of file formats that allows for relay request to MEX for forward and return link relay, including the parameters specific to MEX. Existing MEX relay planning interactions were performed via email exchanges and point-to-point file transfers. By integrating MEX into MaROS, all transactions are managed by a centralized service for tracking and analysis. Additionally, all lander missions have a single, shared interface with MEX and do not have to integrate on a mission-by mission basis. Relay is a critical element of Mars lander data management. Landed assets depend largely upon orbital relay for data delivery, which can be impacted by the availability and health of each orbiter in the network. At any time, an issue may occur to prevent relay. For this reason, it is imperative that all possible orbital assets be integrated into the overall relay picture.

Syndrome Surveillance Using Parametric Space-Time Clustering

DOE Office of Scientific and Technical Information (OSTI.GOV)

KOCH, MARK W.; MCKENNA, SEAN A.; BILISOLY, ROGER L.

2002-11-01

As demonstrated by the anthrax attack through the United States mail, people infected by the biological agent itself will give the first indication of a bioterror attack. Thus, a distributed information system that can rapidly and efficiently gather and analyze public health data would aid epidemiologists in detecting and characterizing emerging diseases, including bioterror attacks. We propose using clusters of adverse health events in space and time to detect possible bioterror attacks. Space-time clusters can indicate exposure to infectious diseases or localized exposure to toxins. Most space-time clustering approaches require individual patient data. To protect the patient's privacy, we havemore » extended these approaches to aggregated data and have embedded this extension in a sequential probability ratio test (SPRT) framework. The real-time and sequential nature of health data makes the SPRT an ideal candidate. The result of space-time clustering gives the statistical significance of a cluster at every location in the surveillance area and can be thought of as a ''health-index'' of the people living in this area. As a surrogate to bioterrorism data, we have experimented with two flu data sets. For both databases, we show that space-time clustering can detect a flu epidemic up to 21 to 28 days earlier than a conventional periodic regression technique. We have also tested using simulated anthrax attack data on top of a respiratory illness diagnostic category. Results show we do very well at detecting an attack as early as the second or third day after infected people start becoming severely symptomatic.« less

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment.

PubMed

Latif, Rabia; Abbas, Haider; Latif, Seemab; Masood, Ashraf

2016-07-01

Security and privacy are the first and foremost concerns that should be given special attention when dealing with Wireless Body Area Networks (WBANs). As WBAN sensors operate in an unattended environment and carry critical patient health information, Distributed Denial of Service (DDoS) attack is one of the major attacks in WBAN environment that not only exhausts the available resources but also influence the reliability of information being transmitted. This research work is an extension of our previous work in which a machine learning based attack detection algorithm is proposed to detect DDoS attack in WBAN environment. However, in order to avoid complexity, no consideration was given to the traceback mechanism. During traceback, the challenge lies in reconstructing the attack path leading to identify the attack source. Among existing traceback techniques, Probabilistic Packet Marking (PPM) approach is the most commonly used technique in conventional IP- based networks. However, since marking probability assignment has significant effect on both the convergence time and performance of a scheme, it is not directly applicable in WBAN environment due to high convergence time and overhead on intermediate nodes. Therefore, in this paper we have proposed a new scheme called Efficient Traceback Technique (ETT) based on Dynamic Probability Packet Marking (DPPM) approach and uses MAC header in place of IP header. Instead of using fixed marking probability, the proposed scheme uses variable marking probability based on the number of hops travelled by a packet to reach the target node. Finally, path reconstruction algorithms are proposed to traceback an attacker. Evaluation and simulation results indicate that the proposed solution outperforms fixed PPM in terms of convergence time and computational overhead on nodes.

A hierarchical detection method in external communication for self-driving vehicles based on TDMA.

PubMed

Alheeti, Khattab M Ali; Al-Ani, Muzhir Shaban; McDonald-Maier, Klaus

2018-01-01

Security is considered a major challenge for self-driving and semi self-driving vehicles. These vehicles depend heavily on communications to predict and sense their external environment used in their motion. They use a type of ad hoc network termed Vehicular ad hoc networks (VANETs). Unfortunately, VANETs are potentially exposed to many attacks on network and application level. This paper, proposes a new intrusion detection system to protect the communication system of self-driving cars; utilising a combination of hierarchical models based on clusters and log parameters. This security system is designed to detect Sybil and Wormhole attacks in highway usage scenarios. It is based on clusters, utilising Time Division Multiple Access (TDMA) to overcome some of the obstacles of VANETs such as high density, high mobility and bandwidth limitations in exchanging messages. This makes the security system more efficient, accurate and capable of real time detection and quick in identification of malicious behaviour in VANETs. In this scheme, each vehicle log calculates and stores different parameter values after receiving the cooperative awareness messages from nearby vehicles. The vehicles exchange their log data and determine the difference between the parameters, which is utilised to detect Sybil attacks and Wormhole attacks. In order to realize efficient and effective intrusion detection system, we use the well-known network simulator (ns-2) to verify the performance of the security system. Simulation results indicate that the security system can achieve high detection rates and effectively detect anomalies with low rate of false alarms.

Secure relay selection based on learning with negative externality in wireless networks

NASA Astrophysics Data System (ADS)

Zhao, Caidan; Xiao, Liang; Kang, Shan; Chen, Guiquan; Li, Yunzhou; Huang, Lianfen

2013-12-01

In this paper, we formulate relay selection into a Chinese restaurant game. A secure relay selection strategy is proposed for a wireless network, where multiple source nodes send messages to their destination nodes via several relay nodes, which have different processing and transmission capabilities as well as security properties. The relay selection utilizes a learning-based algorithm for the source nodes to reach their best responses in the Chinese restaurant game. In particular, the relay selection takes into account the negative externality of relay sharing among the source nodes, which learn the capabilities and security properties of relay nodes according to the current signals and the signal history. Simulation results show that this strategy improves the user utility and the overall security performance in wireless networks. In addition, the relay strategy is robust against the signal errors and deviations of some user from the desired actions.

Ethanol accumulation during severe drought may signal tree vulnerability to detection and attack by bark beetles

Treesearch

Rick G. Kelsey; D. Gallego; F.J. Sánchez-Garcia; J.A. Pajares

2014-01-01

Tree mortality from temperature-driven drought is occurring in forests around the world, often in conjunction with bark beetle outbreaks when carbon allocation to tree defense declines. Physiological metrics for detecting stressed trees with enhanced vulnerability prior to bark beetle attacks remain elusive. Ethanol, water, monoterpene concentrations, and composition...

PHACK: An Efficient Scheme for Selective Forwarding Attack Detection in WSNs.

PubMed

Liu, Anfeng; Dong, Mianxiong; Ota, Kaoru; Long, Jun

2015-12-09

In this paper, a Per-Hop Acknowledgement (PHACK)-based scheme is proposed for each packet transmission to detect selective forwarding attacks. In our scheme, the sink and each node along the forwarding path generate an acknowledgement (ACK) message for each received packet to confirm the normal packet transmission. The scheme, in which each ACK is returned to the source node along a different routing path, can significantly increase the resilience against attacks because it prevents an attacker from compromising nodes in the return routing path, which can otherwise interrupt the return of nodes' ACK packets. For this case, the PHACK scheme also has better potential to detect abnormal packet loss and identify suspect nodes as well as better resilience against attacks. Another pivotal issue is the network lifetime of the PHACK scheme, as it generates more acknowledgements than previous ACK-based schemes. We demonstrate that the network lifetime of the PHACK scheme is not lower than that of other ACK-based schemes because the scheme just increases the energy consumption in non-hotspot areas and does not increase the energy consumption in hotspot areas. Moreover, the PHACK scheme greatly simplifies the protocol and is easy to implement. Both theoretical and simulation results are given to demonstrate the effectiveness of the proposed scheme in terms of high detection probability and the ability to identify suspect nodes.

PHACK: An Efficient Scheme for Selective Forwarding Attack Detection in WSNs

PubMed Central

Liu, Anfeng; Dong, Mianxiong; Ota, Kaoru; Long, Jun

2015-01-01

In this paper, a Per-Hop Acknowledgement (PHACK)-based scheme is proposed for each packet transmission to detect selective forwarding attacks. In our scheme, the sink and each node along the forwarding path generate an acknowledgement (ACK) message for each received packet to confirm the normal packet transmission. The scheme, in which each ACK is returned to the source node along a different routing path, can significantly increase the resilience against attacks because it prevents an attacker from compromising nodes in the return routing path, which can otherwise interrupt the return of nodes’ ACK packets. For this case, the PHACK scheme also has better potential to detect abnormal packet loss and identify suspect nodes as well as better resilience against attacks. Another pivotal issue is the network lifetime of the PHACK scheme, as it generates more acknowledgements than previous ACK-based schemes. We demonstrate that the network lifetime of the PHACK scheme is not lower than that of other ACK-based schemes because the scheme just increases the energy consumption in non-hotspot areas and does not increase the energy consumption in hotspot areas. Moreover, the PHACK scheme greatly simplifies the protocol and is easy to implement. Both theoretical and simulation results are given to demonstrate the effectiveness of the proposed scheme in terms of high detection probability and the ability to identify suspect nodes. PMID:26690178

Efficient Web Vulnerability Detection Tool for Sleeping Giant-Cross Site Request Forgery

NASA Astrophysics Data System (ADS)

Parimala, G.; Sangeetha, M.; AndalPriyadharsini, R.

2018-04-01

Now day’s web applications are very high in the rate of usage due to their user friendly environment and getting any information via internet but these web applications are affected by lot of threats. CSRF attack is one of the serious threats to web applications which is based on the vulnerabilities present in the normal web request and response of HTTP protocol. It is hard to detect but hence still it is present in most of the existing web applications. In CSRF attack, without user knowledge the unwanted actions on a reliable websites are forced to happen. So it is placed in OWASP’s top 10 Web Application attacks list. My proposed work is to do a real time scan of CSRF vulnerability attack in given URL of the web applications as well as local host address for any organization using python language. Client side detection of CSRF is depended on Form count which is presented in that given web site.

A Protocol Specification-Based Intrusion Detection System for VoIP and Its Evaluation

NASA Astrophysics Data System (ADS)

Phit, Thyda; Abe, Kôki

We propose an architecture of Intrusion Detection System (IDS) for VoIP using a protocol specification-based detection method to monitor the network traffics and alert administrator for further analysis of and response to suspicious activities. The protocol behaviors and their interactions are described by state machines. Traffic that behaves differently from the standard specifications are considered to be suspicious. The IDS has been implemented and simulated using OPNET Modeler, and verified to detect attacks. It was found that our system can detect typical attacks within a reasonable amount of delay time.

49 CFR 236.52 - Relayed cut-section.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Relayed cut-section. 236.52 Section 236.52...: All Systems Track Circuits § 236.52 Relayed cut-section. Where relayed cut-section is used in... shall be open and the track circuit shunted when the track relay at such cut-section is in deenergized...

49 CFR 236.52 - Relayed cut-section.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Relayed cut-section. 236.52 Section 236.52...: All Systems Track Circuits § 236.52 Relayed cut-section. Where relayed cut-section is used in... shall be open and the track circuit shunted when the track relay at such cut-section is in deenergized...

47 CFR 64.601 - Definitions and provisions of general applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... obtained by a VRS or IP Relay provider that identifies the physical location of an end user. (18... not use such a device, speech-to-speech services, video relay services and non-English relay services.... (26) Video relay service (VRS). A telecommunications relay service that allows people with hearing or...

47 CFR 64.601 - Definitions and provisions of general applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... obtained by a VRS or IP Relay provider that identifies the physical location of an end user. (18... not use such a device, speech-to-speech services, video relay services and non-English relay services.... (26) Video relay service (VRS). A telecommunications relay service that allows people with hearing or...

47 CFR 64.601 - Definitions and provisions of general applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... vocabulary. (18) Registered Location. The most recent information obtained by a VRS or IP Relay provider that... services, video relay services and non-English relay services. TRS supersedes the terms “dual party relay... TRS User's NANP telephone number to his or her end device. (27) Video relay service (VRS). A...

Use of Deception to Improve Client Honeypot Detection of Drive-by-Download Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Popovsky, Barbara; Narvaez Suarez, Julia F.; Seifert, Christian

2009-07-24

This paper presents the application of deception theory to improve the success of client honeypots at detecting malicious web page attacks from infected servers programmed by online criminals to launch drive-by-download attacks. The design of honeypots faces three main challenges: deception, how to design honeypots that seem real systems; counter-deception, techniques used to identify honeypots and hence defeating their deceiving nature; and counter counter-deception, how to design honeypots that deceive attackers. The authors propose the application of a deception model known as the deception planning loop to identify the current status on honeypot research, development and deployment. The analysis leadsmore » to a proposal to formulate a landscape of the honeypot research and planning of steps ahead.« less

Identification of Successive ``Unobservable'' Cyber Data Attacks in Power Systems Through Matrix Decomposition

NASA Astrophysics Data System (ADS)

Gao, Pengzhi; Wang, Meng; Chow, Joe H.; Ghiocel, Scott G.; Fardanesh, Bruce; Stefopoulos, George; Razanousky, Michael P.

2016-11-01

This paper presents a new framework of identifying a series of cyber data attacks on power system synchrophasor measurements. We focus on detecting "unobservable" cyber data attacks that cannot be detected by any existing method that purely relies on measurements received at one time instant. Leveraging the approximate low-rank property of phasor measurement unit (PMU) data, we formulate the identification problem of successive unobservable cyber attacks as a matrix decomposition problem of a low-rank matrix plus a transformed column-sparse matrix. We propose a convex-optimization-based method and provide its theoretical guarantee in the data identification. Numerical experiments on actual PMU data from the Central New York power system and synthetic data are conducted to verify the effectiveness of the proposed method.

GPS Spoofing Attack Characterization and Detection in Smart Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Blum, Rick S.; Pradhan, Parth; Nagananda, Kyatsandra

The problem of global positioning system (GPS) spoofing attacks on smart grids endowed with phasor measurement units (PMUs) is addressed, taking into account the dynamical behavior of the states of the system. First, it is shown how GPS spoofing introduces a timing synchronization error in the phasor readings recorded by the PMUs and alters the measurement matrix of the dynamical model. Then, a generalized likelihood ratio-based hypotheses testing procedure is devised to detect changes in the measurement matrix when the system is subjected to a spoofing attack. Monte Carlo simulations are performed on the 9-bus, 3-machine test grid to demonstratemore » the implication of the spoofing attack on dynamic state estimation and to analyze the performance of the proposed hypotheses test.« less

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hodge, Brian S; Wu, Yifu; Wei, Jin

Distributed Energy Resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. As most of these generators are geographically dispersed, dedicated communications investments for every generator are capital cost prohibitive. Real-time distributed communications middleware, which supervises, organizes and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs, allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the Quality of Experience (QoE) measures to complement the conventional Quality of Service (QoS)more » information to detect and mitigate the congestion attacks effectively. The simulation results illustrate the efficiency of our proposed communications middleware architecture.« less

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids: Preprint

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wu, Yifu; Wei, Jin; Hodge, Bri-Mathias

Distributed energy resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. Because most of these generators are geographically dispersed, dedicated communications investments for every generator are capital-cost prohibitive. Real-time distributed communications middleware - which supervises, organizes, and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs - allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the quality of experience measures to complement the conventional quality of service informationmore » to effectively detect and mitigate congestion attacks. The simulation results illustrate the efficiency of our proposed communications middleware architecture.« less

A network security monitor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Heberlein, L.T.; Dias, G.V.; Levitt, K.N.

1989-11-01

The study of security in computer networks is a rapidly growing area of interest because of the proliferation of networks and the paucity of security measures in most current networks. Since most networks consist of a collection of inter-connected local area networks (LANs), this paper concentrates on the security-related issues in a single broadcast LAN such as Ethernet. Specifically, we formalize various possible network attacks and outline methods of detecting them. Our basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, ourmore » work is similar to the host-based intrusion-detection systems such as SRI's IDES. Different from such systems, however, is our use of a hierarchical model to refine the focus of the intrusion-detection mechanism. We also report on the development of our experimental LAN monitor currently under implementation. Several network attacks have been simulated and results on how the monitor has been able to detect these attacks are also analyzed. Initial results demonstrate that many network attacks are detectable with our monitor, although it can surely be defeated. Current work is focusing on the integration of network monitoring with host-based techniques. 20 refs., 2 figs.« less

Modeling and Analyzing Intrusion Attempts to a Computer Network Operating in a Defense in Depth Posture

DTIC Science & Technology

2004-09-01

protection. Firewalls, Intrusion Detection Systems (IDS’s), Anti-Virus (AV) software , and routers are such tools used. In recent years, computer security...associated with operating systems, application software , and computing hardware. When IDS’s are utilized on a host computer or network, there are two...primary approaches to detecting and / or preventing attacks. Traditional IDS’s, like most AV software , rely on known “signatures” to detect attacks

Distributed clone detection in static wireless sensor networks: random walk with network division.

PubMed

Khan, Wazir Zada; Aalsalem, Mohammed Y; Saad, N M

2015-01-01

Wireless Sensor Networks (WSNs) are vulnerable to clone attacks or node replication attacks as they are deployed in hostile and unattended environments where they are deprived of physical protection, lacking physical tamper-resistance of sensor nodes. As a result, an adversary can easily capture and compromise sensor nodes and after replicating them, he inserts arbitrary number of clones/replicas into the network. If these clones are not efficiently detected, an adversary can be further capable to mount a wide variety of internal attacks which can emasculate the various protocols and sensor applications. Several solutions have been proposed in the literature to address the crucial problem of clone detection, which are not satisfactory as they suffer from some serious drawbacks. In this paper we propose a novel distributed solution called Random Walk with Network Division (RWND) for the detection of node replication attack in static WSNs which is based on claimer-reporter-witness framework and combines a simple random walk with network division. RWND detects clone(s) by following a claimer-reporter-witness framework and a random walk is employed within each area for the selection of witness nodes. Splitting the network into levels and areas makes clone detection more efficient and the high security of witness nodes is ensured with moderate communication and memory overheads. Our simulation results show that RWND outperforms the existing witness node based strategies with moderate communication and memory overheads.

The Laser Communications Relay and the Path to the Next Generation Near Earth Relay

NASA Technical Reports Server (NTRS)

Israel, David J.

2015-01-01

NASA Goddard Space Flight Center is currently developing the Laser Communications Relay Demonstration (LCRD) as a Path to the Next Generation Near Earth Space Communication Network. The current NASA Space Network or Tracking and Data Relay Satellite System is comprised of a constellation of Tracking and Data Relay Satellites (TDRS) in geosynchronous orbit and associated ground stations and operation centers. NASA is currently targeting a next generation of relay capability on orbit in the 2025 timeframe.

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Clements, Samuel L.; Patrick, Scott W.

Securing high value and critical assets is one of the biggest challenges facing this nation and others around the world. In modern integrated systems, there are four potential modes of attack available to an adversary: • physical only attack, • cyber only attack, • physical-enabled cyber attack, • cyber-enabled physical attack. Blended attacks involve an adversary working in one domain to reduce system effectiveness in another domain. This enables the attacker to penetrate further into the overall layered defenses. Existing vulnerability assessment (VA) processes and software tools which predict facility vulnerabilities typically evaluate the physical and cyber domains separately. Vulnerabilitiesmore » which result from the integration of cyber-physical control systems are not well characterized and are often overlooked by existing assessment approaches. In this paper, we modified modification of the timely detection methodology, used for decades in physical security VAs, to include cyber components. The Physical and Cyber Risk Analysis Tool (PACRAT) prototype illustrates an integrated vulnerability assessment that includes cyber-physical interdependencies. Information about facility layout, network topology, and emplaced safeguards is used to evaluate how well suited a facility is to detect, delay, and respond to attacks, to identify the pathways most vulnerable to attack, and to evaluate how often safeguards are compromised for a given threat or adversary type. We have tested the PACRAT prototype on critical infrastructure facilities and the results are promising. Future work includes extending the model to prescribe the recommended security improvements via an automated cost-benefit analysis.« less

Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

PubMed

Kang, Min-Joo; Kang, Je-Won

2016-01-01

A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security

PubMed Central

Kang, Min-Joo

2016-01-01

A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus. PMID:27271802

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

PubMed

N Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

2016-01-01

Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

Airline Safety and Economy

NASA Technical Reports Server (NTRS)

1993-01-01

This video documents efforts at NASA Langley Research Center to improve safety and economy in aircraft. Featured are the cockpit weather information needs computer system, which relays real time weather information to the pilot, and efforts to improve techniques to detect structural flaws and corrosion, such as the thermal bond inspection system.

Telecommunications Relay Services

MedlinePlus

... Home » Health Info » Hearing, Ear Infections, and Deafness Telecommunications Relay Services On this page: What are telecommunication ... additional information about telecommunication relay services? What are telecommunication relay services? Title IV of the Americans with ...

MaROS Strategic Relay Planning and Coordination Interfaces

NASA Technical Reports Server (NTRS)

Allard, Daniel A.

2010-01-01

The Mars Relay Operations Service (MaROS) is designed to provide planning and analysis tools in support of ongoing Mars Network relay operations. Strategic relay planning requires coordination between lander and orbiter mission ground data system (GDS) teams to schedule and execute relay communications passes. MaROS centralizes this process, correlating all data relevant to relay coordination to provide a cohesive picture of the relay state. Service users interact with the system through thin-layer command line and web user interface client applications. Users provide and utilize data such as lander view periods of orbiters, Deep Space Network (DSN) antenna tracks, and reports of relay pass performance. Users upload and download relevant relay data via formally defined and documented file structures including some described in Extensible Markup Language (XML). Clients interface with the system via an http-based Representational State Transfer (ReST) pattern using Javascript Object Notation (JSON) formats. This paper will provide a general overview of the service architecture and detail the software interfaces and considerations for interface design.

Failure detection and fault management techniques for flush airdata sensing systems

NASA Technical Reports Server (NTRS)

Whitmore, Stephen A.; Moes, Timothy R.; Leondes, Cornelius T.

1992-01-01

Methods based on chi-squared analysis are presented for detecting system and individual-port failures in the high-angle-of-attack flush airdata sensing system on the NASA F-18 High Alpha Research Vehicle. The HI-FADS hardware is introduced, and the aerodynamic model describes measured pressure in terms of dynamic pressure, angle of attack, angle of sideslip, and static pressure. Chi-squared analysis is described in the presentation of the concept for failure detection and fault management which includes nominal, iteration, and fault-management modes. A matrix of pressure orifices arranged in concentric circles on the nose of the aircraft indicate the parameters which are applied to the regression algorithms. The sensing techniques are applied to the F-18 flight data, and two examples are given of the computed angle-of-attack time histories. The failure-detection and fault-management techniques permit the matrix to be multiply redundant, and the chi-squared analysis is shown to be useful in the detection of failures.

An entangling-probe attack on Shor's algorithm for factorization

NASA Astrophysics Data System (ADS)

Azuma, Hiroo

2018-02-01

We investigate how to attack Shor's quantum algorithm for factorization with an entangling probe. We show that an attacker can steal an exact solution of Shor's algorithm outside an institute where the quantum computer is installed if he replaces its initialized quantum register with entangled qubits, namely the entangling probe. He can apply arbitrary local operations to his own probe. Moreover, we assume that there is an unauthorized person who helps the attacker to commit a crime inside the institute. He tells garbage data obtained from measurements of the quantum register to the attacker secretly behind a legitimate user's back. If the attacker succeeds in cracking Shor's algorithm, the legitimate user obtains a random answer and does not notice the attacker's illegal acts. We discuss how to detect the attacker. Finally, we estimate a probability that the quantum algorithm inevitably makes an error, of which the attacker can take advantage.

Estimating the probability of mountain pine beetle red-attack damage

Treesearch

Michael A Wulder; J. C. White; Barbara J Bentz; M. F. Alvarez; N. C. Coops

2006-01-01

Accurate spatial information on the location and extent of mountain pine beetle infestation is critical for the planning of mitigation and treatment activities. Areas of mixed forest and variable terrain present unique challenges for the detection and mapping of mountain pine beetle red-attack damage, as red-attack has a more heterogeneous distribution under these...

Network traffic intelligence using a low interaction honeypot

NASA Astrophysics Data System (ADS)

Nyamugudza, Tendai; Rajasekar, Venkatesh; Sen, Prasad; Nirmala, M.; Madhu Viswanatham, V.

2017-11-01

Advancements in networking technology have seen more and more devices becoming connected day by day. This has given organizations capacity to extend their networks beyond their boundaries to remote offices and remote employees. However as the network grows security becomes a major challenge since the attack surface also increases. There is need to guard the network against different types of attacks like intrusion and malware through using different tools at different networking levels. This paper describes how network intelligence can be acquired through implementing a low-interaction honeypot which detects and track network intrusion. Honeypot allows an organization to interact and gather information about an attack earlier before it compromises the network. This process is important because it allows the organization to learn about future attacks of the same nature and allows them to develop counter measures. The paper further shows how honeypot-honey net based model for interruption detection system (IDS) can be used to get the best valuable information about the attacker and prevent unexpected harm to the network.

A robust trust establishment scheme for wireless sensor networks.

PubMed

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2015-03-23

Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

Relay Telecommunications for the Coming Decade of Mars Exploration

NASA Technical Reports Server (NTRS)

Edwards, C.; DePaula, R.

2010-01-01

Over the past decade, an evolving network of relay-equipped orbiters has advanced our capabilities for Mars exploration. NASA's Mars Global Surveyor, 2001 Mars Odyssey, and Mars Reconnaissance Orbiter (MRO), as well as ESA's Mars Express Orbiter, have provided telecommunications relay services to the 2003 Mars Exploration Rovers, Spirit and Opportunity, and to the 2007 Phoenix Lander. Based on these successes, a roadmap for continued Mars relay services is in place for the coming decade. MRO and Odyssey will provide key relay support to the 2011 Mars Science Laboratory (MSL) mission, including capture of critical event telemetry during entry, descent, and landing, as well as support for command and telemetry during surface operations, utilizing new capabilities of the Electra relay payload on MRO and the Electra-Lite payload on MSL to allow significant increase in data return relative to earlier missions. Over the remainder of the decade a number of additional orbiter and lander missions are planned, representing new orbital relay service providers and new landed relay users. In this paper we will outline this Mars relay roadmap, quantifying relay performance over time, illustrating planned support scenarios, and identifying key challenges and technology infusion opportunities.

Exact outage analysis of the effect of co-channel interference on secured multi-hop relaying networks

NASA Astrophysics Data System (ADS)

Quang Nguyen, Sang; Kong, Hyung Yun

2016-11-01

In this article, the presence of multi-hop relaying, eavesdropper and co-channel interference (CCI) in the same system model is investigated. Specifically, the effect of CCI on a secured multi-hop relaying network is studied, in which the source communicates with the destination via multi-relay-hopping under the presence of an eavesdropper and CCI at each node. The optimal relay at each cluster is selected to help forward the message from the source to the destination. We apply two relay selection approaches to such a system model, i.e. the optimal relay is chosen based on (1) the maximum channel gain from the transmitter to all relays in the desired cluster and (2) the minimum channel gain from the eavesdropper to all relays in each cluster. For the performance evaluation and comparison, we derived the exact closed form of the secrecy outage probability of the two approaches. That analysis is verified by Monte Carlo simulation. Finally, the effects of the number of hops, the transmit power at the source, relays and the external sources, the distance between the external sources and each node in the system, and the location of the eavesdropper are presented and discussed.

A hierarchical detection method in external communication for self-driving vehicles based on TDMA

PubMed Central

Al-ani, Muzhir Shaban; McDonald-Maier, Klaus

2018-01-01

Security is considered a major challenge for self-driving and semi self-driving vehicles. These vehicles depend heavily on communications to predict and sense their external environment used in their motion. They use a type of ad hoc network termed Vehicular ad hoc networks (VANETs). Unfortunately, VANETs are potentially exposed to many attacks on network and application level. This paper, proposes a new intrusion detection system to protect the communication system of self-driving cars; utilising a combination of hierarchical models based on clusters and log parameters. This security system is designed to detect Sybil and Wormhole attacks in highway usage scenarios. It is based on clusters, utilising Time Division Multiple Access (TDMA) to overcome some of the obstacles of VANETs such as high density, high mobility and bandwidth limitations in exchanging messages. This makes the security system more efficient, accurate and capable of real time detection and quick in identification of malicious behaviour in VANETs. In this scheme, each vehicle log calculates and stores different parameter values after receiving the cooperative awareness messages from nearby vehicles. The vehicles exchange their log data and determine the difference between the parameters, which is utilised to detect Sybil attacks and Wormhole attacks. In order to realize efficient and effective intrusion detection system, we use the well-known network simulator (ns-2) to verify the performance of the security system. Simulation results indicate that the security system can achieve high detection rates and effectively detect anomalies with low rate of false alarms. PMID:29315302

Predation by the Dwarf Seahorse on Copepods: Quantifying Motion and Flows Using 3D High Speed Digital Holographic Cinematography - When Seahorses Attack!

NASA Astrophysics Data System (ADS)

Gemmell, Brad; Sheng, Jian; Buskey, Ed

2008-11-01

Copepods are an important planktonic food source for most of the world's fish species. This high predation pressure has led copepods to evolve an extremely effective escape response, with reaction times to hydrodynamic disturbances of less than 4 ms and escape speeds of over 500 body lengths per second. Using 3D high speed digital holographic cinematography (up to 2000 frames per second) we elucidate the role of entrainment flow fields generated by a natural visual predator, the dwarf seahorse (Hippocampus zosterae) during attacks on its prey, Acartia tonsa. Using phytoplankton as a tracer, we recorded and reconstructed 3D flow fields around the head of the seahorse and its prey during both successful and unsuccessful attacks to better understand how some attacks lead to capture with little or no detection from the copepod while others result in failed attacks. Attacks start with a slow approach to minimize the hydro-mechanical disturbance which is used by copepods to detect the approach of a potential predator. Successful attacks result in the seahorse using its pipette-like mouth to create suction faster than the copepod's response latency. As these characteristic scales of entrainment increase, a successful escape becomes more likely.

Energy efficient circuit design using nanoelectromechanical relays

NASA Astrophysics Data System (ADS)

Venkatasubramanian, Ramakrishnan

Nano-electromechanical (NEM) relays are a promising class of emerging devices that offer zero off-state leakage and behave like an ideal switch. Recent advances in planar fabrication technology have demonstrated that microelectromechanical (MEMS) scale miniature relays could be manufactured reliably and could be used to build fully functional, complex integrated circuits. The zero leakage operation of relays has renewed the interest in relay based low power logic design. This dissertation explores circuit architectures using NEM relays and NEMS-CMOS heterogeneous integration. Novel circuit topologies for sequential logic, memory, and power management circuits have been proposed taking into consideration the NEM relay device properties and optimizing for energy efficiency and area. In nanoscale electromechanical devices, dispersion forces like Van der Waals' force (vdW) affect the pull-in stability of the relay devices significantly. Verilog-A electromechanical model of the suspended gate relay operating at 1V with a nominal air gap of 5 - 10nm has been developed taking into account all the electrical, mechanical and dispersion effects. This dissertation explores different relay based latch and flip-flop topologies. It has been shown that as few as 4 relay cells could be used to build flip-flops. An integrated voltage doubler based flip flop that improves the performance by 2X by overdriving Vgb has been proposed. Three NEM relay based parallel readout memory bitcell architectures have been proposed that have faster access time, and remove the reliability issues associated with previously reported serial readout architectures. A paradigm shift in design of power switches using NEM relays is proposed. An interesting property of the relay device is that the ON state resistance (Ron) of the NEM relay switch is constant and is insensitive to the gate slew rate. This coupled with infinite OFF state resistance (Roff ) offers significant area and power advantages over CMOS. This dissertation demonstrates NEM relay based charge pump and NEM-CMOS heterogeneous discontinuous conduction mode (DCM) buck regulator and the results are compared against a standard commercial 0.35μm CMOS implementation. It is shown that NEM-CMOS heterogeneous DC-DC converter has an area savings of 60% over CMOS and achieves an overall higher efficiency over CMOS, with a peak efficiency of 94.3% at 100mA. NEM relays offers unprecedented 10X-30X energy efficiency improvement in logic design for low frequency operation and has the potential to break the CMOS efficiency barrier in power electronic circuits as well. The practical aspects of NEM Relay integration are evaluated and algorithms for synthesis and development of large NEM relay based logic circuits are explored.

Using Physical Models for Anomaly Detection in Control Systems

NASA Astrophysics Data System (ADS)

Svendsen, Nils; Wolthusen, Stephen

Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

Exploring Data Sharing Between Geographically Distributed Mobile and Fixed Nodes Supporting Extended Maritime Interdiction Operations (EMIO)

DTIC Science & Technology

2008-06-01

Diablo and LLNL o ITT Mesh, OPAREA TWO: between BP RHIB and BV, and between Sea Fox (USV) and BV o Sky Pilot, OPAREA THREE: between Tachyon ...between Sea Fox (USV) and BV o Sky Pilot, OPAREA THREE: between Tachyon Satellite and Sky Pilot Relay and between Sky Pilot Relay and BV o Wave Relay...between Tachyon Satellite and Sky Pilot Relay and between Sky Pilot Relay and BV o Wave Relay, OPAREA THREE: between BV and Balloon and between

Failure analysis of blistered gold plating on spot welded electrical relays

NASA Technical Reports Server (NTRS)

Sokolowski, Witold; O'Donnell, Tim

1989-01-01

Gold-plated stainless-steel sideplates, part of a JPL Galileo spacecraft electronic-relay assembly, exhibited blistering after resistance spot welding. Unacceptable relays had heavy nonuniform gold electrodeposited layers with thicknesses 4.5-11.5 microns. SEM and metallographic investigations indicated much higher heat input generated during the resistance spot welding in unacceptable relays. The attributes of acceptable welded relays are contrasted with unacceptable relays; the possible mechanism of laminar formation of polymeric material in the gold plating is discussed; and some recommendations are provided to prevent similar problems.

A Protocol Layer Trust-Based Intrusion Detection Scheme for Wireless Sensor Networks

PubMed Central

Wang, Jian; Jiang, Shuai; Fapojuwo, Abraham O.

2017-01-01

This article proposes a protocol layer trust-based intrusion detection scheme for wireless sensor networks. Unlike existing work, the trust value of a sensor node is evaluated according to the deviations of key parameters at each protocol layer considering the attacks initiated at different protocol layers will inevitably have impacts on the parameters of the corresponding protocol layers. For simplicity, the paper mainly considers three aspects of trustworthiness, namely physical layer trust, media access control layer trust and network layer trust. The per-layer trust metrics are then combined to determine the overall trust metric of a sensor node. The performance of the proposed intrusion detection mechanism is then analyzed using the t-distribution to derive analytical results of false positive and false negative probabilities. Numerical analytical results, validated by simulation results, are presented in different attack scenarios. It is shown that the proposed protocol layer trust-based intrusion detection scheme outperforms a state-of-the-art scheme in terms of detection probability and false probability, demonstrating its usefulness for detecting cross-layer attacks. PMID:28555023

A Protocol Layer Trust-Based Intrusion Detection Scheme for Wireless Sensor Networks.

PubMed

Wang, Jian; Jiang, Shuai; Fapojuwo, Abraham O

2017-05-27

This article proposes a protocol layer trust-based intrusion detection scheme for wireless sensor networks. Unlike existing work, the trust value of a sensor node is evaluated according to the deviations of key parameters at each protocol layer considering the attacks initiated at different protocol layers will inevitably have impacts on the parameters of the corresponding protocol layers. For simplicity, the paper mainly considers three aspects of trustworthiness, namely physical layer trust, media access control layer trust and network layer trust. The per-layer trust metrics are then combined to determine the overall trust metric of a sensor node. The performance of the proposed intrusion detection mechanism is then analyzed using the t-distribution to derive analytical results of false positive and false negative probabilities. Numerical analytical results, validated by simulation results, are presented in different attack scenarios. It is shown that the proposed protocol layer trust-based intrusion detection scheme outperforms a state-of-the-art scheme in terms of detection probability and false probability, demonstrating its usefulness for detecting cross-layer attacks.

Development of module for neural network identification of attacks on applications and services in multi-cloud platforms

NASA Astrophysics Data System (ADS)

Parfenov, D. I.; Bolodurina, I. P.

2018-05-01

The article presents the results of developing an approach to detecting and protecting against network attacks on the corporate infrastructure deployed on the multi-cloud platform. The proposed approach is based on the combination of two technologies: a softwareconfigurable network and virtualization of network functions. The approach for searching for anomalous traffic is to use a hybrid neural network consisting of a self-organizing Kohonen network and a multilayer perceptron. The study of the work of the prototype of the system for detecting attacks, the method of forming a learning sample, and the course of experiments are described. The study showed that using the proposed approach makes it possible to increase the effectiveness of the obfuscation of various types of attacks and at the same time does not reduce the performance of the network

Detecting Man-in-the-Middle Attacks against Transport Layer Security Connections with Timing Analysis

DTIC Science & Technology

2011-09-15

Networks (VPNs), TLS protects massive amounts of private information, and protecting this data from Man-in-the-Middle ( MitM ) attacks is imperative to...keeping the information secure. This thesis illustrates how an attacker can successfully perform a MitM attack against a TLS connection without alerting...mechanism a user has against a MitM . The goal for this research is to determine if a time threshold exists that can indicate the presence of a MitM in this

75 FR 26701 - Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-12

... Services (CTS), Internet Protocol (IP) CTS, IP Relay, and Video Relay Services (VRS), for the 2010-2011... comment on NECA's proposed compensation rates for TRS, STS, CTS, IP CTS, IP Relay, and VRS, for the 2010... interstate traditional TRS; $3.1566 for STS; $1.6951 for CTS and IP CTS; $1.2985 for IP Relay. Based on these...

Relay selection in energy harvesting cooperative networks with rateless codes

NASA Astrophysics Data System (ADS)

Zhu, Kaiyan; Wang, Fei

2018-04-01

This paper investigates the relay selection in energy harvesting cooperative networks, where the relays harvests energy from the radio frequency (RF) signals transmitted by a source, and the optimal relay is selected and uses the harvested energy to assist the information transmission from the source to its destination. Both source and the selected relay transmit information using rateless code, which allows the destination recover original information after collecting codes bits marginally surpass the entropy of original information. In order to improve transmission performance and efficiently utilize the harvested power, the optimal relay is selected. The optimization problem are formulated to maximize the achievable information rates of the system. Simulation results demonstrate that our proposed relay selection scheme outperform other strategies.

Adaptive transmission based on multi-relay selection and rate-compatible LDPC codes

NASA Astrophysics Data System (ADS)

Su, Hualing; He, Yucheng; Zhou, Lin

2017-08-01

In order to adapt to the dynamical changeable channel condition and improve the transmissive reliability of the system, a cooperation system of rate-compatible low density parity check (RC-LDPC) codes combining with multi-relay selection protocol is proposed. In traditional relay selection protocol, only the channel state information (CSI) of source-relay and the CSI of relay-destination has been considered. The multi-relay selection protocol proposed by this paper takes the CSI between relays into extra account in order to obtain more chances of collabration. Additionally, the idea of hybrid automatic request retransmission (HARQ) and rate-compatible are introduced. Simulation results show that the transmissive reliability of the system can be significantly improved by the proposed protocol.

Considerations for an Earth Relay Satellite with RF and Optical Trunklines

NASA Technical Reports Server (NTRS)

Israel, David J.

2016-01-01

Support for user platforms through the use of optical links to geosynchronous relay spacecraft are expected to be part of the future space communications architecture. The European Data Relay Satellite System (EDRS) has its first node, EDRS-A, in orbit. The EDRS architecture includes space-to-space optical links with a Ka-Band feeder link or trunkline. NASA's Laser Communications Relay Demonstration (LCRD) mission, originally baselined to support a space-to-space optical link relayed with an optical trunkline, has added an Radio Frequency (RF) trunkline. The use of an RF trunkline avoids the outages suffered by an optical trunkline due to clouds, but an RF trunkline will be bandwidth limited. A space relay architecture with both RF and optical trunklines could relay critical realtime data, while also providing a high data volume capacity. This paper considers the relay user scenarios that could be supported, and the implications to the space relay system and operations. System trades such as the amount of onboard processing and storage required, the use of link layer switching vs. network layer routing, and the use of Delay/Disruption Tolerant Networking (DTN) are discussed.

A graph-based system for network-vulnerability analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Swiler, L.P.; Phillips, C.

1998-06-01

This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker. The system could be used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. The analysis system requires as input a database of common attacks,more » broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.« less

Research on offense and defense technology for iOS kernel security mechanism

NASA Astrophysics Data System (ADS)

Chu, Sijun; Wu, Hao

2018-04-01

iOS is a strong and widely used mobile device system. It's annual profits make up about 90% of the total profits of all mobile phone brands. Though it is famous for its security, there have been many attacks on the iOS operating system, such as the Trident apt attack in 2016. So it is important to research the iOS security mechanism and understand its weaknesses and put forward targeted protection and security check framework. By studying these attacks and previous jailbreak tools, we can see that an attacker could only run a ROP code and gain kernel read and write permissions based on the ROP after exploiting kernel and user layer vulnerabilities. However, the iOS operating system is still protected by the code signing mechanism, the sandbox mechanism, and the not-writable mechanism of the system's disk area. This is far from the steady, long-lasting control that attackers expect. Before iOS 9, breaking these security mechanisms was usually done by modifying the kernel's important data structures and security mechanism code logic. However, after iOS 9, the kernel integrity protection mechanism was added to the 64-bit operating system and none of the previous methods were adapted to the new versions of iOS [1]. But this does not mean that attackers can not break through. Therefore, based on the analysis of the vulnerability of KPP security mechanism, this paper implements two possible breakthrough methods for kernel security mechanism for iOS9 and iOS10. Meanwhile, we propose a defense method based on kernel integrity detection and sensitive API call detection to defense breakthrough method mentioned above. And we make experiments to prove that this method can prevent and detect attack attempts or invaders effectively and timely.

Modeling And Detecting Anomalies In Scada Systems

NASA Astrophysics Data System (ADS)

Svendsen, Nils; Wolthusen, Stephen

The detection of attacks and intrusions based on anomalies is hampered by the limits of specificity underlying the detection techniques. However, in the case of many critical infrastructure systems, domain-specific knowledge and models can impose constraints that potentially reduce error rates. At the same time, attackers can use their knowledge of system behavior to mask their manipulations, causing adverse effects to observed only after a significant period of time. This paper describes elementary statistical techniques that can be applied to detect anomalies in critical infrastructure networks. A SCADA system employed in liquefied natural gas (LNG) production is used as a case study.

Security Analysis of Measurement-Device-Independent Quantum Key Distribution in Collective-Rotation Noisy Environment

NASA Astrophysics Data System (ADS)

Li, Na; Zhang, Yu; Wen, Shuang; Li, Lei-lei; Li, Jian

2018-01-01

Noise is a problem that communication channels cannot avoid. It is, thus, beneficial to analyze the security of MDI-QKD in noisy environment. An analysis model for collective-rotation noise is introduced, and the information theory methods are used to analyze the security of the protocol. The maximum amount of information that Eve can eavesdrop is 50%, and the eavesdropping can always be detected if the noise level ɛ ≤ 0.68. Therefore, MDI-QKD protocol is secure as quantum key distribution protocol. The maximum probability that the relay outputs successful results is 16% when existing eavesdropping. Moreover, the probability that the relay outputs successful results when existing eavesdropping is higher than the situation without eavesdropping. The paper validates that MDI-QKD protocol has better robustness.

Using a micromachined magnetostatic relay in commutating a DC motor

NASA Technical Reports Server (NTRS)

Tai, Yu-Chong (Inventor); Wright, John A. (Inventor); Lilienthal, Gerald (Inventor)

2004-01-01

A DC motor is commutated by rotating a magnetic rotor to induce a magnetic field in at least one magnetostatic relay in the motor. Each relay is activated in response to the magnetic field to deliver power to at least one corresponding winding connected to the relay. In some cases, each relay delivers power first through a corresponding primary winding and then through a corresponding secondary winding to a common node. Specific examples include a four-pole, three-phase motor in which each relay is activated four times during one rotation of the magnetic rotor.

Performance Analysis of Relay Subset Selection for Amplify-and-Forward Cognitive Relay Networks

PubMed Central

Qureshi, Ijaz Mansoor; Malik, Aqdas Naveed; Zubair, Muhammad

2014-01-01

Cooperative communication is regarded as a key technology in wireless networks, including cognitive radio networks (CRNs), which increases the diversity order of the signal to combat the unfavorable effects of the fading channels, by allowing distributed terminals to collaborate through sophisticated signal processing. Underlay CRNs have strict interference constraints towards the secondary users (SUs) active in the frequency band of the primary users (PUs), which limits their transmit power and their coverage area. Relay selection offers a potential solution to the challenges faced by underlay networks, by selecting either single best relay or a subset of potential relay set under different design requirements and assumptions. The best relay selection schemes proposed in the literature for amplify-and-forward (AF) based underlay cognitive relay networks have been very well studied in terms of outage probability (OP) and bit error rate (BER), which is deficient in multiple relay selection schemes. The novelty of this work is to study the outage behavior of multiple relay selection in the underlay CRN and derive the closed-form expressions for the OP and BER through cumulative distribution function (CDF) of the SNR received at the destination. The effectiveness of relay subset selection is shown through simulation results. PMID:24737980

Distributed Clone Detection in Static Wireless Sensor Networks: Random Walk with Network Division

PubMed Central

Khan, Wazir Zada; Aalsalem, Mohammed Y.; Saad, N. M.

2015-01-01

Wireless Sensor Networks (WSNs) are vulnerable to clone attacks or node replication attacks as they are deployed in hostile and unattended environments where they are deprived of physical protection, lacking physical tamper-resistance of sensor nodes. As a result, an adversary can easily capture and compromise sensor nodes and after replicating them, he inserts arbitrary number of clones/replicas into the network. If these clones are not efficiently detected, an adversary can be further capable to mount a wide variety of internal attacks which can emasculate the various protocols and sensor applications. Several solutions have been proposed in the literature to address the crucial problem of clone detection, which are not satisfactory as they suffer from some serious drawbacks. In this paper we propose a novel distributed solution called Random Walk with Network Division (RWND) for the detection of node replication attack in static WSNs which is based on claimer-reporter-witness framework and combines a simple random walk with network division. RWND detects clone(s) by following a claimer-reporter-witness framework and a random walk is employed within each area for the selection of witness nodes. Splitting the network into levels and areas makes clone detection more efficient and the high security of witness nodes is ensured with moderate communication and memory overheads. Our simulation results show that RWND outperforms the existing witness node based strategies with moderate communication and memory overheads. PMID:25992913

Binary Hypothesis Testing With Byzantine Sensors: Fundamental Tradeoff Between Security and Efficiency

NASA Astrophysics Data System (ADS)

Ren, Xiaoqiang; Yan, Jiaqi; Mo, Yilin

2018-03-01

This paper studies binary hypothesis testing based on measurements from a set of sensors, a subset of which can be compromised by an attacker. The measurements from a compromised sensor can be manipulated arbitrarily by the adversary. The asymptotic exponential rate, with which the probability of error goes to zero, is adopted to indicate the detection performance of a detector. In practice, we expect the attack on sensors to be sporadic, and therefore the system may operate with all the sensors being benign for extended period of time. This motivates us to consider the trade-off between the detection performance of a detector, i.e., the probability of error, when the attacker is absent (defined as efficiency) and the worst-case detection performance when the attacker is present (defined as security). We first provide the fundamental limits of this trade-off, and then propose a detection strategy that achieves these limits. We then consider a special case, where there is no trade-off between security and efficiency. In other words, our detection strategy can achieve the maximal efficiency and the maximal security simultaneously. Two extensions of the secure hypothesis testing problem are also studied and fundamental limits and achievability results are provided: 1) a subset of sensors, namely "secure" sensors, are assumed to be equipped with better security countermeasures and hence are guaranteed to be benign, 2) detection performance with unknown number of compromised sensors. Numerical examples are given to illustrate the main results.

Realistic computer network simulation for network intrusion detection dataset generation

NASA Astrophysics Data System (ADS)

Payer, Garrett

2015-05-01

The KDD-99 Cup dataset is dead. While it can continue to be used as a toy example, the age of this dataset makes it all but useless for intrusion detection research and data mining. Many of the attacks used within the dataset are obsolete and do not reflect the features important for intrusion detection in today's networks. Creating a new dataset encompassing a large cross section of the attacks found on the Internet today could be useful, but would eventually fall to the same problem as the KDD-99 Cup; its usefulness would diminish after a period of time. To continue research into intrusion detection, the generation of new datasets needs to be as dynamic and as quick as the attacker. Simply examining existing network traffic and using domain experts such as intrusion analysts to label traffic is inefficient, expensive, and not scalable. The only viable methodology is simulation using technologies including virtualization, attack-toolsets such as Metasploit and Armitage, and sophisticated emulation of threat and user behavior. Simulating actual user behavior and network intrusion events dynamically not only allows researchers to vary scenarios quickly, but enables online testing of intrusion detection mechanisms by interacting with data as it is generated. As new threat behaviors are identified, they can be added to the simulation to make quicker determinations as to the effectiveness of existing and ongoing network intrusion technology, methodology and models.

Detection of Spoofed MAC Addresses in 802.11 Wireless Networks

NASA Astrophysics Data System (ADS)

Tao, Kai; Li, Jing; Sampalli, Srinivas

Medium Access Control (MAC) address spoofing is considered as an important first step in a hacker's attempt to launch a variety of attacks on 802.11 wireless networks. Unfortunately, MAC address spoofing is hard to detect. Most current spoofing detection systems mainly use the sequence number (SN) tracking technique, which has drawbacks. Firstly, it may lead to an increase in the number of false positives. Secondly, such techniques cannot be used in systems with wireless cards that do not follow standard 802.11 sequence number patterns. Thirdly, attackers can forge sequence numbers, thereby causing the attacks to go undetected. We present a new architecture called WISE GUARD (Wireless Security Guard) for detection of MAC address spoofing on 802.11 wireless LANs. It integrates three detection techniques - SN tracking, Operating System (OS) fingerprinting & tracking and Received Signal Strength (RSS) fingerprinting & tracking. It also includes the fingerprinting of Access Point (AP) parameters as an extension to the OS fingerprinting for detection of AP address spoofing. We have implemented WISE GUARD on a test bed using off-the-shelf wireless devices and open source drivers. Experimental results show that the new design enhances the detection effectiveness and reduces the number of false positives in comparison with current approaches.

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET

PubMed Central

N. Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

2016-01-01

Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks. PMID:27285146

Stealthy false data injection attacks using matrix recovery and independent component analysis in smart grid

NASA Astrophysics Data System (ADS)

JiWei, Tian; BuHong, Wang; FuTe, Shang; Shuaiqi, Liu

2017-05-01

Exact state estimation is vital important to maintain common operations of smart grids. Existing researches demonstrate that state estimation output could be compromised by malicious attacks. However, to construct the attack vectors, a usual presumption in most works is that the attacker has perfect information regarding the topology and so on even such information is difficult to acquire in practice. Recent research shows that Independent Component Analysis (ICA) can be used for inferring topology information which can be used to originate undetectable attacks and even to alter the price of electricity for the profits of attackers. However, we found that the above ICA-based blind attack tactics is merely feasible in the environment with Gaussian noises. If there are outliers (device malfunction and communication errors), the Bad Data Detector will easily detect the attack. Hence, we propose a robust ICA based blind attack strategy that one can use matrix recovery to circumvent the outlier problem and construct stealthy attack vectors. The proposed attack strategies are tested with IEEE representative 14-bus system. Simulations verify the feasibility of the proposed method.

n/a

NASA Image and Video Library

2004-04-15

This image is an artist's conception of the Pegasus, meteoroid detection satellite, in orbit with meteoroid detector extended. The satellite, a payload for Saturn I SA-8, SA-9, and SA-10 missions, was used to obtain data on frequency and penetration of the potentially hazardous micrometeoroids in low Earth orbits and to relay the information back to Earth.

Saturn Apollo Program

NASA Image and Video Library

1965-02-17

Activities at Green Mountain Tracking Station, Alabama, during lift-off of the Saturn I, SA-9 mission, showing the overall view of instrument panels used in tracking the Pegasus, meteoroid-detection satellite. The satellite was used to obtain data on frequency and penetration of the potentially hazardous micrometeoroids in low Earth orbits and to relay the information back to Earth.

A performance analysis in AF full duplex relay selection network

NASA Astrophysics Data System (ADS)

Ngoc, Long Nguyen; Hong, Nhu Nguyen; Loan, Nguyen Thi Phuong; Kieu, Tam Nguyen; Voznak, Miroslav; Zdralek, Jaroslav

2018-04-01

This paper studies on the relaying selective matter in amplify-and-forward (AF) cooperation communication with full-duplex (FD) activity. Various relay choice models supposing the present of different instant information are investigated. We examine a maximal relaying choice that optimizes the instant FD channel capacity and asks for global channel state information (CSI) as well as partial CSI learning. To make comparison easy, accurate outage probability clauses and asymptote form of these strategies that give a diversity rank are extracted. From that, we can see clearly that the number of relays, noise factor, the transmittance coefficient as well as the information transfer power had impacted on their performance. Besides, the optimal relay selection (ORS) model can promote than that of the partial relay selection (PRS) model.

On detection and visualization techniques for cyber security situation awareness

NASA Astrophysics Data System (ADS)

Yu, Wei; Wei, Shixiao; Shen, Dan; Blowers, Misty; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe; Zhang, Hanlin; Lu, Chao

2013-05-01

Networking technologies are exponentially increasing to meet worldwide communication requirements. The rapid growth of network technologies and perversity of communications pose serious security issues. In this paper, we aim to developing an integrated network defense system with situation awareness capabilities to present the useful information for human analysts. In particular, we implement a prototypical system that includes both the distributed passive and active network sensors and traffic visualization features, such as 1D, 2D and 3D based network traffic displays. To effectively detect attacks, we also implement algorithms to transform real-world data of IP addresses into images and study the pattern of attacks and use both the discrete wavelet transform (DWT) based scheme and the statistical based scheme to detect attacks. Through an extensive simulation study, our data validate the effectiveness of our implemented defense system.

Relay discovery and selection for large-scale P2P streaming

PubMed Central

Zhang, Chengwei; Wang, Angela Yunxian

2017-01-01

In peer-to-peer networks, application relays have been commonly used to provide various networking services. The service performance often improves significantly if a relay is selected appropriately based on its network location. In this paper, we studied the location-aware relay discovery and selection problem for large-scale P2P streaming networks. In these large-scale and dynamic overlays, it incurs significant communication and computation cost to discover a sufficiently large relay candidate set and further to select one relay with good performance. The network location can be measured directly or indirectly with the tradeoffs between timeliness, overhead and accuracy. Based on a measurement study and the associated error analysis, we demonstrate that indirect measurements, such as King and Internet Coordinate Systems (ICS), can only achieve a coarse estimation of peers’ network location and those methods based on pure indirect measurements cannot lead to a good relay selection. We also demonstrate that there exists significant error amplification of the commonly used “best-out-of-K” selection methodology using three RTT data sets publicly available. We propose a two-phase approach to achieve efficient relay discovery and accurate relay selection. Indirect measurements are used to narrow down a small number of high-quality relay candidates and the final relay selection is refined based on direct probing. This two-phase approach enjoys an efficient implementation using the Distributed-Hash-Table (DHT). When the DHT is constructed, the node keys carry the location information and they are generated scalably using indirect measurements, such as the ICS coordinates. The relay discovery is achieved efficiently utilizing the DHT-based search. We evaluated various aspects of this DHT-based approach, including the DHT indexing procedure, key generation under peer churn and message costs. PMID:28410384

Relay discovery and selection for large-scale P2P streaming.

PubMed

Zhang, Chengwei; Wang, Angela Yunxian; Hei, Xiaojun

2017-01-01

In peer-to-peer networks, application relays have been commonly used to provide various networking services. The service performance often improves significantly if a relay is selected appropriately based on its network location. In this paper, we studied the location-aware relay discovery and selection problem for large-scale P2P streaming networks. In these large-scale and dynamic overlays, it incurs significant communication and computation cost to discover a sufficiently large relay candidate set and further to select one relay with good performance. The network location can be measured directly or indirectly with the tradeoffs between timeliness, overhead and accuracy. Based on a measurement study and the associated error analysis, we demonstrate that indirect measurements, such as King and Internet Coordinate Systems (ICS), can only achieve a coarse estimation of peers' network location and those methods based on pure indirect measurements cannot lead to a good relay selection. We also demonstrate that there exists significant error amplification of the commonly used "best-out-of-K" selection methodology using three RTT data sets publicly available. We propose a two-phase approach to achieve efficient relay discovery and accurate relay selection. Indirect measurements are used to narrow down a small number of high-quality relay candidates and the final relay selection is refined based on direct probing. This two-phase approach enjoys an efficient implementation using the Distributed-Hash-Table (DHT). When the DHT is constructed, the node keys carry the location information and they are generated scalably using indirect measurements, such as the ICS coordinates. The relay discovery is achieved efficiently utilizing the DHT-based search. We evaluated various aspects of this DHT-based approach, including the DHT indexing procedure, key generation under peer churn and message costs.

Relay protection features of frequency-adjustable electric drive

NASA Astrophysics Data System (ADS)

Kuprienko, V. V.

2018-03-01

The features of relay protection of high-voltage electric motors in composition of the frequency-adjustable electric drive are considered in the article. The influence of frequency converters on the stability of the operation of various types of relay protection used on electric motors is noted. Variants of circuits for connecting relay protection devices are suggested. The need to develop special relay protection devices for a frequency-adjustable electric drive is substantiated.

Development of a Relay Performance Web Tool for the Mars Network

NASA Technical Reports Server (NTRS)

Allard, Daniel A.; Edwards, Charles D.

2009-01-01

Modern Mars surface missions rely upon orbiting spacecraft to relay communications to and from Earth systems. An important component of this multi-mission relay process is the collection of relay performance statistics supporting strategic trend analysis and tactical anomaly identification and tracking.

Modified Dynamic Decode-and-Forward Relaying Protocol for Type II Relay in LTE-Advanced and Beyond

PubMed Central

Nam, Sung Sik; Alouini, Mohamed-Slim; Choi, Seyeong

2016-01-01

In this paper, we propose a modified dynamic decode-and-forward (MoDDF) relaying protocol to meet the critical requirements for user equipment (UE) relays in next-generation cellular systems (e.g., LTE-Advanced and beyond). The proposed MoDDF realizes the fast jump-in relaying and the sequential decoding with an application of random codeset to encoding and re-encoding process at the source and the multiple UE relays, respectively. A subframe-by-subframe decoding based on the accumulated (or buffered) messages is employed to achieve energy, information, or mixed combining. Finally, possible early termination of decoding at the end user can lead to the higher spectral efficiency and more energy saving by reducing the frequency of redundant subframe transmission and decoding. These attractive features eliminate the need of directly exchanging control messages between multiple UE relays and the end user, which is an important prerequisite for the practical UE relay deployment. PMID:27898712

Modified Dynamic Decode-and-Forward Relaying Protocol for Type II Relay in LTE-Advanced and Beyond.

PubMed

Nam, Sung Sik; Alouini, Mohamed-Slim; Choi, Seyeong

2016-01-01

In this paper, we propose a modified dynamic decode-and-forward (MoDDF) relaying protocol to meet the critical requirements for user equipment (UE) relays in next-generation cellular systems (e.g., LTE-Advanced and beyond). The proposed MoDDF realizes the fast jump-in relaying and the sequential decoding with an application of random codeset to encoding and re-encoding process at the source and the multiple UE relays, respectively. A subframe-by-subframe decoding based on the accumulated (or buffered) messages is employed to achieve energy, information, or mixed combining. Finally, possible early termination of decoding at the end user can lead to the higher spectral efficiency and more energy saving by reducing the frequency of redundant subframe transmission and decoding. These attractive features eliminate the need of directly exchanging control messages between multiple UE relays and the end user, which is an important prerequisite for the practical UE relay deployment.

Advanced Strategic and Tactical Relay Request Management for the Mars Relay Operations Service

NASA Technical Reports Server (NTRS)

Allard, Daniel A.; Wallick, Michael N.; Gladden, Roy E.; Wang, Paul; Hy, Franklin H.

2013-01-01

This software provides a new set of capabilities for the Mars Relay Operations Service (MaROS) in support of Strategic and Tactical relay, including a highly interactive relay request Web user interface, mission control over relay planning time periods, and mission management of allowed strategic vs. tactical request parameters. Together, these new capabilities expand the scope of the system to include all elements critical for Tactical relay operations. Planning of replay activities spans a time period that is split into two distinct phases. The first phase is called Strategic, which begins at the time that relay opportunities are identified, and concludes at the point that the orbiter generates the flight sequences for on board execution. Any relay request changes from this point on are called Tactical. Tactical requests, otherwise called Orbit - er Relay State Changes (ORSC), are highly restricted in terms of what types of changes can be made, and the types of parameters that can be changed may differ from one orbiter to the next. For example, one orbiter may be able to delay the start of a relay request, while another may not. The legacy approach to ORSC management involves exchanges of e-mail with "requests for change" and "acknowledgement of approval," with no other tracking of changes outside of e-mail folders. MaROS Phases 1 and 2 provided the infrastructure for strategic relay for all supported missions. This new version, 3.0, introduces several capabilities that fully expand the scope of the system to include tactical relay. One new feature allows orbiter users to manage and "lock" Planning Periods, which allows the orbiter team to formalize the changeover from Strategic to Tactical operations. Another major feature allows users to interactively submit tactical request changes via a Web user interface. A third new feature allows orbiter missions to specify allowed tactical updates, which are automatically incorporated into the tactical change process. This software update is significant in that it provides the only centralized service for tactical request management available for relay missions.

Towards a Video Passive Content Fingerprinting Method for Partial-Copy Detection Robust against Non-Simulated Attacks

PubMed Central

2016-01-01

Passive content fingerprinting is widely used for video content identification and monitoring. However, many challenges remain unsolved especially for partial-copies detection. The main challenge is to find the right balance between the computational cost of fingerprint extraction and fingerprint dimension, without compromising detection performance against various attacks (robustness). Fast video detection performance is desirable in several modern applications, for instance, in those where video detection involves the use of large video databases or in applications requiring real-time video detection of partial copies, a process whose difficulty increases when videos suffer severe transformations. In this context, conventional fingerprinting methods are not fully suitable to cope with the attacks and transformations mentioned before, either because the robustness of these methods is not enough or because their execution time is very high, where the time bottleneck is commonly found in the fingerprint extraction and matching operations. Motivated by these issues, in this work we propose a content fingerprinting method based on the extraction of a set of independent binary global and local fingerprints. Although these features are robust against common video transformations, their combination is more discriminant against severe video transformations such as signal processing attacks, geometric transformations and temporal and spatial desynchronization. Additionally, we use an efficient multilevel filtering system accelerating the processes of fingerprint extraction and matching. This multilevel filtering system helps to rapidly identify potential similar video copies upon which the fingerprint process is carried out only, thus saving computational time. We tested with datasets of real copied videos, and the results show how our method outperforms state-of-the-art methods regarding detection scores. Furthermore, the granularity of our method makes it suitable for partial-copy detection; that is, by processing only short segments of 1 second length. PMID:27861492

Modeling, Evaluation and Detection of Jamming Attacks in Time-Critical Wireless Applications

DTIC Science & Technology

2014-08-01

computing, modeling and analysis of wireless networks , network topol- ogy, and architecture design. Dr. Wang has been a Member of the Association for...important, yet open research question is how to model and detect jamming attacks in such wireless networks , where communication traffic is more time...against time-critical wireless networks with applications to the smart grid. In contrast to communication networks where packets-oriented metrics

Analysis of System Training Impact for Major Defense Acquisition Programs

DTIC Science & Technology

2011-08-01

simulation fidelity but rather were due to poor training development planning, the absence of instructional support and training features on the simulation...reduce detectability of the soldier, prevent attack if detected, prevent damage if attacked, minimize medical injury if wounded or otherwise injured, and...instance, a National Guard tank battalion that stores and maintains its tanks at a central maintenance/training facility may find it more cost

Application of Phasor Measurement Units for Protection of Distribution Networks with High Penetration of Photovoltaic Sources

NASA Astrophysics Data System (ADS)

Meskin, Matin

The rate of the integration of distributed generation (DG) units to the distribution level to meet the growth in demand increases as a reasonable replacement for costly network expansion. This integration brings many advantages to the consumers and power grids, as well as giving rise to more challenges in relation to protection and control. Recent research has brought to light the negative effects of DG units on short circuit currents and overcurrent (OC) protection systems in distribution networks. Change in the direction of fault current flow, increment or decrement of fault current magnitude, blindness of protection, feeder sympathy trip, nuisance trip of interrupting devices, and the disruption of coordination between protective devices are some potential impacts of DG unit integration. Among other types of DG units, the integration of renewable energy resources into the electric grid has seen a vast improvement in recent years. In particular, the interconnection of photovoltaic (PV) sources to the medium voltage (MV) distribution networks has experienced a rapid increase in the last decade. In this work, the effect of PV source on conventional OC relays in MV distribution networks is shown. It is indicated that the PV output fluctuation, due to changes in solar radiation, causes the magnitude and direction of the current to change haphazardly. These variations may result in the poor operation of OC relays as the main protective devices in the MV distribution networks. In other words, due to the bi-directional power flow characteristic and the fluctuation of current magnitude occurring in the presence of PV sources, a specific setting of OC relays is difficult to realize. Therefore, OC relays may operate in normal conditions. To improve the OC relay operation, a voltage-dependent-overcurrent protection is proposed. Although, this new method prevents the OC relay from maloperation, its ability to detect earth faults and high impedance faults is poor. Thus, a comprehensive protective system is suggested at the end of the dissertation. The proposed method is based on the application of the phasor measurement unit (PMU) and the differential protection method. All of the current magnitudes and angles are collected by PMU and are sent to the phasor data concentrator (PDC), where a differential protection algorithm is applied to these data. If any fault is detected, the trip will be sent back to the corresponding circuit breakers across the network. Higher selectivity, sensitivity, and faster operation in the differential protection are superior to those of other protection schemes. Differential protection operates as unit protection, which means that it operates only when there is a fault in the protection zone. It does not function for faults occurring out of zone. Therefore, no coordination is required between differential protections across the power system. Moreover, the misoperation of this protective scheme is less likely as compared to other protection methods.

Towards Reliable Evaluation of Anomaly-Based Intrusion Detection Performance

NASA Technical Reports Server (NTRS)

Viswanathan, Arun

2012-01-01

This report describes the results of research into the effects of environment-induced noise on the evaluation process for anomaly detectors in the cyber security domain. This research was conducted during a 10-week summer internship program from the 19th of August, 2012 to the 23rd of August, 2012 at the Jet Propulsion Laboratory in Pasadena, California. The research performed lies within the larger context of the Los Angeles Department of Water and Power (LADWP) Smart Grid cyber security project, a Department of Energy (DoE) funded effort involving the Jet Propulsion Laboratory, California Institute of Technology and the University of Southern California/ Information Sciences Institute. The results of the present effort constitute an important contribution towards building more rigorous evaluation paradigms for anomaly-based intrusion detectors in complex cyber physical systems such as the Smart Grid. Anomaly detection is a key strategy for cyber intrusion detection and operates by identifying deviations from profiles of nominal behavior and are thus conceptually appealing for detecting "novel" attacks. Evaluating the performance of such a detector requires assessing: (a) how well it captures the model of nominal behavior, and (b) how well it detects attacks (deviations from normality). Current evaluation methods produce results that give insufficient insight into the operation of a detector, inevitably resulting in a significantly poor characterization of a detectors performance. In this work, we first describe a preliminary taxonomy of key evaluation constructs that are necessary for establishing rigor in the evaluation regime of an anomaly detector. We then focus on clarifying the impact of the operational environment on the manifestation of attacks in monitored data. We show how dynamic and evolving environments can introduce high variability into the data stream perturbing detector performance. Prior research has focused on understanding the impact of this variability in training data for anomaly detectors, but has ignored variability in the attack signal that will necessarily affect the evaluation results for such detectors. We posit that current evaluation strategies implicitly assume that attacks always manifest in a stable manner; we show that this assumption is wrong. We describe a simple experiment to demonstrate the effects of environmental noise on the manifestation of attacks in data and introduce the notion of attack manifestation stability. Finally, we argue that conclusions about detector performance will be unreliable and incomplete if the stability of attack manifestation is not accounted for in the evaluation strategy.

Security management based on trust determination in cognitive radio networks

NASA Astrophysics Data System (ADS)

Li, Jianwu; Feng, Zebing; Wei, Zhiqing; Feng, Zhiyong; Zhang, Ping

2014-12-01

Security has played a major role in cognitive radio networks. Numerous researches have mainly focused on attacking detection based on source localization and detection probability. However, few of them took the penalty of attackers into consideration and neglected how to implement effective punitive measures against attackers. To address this issue, this article proposes a novel penalty mechanism based on cognitive trust value. The main feature of this mechanism has been realized by six functions: authentication, interactive, configuration, trust value collection, storage and update, and punishment. Data fusion center (FC) and cluster heads (CHs) have been put forward as a hierarchical architecture to manage trust value of cognitive users. Misbehaving users would be punished by FC by declining their trust value; thus, guaranteeing network security via distinguishing attack users is of great necessity. Simulation results verify the rationality and effectiveness of our proposed mechanism.

Method for detecting core malware sites related to biomedical information systems.

PubMed

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%.

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

PubMed Central

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%. PMID:25821511

Relay Selection for Cooperative Relaying in Wireless Energy Harvesting Networks

NASA Astrophysics Data System (ADS)

Zhu, Kaiyan; Wang, Fei; Li, Songsong; Jiang, Fengjiao; Cao, Lijie

2018-01-01

Energy harvesting from the surroundings is a promising solution to provide energy supply and extend the life of wireless sensor networks. Recently, energy harvesting has been shown as an attractive solution to prolong the operation of cooperative networks. In this paper, we propose a relay selection scheme to optimize the amplify-and-forward (AF) cooperative transmission in wireless energy harvesting cooperative networks. The harvesting energy and channel conditions are considered to select the optimal relay as cooperative relay to minimize the outage probability of the system. Simulation results show that our proposed relay selection scheme achieves better outage performance than other strategies.

Sparsity-aware multiple relay selection in large multi-hop decode-and-forward relay networks

NASA Astrophysics Data System (ADS)

Gouissem, A.; Hamila, R.; Al-Dhahir, N.; Foufou, S.

2016-12-01

In this paper, we propose and investigate two novel techniques to perform multiple relay selection in large multi-hop decode-and-forward relay networks. The two proposed techniques exploit sparse signal recovery theory to select multiple relays using the orthogonal matching pursuit algorithm and outperform state-of-the-art techniques in terms of outage probability and computation complexity. To reduce the amount of collected channel state information (CSI), we propose a limited-feedback scheme where only a limited number of relays feedback their CSI. Furthermore, a detailed performance-complexity tradeoff investigation is conducted for the different studied techniques and verified by Monte Carlo simulations.

A microcomputer-based testing station for dynamic and static testing of protective relay systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, W.J.; Li, R.J.; Gu, J.C.

1995-12-31

Dynamic and static relay performance testing before installation in the field is a subject of great interest to utility relay engineers. The common practice in utility testing of new relays is to put the new unit to be tested in parallel with an existing functioning relay in the system, wait until an actual transient occurs and then observe and analyze the performance of new relay. It is impossible to have a thorough test of the protective relay system through this procedure. An equipment, Microcomputer-Based Testing Station (or PC-Based Testing Station), that can perform both static and dynamic testing of themore » relay is described in this paper. The Power System Simulation Laboratory at the University of Texas at Arlington is a scaled-down, three-phase, physical power system which correlates well with the important components for a real power system and is an ideal facility for the dynamic and static testing of protective relay systems. A brief introduction to the configuration of this laboratory is presented. Test results of several protective functions by using this laboratory illustrate the usefulness of this test set-up.« less

The Limits of Cyberspace Deterrence

DTIC Science & Technology

2014-01-01

networks are secure, this protection would also take the form of deterring, preventing, detect- ing, and defending against cyber attacks . As a result...tar- get into inaction. In a nuclear scenario, all nations are aware of the American ability to attribute a nuclear attack to its source, U.S...through degraded environment and improving ability to attribute and defeat attacks on systems and infrastructure. Military must provide broad range of

Smart Grid Integrity Attacks: Characterizations and Countermeasures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Annarita Giani; Eilyan Bitar; Miles McQueen

2011-10-01

Real power injections at loads and generators, and real power flows on selected lines in a transmission network are monitored, transmitted over a SCADA network to the system operator, and used in state estimation algorithms to make dispatch, re-balance and other energy management system [EMS] decisions. Coordinated cyber attacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm. These unobservable attacks present a serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacksmore » [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of power meters on lines is presented. This requires O(n2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known secure phase measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyber attacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyber attacks.« less

Relay exchanges in elite short track speed skating.

PubMed

Hext, Andrew; Heller, Ben; Kelley, John; Goodwill, Simon

2017-06-01

In short track speed skating, the relay exchange provides an additional strategic component to races by allowing a team to change the skater involved in the pack race. Typically executed every 1½ laps, it is the belief of skaters and coaches that during this period of the race, time can be gained or lost due to the execution of the relay exchange. As such, the aim of this study was to examine the influence of the relay exchange on a team's progression through a 5000 m relay race. Using data collected from three World Cup relay events during the 2012-2013 season, the time taken to complete the straight for the scenarios with and without the relay exchange were compared at different skating speeds for the corner exit prior to the straight. Overall, the influence of the relay exchange was found to be dependent on this corner exit speed. At slower corner exit speeds (12.01-13.5 m/s), relay exchange straight times were significantly faster than the free skating scenario (P < 0.01). While at faster corner exit speeds (14.01-15 m/s), straight times were significantly slower (P < 0.001). The findings of this study suggest that the current norm of executing relay exchanges every 1½ laps may not be optimal. Instead, varying the frequency of relay exchange execution throughout the race could allow: (1) time to be gained relative to other teams; and (2) facilitate other race strategies by providing an improved opportunity to overtake.

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version

PubMed Central

Babu, M. Rajesh; Dian, S. Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things. PMID:26495430

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version.

PubMed

Babu, M Rajesh; Dian, S Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.

Mapping and detecting bark beetle-caused tree mortality in the western United States

NASA Astrophysics Data System (ADS)

Meddens, Arjan J. H.

Recently, insect outbreaks across North America have dramatically increased and the forest area affected by bark beetles is similar to that affected by fire. Remote sensing offers the potential to detect insect outbreaks with high accuracy. Chapter one involved detection of insect-caused tree mortality on the tree level for a 90km2 area in northcentral Colorado. Classes of interest included green trees, multiple stages of post-insect attack tree mortality including dead trees with red needles ("red-attack") and dead trees without needles ("gray-attack"), and non-forest. The results illustrated that classification of an image with a spatial resolution similar to the area of a tree crown outperformed that from finer and coarser resolution imagery for mapping tree mortality and non-forest classes. I also demonstrated that multispectral imagery could be used to separate multiple postoutbreak attack stages (i.e., red-attack and gray-attack) from other classes in the image. In Chapter 2, I compared and improved methods for detecting bark beetle-caused tree mortality using medium-resolution satellite data. I found that overall classification accuracy was similar between single-date and multi-date classification methods. I developed regression models to predict percent red attack within a 30-m grid cell and these models explained >75% of the variance using three Landsat spectral explanatory variables. Results of the final product showed that approximately 24% of the forest within the Landsat scene was comprised of tree mortality caused by bark beetles. In Chapter 3, I developed a gridded data set with 1-km2 resolution using aerial survey data and improved estimates of tree mortality across the western US and British Columbia. In the US, I also produced an upper estimate by forcing the mortality area to match that from high-resolution imagery in Idaho, Colorado, and New Mexico. Cumulative mortality area from all bark beetles was 5.46 Mha in British Columbia in 2001-2010 and 0.47-5.37 Mha (lower and upper estimate) in the western conterminous US during 1997-2010. Improved methods for detection and mapping of insect outbreak areas will lead to improved assessments of the effects of these forest disturbances on the economy, carbon cycle (and feedback to climate change), fuel loads, hydrology and forest ecology.

47 CFR 90.243 - Mobile relay stations.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Mobile relay stations. 90.243 Section 90.243... MOBILE RADIO SERVICES Non-Voice and Other Specialized Operations § 90.243 Mobile relay stations. (a) Mobile relay operations will be authorized on frequencies below 512 MHz, except in the Radiolocation...

49 CFR 236.589 - Relays.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OF SIGNAL AND TRAIN CONTROL SYSTEMS, DEVICES, AND APPLIANCES Automatic Train Stop, Train Control and Cab Signal Systems Inspection and Tests; Locomotive § 236.589 Relays. (a) Each relay shall be removed... train stop or train control system, at least once every two years; and (2) All other relays, at least...

49 CFR 236.589 - Relays.

Code of Federal Regulations, 2011 CFR

2011-10-01

... OF SIGNAL AND TRAIN CONTROL SYSTEMS, DEVICES, AND APPLIANCES Automatic Train Stop, Train Control and Cab Signal Systems Inspection and Tests; Locomotive § 236.589 Relays. (a) Each relay shall be removed... train stop or train control system, at least once every two years; and (2) All other relays, at least...

76 FR 59551 - Internet-Based Telecommunications Relay Service Numbering

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-27

..., and IP Relay, which allows these individuals to communicate in text using a computer. The final rules... hearing and speech disabilities to communicate using sign language through video equipment, and IP Relay... language through video equipment, and IP Relay, which allows these individuals to communicate in text using...

78 FR 55249 - Transmission Relay Loadability Reliability Standard; Notice of Compliance Filing

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-10

...; RM11-16-000] Transmission Relay Loadability Reliability Standard; Notice of Compliance Filing Take.... \\1\\ Transmission Relay Loadability Reliability Standard, Order No. 733, 130 FERC ] 61, 221 (2010..., Order No. 733-B, 136 FERC ] 61,185 (2011). \\2\\ Transmission Relay Loadability Reliability Standard, 138...

78 FR 21929 - Transmission Relay Loadability Reliability Standard; Notice of Compliance Filing

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-12

... Relay Loadability Reliability Standard; Notice of Compliance Filing Take notice that on February 19... Relay Loadability Reliability Standard, Order No. 733, 130 FERC ] 61,221 (2010) (Order No. 733); order..., 136 FERC ] 61,185 (2011). \\2\\ Transmission Relay Loadability Reliability Standard, 138 FERC ] 61,197...

76 FR 44326 - Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-25

... Relay Services and Speech-to-Speech Services for Individuals With Hearing and Speech Disabilities; Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION...-minute video relay service (``VRS'') compensation rates, and adopts per-minute compensation rates for the...

How to Use Telecommunications Relay Service. NETAC Teacher Tipsheet

ERIC Educational Resources Information Center

Mothersell, Mary Beth, Comp.

1999-01-01

Telecommunications Relay Service provides full telephone accessibility to people who are deaf, hard of hearing, deaf-blind, or speech-disabled. Specially trained Communication Assistants (CAs) serve as intermediaries, relaying conversations between hearing persons and persons using a text telephone device (TTY). Relay Service is available 24 hours…

75 FR 41863 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-19

... Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Notice. SUMMARY: In this document, the Commission takes a fresh look at its video relay service (VRS) rules so that the Commission.... SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Structure and Practices of the Video Relay...

76 FR 68642 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-07

... Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Final rule... with the Commission's Structure and Practices of the Video Relay Service Program, Memorandum Opinion... effective date of these rule sections. See, In the Matter of Structure and Practices of the Video Relay...

76 FR 68328 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-04

... Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Final rule... with the Commission's Structure and Practices of the Video Relay Service Program, Second Report and... effective date of these rule sections. See, In the Matter of Structure and Practices of the Video Relay...

76 FR 8659 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-15

... Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Final rule... with the Commission's Structure and Practices of the Video Relay Service Program, Declaratory Ruling... Practices of the Video Relay Service Program, CG Docket No. 10-51. Form Number: N/A. Respondents: Business...

76 FR 24442 - Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-02

...] Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and Speech Disabilities AGENCY: Federal Communications Commission. ACTION: Proposed rule. SUMMARY: In this document, the Commission tentatively concludes that it...

[Comparative analysis of phenomenology of paroxysms of atrial fibrillation and panic attacks].

PubMed

San'kova, T A; Solov'eva, A D; Nedostup, A V

2004-01-01

To study phenomenology of attacks of atrial fibrillation (AF) and to compare it with phenomenology of panic attacks for elucidation of pathogenesis of atrial fibrillation and for elaboration of rational therapeutic intervention including those aimed at correction of psychovegetative abnormalities. Patients with nonrheumatic paroxysmal AF (n=105) and 100 patients with panic attacks (n=100). Clinical, cardiological and neurological examination, analysis of patients complaints during attacks of AF, and comparison them with diagnostic criteria for panic attack. It was found that clinical picture of attacks of AF comprised vegetative, emotional and functional neurological phenomena similar to those characteristic for panic attacks. This similarity as well as positive therapeutic effect of clonazepam allowed to propose a novel pathogenic mechanism of AF attacks. Severity of psychovegetative disorders during paroxysm of AF could be evaluated by calculation of psychovegetative iudex: Psychovegetative index should be used for detection of panic attack-like component in clinical picture of AF paroxysm and thus for determination of indications for inclusion of vegetotropic drugs, e. g. clonazepam, in complex preventive therapy.

Security Assessment of Cyberphysical Digital Microfluidic Biochips.

PubMed

Ali, Sk Subidh; Ibrahim, Mohamed; Sinanoglu, Ozgur; Chakrabarty, Krishnendu; Karri, Ramesh

2016-01-01

A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.

Cyber terror.

PubMed

Haugh, Richard

2003-06-01

If terrorists attack America's health care info-tech systems, it probably won't be one big blow but rather a series of small incursions that are much more difficult to detect. How can your hospital protect its IT system before and after such insidious attacks.

Trouble Brewing: Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Control Systems

NASA Astrophysics Data System (ADS)

McEvoy, Thomas Richard; Wolthusen, Stephen D.

Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints.

Information Warfare-Worthy Jamming Attack Detection Mechanism for Wireless Sensor Networks Using a Fuzzy Inference System

PubMed Central

Misra, Sudip; Singh, Ranjit; Rohith Mohan, S. V.

2010-01-01

The proposed mechanism for jamming attack detection for wireless sensor networks is novel in three respects: firstly, it upgrades the jammer to include versatile military jammers; secondly, it graduates from the existing node-centric detection system to the network-centric system making it robust and economical at the nodes, and thirdly, it tackles the problem through fuzzy inference system, as the decision regarding intensity of jamming is seldom crisp. The system with its high robustness, ability to grade nodes with jamming indices, and its true-detection rate as high as 99.8%, is worthy of consideration for information warfare defense purposes. PMID:22319307

Proactive malware detection

NASA Astrophysics Data System (ADS)

Gloster, Jonathan; Diep, Michael; Dredden, David; Mix, Matthew; Olsen, Mark; Price, Brian; Steil, Betty

2014-06-01

Small-to-medium sized businesses lack resources to deploy and manage high-end advanced solutions to deter sophisticated threats from well-funded adversaries, but evidence shows that these types of businesses are becoming key targets. As malicious code and network attacks become more sophisticated, classic signature-based virus and malware detection methods are less effective. To augment the current malware methods of detection, we developed a proactive approach to detect emerging malware threats using open source tools and intelligence to discover patterns and behaviors of malicious attacks and adversaries. Technical and analytical skills are combined to track adversarial behavior, methods and techniques. We established a controlled (separated domain) network to identify, monitor, and track malware behavior to increase understanding of the methods and techniques used by cyber adversaries. We created a suite of tools that observe the network and system performance looking for anomalies that may be caused by malware. The toolset collects information from open-source tools and provides meaningful indicators that the system was under or has been attacked. When malware is discovered, we analyzed and reverse engineered it to determine how it could be detected and prevented. Results have shown that with minimum resources, cost effective capabilities can be developed to detect abnormal behavior that may indicate malicious software.

A Targeted Attack For Enhancing Resiliency of Intelligent Intrusion Detection Modules in Energy Cyber Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Youssef, Tarek; El Hariri, Mohammad; Habib, Hani

Abstract— Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time- critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware tomore » trigger false positives in the neural network’s response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network’s ability to learn and adapt to these attacks.« less

Physical Watermarking for Securing Cyber-Physical Systems via Packet Drop Injections

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ozel, Omur; Weekrakkody, Sean; Sinopoli, Bruno

Physical watermarking is a well known solution for detecting integrity attacks on Cyber-Physical Systems (CPSs) such as the smart grid. Here, a random control input is injected into the system in order to authenticate physical dynamics and sensors which may have been corrupted by adversaries. Packet drops may naturally occur in a CPS due to network imperfections. To our knowledge, previous work has not considered the role of packet drops in detecting integrity attacks. In this paper, we investigate the merit of injecting Bernoulli packet drops into the control inputs sent to actuators as a new physical watermarking scheme. Withmore » the classical linear quadratic objective function and an independent and identically distributed packet drop injection sequence, we study the effect of packet drops on meeting security and control objectives. Our results indicate that the packet drops could act as a potential physical watermark for attack detection in CPSs.« less

Innovative hazard detection and avoidance strategy for autonomous safe planetary landing

NASA Astrophysics Data System (ADS)

Jiang, Xiuqiang; Li, Shuang; Tao, Ting

2016-09-01

Autonomous hazard detection and avoidance (AHDA) is one of the key technologies for future safe planetary landing missions. In this paper, we address the latest progress on planetary autonomous hazard detection and avoidance technologies. First, the innovative autonomous relay hazard detection and avoidance strategy adopted in Chang'e-3 lunar soft landing mission and its flight results are reported in detail. Second, two new conceptual candidate schemes of hazard detection and avoidance are presented based on the Chang'e-3 AHDA system and the latest developing technologies for the future planetary missions, and some preliminary testing results are also given. Finally, the related supporting technologies for the two candidate schemes above are analyzed.

78 FR 49693 - Speech-to-Speech and Internet Protocol (IP) Speech-to-Speech Telecommunications Relay Services...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-15

...] Speech-to-Speech and Internet Protocol (IP) Speech-to-Speech Telecommunications Relay Services...: This is a summary of the Commission's Speech-to-Speech and Internet Protocol (IP) Speech-to-Speech...), Internet Protocol Relay (IP Relay), and IP captioned telephone service (IP CTS) as compensable forms of TRS...

The History and Development of the California Relay Service.

ERIC Educational Resources Information Center

Schultz, Stephen

1990-01-01

The California Relay Services (CRS) is a statewide 24-hour dual-party relay system which is designed to bridge the communication gap between the hearing-impaired and the normal-hearing community by using communication assistants to relay calls between those without Telecommunication Devices for the Deaf (TDDs) and TDD-users. (DB)

78 FR 63152 - Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-23

...] Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and Speech Disabilities... for telecommunications relay services (TRS) by eliminating standards for Internet-based relay services... comments, identified by CG Docket No. 03-123, by any of the following methods: Electronic Filers: Comments...

Versatile solid-state relay

NASA Technical Reports Server (NTRS)

Fox, D. A.

1977-01-01

Solid-state relay (SSR), containing multinode control logic, is operated as normally open, normally closed, or latched. Moreover several can be paralleled to form two-pole or double-throw relays. Versatile unit ends need to design custom control circuit for every relay application. Technique can be extended to incorporate selectable time delay, on operation or release, or pulsed output.

77 FR 43538 - Misuse of Internet Protocol (IP) Relay Service; Telecommunications Relay Services and Speech-to...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-25

... the Internet, this service has become subject to abuse. Among other things, persons have been using IP...] Misuse of Internet Protocol (IP) Relay Service; Telecommunications Relay Services and Speech-to-Speech.... ACTION: Final rule. SUMMARY: In this document, the Commission adopts a measure that prohibits Internet...

Cross-layer Joint Relay Selection and Power Allocation Scheme for Cooperative Relaying System

NASA Astrophysics Data System (ADS)

Zhi, Hui; He, Mengmeng; Wang, Feiyue; Huang, Ziju

2018-03-01

A novel cross-layer joint relay selection and power allocation (CL-JRSPA) scheme over physical layer and data-link layer is proposed for cooperative relaying system in this paper. Our goal is finding the optimal relay selection and power allocation scheme to maximize system achievable rate when satisfying total transmit power constraint in physical layer and statistical delay quality-of-service (QoS) demand in data-link layer. Using the concept of effective capacity (EC), our goal can be formulated into an optimal joint relay selection and power allocation (JRSPA) problem to maximize the EC when satisfying total transmit power limitation. We first solving optimal power allocation (PA) problem with Lagrange multiplier approach, and then solving optimal relay selection (RS) problem. Simulation results demonstrate that CL-JRSPA scheme gets larger EC than other schemes when satisfying delay QoS demand. In addition, the proposed CL-JRSPA scheme achieves the maximal EC when relay located approximately halfway between source and destination, and EC becomes smaller when the QoS exponent becomes larger.

Wireless Energy Harvesting Two-Way Relay Networks with Hardware Impairments.

PubMed

Peng, Chunling; Li, Fangwei; Liu, Huaping

2017-11-13

This paper considers a wireless energy harvesting two-way relay (TWR) network where the relay has energy-harvesting abilities and the effects of practical hardware impairments are taken into consideration. In particular, power splitting (PS) receiver is adopted at relay to harvests the power it needs for relaying the information between the source nodes from the signals transmitted by the source nodes, and hardware impairments is assumed suffered by each node. We analyze the effect of hardware impairments [-20]on both decode-and-forward (DF) relaying and amplify-and-forward (AF) relaying networks. By utilizing the obtained new expressions of signal-to-noise-plus-distortion ratios, the exact analytical expressions of the achievable sum rate and ergodic capacities for both DF and AF relaying protocols are derived. Additionally, the optimal power splitting (OPS) ratio that maximizes the instantaneous achievable sum rate is formulated and solved for both protocols. The performances of DF and AF protocols are evaluated via numerical results, which also show the effects of various network parameters on the system performance and on the OPS ratio design.

Comparisons of Attacks on Honeypots With Those on Real Networks

DTIC Science & Technology

2006-03-01

Oracle , MySQL , or PostgreSQL. Figure 2 shows an incoming packet and the process involved before and after the Snort engine detects the suspicious...stored on a separate, secured system.”[2]. Honeypots have several other uses besides monitoring attackers. They serve to protect real networks and...interaction vs . high-interaction. Although, both low-interaction and high-interaction honeypots are effective in soliciting attacks, high-interaction

Tampering detection system using quantum-mechanical systems

DOEpatents

Humble, Travis S [Knoxville, TN; Bennink, Ryan S [Knoxville, TN; Grice, Warren P [Oak Ridge, TN

2011-12-13

The use of quantum-mechanically entangled photons for monitoring the integrity of a physical border or a communication link is described. The no-cloning principle of quantum information science is used as protection against an intruder's ability to spoof a sensor receiver using a `classical` intercept-resend attack. Correlated measurement outcomes from polarization-entangled photons are used to protect against quantum intercept-resend attacks, i.e., attacks using quantum teleportation.

Cooperative Lander-Surface/Aerial Microflyer Missions for Mars Exploration

NASA Technical Reports Server (NTRS)

Thakoor, Sarita; Lay, Norman; Hine, Butler; Zornetzer, Steven

2004-01-01

Concepts are being investigated for exploratory missions to Mars based on Bioinspired Engineering of Exploration Systems (BEES), which is a guiding principle of this effort to develop biomorphic explorers. The novelty lies in the use of a robust telecom architecture for mission data return, utilizing multiple local relays (including the lander itself as a local relay and the explorers in the dual role of a local relay) to enable ranges 10 to 1,000 km and downlink of color imagery. As illustrated in Figure 1, multiple microflyers that can be both surface or aerially launched are envisioned in shepherding, metamorphic, and imaging roles. These microflyers imbibe key bio-inspired principles in their flight control, navigation, and visual search operations. Honey-bee inspired algorithms utilizing visual cues to perform autonomous navigation operations such as terrain following will be utilized. The instrument suite will consist of a panoramic imager and polarization imager specifically optimized to detect ice and water. For microflyers, particularly at small sizes, bio-inspired solutions appear to offer better alternate solutions than conventional engineered approaches. This investigation addresses a wide range of interrelated issues, including desired scientific data, sizes, rates, and communication ranges that can be accomplished in alternative mission scenarios. The mission illustrated in Figure 1 offers the most robust telecom architecture and the longest range for exploration with two landers being available as main local relays in addition to an ephemeral aerial probe local relay. The shepherding or metamorphic plane are in their dual role as local relays and image data collection/storage nodes. Appropriate placement of the landing site for the scout lander with respect to the main mission lander can allow coverage of extremely large ranges and enable exhaustive survey of the area of interest. In particular, this mission could help with the path planning and risk mitigation in the traverse of the long-distance surface explorer/rover. The basic requirements of design and operation of BEES to implement the scenarios are discussed. Terrestrial applications of such concepts include distributed aerial/surface measurements of meteorological events, i.e., storm watch, seismic monitoring, reconnaissance, biological chemical sensing, search and rescue, surveillance, autonomous security/ protection agents, and/or delivery and lateral distribution of agents (sensors, surface/subsurface crawlers, clean-up agents). Figure 2 illustrates an Earth demonstration that is in development, and its implementation will illustrate the value of these biomorphic mission concepts.

Commercial grade item (CGI) dedication of MDR relays for nuclear safety related applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Das, R.K.; Julka, A.; Modi, G.

1994-08-01

MDR relays manufactured by Potter and Brumfield (P and B) have been used in various safety related applications in commercial nuclear power plants. These include emergency safety features (ESF) actuation systems, emergency core cooling systems (ECCS) actuation, and reactor protection systems. The MDR relays manufactured prior to May 1990 showed signs of generic failure due to corrosion and outgassing of coil varnish. P and B has made design changes to correct these problems in relays manufactured after May 1990. However, P and B does not manufacture the relays under any 10CFR50 Appendix B quality assurance (QA) program. They manufacture themore » relays under their commercial QA program and supply these as commercial grade items. This necessitates CGI Dedication of these relays for use in nuclear-safety-related applications. This paper presents a CGI dedication program that has been used to dedicate the MDR relays manufactured after May 1990. The program is in compliance with current Nuclear Regulatory Commission (NRC) and Electric Power Research Institute (EPRI) guidelines and applicable industry standards; it specifies the critical characteristics of the relays, provides the tests and analysis required to verify the critical characteristics, the acceptance criteria for the test results, performs source verification to qualify P and B for its control of the critical characteristics, and provides documentation. The program provides reasonable assurance that the new MDR relays will perform their intended safety functions.« less

Novel Material Integration for Reliable and Energy-Efficient NEM Relay Technology

NASA Astrophysics Data System (ADS)

Chen, I.-Ru

Energy-efficient switching devices have become ever more important with the emergence of ubiquitous computing. NEM relays are promising to complement CMOS transistors as circuit building blocks for future ultra-low-power information processing, and as such have recently attracted significant attention from the semiconductor industry and researchers. Relay technology potentially can overcome the energy efficiency limit for conventional CMOS technology due to several key characteristics, including zero OFF-state leakage, abrupt switching behavior, and potentially very low active energy consumption. However, two key issues must be addressed for relay technology to reach its full potential: surface oxide formation at the contacting surfaces leading to increased ON-state resistance after switching, and high switching voltages due to strain gradient present within the relay structure. This dissertation advances NEM relay technology by investigating solutions to both of these pressing issues. Ruthenium, whose native oxide is conductive, is proposed as the contacting material to improve relay ON-state resistance stability. Ruthenium-contact relays are fabricated after overcoming several process integration challenges, and show superior ON-state resistance stability in electrical measurements and extended device lifetime. The relay structural film is optimized via stress matching among all layers within the structure, to provide lower strain gradient (below 10E-3/microm -1) and hence lower switching voltage. These advancements in relay technology, along with the integration of a metallic interconnect layer, enable complex relay-based circuit demonstration. In addition to the experimental efforts, this dissertation theoretically analyzes the energy efficiency limit of a NEM switch, which is generally believed to be limited by the surface adhesion energy. New compact (<1 microm2 footprint), low-voltage (<0.1 V) switch designs are proposed to overcome this limit. The results pave a pathway to scaled energy-efficient electronic device technology.

High salinity relay as a post-harvest processing method for reducing Vibrio vulnificus levels in oysters (Crassostrea virginica).

PubMed

Audemard, Corinne; Kator, Howard I; Reece, Kimberly S

2018-08-20

High salinity relay of Eastern oysters (Crassostrea virginica) was evaluated as a post-harvest processing (PHP) method for reducing Vibrio vulnificus. This approach relies on the exposure of oysters to natural high salinity waters and preserves a live product compared to previously approved PHPs. Although results of prior studies evaluating high salinity relay as a means to decrease V. vulnificus levels were promising, validation of this method as a PHP following approved guidelines is required. This study was designed to provide data for validation of this method following Food and Drug Administration (FDA) PHP validation guidelines. During each of 3 relay experiments, oysters cultured from 3 different Chesapeake Bay sites of contrasting salinities (10-21 psu) were relayed without acclimation to high salinity waters (31-33 psu) for up to 28 days. Densities of V. vulnificus and densities of total and pathogenic Vibrio parahaemolyticus (as tdh positive strains) were measured using an MPN-quantitative PCR approach. Overall, 9 lots of oysters were relayed with 6 exhibiting initial V. vulnificus >10,000/g. As recommended by the FDA PHP validation guidelines, these lots reached both the 3.52 log reduction and the <30 MPN/g densities requirements for V. vulnificus after 14 to 28 days of relay. Densities of total and pathogenic V. parahaemolyticus in relayed oysters were significantly lower than densities at the sites of origin suggesting an additional benefit associated with high salinity relay. While relay did not have a detrimental effect on oyster condition, oyster mortality levels ranged from 2 to 61% after 28 days of relay. Although the identification of the factors implicated in oyster mortality will require further examination, this study strongly supports the validation of high salinity relay as an effective PHP method to reduce levels of V. vulnificus in oysters to endpoint levels approved for human consumption. Copyright © 2018 Elsevier B.V. All rights reserved.

Varying Success of Relaying To Reduce Vibrio parahaemolyticus Levels in Oysters ( Crassostrea virginica).

PubMed

Taylor, Michael A; Yu, Jong W; Howell, Thomas L; Jones, Stephen H

2018-04-01

Vibrio parahaemolyticus is the leading cause of seafood-borne human infections in the United States, and many of these illnesses are associated with consumption of raw molluscan shellfish. V. parahaemolyticus levels in shellfish vary temporally and spatially with environmental conditions in and around production areas. The objective of this study was to study the potential for reducing levels of V. parahaemolyticus in live oysters by relaying them during higher-risk warm weather to a site with elevated salinity and consistently low V. parahaemolyticus levels. The effectiveness of relaying was assessed by analyzing oyster samples collected on days 0, 2, 7, 10, and 14 for V. parahaemolyticus levels using a three-tube most-probable-number enrichment method in conjunction with genetic marker-based quantitative PCR. The salinity at the relay site was always higher than the salinity at the harvest site, with the difference between the two sites ranging from 3.4 to 19.1 ppt (average, 12 ppt) during 2011 to 2014. Oysters relayed during June, July, and August in 2011 and 2012 showed consistently reduced V. parahaemolyticus levels after 14 days, whereas relaying was less successful and V. parahaemolyticus populations changed to include trh-positive strains during 2013. When effective, relay required at least 10 days to reduce V. parahaemolyticus levels. A sample of oysters collected in August 2012, which was temperature abused to increase initial V. parahaemolyticus levels, showed a 4.5-log decrease in V. parahaemolyticus levels after 14 days of relay. These results suggest that relaying oysters to reduce V. parahaemolyticus levels holds promise, but that both microbial community and environmental conditions at relay sites can affect relay success. Further investigation to discover key factors that affect V. parahaemolyticus levels in relayed oysters may aid in developing a consistent approach for reducing V. parahaemolyticus in oysters to eliminate the risk of illness for oyster consumers.

The payload/shuttle-data-communication-link handbook

NASA Technical Reports Server (NTRS)

1982-01-01

Communication links between the Orbiter, payloads, and ground are described: end-to-end, hardline, S-band, Ku-band, TDRSS relay, waveforms, premodulation, subcarrier modulation, carrier modulation, transmitter power, antennas, the RF channel, system noise, received signal-to-noise spectral density, carrier-tracking loop, carrier demodulation, subcarrier demodulation, digital data detection, digital data decoding, and tandem link considerations.

GNSS Spoofing Detection and Mitigation Based on Maximum Likelihood Estimation

PubMed Central

Li, Hong; Lu, Mingquan

2017-01-01

Spoofing attacks are threatening the global navigation satellite system (GNSS). The maximum likelihood estimation (MLE)-based positioning technique is a direct positioning method originally developed for multipath rejection and weak signal processing. We find this method also has a potential ability for GNSS anti-spoofing since a spoofing attack that misleads the positioning and timing result will cause distortion to the MLE cost function. Based on the method, an estimation-cancellation approach is presented to detect spoofing attacks and recover the navigation solution. A statistic is derived for spoofing detection with the principle of the generalized likelihood ratio test (GLRT). Then, the MLE cost function is decomposed to further validate whether the navigation solution obtained by MLE-based positioning is formed by consistent signals. Both formulae and simulations are provided to evaluate the anti-spoofing performance. Experiments with recordings in real GNSS spoofing scenarios are also performed to validate the practicability of the approach. Results show that the method works even when the code phase differences between the spoofing and authentic signals are much less than one code chip, which can improve the availability of GNSS service greatly under spoofing attacks. PMID:28665318

GNSS Spoofing Detection and Mitigation Based on Maximum Likelihood Estimation.

PubMed

Wang, Fei; Li, Hong; Lu, Mingquan

2017-06-30

Spoofing attacks are threatening the global navigation satellite system (GNSS). The maximum likelihood estimation (MLE)-based positioning technique is a direct positioning method originally developed for multipath rejection and weak signal processing. We find this method also has a potential ability for GNSS anti-spoofing since a spoofing attack that misleads the positioning and timing result will cause distortion to the MLE cost function. Based on the method, an estimation-cancellation approach is presented to detect spoofing attacks and recover the navigation solution. A statistic is derived for spoofing detection with the principle of the generalized likelihood ratio test (GLRT). Then, the MLE cost function is decomposed to further validate whether the navigation solution obtained by MLE-based positioning is formed by consistent signals. Both formulae and simulations are provided to evaluate the anti-spoofing performance. Experiments with recordings in real GNSS spoofing scenarios are also performed to validate the practicability of the approach. Results show that the method works even when the code phase differences between the spoofing and authentic signals are much less than one code chip, which can improve the availability of GNSS service greatly under spoofing attacks.

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

NASA Technical Reports Server (NTRS)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

75 FR 54040 - Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-03

... Services (TRS) mandatory minimum standards for Video Relay Service (VRS) and Internet Protocol Relay (IP... waivers for one year because the record demonstrates that it is technologically infeasible for VRS and IP... standards for VRS and IP Relay will expire on July 1, 2011, or until the Commission addresses pending...

47 CFR 64.606 - VRS and IP Relay provider and TRS program certification.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 3 2010-10-01 2010-10-01 false VRS and IP Relay provider and TRS program... Services and Related Customer Premises Equipment for Persons With Disabilities § 64.606 VRS and IP Relay... including notification in the Federal Register. (2) VRS and IP Relay provider. Any entity desiring to...

49 CFR 236.206 - Battery or power supply with respect to relay; location.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Battery or power supply with respect to relay..., AND APPLIANCES Automatic Block Signal Systems Standards § 236.206 Battery or power supply with respect to relay; location. The battery or power supply for each signal control relay circuit, where an open...

49 CFR 236.206 - Battery or power supply with respect to relay; location.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 4 2014-10-01 2014-10-01 false Battery or power supply with respect to relay..., AND APPLIANCES Automatic Block Signal Systems Standards § 236.206 Battery or power supply with respect to relay; location. The battery or power supply for each signal control relay circuit, where an open...

49 CFR 236.206 - Battery or power supply with respect to relay; location.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 4 2012-10-01 2012-10-01 false Battery or power supply with respect to relay..., AND APPLIANCES Automatic Block Signal Systems Standards § 236.206 Battery or power supply with respect to relay; location. The battery or power supply for each signal control relay circuit, where an open...

49 CFR 236.206 - Battery or power supply with respect to relay; location.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Battery or power supply with respect to relay..., AND APPLIANCES Automatic Block Signal Systems Standards § 236.206 Battery or power supply with respect to relay; location. The battery or power supply for each signal control relay circuit, where an open...

49 CFR 236.206 - Battery or power supply with respect to relay; location.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 4 2013-10-01 2013-10-01 false Battery or power supply with respect to relay..., AND APPLIANCES Automatic Block Signal Systems Standards § 236.206 Battery or power supply with respect to relay; location. The battery or power supply for each signal control relay circuit, where an open...

Relay Support for the Mars Science Laboratory and the Coming Decade of Mars Relay Network Evolution

NASA Technical Reports Server (NTRS)

Edwards, Charles D., Jr.; Arnold, Bradford W.; Bell, David J.; Bruvold, Kristoffer N.; Gladden, Roy E.; Ilott, Peter A.; Lee, Charles H.

2012-01-01

Mars Relay Network is prepared to support MSL: a) ODY/MRO/MEX will all provide critical event comm support during EDL. b) New Electra/Electra-Lite capabilities on the MSL-MRO link will support >250 Mb/sol MSL data return. 2013 MAVEN orbiter will replenish on-orbit relay infrastructure as prior orbiters approach end-of-life. While NASA has withdrawn from the 2016 EMTGO and 2018 Joint Rover missions, analysis of the potential link shows a path to Gbit/sol relay capability 2012.

Relay Sequence Generation Software

NASA Technical Reports Server (NTRS)

Gladden, Roy E.; Khanampompan, Teerapat

2009-01-01

Due to thermal and electromagnetic interactivity between the UHF (ultrahigh frequency) radio onboard the Mars Reconnaissance Orbiter (MRO), which performs relay sessions with the Martian landers, and the remainder of the MRO payloads, it is required to integrate and de-conflict relay sessions with the MRO science plan. The MRO relay SASF/PTF (spacecraft activity sequence file/ payload target file) generation software facilitates this process by generating a PTF that is needed to integrate the periods of time during which MRO supports relay activities with the rest of the MRO science plans. The software also generates the needed command products that initiate the relay sessions, some features of which are provided by the lander team, some are managed by MRO internally, and some being derived.

Copy-move forgery detection utilizing Fourier-Mellin transform log-polar features

NASA Astrophysics Data System (ADS)

Dixit, Rahul; Naskar, Ruchira

2018-03-01

In this work, we address the problem of region duplication or copy-move forgery detection in digital images, along with detection of geometric transforms (rotation and rescale) and postprocessing-based attacks (noise, blur, and brightness adjustment). Detection of region duplication, following conventional techniques, becomes more challenging when an intelligent adversary brings about such additional transforms on the duplicated regions. In this work, we utilize Fourier-Mellin transform with log-polar mapping and a color-based segmentation technique using K-means clustering, which help us to achieve invariance to all the above forms of attacks in copy-move forgery detection of digital images. Our experimental results prove the efficiency of the proposed method and its superiority to the current state of the art.

Anti-spoofing for display and print attacks on palmprint verification systems

NASA Astrophysics Data System (ADS)

Kanhangad, Vivek; Bhilare, Shruti; Garg, Pragalbh; Singh, Pranjalya; Chaudhari, Narendra

2015-05-01

A number of approaches for personal authentication using palmprint features have been proposed in the literature, majority of which focus on improving the matching performance. However, of late, preventing potential attacks on biometric systems has become a major concern as more and more biometric systems get deployed for wide range of applications. Among various types of attacks, sensor level attack, commonly known as spoof attack, has emerged as the most common attack due to simplicity in its execution. In this paper, we present an approach for detection of display and print based spoof attacks on palmprint verifcation systems. The approach is based on the analysis of acquired hand images for estimating surface re ectance. First and higher order statistical features computed from the distributions of pixel intensities and sub-band wavelet coeefficients form the feature set. A trained binary classifier utilizes the discriminating information to determine if the acquired image is of real hand or a fake one. Experiments are performed on a publicly available hand image dataset, containing 1300 images corresponding to 230 subjects. Experimental results show that the real hand biometrics samples can be substituted by the fake digital or print copies with an alarming spoof acceptance rate as high as 79.8%. Experimental results also show that the proposed spoof detection approach is very effective for discriminating between real and fake palmprint images. The proposed approach consistently achieves over 99% average 10-fold cross validation classification accuracy in our experiments.

Techniques for Cyber Attack Attribution

DTIC Science & Technology

2003-10-01

Asaka, Midori, Shunji Okazawa, Atsushi Taguchi, and Shigeki Goto. June 1999. “A Method of Tracing Intruders by Use of Mobile Agents”, INET’99. http...Tsuchiya, Takefumi Onabuta, Shunji Okazawa, and Shigeki Goto. November 1999. “Local Attack Detection and Intrusion Route Tracing”, IEICE Transaction on

Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2007-09-01

A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node and trust neighborhood, collecting parametric information and executing assigned decision tasks. The communications overhead due to security mechanisms and the latency in network response are thus minimized by reducing the need to move large amounts of audit data through resource-limited nodes and by locating detection/identification programs closer to audit data. If network partitioning occurs due to uncoordinated node exhaustion, data compromise or other effects of the attacks, the mobile agents can continue to operate, thereby increasing fault tolerance in the network response to intrusions. Since the mobile agents behave like an ant colony in securing the WSN, published ant colony optimization (ACO) routines and other evolutionary algorithms are adapted to protect network security, using data at and through nodes to create audit records to detect and respond to denial-of-service attacks. Performance evaluations of algorithms are performed by simulation of a few intrusion attacks, such as black hole, flooding, Sybil and others, to validate the ability of the cross-layer algorithms to enable WSNs to survive the attacks. Results are compared for the different algorithms.

Detection of chemical agent aerosols

NASA Astrophysics Data System (ADS)

Fox, Jay A.; Ahl, Jeffrey L.; D'Amico, Francis M.; Vanderbeek, Richard G.; Moon, Raphael; Swim, Cynthia R.

1999-05-01

One of the major threats presented by a chemical agent attack is that of a munition exploding overhead and 'raining' aerosols which can contaminate surfaces when they impact. Since contact with these surfaces can be fatal, it is imperative to know when such an attack has taken place and the likely threat density and location. We present the results of an experiment designed to show the utility of a CO2 lidar in detecting such an attack. Testing occurred at Dugway Proving Grounds, Utah and involved the simulation of an explosive airburst chemical attack. Explosions occurred at a height of 30 m and liquid droplets from two chemicals, PEG-200 (polyethylene glycol 200) and TEP (triethylphosphate), were expelled and fell to the ground. The munition was the U.S. Army M9 Simulator, Projectile, Airburst, Liquid (SPAL) system that is designed for chemical warfare training exercises. The instrument that was used to detect the presence of the aerosols was the Laser Standoff Chemical Detector (LSCD) which is a light detection and ranging (LIDAR) system that utilizes a rapidly tunable, pulsed CO2 laser. The LIDAR scanned a horizontal path approximately 5 - 8 m above the ground in order to measure the concentration of liquid deposition. The LIDAR data were later correlated with card data to determine how well the system could predict the location and quantity of liquid deposition on the ground.

Data modeling of network dynamics

NASA Astrophysics Data System (ADS)

Jaenisch, Holger M.; Handley, James W.; Faucheux, Jeffery P.; Harris, Brad

2004-01-01

This paper highlights Data Modeling theory and its use for text data mining as a graphical network search engine. Data Modeling is then used to create a real-time filter capable of monitoring network traffic down to the port level for unusual dynamics and changes in business as usual. This is accomplished in an unsupervised fashion without a priori knowledge of abnormal characteristics. Two novel methods for converting streaming binary data into a form amenable to graphics based search and change detection are introduced. These techniques are then successfully applied to 1999 KDD Cup network attack data log-on sessions to demonstrate that Data Modeling can detect attacks without prior training on any form of attack behavior. Finally, two new methods for data encryption using these ideas are proposed.

Covert Android Rootkit Detection: Evaluating Linux Kernel Level Rootkits on the Android Operating System

DTIC Science & Technology

2012-06-14

the attacker . Thus, this race condition causes a privilege escalation . 2.2.5 Summary This section reviewed software exploitation of a Linux kernel...has led to increased targeting by malware writers. Android attacks have naturally sparked interest in researching protections for Android . This...release, Android 4.0 Ice Cream Sandwich. These rootkits focused on covert techniques to hide the presence of data used by an attacker to infect a

Multiantenna Relay Beamforming Design for QoS Discrimination in Two-Way Relay Networks

PubMed Central

Xiong, Ke; Zhang, Yu; Li, Dandan; Zhong, Zhangdui

2013-01-01

This paper investigates the relay beamforming design for quality of service (QoS) discrimination in two-way relay networks. The purpose is to keep legitimate two-way relay users exchange their information via a helping multiantenna relay with QoS guarantee while avoiding the exchanged information overhearing by unauthorized receiver. To this end, we propose a physical layer method, where the relay beamforming is jointly designed with artificial noise (AN) which is used to interfere in the unauthorized user's reception. We formulate the joint beamforming and AN (BFA) design into an optimization problem such that the received signal-to-interference-ratio (SINR) at the two legitimate users is over a predefined QoS threshold while limiting the received SINR at the unauthorized user which is under a certain secure threshold. The objective of the optimization problem is to seek the optimal AN and beamforming vectors to minimize the total power consumed by the relay node. Since the optimization problem is nonconvex, we solve it by using semidefinite program (SDP) relaxation. For comparison, we also study the optimal relay beamforming without using AN (BFO) under the same QoS discrimination constraints. Simulation results show that both the proposed BFA and BFO can achieve the QoS discrimination of the two-way transmission. However, the proposed BFA yields significant power savings and lower infeasible rates compared with the BFO method. PMID:24391459

Implementation of a Relay Coordination System for the Mars Network

NASA Technical Reports Server (NTRS)

Allard, Daniel A.

2010-01-01

Mars network relay operations involve the coordination of lander and orbiter teams through long-term and short-term planning, tactical changes and post-pass analysis. Much of this coordination is managed through email traffic and point-to-point file data exchanges. It is often difficult to construct a complete and accurate picture of the relay situation at any given moment, as there is no centralized store of correlated relay data. The Mars Relay Operations Service (MaROS) is being implemented to address the problem of relay coordination for current and next-generation relay missions. The service is provided for the purpose of coordinating communications sessions between landed spacecraft assets and orbiting spacecraft assets at Mars. The service centralizes a set of functions previously distributed across multiple spacecraft operations teams, and as such greatly improves visibility into the end-to-end strategic coordination process. Most of the process revolves around the scheduling of communications sessions between the spacecraft during periods of time when a landed asset on Mars is geometrically visible by an orbiting spacecraft. These "relay" sessions are used to transfer data both to and from the landed asset via the orbiting asset on behalf of Earth-based spacecraft operators. This paper will discuss the relay coordination problem space, overview the architecture and design selected to meet system requirements, and describe the first phase of system implementation

Combining Deep and Handcrafted Image Features for Presentation Attack Detection in Face Recognition Systems Using Visible-Light Camera Sensors

PubMed Central

Nguyen, Dat Tien; Pham, Tuyen Danh; Baek, Na Rae; Park, Kang Ryoung

2018-01-01

Although face recognition systems have wide application, they are vulnerable to presentation attack samples (fake samples). Therefore, a presentation attack detection (PAD) method is required to enhance the security level of face recognition systems. Most of the previously proposed PAD methods for face recognition systems have focused on using handcrafted image features, which are designed by expert knowledge of designers, such as Gabor filter, local binary pattern (LBP), local ternary pattern (LTP), and histogram of oriented gradients (HOG). As a result, the extracted features reflect limited aspects of the problem, yielding a detection accuracy that is low and varies with the characteristics of presentation attack face images. The deep learning method has been developed in the computer vision research community, which is proven to be suitable for automatically training a feature extractor that can be used to enhance the ability of handcrafted features. To overcome the limitations of previously proposed PAD methods, we propose a new PAD method that uses a combination of deep and handcrafted features extracted from the images by visible-light camera sensor. Our proposed method uses the convolutional neural network (CNN) method to extract deep image features and the multi-level local binary pattern (MLBP) method to extract skin detail features from face images to discriminate the real and presentation attack face images. By combining the two types of image features, we form a new type of image features, called hybrid features, which has stronger discrimination ability than single image features. Finally, we use the support vector machine (SVM) method to classify the image features into real or presentation attack class. Our experimental results indicate that our proposed method outperforms previous PAD methods by yielding the smallest error rates on the same image databases. PMID:29495417

Optimal Predator Risk Assessment by the Sonar-Jamming Arctiine Moth Bertholdia trigona

PubMed Central

Corcoran, Aaron J.; Wagner, Ryan D.; Conner, William E.

2013-01-01

Nearly all animals face a tradeoff between seeking food and mates and avoiding predation. Optimal escape theory holds that an animal confronted with a predator should only flee when benefits of flight (increased survival) outweigh the costs (energetic costs, lost foraging time, etc.). We propose a model for prey risk assessment based on the predator's stage of attack. Risk level should increase rapidly from when the predator detects the prey to when it commits to the attack. We tested this hypothesis using a predator – the echolocating bat – whose active biosonar reveals its stage of attack. We used a prey defense – clicking used for sonar jamming by the tiger moth Bertholdia trigona– that can be readily studied in the field and laboratory and is enacted simultaneously with evasive flight. We predicted that prey employ defenses soon after being detected and targeted, and that prey defensive thresholds discriminate between legitimate predatory threats and false threats where a nearby prey is attacked. Laboratory and field experiments using playbacks of ultrasound signals and naturally behaving bats, respectively, confirmed our predictions. Moths clicked soon after bats detected and targeted them. Also, B. trigona clicking thresholds closely matched predicted optimal thresholds for discriminating legitimate and false predator threats for bats using search and approach phase echolocation – the period when bats are searching for and assessing prey. To our knowledge, this is the first quantitative study to correlate the sensory stimuli that trigger defensive behaviors with measurements of signals provided by predators during natural attacks in the field. We propose theoretical models for explaining prey risk assessment depending on the availability of cues that reveal a predator's stage of attack. PMID:23671686

Combining Deep and Handcrafted Image Features for Presentation Attack Detection in Face Recognition Systems Using Visible-Light Camera Sensors.

PubMed

Nguyen, Dat Tien; Pham, Tuyen Danh; Baek, Na Rae; Park, Kang Ryoung

2018-02-26

Although face recognition systems have wide application, they are vulnerable to presentation attack samples (fake samples). Therefore, a presentation attack detection (PAD) method is required to enhance the security level of face recognition systems. Most of the previously proposed PAD methods for face recognition systems have focused on using handcrafted image features, which are designed by expert knowledge of designers, such as Gabor filter, local binary pattern (LBP), local ternary pattern (LTP), and histogram of oriented gradients (HOG). As a result, the extracted features reflect limited aspects of the problem, yielding a detection accuracy that is low and varies with the characteristics of presentation attack face images. The deep learning method has been developed in the computer vision research community, which is proven to be suitable for automatically training a feature extractor that can be used to enhance the ability of handcrafted features. To overcome the limitations of previously proposed PAD methods, we propose a new PAD method that uses a combination of deep and handcrafted features extracted from the images by visible-light camera sensor. Our proposed method uses the convolutional neural network (CNN) method to extract deep image features and the multi-level local binary pattern (MLBP) method to extract skin detail features from face images to discriminate the real and presentation attack face images. By combining the two types of image features, we form a new type of image features, called hybrid features, which has stronger discrimination ability than single image features. Finally, we use the support vector machine (SVM) method to classify the image features into real or presentation attack class. Our experimental results indicate that our proposed method outperforms previous PAD methods by yielding the smallest error rates on the same image databases.

49 CFR 236.101 - Purpose of inspection and tests; removal from service of relay or device failing to meet test...

Code of Federal Regulations, 2010 CFR

2010-10-01

.../or equipment is maintained in condition to perform its intended function. Electronic device, relay... service of relay or device failing to meet test requirements. 236.101 Section 236.101 Transportation Other... Inspections and Tests; All Systems § 236.101 Purpose of inspection and tests; removal from service of relay or...

49 CFR 234.247 - Purpose of inspections and tests; removal from service of relay or device failing to meet test...

Code of Federal Regulations, 2010 CFR

2010-10-01

... operations over the grade crossing resume. (c) Any electronic device, relay, or other electromagnetic device... service of relay or device failing to meet test requirements. 234.247 Section 234.247 Transportation Other... Inspections and Tests § 234.247 Purpose of inspections and tests; removal from service of relay or device...

Mobile User Connectivity in Relay-Assisted Visible Light Communications.

PubMed

Pešek, Petr; Zvanovec, Stanislav; Chvojka, Petr; Bhatnagar, Manav R; Ghassemlooy, Zabih; Saxena, Prakriti

2018-04-07

In this paper, we investigate relay-assisted visible light communications (VLC) where a mobile user acts as a relay and forwards data from a transmitter to the end mobile user. We analyse the utilization of the amplify-and-forward (AF) and decode-and-forward (DF) relaying schemes. The focus of the paper is on analysis of the behavior of the mobile user acting as a relay while considering a realistic locations of the receivers and transmitters on a standard mobile phone, more specifically with two photodetectors on both sides of a mobile phone and a transmitting LED array located upright. We also investigate dependency of the bit error rate (BER) performance on the azimuth and elevation angles of the mobile relay device within a typical office environment. We provide a new analytical description of BER for AF and DF-based relays in VLC. In addition we compare AF and DF-based systems and show that DF offers a marginal improvement in the coverage area with a BER < 10 -3 and a data rate of 100 Mb/s. Numerical results also illustrate that relay-based systems offer a significant improvement in terms of the coverage compared to direct non-line of sight VLC links.

Mobile User Connectivity in Relay-Assisted Visible Light Communications

PubMed Central

Pešek, Petr; Zvanovec, Stanislav; Chvojka, Petr; Bhatnagar, Manav R.; Ghassemlooy, Zabih; Saxena, Prakriti

2018-01-01

In this paper, we investigate relay-assisted visible light communications (VLC) where a mobile user acts as a relay and forwards data from a transmitter to the end mobile user. We analyse the utilization of the amplify-and-forward (AF) and decode-and-forward (DF) relaying schemes. The focus of the paper is on analysis of the behavior of the mobile user acting as a relay while considering a realistic locations of the receivers and transmitters on a standard mobile phone, more specifically with two photodetectors on both sides of a mobile phone and a transmitting LED array located upright. We also investigate dependency of the bit error rate (BER) performance on the azimuth and elevation angles of the mobile relay device within a typical office environment. We provide a new analytical description of BER for AF and DF-based relays in VLC. In addition we compare AF and DF-based systems and show that DF offers a marginal improvement in the coverage area with a BER < 10–3 and a data rate of 100 Mb/s. Numerical results also illustrate that relay-based systems offer a significant improvement in terms of the coverage compared to direct non-line of sight VLC links. PMID:29642432

Performance Analysis of Amplify-and-Forward Systems with Single Relay Selection in Correlated Environments.

PubMed

Van Nguyen, Binh; Kim, Kiseon

2016-09-11

In this paper, we consider amplify-and-forward (AnF) cooperative systems under correlated fading environments. We first present a brief overview of existing works on the effect of channel correlations on the system performance. We then focus on our main contribution which is analyzing the outage probability of a multi-AnF-relay system with the best relay selection (BRS) scheme under a condition that two channels of each relay, source-relay and relay-destination channels, are correlated. Using lower and upper bounds on the end-to-end received signal-to-noise ratio (SNR) at the destination, we derive corresponding upper and lower bounds on the system outage probability. We prove that the system can achieve a diversity order (DO) equal to the number of relays. In addition, and importantly, we show that the considered correlation form has a constructive effect on the system performance. In other words, the larger the correlation coefficient, the better system performance. Our analytic results are corroborated by extensive Monte-Carlo simulations.

Performance Evaluation of Relay Selection Schemes in Beacon-Assisted Dual-Hop Cognitive Radio Wireless Sensor Networks under Impact of Hardware Noises.

PubMed

Hieu, Tran Dinh; Duy, Tran Trung; Dung, Le The; Choi, Seong Gon

2018-06-05

To solve the problem of energy constraints and spectrum scarcity for cognitive radio wireless sensor networks (CR-WSNs), an underlay decode-and-forward relaying scheme is considered, where the energy constrained secondary source and relay nodes are capable of harvesting energy from a multi-antenna power beacon (PB) and using that harvested energy to forward the source information to the destination. Based on the time switching receiver architecture, three relaying protocols, namely, hybrid partial relay selection (H-PRS), conventional opportunistic relay selection (C-ORS), and best opportunistic relay selection (B-ORS) protocols are considered to enhance the end-to-end performance under the joint impact of maximal interference constraint and transceiver hardware impairments. For performance evaluation and comparison, we derive the exact and asymptotic closed-form expressions of outage probability (OP) and throughput (TP) to provide significant insights into the impact of our proposed protocols on the system performance over Rayleigh fading channel. Finally, simulation results validate the theoretical results.

Whole-cell biosensor of cellobiose and application to wood decay detection.

PubMed

Toussaint, Maxime; Bontemps, Cyril; Besserer, Arnaud; Hotel, Laurence; Gérardin, Philippe; Leblond, Pierre

2016-12-10

Fungal biodegradation of wood is one of the main threats regarding its use as a material. So far, the detection of this decaying process is empirically assessed by loss of mass, when the fungal attack is advanced and woody structure already damaged. Being able to detect fungal attack on wood in earlier steps is thus of special interest for the wood economy. In this aim, we designed here a new diagnostic tool for wood degradation detection based on the bacterial whole-cell biosensor technology. It was designed in diverting the soil bacteria Streptomyces CebR sensor system devoted to cellobiose detection, a cellulolytic degradation by-product emitted by lignolytic fungi since the onset of wood decaying process. The conserved regulation scheme of the CebR system among Streptomyces allowed constructing a molecular tool easily transferable in different strains or species and enabling the screen for optimal host strains for cellobiose detection. Assays are performed in microplates using one-day culture lysates. Diagnostic is performed within one hour by a spectrophotometric measuring of the cathecol deshydrogenase activity. The selected biosensor was able to detect specifically cellobiose at concentrations similar to those measured in decaying wood and in a spruce leachate attacked by a lignolytic fungus, indicating a high potential of applicability to detect ongoing wood decay process. Copyright © 2016 Elsevier B.V. All rights reserved.

Pre-visual detection of stress in pine forests

NASA Technical Reports Server (NTRS)

Olson, C. E., Jr.

1977-01-01

Pre-visual, or early, detection of forest stress with particular reference to detection of attacks by pine bark beetles is discussed. Preliminary efforts to obtain early detection of attacks by pine bark beetles, using MSS data from the ERIM M-7 scanner, were not sufficiently successful to demonstrate an operational capability, but indicate that joint processing of the 0.71 to 0.73, 2.00 to 2.60, and 9.3 to 11.7 micrometer bands holds some promise. Ratio processing of transformed data from the 0.45 to 0.52, 1.55 to 2.60, and 4.5 to 5.5 or 9.3 to 11.7 micrometer regions appears even more promising.

Vibrio parahaemolyticus and Vibrio vulnificus Recovered from Oysters during an Oyster Relay Study.

PubMed

Elmahdi, Sara; Parveen, Salina; Ossai, Sylvia; DaSilva, Ligia V; Jahncke, Michael; Bowers, John; Jacobs, John

2018-02-01

Vibrio parahaemolyticus and Vibrio vulnificus are naturally occurring estuarine bacteria and are the leading causes of seafood-associated infections and mortality in the United States. Though multiple-antibiotic-resistant V. parahaemolyticus and V. vulnificus strains have been reported, resistance patterns in vibrios are not as well documented as those of other foodborne bacterial pathogens. Salinity relaying (SR) is a postharvest processing (PHP) treatment to reduce the abundances of these pathogens in shellfish harvested during the warmer months. The purpose of this study was to evaluate the antimicrobial susceptibility (AMS), pathogenicity, and genetic profiles of V. parahaemolyticus and V. vulnificus recovered from oysters during an oyster relay study. Isolates ( V. parahaemolyticus [ n = 296] and V. vulnificus [ n = 94]) were recovered from oysters before and during the 21-day relaying study to detect virulence genes ( tdh and trh ) and genes correlated with virulence ( vcgC ) using multiplex quantitative PCR (qPCR). AMS to 20 different antibiotics was investigated using microbroth dilution, and pulsed-field gel electrophoresis (PFGE) was used to study the genetic profiles of the isolates. Twenty percent of V. vulnificus isolates were vcgC + , while 1 and 2% of V. parahaemolyticus were tdh + and trh + , respectively. More than 77% of the V. vulnificus isolates and 30% of the V. parahaemolyticus isolates were resistant to at least one antimicrobial. Forty-eight percent of V. vulnificus and 8% of V. parahaemolyticus isolates were resistant to two or more antimicrobials. All isolates demonstrated a high genetic diversity, even among those isolated from the same site and having a similar AMS profile. No significant effects of the relaying process on AMS, virulence genes, or PFGE profiles of V. vulnificus and V. parahaemolyticus were observed. IMPORTANCE Analysis of the antibiotic resistance profiles of V. vulnificus and V. parahaemolyticus isolated from oysters during this study indicated that more than 48% of V. vulnificus isolates were resistant to two or more antimicrobials, including those recommended by the CDC for treating Vibrio infections. Also, the V. parahaemolyticus isolates showed high MICs for some of the Vibrio infection treatment antibiotics. Monitoring of AMS profiles of this bacterium is important to ensure optimal treatment of infections and improve food safety. Our study showed no significant differences in the AMS profiles of V. vulnificus ( P = 0.26) and V. parahaemolyticus ( P = 0.23) isolated from the oysters collected before versus after relaying. This suggests that the salinity of the relaying sites did not affect the AMS profiles of the Vibrio isolates, although it did reduce the numbers of these bacteria in oysters (S. Parveen et al., J Food Sci 82:484-491, 2017, https://doi.org/10.1111/1750-3841.13584). Copyright © 2018 American Society for Microbiology.

Finite Energy and Bounded Attacks on Control System Sensor Signals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Djouadi, Seddik M; Melin, Alexander M; Ferragut, Erik M

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) has been in securing the networks using information security techniques and protection and reliability concerns at the control system level against random hardware and software failures. However, besides these failures the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis and detection methods need to be developed. In this paper, sensor signalmore » attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop system under optimal signal attacks are provided. Illustrative numerical examples are provided together with an application to a power network with distributed LQ controllers.« less

Optimum satellite relay positions with application to a TDRS-1 Indian Ocean relay

NASA Technical Reports Server (NTRS)

Jackson, A. H.; Christopher, P.

1994-01-01

An Indian Ocean satellite relay is examined. The relay satellite position is optimized by minimizing the sum of downlink and satellite to satellite link losses. Osculating orbital elements are used for fast intensive orbital computation. Integrated Van Vleck gaseous attenuation and a Crane rain model are used for downlink attenuation. Circular polarization losses on the satellite to satellite link are found dynamically. Space to ground link antenna pointing losses are included as a function of yaw ans spacecraft limits. Relay satellite positions between 90 to 100 degrees East are found attractive for further study.

Sandia National Laboratories: Malware Technical Exchange Meeting (MTEM)

Science.gov Websites

Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Against Malware Detection of Malware Malware Research Malware in Mobile Devices Malware Attack Trends Malware Malware Research Malware in Mobile Devices Malware Attack Trends Success Stories of COTS Products

Securing palmprint authentication systems using spoof detection approach

NASA Astrophysics Data System (ADS)

Kanhangad, Vivek; Kumar, Abhishek

2013-12-01

Automated human authentication using features extracted from palmprint images has been studied extensively in the literature. Primary focus of the studies thus far has been the improvement of matching performance. As more biometric systems get deployed for wide range of applications, the threat of impostor attacks on these systems is on the rise. The most common among various types of attacks is the sensor level spoof attack using fake hands created using different materials. This paper investigates an approach for securing palmprint based biometric systems against spoof attacks that use photographs of the human hand for circumventing the system. The approach is based on the analysis of local texture patterns of acquired palmprint images for extracting discriminatory features. A trained binary classifier utilizes the discriminating information to determine if the input image is of real hand or a fake one. Experimental results, using 611 palmprint images corresponding to 100 subjects in the publicly available IITD palmprint image database, show that 1) palmprint authentication systems are highly vulnerable to spoof attacks and 2) the proposed spoof detection approach is effective for discriminating between real and fake image samples. In particular, the proposed approach achieves the best classification accuracy of 97.35%.

DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments.

PubMed

Song, Min Su; Lee, Jae Dong; Jeong, Young-Sik; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system.

DS-ARP: A New Detection Scheme for ARP Spoofing Attacks Based on Routing Trace for Ubiquitous Environments

PubMed Central

Song, Min Su; Lee, Jae Dong; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system. PMID:25243205

Telecommunications Relay Services

MedlinePlus

... services? Title IV of the Americans with Disabilities Act (ADA) of 1990 (which took full effect on July 26, 1993) requires all U.S. telephone companies to provide telecommunications relay services. A telecommunications relay ...

Rational design for enhancing inflammation-responsive in vivo chemiluminescence via nanophotonic energy relay to near-infrared AIE-active conjugated polymer.

PubMed

Seo, Young Hun; Singh, Ajay; Cho, Hong-Jun; Kim, Youngsun; Heo, Jeongyun; Lim, Chang-Keun; Park, Soo Young; Jang, Woo-Dong; Kim, Sehoon

2016-04-01

H2O2-specific peroxalate chemiluminescence is recognized as a potential signal for sensitive in vivo imaging of inflammation but the effect of underlying peroxalate-emitter energetics on its efficiency has rarely been understood. Here we report a simple nanophotonic way of boosting near-infrared chemiluminescence with no need of complicated structural design and synthesis of an energetically favored emitter. The signal enhancement was attained from the construction of a nanoparticle imaging probe (∼26 nm in size) by dense nanointegration of multiple molecules possessing unique photonic features, i.e., i) a peroxalate as a chemical fuel generating electronic excitation energy in response to inflammatory H2O2, ii) a low-bandgap conjugated polymer as a bright near-infrared emitter showing aggregation-induced emission (AIE), and iii) an energy gap-bridging photonic molecule that relays the chemically generated excitation energy to the emitter for its efficient excitation. From static and kinetic spectroscopic studies, a green-emissive BODIPY dye has proven to be an efficient relay molecule to bridge the energy gap between the AIE polymer and the chemically generated excited intermediate of H2O2-reacted peroxalates. The energy-relayed nanointegration of AIE polymer and peroxalate in water showed a 50-times boosted sensing signal compared to their dissolved mixture in THF. Besides the high H2O2 detectability down to 10(-9) M, the boosted chemiluminescence presented a fairly high tissue penetration depth (>12 mm) in an ex vivo condition, which enabled deep imaging of inflammatory H2O2 in a hair-covered mouse model of peritonitis. Copyright © 2016 Elsevier Ltd. All rights reserved.

Non-Pilot Protection of the HVDC Grid

NASA Astrophysics Data System (ADS)

Badrkhani Ajaei, Firouz

This thesis develops a non-pilot protection system for the next generation power transmission system, the High-Voltage Direct Current (HVDC) grid. The HVDC grid protection system is required to be (i) adequately fast to prevent damages and/or converter blocking and (ii) reliable to minimize the impacts of faults. This study is mainly focused on the Modular Multilevel Converter (MMC) -based HVDC grid since the MMC is considered as the building block of the future HVDC systems. The studies reported in this thesis include (i) developing an enhanced equivalent model of the MMC to enable accurate representation of its DC-side fault response, (ii) developing a realistic HVDC-AC test system that includes a five-terminal MMC-based HVDC grid embedded in a large interconnected AC network, (iii) investigating the transient response of the developed test system to AC-side and DC-side disturbances in order to determine the HVDC grid protection requirements, (iv) investigating the fault surge propagation in the HVDC grid to determine the impacts of the DC-side fault location on the measured signals at each relay location, (v) designing a protection algorithm that detects and locates DC-side faults reliably and sufficiently fast to prevent relay malfunction and unnecessary blocking of the converters, and (vi) performing hardware-in-the-loop tests on the designed relay to verify its potential to be implemented in hardware. The results of the off-line time domain transients studies in the PSCAD software platform and the real-time hardware-in-the-loop tests using an enhanced version of the RTDS platform indicate that the developed HVDC grid relay meets all technical requirements including speed, dependability, security, selectivity, and robustness. Moreover, the developed protection algorithm does not impose considerable computational burden on the hardware.

Next-Generation NASA Earth-Orbiting Relay Satellites: Fusing Optical and Microwave Communications

NASA Technical Reports Server (NTRS)

Israel, David J.; Shaw, Harry

2018-01-01

NASA is currently considering architectures and concepts for the generation of relay satellites that will replace the Tracking and Data Relay Satellite (TDRS) constellation, which has been flying since 1983. TDRS-M, the last of the second TDRS generation, launched in August 2017, extending the life of the TDRS constellation beyond 2030. However, opportunities exist to re-engineer the concepts of geosynchronous Earth relay satellites. The needs of the relay satellite customers have changed dramatically over the last 34 years since the first TDRS launch. There is a demand for greater bandwidth as the availability of the traditional RF spectrum for space communications diminishes and the demand for ground station access grows. The next generation of NASA relay satellites will provide for operations that have factored in these new constraints. In this paper, we describe a heterogeneous constellation of geosynchronous relay satellites employing optical and RF communications. The new constellation will enable new optical communications services formed by user-to-space relay, space relay-to-space relay and space relay-to-ground links. It will build upon the experience from the Lunar Laser Communications Demonstration from 2013 and the Laser Communications Relay Demonstration to be launched in 2019.Simultaneous to establishment of the optical communications space segment, spacecraft in the TDRS constellation will be replaced with RF relay satellites with targeted subsets of the TDRS capabilities. This disaggregation of the TDRS service model will allow for flexibility in replenishing the needs of legacy users as well as addition of new capabilities for future users. It will also permit the U.S. government access to launch capabilities such as rideshare and to hosted payloads that were not previously available.In this paper, we also explore how the next generation of Earth relay satellites provides a significant boost in the opportunities for commercial providers to the communications space segment. For optical communications, the backbone of this effort is adoption of commercial technologies from the terrestrial high-bandwidth telecommunications industry into optical payloads. For RF communications, the explosion of software-defined radio, high-speed digital signal processing technologies and networking from areas such as 5G multicarrier will be important. Future commercial providers will not be limited to a small set of large aerospace companies. Ultimately, entirely government-owned and -operated satellite communications will phase out and make way for commercial business models that satisfy NASA's satellite communications requirements. The competition being provided by new entrants in the space communications business may result in a future in which all NASA communications needs can be satisfied commercially.

Next-Generation NASA Earth-Orbiting Relay Satellites: Fusing Microwave and Optical Communications

NASA Technical Reports Server (NTRS)

Israel, David J.

2018-01-01

NASA is currently considering architectures and concepts for the generation of relay satellites that will replace the Tracking and Data Relay Satellite (TDRS) constellation, which has been flying since 1983. TDRS-M, the last of the second TDRS generation, launched in August 2017, extending the life of the TDRS constellation beyond 2030. However, opportunities exist to re-engineer the concepts of geosynchronous Earth relay satellites. The needs of the relay satellite customers have changed dramatically over the last 34 years since the first TDRS launch. There is a demand for greater bandwidth as the availability of the traditional RF spectrum for space communications diminishes and the demand for ground station access grows. The next generation of NASA relay satellites will provide for operations that have factored in these new constraints. In this paper, we describe a heterogeneous constellation of geosynchronous relay satellites employing optical and RF communications. The new constellation will enable new optical communications services formed by user-to-space relay, space relay-to-space relay and space relay-to-ground links. It will build upon the experience from the Lunar Laser Communications Demonstration from 2013 and the Laser Communications Relay Demonstration to be launched in 2019.Simultaneous to establishment of the optical communications space segment, spacecraft in the TDRS constellation will be replaced with RF relay satellites with targeted subsets of the TDRS capabilities. This disaggregation of the TDRS service model will allow for flexibility in replenishing the needs of legacy users as well as addition of new capabilities for future users. It will also permit the U.S. government access to launch capabilities such as rideshare and to hosted payloads that were not previously available. In this paper, we also explore how the next generation of Earth relay satellites provides a significant boost in the opportunities for commercial providers to the communications space segment. For optical communications, the backbone of this effort is adoption of commercial technologies from the terrestrial high-bandwidth telecommunications industry into optical payloads. For RF communications, the explosion of software-defined radio, high-speed digital signal processing technologies and networking from areas such as 5G multicarrier will be important. Future commercial providers will not be limited to a small set of large aerospace companies. Ultimately, entirely government-owned and -operated satellite communications will phase out and make way for commercial business models that satisfy NASAs satellite communications requirements. The competition being provided by new entrants in the space communications business may result in a future in which all NASA communications needs can be satisfied commercially.

Using agility to combat cyber attacks.

PubMed

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Detecting invisible bacillus spores on surfaces using a portable surface-enhanced Raman analyzer

NASA Astrophysics Data System (ADS)

Farquharson, Stuart; Inscore, Frank; Sperry, Jay F.

2006-10-01

Since the distribution of anthrax causing spores through the U.S. Postal System in the autumn of 2001, numerous methods have been developed to detect spores with the goal of minimizing casualties. During and following an attack it is also important to detect spores on surfaces, to assess extent of an attack, to quantify risk of infection by contact, as well as to evaluate post-attack clean-up. To perform useful measurements, analyzers and/or methods must be capable of detecting as few as 10 spores/cm2, in under 5-minutes, with little or no sample preparation or false-positive responses, using a portable device. In an effort to develop such a device, we have been investigating the ability of surfaceenhanced Raman spectroscopy (SERS) to detect dipicolinic acid (DPA) as a chemical signature of bacilli spores. In 2003 we employed SERS to measure DPA extracted from a 10,000 spores per μL sample using hot dodecylamine. Although the entire measurement was performed in 2 minutes, the need to heat the dodecylamine limits field portability of the method. Here we describe the use of a room temperature digesting agent in combination with SERS to detect 220 spores collected from a surface in a 1 μL sample within 3 minutes.

Face liveness detection using shearlet-based feature descriptors

NASA Astrophysics Data System (ADS)

Feng, Litong; Po, Lai-Man; Li, Yuming; Yuan, Fang

2016-07-01

Face recognition is a widely used biometric technology due to its convenience but it is vulnerable to spoofing attacks made by nonreal faces such as photographs or videos of valid users. The antispoof problem must be well resolved before widely applying face recognition in our daily life. Face liveness detection is a core technology to make sure that the input face is a live person. However, this is still very challenging using conventional liveness detection approaches of texture analysis and motion detection. The aim of this paper is to propose a feature descriptor and an efficient framework that can be used to effectively deal with the face liveness detection problem. In this framework, new feature descriptors are defined using a multiscale directional transform (shearlet transform). Then, stacked autoencoders and a softmax classifier are concatenated to detect face liveness. We evaluated this approach using the CASIA Face antispoofing database and replay-attack database. The experimental results show that our approach performs better than the state-of-the-art techniques following the provided protocols of these databases, and it is possible to significantly enhance the security of the face recognition biometric system. In addition, the experimental results also demonstrate that this framework can be easily extended to classify different spoofing attacks.

Pathfinder-Plus aircraft in flight

NASA Technical Reports Server (NTRS)

1998-01-01

The Pathfinder-Plus solar-powered aircraft is shown taking off from a runway, then flying at low altitude over the ocean. The vehicle, which looks like a flying ruler, operates at low airspeed. Among the missions proposed for a solar-powered aircraft are communications relay, atmospheric studies, pipeline monitoring and gas leak detection, environmental monitoring using thermal and radar images, and disaster relief and monitoring.

Saturn Apollo Program

NASA Image and Video Library

1965-01-13

Pegasus-1, meteoroid detection satellite, installed on Saturn I (SA-9 mission) S-IV stage, January 13, 1965. The satellite was used to obtain data on frequency and penetration of the potentially hazardous micrometeoroids in low Earth orbits and to relay the information back to Earth. SA-9 was launched on February 16, 1965 and the Pegasus-1 satellite was the first operational payload for Saturn I.

An optical relay approach to very low cost hybrid polymer-complementary metal-oxide semiconductor electrophoresis instrumentation.

PubMed

Hall, Gordon H; Sloan, David L; Ma, Tianchi; Couse, Madeline H; Martel, Stephane; Elliott, Duncan G; Glerum, D Moira; Backhouse, Christopher J

2014-07-04

Electrophoresis is an integral part of many molecular diagnostics protocols and an inexpensive implementation would greatly facilitate point-of-care (POC) applications. However, the high instrumentation cost presents a substantial barrier, much of it associated with fluorescence detection. The cost of such systems could be substantially reduced by placing the fluidic channel and photodiode directly above the detector in order to collect a larger portion of the fluorescent light. In future, this could be achieved through the integration and monolithic fabrication of photoresist microchannels on complementary metal-oxide semiconductor microelectronics (CMOS). However, the development of such a device is expensive due to high non-recurring engineering costs. To facilitate that development, we present a system that utilises an optical relay to integrate low-cost polymeric microfluidics with a CMOS chip that provides a photodiode, analog-digital conversion and a standard serial communication interface. This system embodies an intermediate level of microelectronic integration, and significantly decreases development costs. With a limit of detection of 1.3±0.4nM of fluorescently end-labeled deoxyribonucleic acid (DNA), it is suitable for diagnostic applications. Copyright © 2014 Elsevier B.V. All rights reserved.

Reliability Analysis of Differential Relay as Main Protection Transformer Using Fuzzy Logic Algorithm

NASA Astrophysics Data System (ADS)

Mulyadi, Y.; Sucita, T.; Sumarto; Alpani, M.

2018-02-01

Electricity supply demand is increasing every year. It makes PT. PLN (Persero) is required to provide optimal customer service and satisfaction. Optimal service depends on the performance of the equipment of the power system owned, especially the transformer. Power transformer is an electrical equipment that transforms electricity from high voltage to low voltage or vice versa. However, in the electrical power system, is inseparable from interference included in the transformer. But, the disturbance can be minimized by the protection system. The main protection transformer is differential relays. Differential relays working system using Kirchoff law where inflows equal outflows. If there are excessive currents that interfere then the relays will work. But, the relay can also experience decreased performance. Therefore, this final project aims to analyze the reliability of the differential relay on the transformer in three different substations. Referring to the standard applied by the transmission line protection officer, the differential relay shall have slope characteristics of 30% in the first slope and 80% in the second slope when using two slopes and 80% when using one slope with an instant time and the corresponding ratio. So, the results obtained on the Siemens differential release have a reliable slope characteristic with a value of 30 on the fuzzy logic system. In a while, ABB a differential relay is only 80% reliable because two experiments are not reliable. For the time, all the differential relays are instant with a value of 0.06 on the fuzzy logic system. For ratios, the differential relays ABB have a better value than others brand with a value of 151 on the fuzzy logic system.

A data fusion approach to indications and warnings of terrorist attacks

NASA Astrophysics Data System (ADS)

McDaniel, David; Schaefer, Gregory

2014-05-01

Indications and Warning (I&W) of terrorist attacks, particularly IED attacks, require detection of networks of agents and patterns of behavior. Social Network Analysis tries to detect a network; activity analysis tries to detect anomalous activities. This work builds on both to detect elements of an activity model of terrorist attack activity - the agents, resources, networks, and behaviors. The activity model is expressed as RDF triples statements where the tuple positions are elements or subsets of a formal ontology for activity models. The advantage of a model is that elements are interdependent and evidence for or against one will influence others so that there is a multiplier effect. The advantage of the formality is that detection could occur hierarchically, that is, at different levels of abstraction. The model matching is expressed as a likelihood ratio between input text and the model triples. The likelihood ratio is designed to be analogous to track correlation likelihood ratios common in JDL fusion level 1. This required development of a semantic distance metric for positive and null hypotheses as well as for complex objects. The metric uses the Web 1Terabype database of one to five gram frequencies for priors. This size requires the use of big data technologies so a Hadoop cluster is used in conjunction with OpenNLP natural language and Mahout clustering software. Distributed data fusion Map Reduce jobs distribute parts of the data fusion problem to the Hadoop nodes. For the purposes of this initial testing, open source models and text inputs of similar complexity to terrorist events were used as surrogates for the intended counter-terrorist application.

Relay communications strategies for Mars exploration through 2020

NASA Technical Reports Server (NTRS)

Edwards, Charles D., Jr.; Arnold, B.; DePaula, R.; Kazz, G.; Lee, C.; Noreen, G.

2005-01-01

In this paper we will examine NASA's strategy for relay communications support of missions planned for this decade, and discuss options for longer-term relay network evolution in support of second-decade missions.

Automation of servicibility of radio-relay station equipment

NASA Astrophysics Data System (ADS)

Uryev, A. G.; Mishkin, Y. I.; Itkis, G. Y.

1985-03-01

Automation of the serviceability of radio relay station equipment must ensure central gathering and primary processing of reliable instrument reading with subsequent display on the control panel, detection and recording of failures soon enough, advance enough warning based on analysis of detertioration symptoms, and correct remote measurement of equipment performance parameters. Such an inspection will minimize transmission losses while reducing nonproductive time and labor spent on documentation and measurement. A multichannel automated inspection system for this purpose should operate by a parallel rather than sequential procedure. Digital data processing is more expedient in this case than analog method and, therefore, analog to digital converters are required. Spepcial normal, above limit and below limit test signals provide means of self-inspection, to which must be added adequate interference immunization, stabilization, and standby power supply. Use of a microcomputer permits overall refinement and expansion of the inspection system while it minimizes though not completely eliminates dependence on subjective judgment.

Noncoherent Physical-Layer Network Coding with FSK Modulation: Relay Receiver Design Issues

DTIC Science & Technology

2011-03-01

222 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 59, NO. 9, SEPTEMBER 2011 2595 Noncoherent Physical-Layer Network Coding with FSK Modulation: Relay... noncoherent reception, channel estima- tion. I. INTRODUCTION IN the two-way relay channel (TWRC), a pair of sourceterminals exchange information...2011 4. TITLE AND SUBTITLE Noncoherent Physical-Layer Network Coding with FSK Modulation:Relay Receiver Design Issues 5a. CONTRACT NUMBER 5b

Simultaneous energy harvesting and information processing in wireless multiple relays with multiple antennas

NASA Astrophysics Data System (ADS)

Albaaj, Azhar; Makki, S. Vahab A.; Alabkhat, Qassem; Zahedi, Abdulhamid

2017-07-01

Wireless networks suffer from battery discharging specially in cooperative communications when multiple relays have an important role but they are energy constrained. To overcome this problem, energy harvesting from radio frequency signals is applied to charge the node battery. These intermediate nodes have the ability to harvest energy from the source signal and use the energy harvested to transmit information to the destination. In fact, the node tries to harvest energy and then transmit the data to destination. Division of energy harvesting and data transmission can be done in two algorithms: time-switching-based relaying protocol and power-splitting-based relaying protocol. These two algorithms also can be applied in delay-limited and delay-tolerant transmission systems. The previous works have assumed a single relay for energy harvesting, but in this article, the proposed method is concentrated on improving the outage probability and throughput by using multiple antennas in each relay node instead of using single antenna. According to our simulation results, when using multi-antenna relays, ability of energy harvesting is increased and thus system performance will be improved to great extent. Maximum ratio combining scheme has been used when the destination chooses the best signal of relays and antennas satisfying the required signal-to-noise ratio.

Multiple-access relaying with network coding: iterative network/channel decoding with imperfect CSI

NASA Astrophysics Data System (ADS)

Vu, Xuan-Thang; Renzo, Marco Di; Duhamel, Pierre

2013-12-01

In this paper, we study the performance of the four-node multiple-access relay channel with binary Network Coding (NC) in various Rayleigh fading scenarios. In particular, two relay protocols, decode-and-forward (DF) and demodulate-and-forward (DMF) are considered. In the first case, channel decoding is performed at the relay before NC and forwarding. In the second case, only demodulation is performed at the relay. The contributions of the paper are as follows: (1) two joint network/channel decoding (JNCD) algorithms, which take into account possible decoding error at the relay, are developed in both DF and DMF relay protocols; (2) both perfect channel state information (CSI) and imperfect CSI at receivers are studied. In addition, we propose a practical method to forward the relays error characterization to the destination (quantization of the BER). This results in a fully practical scheme. (3) We show by simulation that the number of pilot symbols only affects the coding gain but not the diversity order, and that quantization accuracy affects both coding gain and diversity order. Moreover, when compared with the recent results using DMF protocol, our proposed DF protocol algorithm shows an improvement of 4 dB in fully interleaved Rayleigh fading channels and 0.7 dB in block Rayleigh fading channels.

The Physical Layer Security Experiments of Cooperative Communication System with Different Relay Behaviors.

PubMed

Su, Yishan; Han, Guangyao; Fu, Xiaomei; Xu, Naishen; Jin, Zhigang

2017-04-06

Physical layer security is an attractive security mechanism, which exploits the randomness characteristics of wireless transmission channel to achieve security. However, it is hampered by the limitation of the channel condition that the main channel must be better than the eavesdropper channel. To alleviate the limitation, cooperative communication is introduced. Few studies have investigated the physical layer security of the relay transmission model. In this paper, we performed some experiments to evaluate the physical layer security of a cooperative communication system, with a relay operating in decode-and-forward (DF) cooperative mode, selfish and malicious behavior in real non-ideal transmission environment. Security performance is evaluated in terms of the probability of non-zero secrecy capacity. Experiments showed some different results compared to theoretical simulation: (1) to achieve the maximum secrecy capacity, the optimal relay power according to the experiments result is larger than that of ideal theoretical results under both cooperative and selfish behavior relay; (2) the relay in malicious behavior who forwards noise to deteriorate the main channel may deteriorate the eavesdropper channel more seriously than the main channel; (3) the optimal relay positions under cooperative and selfish behavior relay cases are both located near the destination because of non-ideal transmission.

False Positive and False Negative Effects on Network Attacks

NASA Astrophysics Data System (ADS)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

PubMed

Nirmal Raja, K; Maraline Beno, M

2017-07-01

In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

The broadcast classical-quantum capacity region of a two-phase bidirectional relaying channel

NASA Astrophysics Data System (ADS)

Boche, Holger; Cai, Minglai; Deppe, Christian

2015-10-01

We studied a three-node quantum network that enables bidirectional communication between two nodes with a half-duplex relay node for transmitting classical messages. A decode-and-forward protocol is used to perform the communication in two phases. In the first phase, the messages of two nodes are transmitted to the relay node. The capacity of the first phase is well known by previous works. In the second phase, the relay node broadcasts a re-encoded composition to the two nodes. We determine the capacity region of the broadcast phase. To the best of our knowledge, this is the first paper analyzing quantum bidirectional relay networks.

Incipient fault detection and power system protection for spaceborne systems

NASA Technical Reports Server (NTRS)

Russell, B. Don; Hackler, Irene M.

1987-01-01

A program was initiated to study the feasibility of using advanced terrestrial power system protection techniques for spacecraft power systems. It was designed to enhance and automate spacecraft power distribution systems in the areas of safety, reliability and maintenance. The proposed power management/distribution system is described as well as security assessment and control, incipient and low current fault detection, and the proposed spaceborne protection system. It is noted that the intelligent remote power controller permits the implementation of digital relaying algorithms with both adaptive and programmable characteristics.

Quantum hacking on quantum key distribution using homodyne detection

NASA Astrophysics Data System (ADS)

Huang, Jing-Zheng; Kunz-Jacques, Sébastien; Jouguet, Paul; Weedbrook, Christian; Yin, Zhen-Qiang; Wang, Shuang; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2014-03-01

Imperfect devices in commercial quantum key distribution systems open security loopholes that an eavesdropper may exploit. An example of one such imperfection is the wavelength-dependent coupling ratio of the fiber beam splitter. Utilizing this loophole, the eavesdropper can vary the transmittances of the fiber beam splitter at the receiver's side by inserting lights with wavelengths different from what is normally used. Here, we propose a wavelength attack on a practical continuous-variable quantum key distribution system using homodyne detection. By inserting light pulses at different wavelengths, this attack allows the eavesdropper to bias the shot-noise estimation even if it is done in real time. Based on experimental data, we discuss the feasibility of this attack and suggest a prevention scheme by improving the previously proposed countermeasures.

Authenticated Quantum Key Distribution with Collective Detection using Single Photons

NASA Astrophysics Data System (ADS)

Huang, Wei; Xu, Bing-Jie; Duan, Ji-Tong; Liu, Bin; Su, Qi; He, Yuan-Hang; Jia, Heng-Yue

2016-10-01

We present two authenticated quantum key distribution (AQKD) protocols by utilizing the idea of collective (eavesdropping) detection. One is a two-party AQKD protocol, the other is a multiparty AQKD protocol with star network topology. In these protocols, the classical channels need not be assumed to be authenticated and the single photons are used as the quantum information carriers. To achieve mutual identity authentication and establish a random key in each of the proposed protocols, only one participant should be capable of preparing and measuring single photons, and the main quantum ability that the rest of the participants should have is just performing certain unitary operations. Security analysis shows that these protocols are free from various kinds of attacks, especially the impersonation attack and the man-in-the-middle (MITM) attack.

Outage Performance Analysis of Relay Selection Schemes in Wireless Energy Harvesting Cooperative Networks over Non-Identical Rayleigh Fading Channels †

PubMed Central

Do, Nhu Tri; Bao, Vo Nguyen Quoc; An, Beongku

2016-01-01

In this paper, we study relay selection in decode-and-forward wireless energy harvesting cooperative networks. In contrast to conventional cooperative networks, the relays harvest energy from the source’s radio-frequency radiation and then use that energy to forward the source information. Considering power splitting receiver architecture used at relays to harvest energy, we are concerned with the performance of two popular relay selection schemes, namely, partial relay selection (PRS) scheme and optimal relay selection (ORS) scheme. In particular, we analyze the system performance in terms of outage probability (OP) over independent and non-identical (i.n.i.d.) Rayleigh fading channels. We derive the closed-form approximations for the system outage probabilities of both schemes and validate the analysis by the Monte-Carlo simulation. The numerical results provide comprehensive performance comparison between the PRS and ORS schemes and reveal the effect of wireless energy harvesting on the outage performances of both schemes. Additionally, we also show the advantages and drawbacks of the wireless energy harvesting cooperative networks and compare to the conventional cooperative networks. PMID:26927119

Outage Performance Analysis of Relay Selection Schemes in Wireless Energy Harvesting Cooperative Networks over Non-Identical Rayleigh Fading Channels.

PubMed

Do, Nhu Tri; Bao, Vo Nguyen Quoc; An, Beongku

2016-02-26

In this paper, we study relay selection in decode-and-forward wireless energy harvesting cooperative networks. In contrast to conventional cooperative networks, the relays harvest energy from the source's radio-frequency radiation and then use that energy to forward the source information. Considering power splitting receiver architecture used at relays to harvest energy, we are concerned with the performance of two popular relay selection schemes, namely, partial relay selection (PRS) scheme and optimal relay selection (ORS) scheme. In particular, we analyze the system performance in terms of outage probability (OP) over independent and non-identical (i.n.i.d.) Rayleigh fading channels. We derive the closed-form approximations for the system outage probabilities of both schemes and validate the analysis by the Monte-Carlo simulation. The numerical results provide comprehensive performance comparison between the PRS and ORS schemes and reveal the effect of wireless energy harvesting on the outage performances of both schemes. Additionally, we also show the advantages and drawbacks of the wireless energy harvesting cooperative networks and compare to the conventional cooperative networks.

Performance Analysis of Amplify-and-Forward Systems with Single Relay Selection in Correlated Environments

PubMed Central

Nguyen, Binh Van; Kim, Kiseon

2016-01-01

In this paper, we consider amplify-and-forward (AnF) cooperative systems under correlated fading environments. We first present a brief overview of existing works on the effect of channel correlations on the system performance. We then focus on our main contribution which is analyzing the outage probability of a multi-AnF-relay system with the best relay selection (BRS) scheme under a condition that two channels of each relay, source-relay and relay-destination channels, are correlated. Using lower and upper bounds on the end-to-end received signal-to-noise ratio (SNR) at the destination, we derive corresponding upper and lower bounds on the system outage probability. We prove that the system can achieve a diversity order (DO) equal to the number of relays. In addition, and importantly, we show that the considered correlation form has a constructive effect on the system performance. In other words, the larger the correlation coefficient, the better system performance. Our analytic results are corroborated by extensive Monte-Carlo simulations. PMID:27626426

A Smart Sensor for Defending against Clock Glitching Attacks on the I2C Protocol in Robotic Applications

PubMed Central

Jiménez-Naharro, Raúl; Gómez-Bravo, Fernando; Medina-García, Jonathan; Sánchez-Raya, Manuel; Gómez-Galán, Juan Antonio

2017-01-01

This paper presents a study about hardware attacking and clock signal vulnerability. It considers a particular type of attack on the clock signal in the I2C protocol, and proposes the design of a new sensor for detecting and defending against this type of perturbation. The analysis of the attack and the defense is validated by means of a configurable experimental platform that emulates a differential drive robot. A set of experimental results confirm the interest of the studied vulnerabilities and the efficiency of the proposed sensor in defending against this type of situation. PMID:28346337

An approach to detecting deliberately introduced defects and micro-defects in 3D printed objects

NASA Astrophysics Data System (ADS)

Straub, Jeremy

2017-05-01

In prior work, Zeltmann, et al. demonstrated the negative impact that can be created by defects of various sizes in 3D printed objects. These defects may make the object unsuitable for its application or even present a hazard, if the object is being used for a safety-critical application. With the uses of 3D printing proliferating and consumer access to printers increasing, the desire of a nefarious individual or group to subvert the desired printing quality and safety attributes of a printer or printed object must be considered. Several different approaches to subversion may exist. Attackers may physically impair the functionality of the printer or launch a cyber-attack. Detecting introduced defects, from either attack, is critical to maintaining public trust in 3D printed objects and the technology. This paper presents an alternate approach. It applies a quality assurance technology based on visible light sensing to this challenge and assesses its capability for detecting introduced defects of multiple sizes.

A Brief Interview to Detect Panic Attacks and Panic Disorder in Emergency Department Patients with Cardiopulmonary Complaints.

PubMed

Sung, Sharon C; Rush, A John; Earnest, Arul; Lim, Leslie E C; Pek, Maeve P P; Choi, Joen M F; Ng, Magdalene P K; Ong, Marcus E H

2018-01-01

Patients with panic-related anxiety often initially present to the emergency department (ED) complaining of respiratory or cardiac symptoms, but rates of detection of panic symptoms by ED physicians remain low. This study was undertaken to evaluate the relevance of panic attacks and panic disorder in ED patients who present with cardiopulmonary symptoms and to determine whether a brief symptom-based tool could be constructed to assist in rapid recognition of panic-related anxiety in the ED setting. English-speaking adult ED patients with a chief complaint of palpitations, chest pain, dizziness, or difficulty breathing were evaluated for the presence of panic attacks and panic disorder with the Structured Clinical Interview for DSM-IV Axis I Disorders. Participants completed self-report measures to assess panic-related symptoms, comorbid psychiatric conditions, health-related disability, and health service use. In this sample (N=200), 23.5% had panic attacks and 23.0% had panic disorder. Both groups reported higher rates of panic attack symptoms, greater psychiatric comorbidity, greater health-related disability, and higher rates of ED and mental health service use compared with those without either condition. A brief 7-item tool consisting of panic symptoms identified patients with panic attacks or panic disorder with 85% accuracy (area under the curve=0.90, sensitivity=82%, specificity=88%). Patients with panic attacks or panic disorder commonly present to the ED, but often go unrecognized. A brief 7-item clinician rating scale accurately identifies these patients among those ED patients presenting with cardiopulmonary complaints.

Sequential defense against random and intentional attacks in complex networks.

PubMed

Chen, Pin-Yu; Cheng, Shin-Ming

2015-02-01

Network robustness against attacks is one of the most fundamental researches in network science as it is closely associated with the reliability and functionality of various networking paradigms. However, despite the study on intrinsic topological vulnerabilities to node removals, little is known on the network robustness when network defense mechanisms are implemented, especially for networked engineering systems equipped with detection capabilities. In this paper, a sequential defense mechanism is first proposed in complex networks for attack inference and vulnerability assessment, where the data fusion center sequentially infers the presence of an attack based on the binary attack status reported from the nodes in the network. The network robustness is evaluated in terms of the ability to identify the attack prior to network disruption under two major attack schemes, i.e., random and intentional attacks. We provide a parametric plug-in model for performance evaluation on the proposed mechanism and validate its effectiveness and reliability via canonical complex network models and real-world large-scale network topology. The results show that the sequential defense mechanism greatly improves the network robustness and mitigates the possibility of network disruption by acquiring limited attack status information from a small subset of nodes in the network.

Advanced Cyber Attack Modeling Analysis and Visualization

DTIC Science & Technology

2010-03-01

Graph Analysis Network Web Logs Netflow Data TCP Dump Data System Logs Detect Protect Security Management What-If Figure 8. TVA attack graphs for...Clustered Graphs,” in Proceedings of the Symposium on Graph Drawing, September 1996. [25] K. Lakkaraju, W. Yurcik, A. Lee, “NVisionIP: NetFlow

47 CFR 64.606 - Internet-based TRS provider and TRS program certification.

Code of Federal Regulations, 2011 CFR

2011-10-01

... of Internet-based TRS to be provided (i.e., VRS, IP Relay, and/or IP captioned telephone relay... IP Relay providers certified under this section must notify the Commission of substantive changes in...

Reputation-Based Trust for a Cooperative, Agent-Based Backup Protection Scheme for Power Networks

DTIC Science & Technology

2010-03-01

85 Appendix B . Performance Charts for Data by Scenario...protection for that line. For example Relay 3 provides zone 1 coverage for line B and zone 3 coverage for line C. Relay 4 would also provide zone 1...coverage for line B but zone 3 coverage for line A instead since it is directional. Relay 1 and relay 6 would provide zone 3 coverage for line B . A

Differential correction capability of the GTDS using TDRSS data

NASA Technical Reports Server (NTRS)

Liu, S. Y.; Soskey, D. G.; Jacintho, J.

1980-01-01

A differential correction (DC) capability was implemented in the Goddard Trajectory Determination System (GTDS) to process satellite tracking data acquired via the Tracking and Data Relay Satellite System (TRDRSS). Configuration of the TDRSS is reviewed, observation modeling is presented, and major features of the capability are discussed. The following types of TDRSS data can be processed by GTDS: two way relay range and Doppler measurements, hybrid relay range and Doppler measurements, one way relay Doppler measurements, and differenced one way relay Doppler measurements. These data may be combined with conventional ground based direct tracking data. By using Bayesian weighted least squares techniques, the software allows the simultaneous determination of the trajectories of up to four different satellites - one user satellite and three relay satellites. In addition to satellite trajectories, the following parameters can be optionally solved: for drag coefficient, reflectivity of a satellite for solar radiation pressure, transponder delay, station position, and biases.

Lethality of sea lamprey attacks on lake trout in relation to location on the body surface

USGS Publications Warehouse

Bergstedt, Roger A.; Schneider, Clifford P.; O'Gorman, Robert

2001-01-01

We compared the locations of healed attack marks of the sea lamprey Petromyzon marinus on live lake trout Salvelinus namaycush with those of unhealed attack marks on dead lake trout to determine if the lethality of a sea lamprey attack was related to attack location. Lake trout were collected from Lake Ontario, live fish with gill nets in September 1985 and dead fish with trawls in October 1983−1986. Attack location was characterized by the percent distances from snout to tail and from the ventral to the dorsal midline. Kolmogorov−Smirnov two-sample tests did not detect significant differences in the distribution of attack location along either the anteroposterior axis or the dorsoventral axis. When attack locations were grouped into six anatomical regions historically used to record sea lamprey attacks, dead fish did not exhibit a significantly higher proportion of attacks in the more anterior regions. Even if the differences in attack location on live and dead fish were significant, they were too small to imply substantial spatial differences in attack lethality that should be accounted for when modeling the effects of sea lampreys feeding on lake trout. We suggest that the tendency for sea lamprey attacks to occur on the anterior half of the fish is related to the lower amplitude of lateral body movement there during swimming and thus the lower likelihood of being dislodged.

Automated Software Vulnerability Analysis

NASA Astrophysics Data System (ADS)

Sezer, Emre C.; Kil, Chongkyung; Ning, Peng

Despite decades of research, software continues to have vulnerabilities. Successful exploitations of these vulnerabilities by attackers cost millions of dollars to businesses and individuals. Unfortunately, most effective defensive measures, such as patching and intrusion prevention systems, require an intimate knowledge of the vulnerabilities. Many systems for detecting attacks have been proposed. However, the analysis of the exploited vulnerabilities is left to security experts and programmers. Both the human effortinvolved and the slow analysis process are unfavorable for timely defensive measure to be deployed. The problem is exacerbated by zero-day attacks.

Improving the multiparty quantum secret sharing over two collective-noise channels against insider attack

NASA Astrophysics Data System (ADS)

Sun, Ying; Wen, Qiao-yan; Zhu, Fu-chen

2010-01-01

The security of the multiparty quantum secret sharing protocol presented by Zhang [Z.J. Zhang, Physica A, 361 (2006) 233] is analyzed. It is shown that this protocol is vulnerable to the insider attack since eavesdropping detection is performed only when all states arrive at the last agent. We propose an attack strategy and give an improved version of the original protocol. The improved protocol is robust and has the same traits with the original one.

Countermeasure against blinding attacks on low-noise detectors with a background-noise-cancellation scheme

NASA Astrophysics Data System (ADS)

Lee, Min Soo; Park, Byung Kwon; Woo, Min Ki; Park, Chang Hoon; Kim, Yong-Su; Han, Sang-Wook; Moon, Sung

2016-12-01

We developed a countermeasure against blinding attacks on low-noise detectors with a background-noise-cancellation scheme in quantum key distribution (QKD) systems. Background-noise cancellation includes self-differencing and balanced avalanche photon diode (APD) schemes and is considered a promising solution for low-noise APDs, which are critical components in high-performance QKD systems. However, its vulnerability to blinding attacks has been recently reported. In this work, we propose a countermeasure that prevents this potential security loophole from being used in detector blinding attacks. An experimental QKD setup is implemented and various tests are conducted to verify the feasibility and performance of the proposed method. The obtained measurement results show that the proposed scheme successfully detects occurring blinding-attack-based hacking attempts.

Hybrid Intrusion Forecasting Framework for Early Warning System

NASA Astrophysics Data System (ADS)

Kim, Sehun; Shin, Seong-Jun; Kim, Hyunwoo; Kwon, Ki Hoon; Han, Younggoo

Recently, cyber attacks have become a serious hindrance to the stability of Internet. These attacks exploit interconnectivity of networks, propagate in an instant, and have become more sophisticated and evolutionary. Traditional Internet security systems such as firewalls, IDS and IPS are limited in terms of detecting recent cyber attacks in advance as these systems respond to Internet attacks only after the attacks inflict serious damage. In this paper, we propose a hybrid intrusion forecasting system framework for an early warning system. The proposed system utilizes three types of forecasting methods: time-series analysis, probabilistic modeling, and data mining method. By combining these methods, it is possible to take advantage of the forecasting technique of each while overcoming their drawbacks. Experimental results show that the hybrid intrusion forecasting method outperforms each of three forecasting methods.

Emerging Techniques for Field Device Security

DOE PAGES

Schwartz, Moses; Bechtel Corp.; Mulder, John; ...

2014-11-01

Critical infrastructure, such as electrical power plants and oil refineries, rely on embedded devices to control essential processes. State of the art security is unable to detect attacks on these devices at the hardware or firmware level. We provide an overview of the hardware used in industrial control system field devices, look at how these devices have been attacked, and discuss techniques and new technologies that may be used to secure them. We follow three themes: (1) Inspectability, the capability for an external arbiter to monitor the internal state of a device. (2) Trustworthiness, the degree to which a systemmore » will continue to function correctly despite disruption, error, or attack. (3) Diversity, the use of adaptive systems and complexity to make attacks more difficult by reducing the feasible attack surface.« less

Detection of atrial fibrillation after ischemic stroke or transient ischemic attack: a systematic review and meta-analysis.

PubMed

Kishore, Amit; Vail, Andy; Majid, Arshad; Dawson, Jesse; Lees, Kennedy R; Tyrrell, Pippa J; Smith, Craig J

2014-02-01

Atrial fibrillation (AF) confers a high risk of recurrent stroke, although detection methods and definitions of paroxysmal AF during screening vary. We therefore undertook a systematic review and meta-analysis to determine the frequency of newly detected AF using noninvasive or invasive cardiac monitoring after ischemic stroke or transient ischemic attack. Prospective observational studies or randomized controlled trials of patients with ischemic stroke, transient ischemic attack, or both, who underwent any cardiac monitoring for a minimum of 12 hours, were included after electronic searches of multiple databases. The primary outcome was detection of any new AF during the monitoring period. We prespecified subgroup analysis of selected (prescreened or cryptogenic) versus unselected patients and according to duration of monitoring. A total of 32 studies were analyzed. The overall detection rate of any AF was 11.5% (95% confidence interval, 8.9%-14.3%), although the timing, duration, method of monitoring, and reporting of diagnostic criteria used for paroxysmal AF varied. Detection rates were higher in selected (13.4%; 95% confidence interval, 9.0%-18.4%) than in unselected patients (6.2%; 95% confidence interval, 4.4%-8.3%). There was substantial heterogeneity even within specified subgroups. Detection of AF was highly variable, and the review was limited by small sample sizes and marked heterogeneity. Further studies are required to inform patient selection, optimal timing, methods, and duration of monitoring for detection of AF/paroxysmal AF.

32 CFR 321.13 - Exemptions.

Code of Federal Regulations, 2010 CFR

2010-07-01

... investigations and relay law enforcement information without compromise of the information, protection of... investigations and relay law enforcement information without compromise of the information, protection of... subsection (c)(3) because it will enable DSS to conduct certain investigations and relay law enforcement...

Spreading Sequence System for Full Connectivity Relay Network

NASA Technical Reports Server (NTRS)

Kwon, Hyuck M. (Inventor); Pham, Khanh D. (Inventor); Yang, Jie (Inventor)

2018-01-01

Fully connected uplink and downlink fully connected relay network systems using pseudo-noise spreading and despreading sequences subjected to maximizing the signal-to-interference-plus-noise ratio. The relay network systems comprise one or more transmitting units, relays, and receiving units connected via a communication network. The transmitting units, relays, and receiving units each may include a computer for performing the methods and steps described herein and transceivers for transmitting and/or receiving signals. The computer encodes and/or decodes communication signals via optimum adaptive PN sequences found by employing Cholesky decompositions and singular value decompositions (SVD). The PN sequences employ channel state information (CSI) to more effectively and more securely computing the optimal sequences.

DoS detection in IEEE 802.11 with the presence of hidden nodes

PubMed Central

Soryal, Joseph; Liu, Xijie; Saadawi, Tarek

2013-01-01

The paper presents a novel technique to detect Denial of Service (DoS) attacks applied by misbehaving nodes in wireless networks with the presence of hidden nodes employing the widely used IEEE 802.11 Distributed Coordination Function (DCF) protocols described in the IEEE standard [1]. Attacker nodes alter the IEEE 802.11 DCF firmware to illicitly capture the channel via elevating the probability of the average number of packets transmitted successfully using up the bandwidth share of the innocent nodes that follow the protocol standards. We obtained the theoretical network throughput by solving two-dimensional Markov Chain model as described by Bianchi [2], and Liu and Saadawi [3] to determine the channel capacity. We validated the results obtained via the theoretical computations with the results obtained by OPNET simulator [4] to define the baseline for the average attainable throughput in the channel under standard conditions where all nodes follow the standards. The main goal of the DoS attacker is to prevent the innocent nodes from accessing the channel and by capturing the channel’s bandwidth. In addition, the attacker strives to appear as an innocent node that follows the standards. The protocol resides in every node to enable each node to police other nodes in its immediate wireless coverage area. All innocent nodes are able to detect and identify the DoS attacker in its wireless coverage area. We applied the protocol to two Physical Layer technologies: Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS) and the results are presented to validate the algorithm. PMID:25685510

DoS detection in IEEE 802.11 with the presence of hidden nodes.

PubMed

Soryal, Joseph; Liu, Xijie; Saadawi, Tarek

2014-07-01

The paper presents a novel technique to detect Denial of Service (DoS) attacks applied by misbehaving nodes in wireless networks with the presence of hidden nodes employing the widely used IEEE 802.11 Distributed Coordination Function (DCF) protocols described in the IEEE standard [1]. Attacker nodes alter the IEEE 802.11 DCF firmware to illicitly capture the channel via elevating the probability of the average number of packets transmitted successfully using up the bandwidth share of the innocent nodes that follow the protocol standards. We obtained the theoretical network throughput by solving two-dimensional Markov Chain model as described by Bianchi [2], and Liu and Saadawi [3] to determine the channel capacity. We validated the results obtained via the theoretical computations with the results obtained by OPNET simulator [4] to define the baseline for the average attainable throughput in the channel under standard conditions where all nodes follow the standards. The main goal of the DoS attacker is to prevent the innocent nodes from accessing the channel and by capturing the channel's bandwidth. In addition, the attacker strives to appear as an innocent node that follows the standards. The protocol resides in every node to enable each node to police other nodes in its immediate wireless coverage area. All innocent nodes are able to detect and identify the DoS attacker in its wireless coverage area. We applied the protocol to two Physical Layer technologies: Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS) and the results are presented to validate the algorithm.

Evolution of a radio communication relay system

NASA Astrophysics Data System (ADS)

Nguyen, Hoa G.; Pezeshkian, Narek; Hart, Abraham; Burmeister, Aaron; Holz, Kevin; Neff, Joseph; Roth, Leif

2013-05-01

Providing long-distance non-line-of-sight control for unmanned ground robots has long been recognized as a problem, considering the nature of the required high-bandwidth radio links. In the early 2000s, the DARPA Mobile Autonomous Robot Software (MARS) program funded the Space and Naval Warfare Systems Center (SSC) Pacific to demonstrate a capability for autonomous mobile communication relaying on a number of Pioneer laboratory robots. This effort also resulted in the development of ad hoc networking radios and software that were later leveraged in the development of a more practical and logistically simpler system, the Automatically Deployed Communication Relays (ADCR). Funded by the Joint Ground Robotics Enterprise and internally by SSC Pacific, several generations of ADCR systems introduced increasingly more capable hardware and software for automatic maintenance of communication links through deployment of static relay nodes from mobile robots. This capability was finally tapped in 2010 to fulfill an urgent need from theater. 243 kits of ruggedized, robot-deployable communication relays were produced and sent to Afghanistan to extend the range of EOD and tactical ground robots in 2012. This paper provides a summary of the evolution of the radio relay technology at SSC Pacific, and then focuses on the latest two stages, the Manually-Deployed Communication Relays and the latest effort to automate the deployment of these ruggedized and fielded relay nodes.

The Relay/Converter Interface Influences Hydrolysis of ATP by Skeletal Muscle Myosin II*

PubMed Central

Bloemink, Marieke J.; Melkani, Girish C.; Bernstein, Sanford I.; Geeves, Michael A.

2016-01-01

The interface between relay and converter domain of muscle myosin is critical for optimal myosin performance. Using Drosophila melanogaster indirect flight muscle S1, we performed a kinetic analysis of the effect of mutations in the converter and relay domain. Introduction of a mutation (R759E) in the converter domain inhibits the steady-state ATPase of myosin S1, whereas an additional mutation in the relay domain (N509K) is able to restore the ATPase toward wild-type values. The R759E S1 construct showed little effect on most steps of the actomyosin ATPase cycle. The exception was a 25–30% reduction in the rate constant of the hydrolysis step, the step coupled to the cross-bridge recovery stroke that involves a change in conformation at the relay/converter domain interface. Significantly, the double mutant restored the hydrolysis step to values similar to the wild-type myosin. Modeling the relay/converter interface suggests a possible interaction between converter residue 759 and relay residue 509 in the actin-detached conformation, which is lost in R759E but is restored in N509K/R759E. This detailed kinetic analysis of Drosophila myosin carrying the R759E mutation shows that the interface between the relay loop and converter domain is important for fine-tuning myosin kinetics, in particular ATP binding and hydrolysis. PMID:26586917

Analytical Approaches for Identification and Representation of Critical Protection Systems in Transient Stability Studies

NASA Astrophysics Data System (ADS)

Hedman, Mojdeh Khorsand

After a major disturbance, the power system response is highly dependent on protection schemes and system dynamics. Improving power systems situational awareness requires proper and simultaneous modeling of both protection schemes and dynamic characteristics in power systems analysis tools. Historical information and ex-post analysis of blackouts reaffirm the critical role of protective devices in cascading events, thereby confirming the necessity to represent protective functions in transient stability studies. This dissertation is aimed at studying the importance of representing protective relays in power system dynamic studies. Although modeling all of the protective relays within transient stability studies may result in a better estimation of system behavior, representing, updating, and maintaining the protection system data becomes an insurmountable task. Inappropriate or outdated representation of the relays may result in incorrect assessment of the system behavior. This dissertation presents a systematic method to determine essential relays to be modeled in transient stability studies. The desired approach should identify protective relays that are critical for various operating conditions and contingencies. The results of the transient stability studies confirm that modeling only the identified critical protective relays is sufficient to capture system behavior for various operating conditions and precludes the need to model all of the protective relays. Moreover, this dissertation proposes a method that can be implemented to determine the appropriate location of out-of-step blocking relays. During unstable power swings, a generator or group of generators may accelerate or decelerate leading to voltage depression at the electrical center along with generator tripping. This voltage depression may cause protective relay mis-operation and unintentional separation of the system. In order to avoid unintentional islanding, the potentially mis-operating relays should be blocked from tripping with the use of out-of-step blocking schemes. Blocking these mis-operating relays, combined with an appropriate islanding scheme, help avoid a system wide collapse. The proposed method is tested on data from the Western Electricity Coordinating Council. A triple line outage of the California-Oregon Intertie is studied. The results show that the proposed method is able to successfully identify proper locations of out-of-step blocking scheme.

Ground Wave Emergency Network Final Operational Capability. Environmental Assessment for Northeastern Nevada Relay Node. Site No. RN 8W922NV

DTIC Science & Technology

1993-04-16

enhancing system availability and ensuring that vital communications will be maintained. 1-1 c~o~ - MCDRMIT. NEADA.OREGN & DAHO 197 Ný 1-2, 2.0 ALTERNATIVES...detected, an explosion inside the shelter would be extremely unlikely due 2-7 to the high flash point of diesel fuel. If a tank at the GWEN station

14 CFR 1215.102 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION TRACKING AND DATA RELAY SATELLITE SYSTEM.... The Tracking and Data Relay Satellite System including Tracking and Data Relay Satellites (TDRS), the... user ground system/TDRSS interface. (c) Bit stream. The digital electronic signals acquired by TDRSS...

Tracing Potential School Shooters in the Digital Sphere

NASA Astrophysics Data System (ADS)

Veijalainen, Jari; Semenov, Alexander; Kyppö, Jorma

There are over 300 known school shooting cases in the world and over ten known cases where the perpetrator(s) have been prohibited to perform the attack at the last moment or earlier. Interesting from our point of view is that in many cases the perpetrators have expressed their views in social media or on their web page well in advance, and often also left suicide messages in blogs and other forums before their attack, along the planned date and place. This has become more common towards the end of this decennium. In some cases this has made it possible to prevent the attack. In this paper we will look at the possibilities to find commonalities of the perpetrators, beyond the fact that they are all males from eleven to roughly 25 years old, and possibilities to follow their traces in the digital sphere in order to cut the dangerous development towards an attack. Should this not be possible, then an attack should be averted before it happens. We are especially interested in the multimedia data mining methods and social network mining and analysis that can be used to detect the possible perpetrators in time. We also present in this paper a probabilistic model that can be used to evaluate the success/failure rate of the detection of the possible perpetrators.

Phase-Space Detection of Cyber Events

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hernandez Jimenez, Jarilyn M; Ferber, Aaron E; Prowell, Stacy J

Energy Delivery Systems (EDS) are a network of processes that produce, transfer and distribute energy. EDS are increasingly dependent on networked computing assets, as are many Industrial Control Systems. Consequently, cyber-attacks pose a real and pertinent threat, as evidenced by Stuxnet, Shamoon and Dragonfly. Hence, there is a critical need for novel methods to detect, prevent, and mitigate effects of such attacks. To detect cyber-attacks in EDS, we developed a framework for gathering and analyzing timing data that involves establishing a baseline execution profile and then capturing the effect of perturbations in the state from injecting various malware. The datamore » analysis was based on nonlinear dynamics and graph theory to improve detection of anomalous events in cyber applications. The goal was the extraction of changing dynamics or anomalous activity in the underlying computer system. Takens' theorem in nonlinear dynamics allows reconstruction of topologically invariant, time-delay-embedding states from the computer data in a sufficiently high-dimensional space. The resultant dynamical states were nodes, and the state-to-state transitions were links in a mathematical graph. Alternatively, sequential tabulation of executing instructions provides the nodes with corresponding instruction-to-instruction links. Graph theorems guarantee graph-invariant measures to quantify the dynamical changes in the running applications. Results showed a successful detection of cyber events.« less

Achievable rate maximization for decode-and-forward MIMO-OFDM networks with an energy harvesting relay.

PubMed

Du, Guanyao; Yu, Jianjun

2016-01-01

This paper investigates the system achievable rate for the multiple-input multiple-output orthogonal frequency division multiplexing (MIMO-OFDM) system with an energy harvesting (EH) relay. Firstly we propose two protocols, time switching-based decode-and-forward relaying (TSDFR) and a flexible power splitting-based DF relaying (PSDFR) protocol by considering two practical receiver architectures, to enable the simultaneous information processing and energy harvesting at the relay. In PSDFR protocol, we introduce a temporal parameter to describe the time division pattern between the two phases which makes the protocol more flexible and general. In order to explore the system performance limit, we discuss the system achievable rate theoretically and formulate two optimization problems for the proposed protocols to maximize the system achievable rate. Since the problems are non-convex and difficult to solve, we first analyze them theoretically and get some explicit results, then design an augmented Lagrangian penalty function (ALPF) based algorithm for them. Numerical results are provided to validate the accuracy of our analytical results and the effectiveness of the proposed ALPF algorithm. It is shown that, PSDFR outperforms TSDFR to achieve higher achievable rate in such a MIMO-OFDM relaying system. Besides, we also investigate the impacts of the relay location, the number of antennas and the number of subcarriers on the system performance. Specifically, it is shown that, the relay position greatly affects the system performance of both protocols, and relatively worse achievable rate is achieved when the relay is placed in the middle of the source and the destination. This is different from the MIMO-OFDM DF relaying system without EH. Moreover, the optimal factor which indicates the time division pattern between the two phases in the PSDFR protocol is always above 0.8, which means that, the common division of the total transmission time into two equal phases in previous work applying PS-based receiver is not optimal.

Using the Domain Name System to Thwart Automated Client-Based Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Taylor, Curtis R; Shue, Craig A

2011-09-01

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so.more » Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.« less

Airborne relay-based regional positioning system.

PubMed

Lee, Kyuman; Noh, Hongjun; Lim, Jaesung

2015-05-28

Ground-based pseudolite systems have some limitations, such as low vertical accuracy, multipath effects and near-far problems. These problems are not significant in airborne-based pseudolite systems. However, the monitoring of pseudolite positions is required because of the mobility of the platforms on which the pseudolites are mounted, and this causes performance degradation. To address these pseudolite system limitations, we propose an airborne relay-based regional positioning system that consists of a master station, reference stations, airborne relays and a user. In the proposed system, navigation signals are generated from the reference stations located on the ground and are relayed via the airborne relays. Unlike in conventional airborne-based systems, the user in the proposed system sequentially estimates both the locations of airborne relays and his/her own position. Therefore, a delay due to monitoring does not occur, and the accuracy is not affected by the movement of airborne relays. We conducted several simulations to evaluate the performance of the proposed system. Based on the simulation results, we demonstrated that the proposed system guarantees a higher accuracy than airborne-based pseudolite systems, and it is feasible despite the existence of clock offsets among reference stations.

Airborne Relay-Based Regional Positioning System

PubMed Central

Lee, Kyuman; Noh, Hongjun; Lim, Jaesung

2015-01-01

Ground-based pseudolite systems have some limitations, such as low vertical accuracy, multipath effects and near-far problems. These problems are not significant in airborne-based pseudolite systems. However, the monitoring of pseudolite positions is required because of the mobility of the platforms on which the pseudolites are mounted, and this causes performance degradation. To address these pseudolite system limitations, we propose an airborne relay-based regional positioning system that consists of a master station, reference stations, airborne relays and a user. In the proposed system, navigation signals are generated from the reference stations located on the ground and are relayed via the airborne relays. Unlike in conventional airborne-based systems, the user in the proposed system sequentially estimates both the locations of airborne relays and his/her own position. Therefore, a delay due to monitoring does not occur, and the accuracy is not affected by the movement of airborne relays. We conducted several simulations to evaluate the performance of the proposed system. Based on the simulation results, we demonstrated that the proposed system guarantees a higher accuracy than airborne-based pseudolite systems, and it is feasible despite the existence of clock offsets among reference stations. PMID:26029953

Exploiting Outage and Error Probability of Cooperative Incremental Relaying in Underwater Wireless Sensor Networks

PubMed Central

Nasir, Hina; Javaid, Nadeem; Sher, Muhammad; Qasim, Umar; Khan, Zahoor Ali; Alrajeh, Nabil; Niaz, Iftikhar Azim

2016-01-01

This paper embeds a bi-fold contribution for Underwater Wireless Sensor Networks (UWSNs); performance analysis of incremental relaying in terms of outage and error probability, and based on the analysis proposition of two new cooperative routing protocols. Subject to the first contribution, a three step procedure is carried out; a system model is presented, the number of available relays are determined, and based on cooperative incremental retransmission methodology, closed-form expressions for outage and error probability are derived. Subject to the second contribution, Adaptive Cooperation in Energy (ACE) efficient depth based routing and Enhanced-ACE (E-ACE) are presented. In the proposed model, feedback mechanism indicates success or failure of data transmission. If direct transmission is successful, there is no need for relaying by cooperative relay nodes. In case of failure, all the available relays retransmit the data one by one till the desired signal quality is achieved at destination. Simulation results show that the ACE and E-ACE significantly improves network performance, i.e., throughput, when compared with other incremental relaying protocols like Cooperative Automatic Repeat reQuest (CARQ). E-ACE and ACE achieve 69% and 63% more throughput respectively as compared to CARQ in hard underwater environment. PMID:27420061

Relay Support for the Mars Science Laboratory and the Coming Decade of Mars Relay Network Evolution

NASA Technical Reports Server (NTRS)

Edwards, Charles D., Jr.; Arnold, Bradford W.; Bell, David J.; Bruvold, Kristoffer N.; Gladden, Roy E.; Ilott, Peter A.; Lee, Charles H.

2012-01-01

In the past decade, an evolving network of Mars relay orbiters has provided telecommunication relay services to the Mars Exploration Rovers, Spirit and Opportunity, and to the Mars Phoenix Lander, enabling high-bandwidth, energy-efficient data transfer and greatly increasing the volume of science data that can be returned from the Martian surface, compared to conventional direct-to-Earth links. The current relay network, consisting of NASA's Odyssey and Mars Reconnaissance Orbiter and augmented by ESA's Mars Express Orbiter, stands ready to support the Mars Science Laboratory, scheduled to arrive at Mars on Aug 6, 2012, with new capabilities enabled by the Electra and Electra-Lite transceivers carried by MRO and MSL, respectively. The MAVEN orbiter, planned for launch in 2013, and the ExoMars/Trace Gas Orbiter, planned for launch in 2016, will replenish the on-orbit relay network as the current orbiter approach their end of life. Currently planned support scenarios for this future relay network include an ESA EDL Demonstrator Module deployed by the 2016 ExoMars/TGO orbiter, and the 2018 NASA/ESA Joint Rover, representing the first step in a multimission Mars Sample Return campaign.

Relay cropping as a sustainable approach: problems and opportunities for sustainable crop production.

PubMed

Tanveer, Mohsin; Anjum, Shakeel Ahmad; Hussain, Saddam; Cerdà, Artemi; Ashraf, Umair

2017-03-01

Climate change, soil degradation, and depletion of natural resources are becoming the most prominent challenges for crop productivity and environmental sustainability in modern agriculture. In the scenario of conventional farming system, limited chances are available to cope with these issues. Relay cropping is a method of multiple cropping where one crop is seeded into standing second crop well before harvesting of second crop. Relay cropping may solve a number of conflicts such as inefficient use of available resources, controversies in sowing time, fertilizer application, and soil degradation. Relay cropping is a complex suite of different resource-efficient technologies, which possesses the capability to improve soil quality, to increase net return, to increase land equivalent ratio, and to control the weeds and pest infestation. The current review emphasized relay cropping as a tool for crop diversification and environmental sustainability with special focus on soil. Briefly, benefits, constraints, and opportunities of relay cropping keeping the goals of higher crop productivity and sustainability have also been discussed in this review. The research and knowledge gap in relay cropping was also highlighted in order to guide the further studies in future.

An Optimal Method for Detecting Internal and External Intrusion in MANET

NASA Astrophysics Data System (ADS)

Rafsanjani, Marjan Kuchaki; Aliahmadipour, Laya; Javidi, Mohammad M.

Mobile Ad hoc Network (MANET) is formed by a set of mobile hosts which communicate among themselves through radio waves. The hosts establish infrastructure and cooperate to forward data in a multi-hop fashion without a central administration. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions. In this paper, we proposed a method for prevention internal intruder and detection external intruder by using game theory in mobile ad hoc network. One optimal solution for reducing the resource consumption of detection external intruder is to elect a leader for each cluster to provide intrusion service to other nodes in the its cluster, we call this mode moderate mode. Moderate mode is only suitable when the probability of attack is low. Once the probability of attack is high, victim nodes should launch their own IDS to detect and thwart intrusions and we call robust mode. In this paper leader should not be malicious or selfish node and must detect external intrusion in its cluster with minimum cost. Our proposed method has three steps: the first step building trust relationship between nodes and estimation trust value for each node to prevent internal intrusion. In the second step we propose an optimal method for leader election by using trust value; and in the third step, finding the threshold value for notifying the victim node to launch its IDS once the probability of attack exceeds that value. In first and third step we apply Bayesian game theory. Our method due to using game theory, trust value and honest leader can effectively improve the network security, performance and reduce resource consumption.

Detecting anthrax in the palm of your hand: applications of a smartphone microscope

DOE Office of Scientific and Technical Information (OSTI.GOV)

Erikson, Rebecca L.; Hutchison, Janine R.

Bacillus anthracis is a bacterial pathogen that causes the disease anthrax. In 2001, B. anthracis was used in a bioterrorism attack in the United States that resulted in 22 individuals becoming infected, 5 of whom died as a result of this attack. A great deal of attention has been dedicated to responding to bioterrorism events to reduce the potential loss of lives. One such area of research has focused on the development of new technologies to detect and respond to the intentional release of bacterial pathogens such as B. anthracis.

The hydrodynamics of predator-prey interactions in zebrafish

NASA Astrophysics Data System (ADS)

McHenry, Matthew; Soto, Alberto; Carrillo, Andres; Byron, Margaret

2017-11-01

Hydrodynamics govern the behavior of fishes when they operate as predators or prey. In addition to the role of fluid forces in propulsion, fishes relay on flow stimuli to sense a predatory threat and to localize palatable prey. We have performed a series of experiments on zebrafish (Danio rerio) that aim to resolve the major factors that determine whether prey survive an encounter with a predator. Zebrafish serve as a model system in this pursuit because the adults prey on larvae of the same species and the larvae are often successful in evading the attacks of the adults. We use a combination of theoretical and experimental approaches to resolve the behavioral algorithms and kinematics that determined the outcome of these interactions. In this context, the hydrodynamics of intermediate Reynolds numbers largely determines the range of flow stimuli and the limits to locomotor performance at dictate prey survival. These principles have the potential to apply to a broad diversity of fishes and other aquatic animals. ONR: N00014-15-1-2249.

Quantum direct communication protocol strengthening against Pavičić’s attack

NASA Astrophysics Data System (ADS)

Zhang, Bo; Shi, Wei-Xu; Wang, Jian; Tang, Chao-Jing

2015-12-01

A quantum circuit providing an undetectable eavesdropping of information in message mode, which compromises all two-state ψ-ϕ quantum direct communication (QDC) protocols, has been recently proposed by Pavičić [Phys. Rev. A 87 (2013) 042326]. A modification of the protocol’s control mode is proposed, which improves users’ 25% detection probability of Eve to 50% at best, as that in ping-pong protocol. The modification also improves the detection probability of Wójcik’s attack [Phys. Rev. Lett 90 (2003) 157901] to 75% at best. The resistance against man-in-the-middle (MITM) attack as well as the discussion of security for four Bell state protocols is presented. As a result, the protocol security is strengthened both theoretically and practically, and quantum advantage of superdense coding is restored.

Comment on “Cryptanalysis and improvement of multiparty semiquantum secret sharing based on rearranging orders of qubits”

NASA Astrophysics Data System (ADS)

Gao, Gan

2017-11-01

In this paper, we show that the attack strategy [A. Yin and F. Fu, Mod. Phys. Lett. B 30 (2016) 1650415] fails, that is, the last agent and other agents cannot get the sender’s secret keys without being detected by using the attack strategy.

Multi-Step Attack Detection via Bayesian Modeling under Model Parameter Uncertainty

ERIC Educational Resources Information Center

Cole, Robert

2013-01-01

Organizations in all sectors of business have become highly dependent upon information systems for the conduct of business operations. Of necessity, these information systems are designed with many points of ingress, points of exposure that can be leveraged by a motivated attacker seeking to compromise the confidentiality, integrity or…

Design and Implementation of High Interaction Client Honeypot for Drive-by-Download Attacks

NASA Astrophysics Data System (ADS)

Akiyama, Mitsuaki; Iwamura, Makoto; Kawakoya, Yuhei; Aoki, Kazufumi; Itoh, Mitsutaka

Nowadays, the number of web-browser targeted attacks that lead users to adversaries' web sites and exploit web browser vulnerabilities is increasing, and a clarification of their methods and countermeasures is urgently needed. In this paper, we introduce the design and implementation of a new client honeypot for drive-by-download attacks that has the capacity to detect and investigate a variety of malicious web sites. On the basis of the problems of existing client honeypots, we enumerate the requirements of a client honeypot: 1) detection accuracy and variety, 2) collection variety, 3) performance efficiency, and 4) safety and stability. We improve our system with regard to these requirements. The key features of our developed system are stepwise detection focusing on exploit phases, multiple crawler processing, tracking of malware distribution networks, and malware infection prevention. Our evaluation of our developed system in a laboratory experiment and field experiment indicated that its detection variety and crawling performance are higher than those of existing client honeypots. In addition, our system is able to collect information for countermeasures and is secure and stable for continuous operation. We conclude that our system can investigate malicious web sites comprehensively and support countermeasures.

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT †

PubMed Central

Mathur, Avijit; Newe, Thomas; Rao, Muzaffar

2016-01-01

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy. PMID:26797620

A Secure Trust Establishment Scheme for Wireless Sensor Networks

PubMed Central

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2014-01-01

Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior. PMID:24451471

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT.

PubMed

Mathur, Avijit; Newe, Thomas; Rao, Muzaffar

2016-01-19

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy.

Tracking and data relay satellite system configuration and tradeoff study, part 1. Volume 3: Telecommunications service system

NASA Technical Reports Server (NTRS)

1972-01-01

The results of the telecommunications subsystem analysis are presented. The relay system requirements and constraints, interference analysis, frequency selection, modulation and coding analysis, and the performance analysis of the relay system are included.

76 FR 72124 - Internet-Based Telecommunications Relay Service Numbering

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-22

... Docket No. 10-191; FCC 11-123] Internet-Based Telecommunications Relay Service Numbering AGENCY: Federal..., the information collection associated with the Commission's Internet- Based Telecommunications Relay... this notice as an announcement of the effective date of the rules. See Internet-Based...

77 FR 1039 - Internet-Based Telecommunications Relay Service Numbering

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-09

... FEDERAL COMMUNICATIONS COMMISSION 47 CFR Part 64 [WC Docket No. 10-191; Report No. 2939] Internet... toll-free numbers by users of Internet- based Telecommunications Relay Services (iTRS). DATES... any rules of particular applicability. Subject: Internet-Based Telecommunications Relay Service...

47 CFR 64.603 - Provision of services.

Code of Federal Regulations, 2010 CFR

2010-10-01

... telephone voice transmission services shall provide, not later than July 26, 1993, in compliance with the regulations prescribed herein, throughout the area in which it offers services, telecommunications relay... other carriers. Speech-to-speech relay service and interstate Spanish language relay service shall be...

A TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays

DTIC Science & Technology

2014-07-18

incentive scheme for Tor relying on two novel concepts. We introduce TorCoin, an “altcoin” that uses the Bitcoin protocol to re- ward relays for...or altcoin, based on the Bitcoin protocol [8]. Unlike Bitcoin , its proof-of-work scheme is based on bandwidth rather than computation. To “mine” a...concepts. We introduce TorCoin, an altcoin" that uses the Bitcoin protocol to re- ward relays for contributing bandwidth. Relays mine" TorCoins, then

Twitter in the Cross Fire—The Use of Social Media in the Westgate Mall Terror Attack in Kenya

PubMed Central

Simon, Tomer; Goldberg, Avishay; Aharonson-Daniel, Limor; Leykin, Dmitry; Adini, Bruria

2014-01-01

On September 2013 an attack on the Westgate mall in Kenya led to a four day siege, resulting in 67 fatalities and 175 wounded. During the crisis, Twitter became a crucial channel of communication between the government, emergency responders and the public, facilitating the emergency management of the event. The objectives of this paper are to present the main activities, use patterns and lessons learned from the use of the social media in the crisis. Using TwitterMate, a system developed to collect, store and analyze tweets, the main hashtags generated by the crowd and specific Twitter accounts of individuals, emergency responders and NGOs, were followed throughout the four day siege. A total of 67,849 tweets were collected and analyzed. Four main categories of hashtags were identified: geographical locations, terror attack, social support and organizations. The abundance of Twitter accounts providing official information made it difficult to synchronize and follow the flow of information. Many organizations posted simultaneously, by their manager and by the organization itself. Creating situational awareness was facilitated by information tweeted by the public. Threat assessment was updated through the information posted on social media. Security breaches led to the relay of sensitive data. At times, misinformation was only corrected after two days. Social media offer an accessible, widely available means for a bi-directional flow of information between the public and the authorities. In the crisis, all emergency responders used and leveraged social media networks for communicating both with the public and among themselves. A standard operating procedure should be developed to enable multiple responders to monitor, synchronize and integrate their social media feeds during emergencies. This will lead to better utilization and optimization of social media resources during crises, providing clear guidelines for communications and a hierarchy for dispersing information to the public and among responding organizations. PMID:25153889

Twitter in the cross fire--the use of social media in the Westgate Mall terror attack in Kenya.

PubMed

Simon, Tomer; Goldberg, Avishay; Aharonson-Daniel, Limor; Leykin, Dmitry; Adini, Bruria

2014-01-01

On September 2013 an attack on the Westgate mall in Kenya led to a four day siege, resulting in 67 fatalities and 175 wounded. During the crisis, Twitter became a crucial channel of communication between the government, emergency responders and the public, facilitating the emergency management of the event. The objectives of this paper are to present the main activities, use patterns and lessons learned from the use of the social media in the crisis. Using TwitterMate, a system developed to collect, store and analyze tweets, the main hashtags generated by the crowd and specific Twitter accounts of individuals, emergency responders and NGOs, were followed throughout the four day siege. A total of 67,849 tweets were collected and analyzed. Four main categories of hashtags were identified: geographical locations, terror attack, social support and organizations. The abundance of Twitter accounts providing official information made it difficult to synchronize and follow the flow of information. Many organizations posted simultaneously, by their manager and by the organization itself. Creating situational awareness was facilitated by information tweeted by the public. Threat assessment was updated through the information posted on social media. Security breaches led to the relay of sensitive data. At times, misinformation was only corrected after two days. Social media offer an accessible, widely available means for a bi-directional flow of information between the public and the authorities. In the crisis, all emergency responders used and leveraged social media networks for communicating both with the public and among themselves. A standard operating procedure should be developed to enable multiple responders to monitor, synchronize and integrate their social media feeds during emergencies. This will lead to better utilization and optimization of social media resources during crises, providing clear guidelines for communications and a hierarchy for dispersing information to the public and among responding organizations.

Exploring Windows Domain-Level Defenses Against Authentication Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nichols, Jeff A.; Curtis, Laura

2016-01-01

We investigated the security resilience of the current Windows Active Directory (AD) environments to Pass-the-Hash and Pass- the-Ticket credential theft attacks. While doing this, we discovered a way to trigger the removal of all previously issued authentication credentials for a client, thus preventing their use by attackers. After triggered, the user is forced to contact the domain administrators and to authenticate to the AD to continue. This could become the basis for a response that arrests the spread of a detected attack. Operating in a virtualized XenServer environment, we were able to carefully determine and recreate the conditions necessary tomore » cause this response.« less

Benefits of smart pumps for automated changeovers of vasoactive drug infusion pumps: a quasi-experimental study.

PubMed

Cour, M; Hernu, R; Bénet, T; Robert, J M; Regad, D; Chabert, B; Malatray, A; Conrozier, S; Serra, P; Lassaigne, M; Vanhems, P; Argaud, L

2013-11-01

Manual changeover of vasoactive drug infusion pumps (CVIP) frequently lead to haemodynamic instability. Some of the newest smart pumps allow automated CVIP. The aim of this study was to compare automated CVIP with manual 'Quick Change' relays. We performed a prospective, quasi-experimental study, in a university-affiliated intensive care unit (ICU). All adult patients receiving continuous i.v. infusion of vasoactive drugs were included. CVIP were successively performed manually (Phase 1) and automatically (Phase 2) during two 6-month periods. The primary endpoint was the frequency of haemodynamic incidents related to the relays, which were defined as variations of mean arterial pressure >15 mm Hg or heart rate >15 bpm. The secondary endpoints were the nursing time dedicated to relays and the number of interruptions in care because of CVIP. A multivariate mixed effects logistic regression was fitted for analytic analysis. We studied 1329 relays (Phase 1: 681, Phase 2: 648) from 133 patients (Phase 1: 63, Phase 2: 70). Incidents related to CVIP decreased from 137 (20%) in Phase 1 to 73 (11%) in Phase 2 (P<0.001). Automated relays were independently associated with a 49% risk reduction of CVIP-induced incidents (adjusted OR=0.51, 95% confidence interval 0.34-0.77, P=0.001). Time dedicated to the relays and the number of interruptions in care to manage CVIP were also significantly reduced with automated relays vs manual relays (P=0.001). These results demonstrate the benefits of automated CVIP using smart pumps in limiting the frequency of haemodynamic incidents related to relays and in reducing the nursing workload.

Section 7 reactor incident file general information from 1945

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

1969-01-10

At 0308 on January 10, 1966, both B and C Reactors ``scrammed`` due to an electrical fault on Line C2-L8 caused by a raccoon coming in contact with the 13-8 KV line on top of transformer No. 2 at 182-B Building. Line C2-L8 relayed out at the 151-B Building. Details of the occurrence at 151-B are covered in the attachment. C-Reactor scrammed due to reduced voltage on the pressure monitor system. The reduction in voltage caused the auxiliary relays of the pressure monitor ground detector to open, de-energizing the end result relays PSR and PSRA. The safety circuit trip identificationmore » system displayed ``Pressure Monitor`` and ``Ground Detector.`` B-Reactor scrammed by a power failure signal from 190-B Building. The power failure relays for pump numbers 1 and 3 opened due to these pumps contributing power to the fault. The power failure relays at 190-B remained open long enough for the end result relays PF and PFA to open. Since these relays are timed delayed, 0.26 seconds, the power failure relays must have remained open at least that long. At the 190-B Building the steam turbines started due to the power failure relays for pump numbers 1 and 3 opening. The main process pumps remained stable and continued to supply normal flow to the reactor. Pumps were tripped from the line at 182-B and 183-B Buildings. The surge suppressors cycled normally and the turbine export pumps started as a result of low export line pressure. No power equipment was affected in C Area.« less

The sequence relay selection strategy based on stochastic dynamic programming

NASA Astrophysics Data System (ADS)

Zhu, Rui; Chen, Xihao; Huang, Yangchao

2017-07-01

Relay-assisted (RA) network with relay node selection is a kind of effective method to improve the channel capacity and convergence performance. However, most of the existing researches about the relay selection did not consider the statically channel state information and the selection cost. This shortage limited the performance and application of RA network in practical scenarios. In order to overcome this drawback, a sequence relay selection strategy (SRSS) was proposed. And the performance upper bound of SRSS was also analyzed in this paper. Furthermore, in order to make SRSS more practical, a novel threshold determination algorithm based on the stochastic dynamic program (SDP) was given to work with SRSS. Numerical results are also presented to exhibit the performance of SRSS with SDP.

Modeling of Protection in Dynamic Simulation Using Generic Relay Models and Settings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Samaan, Nader A.; Dagle, Jeffery E.; Makarov, Yuri V.

This paper shows how generic protection relay models available in planning tools can be augmented with settings that are based on NERC standards or best engineering practice. Selected generic relay models in Siemens PSS®E have been used in dynamic simulations in the proposed approach. Undervoltage, overvoltage, underfrequency, and overfrequency relays have been modeled for each generating unit. Distance-relay protection was modeled for transmission system protection. Two types of load-shedding schemes were modeled: underfrequency (frequency-responsive non-firm load shedding) and underfrequency and undervoltage firm load shedding. Several case studies are given to show the impact of protection devices on dynamic simulations. Thismore » is useful for simulating cascading outages.« less

Modeling study of the ABS relay valve

NASA Astrophysics Data System (ADS)

Lei, Ming; Lin, Min; Guo, Bin; Luo, Zai; Xu, Weidong

2011-05-01

The ABS (anti-lock braking system) relay valve is the key component of anti-lock braking system in most commercial vehicles such as trucks, tractor-trailers, etc. In this paper, structure of ABS relay valve and its work theory were analyzed. Then a mathematical model of ABS relay valve, which was investigated by dividing into electronic part, magnetic part, pneumatic part and mechanical part, was set up. The displacement of spools and the response of pressure increasing, holding, releasing of ABS relay valve were simulated and analyzed under conditions of control pressure 500 KPa, braking pressure 600 KPa, atmospheric pressure 100 KPa and air temperature 310 K. Thisarticle provides reliable theory for improving the performance and efficiency of anti-lock braking system of vehicles.

Outage Analysis of Dual-hop Cognitive Networks with Relay Selection over Nakagami-m Fading Environment

NASA Astrophysics Data System (ADS)

Zhang, Zongsheng; Pi, Xurong

2014-09-01

In this paper, we investigate the outage performance of decode-and-forward cognitive relay networks for Nakagami-m fading channels, with considering both best relay selection and interference constraints. Focusing on the relay selection and making use of the underlay cognitive approach, an exact closed-form outage probability expression is derived in an independent, non-identical distributed Nakagami-m environment. The closed-form outage probability provides an efficient means to evaluate the effects of the maximum allowable interference power, number of cognitive relays, and channel conditions between the primary user and cognitive users. Finally, we present numerical results to validate the theory analysis. Moreover, from the simulation results, we obtain that the system can obtain the full diversity.

Signal relay during the life cycle of Dictyostelium.

PubMed

Mahadeo, Dana C; Parent, Carole A

2006-01-01

A fundamental property of multicellular organisms is signal relay, the process by which information is transmitted from one cell to another. The integration of external information, such as nutritional status or developmental cues, is critical to the function of organisms. In addition, the spatial organizations of multicellular organisms require intricate signal relay mechanisms. Signal relay is remarkably exhibited during the life cycle of the social amoebae Dictyostelium discoideum, a eukaryote that retains a simple way of life, yet it has greatly contributed to our knowledge of the mechanisms cells use to communicate and integrate information. This chapter focuses on the molecules and mechanisms that Dictyostelium employs during its life cycle to relay temporal and spatial cues that are required for survival.

Defending networks against denial-of-service attacks

NASA Astrophysics Data System (ADS)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Quantum hacking of two-way continuous-variable quantum key distribution using Trojan-horse attack

NASA Astrophysics Data System (ADS)

Ma, Hong-Xin; Bao, Wan-Su; Li, Hong-Wei; Chou, Chun

2016-08-01

We present a Trojan-horse attack on the practical two-way continuous-variable quantum key distribution system. Our attack mainly focuses on the imperfection of the practical system that the modulator has a redundancy of modulation pulse-width, which leaves a loophole for the eavesdropper inserting a Trojan-horse pulse. Utilizing the unique characteristics of two-way continuous-variable quantum key distribution that Alice only takes modulation operation on the received mode without any measurement, this attack allows the eavesdropper to render all of the final keys shared between the legitimate parties insecure without being detected. After analyzing the feasibility of the attack, the corresponding countermeasures are put forward. Project supported by the National Basic Research Program of China (Grant No. 2013CB338002) and the National Natural Science Foundation of China (Grant Nos. 11304397 and 61505261).

Impact Assessment of GNSS Spoofing Attacks on INS/GNSS Integrated Navigation System.

PubMed

Liu, Yang; Li, Sihai; Fu, Qiangwen; Liu, Zhenbo

2018-05-04

In the face of emerging Global Navigation Satellite System (GNSS) spoofing attacks, there is a need to give a comprehensive analysis on how the inertial navigation system (INS)/GNSS integrated navigation system responds to different kinds of spoofing attacks. A better understanding of the integrated navigation system’s behavior with spoofed GNSS measurements gives us valuable clues to develop effective spoofing defenses. This paper focuses on an impact assessment of GNSS spoofing attacks on the integrated navigation system Kalman filter’s error covariance, innovation sequence and inertial sensor bias estimation. A simple and straightforward measurement-level trajectory spoofing simulation framework is presented, serving as the basis for an impact assessment of both unsynchronized and synchronized spoofing attacks. Recommendations are given for spoofing detection and mitigation based on our findings in the impact assessment process.

47 CFR 11.20 - State Relay Network.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 47 Telecommunication 1 2011-10-01 2011-10-01 false State Relay Network. 11.20 Section 11.20... Network. This network is composed of State Relay (SR) sources, leased common carrier communications facilities or any other available communication facilities. The network distributes State EAS messages...

47 CFR 11.20 - State Relay Network.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 1 2010-10-01 2010-10-01 false State Relay Network. 11.20 Section 11.20... Network. This network is composed of State Relay (SR) sources, leased common carrier communications facilities or any other available communication facilities. The network distributes State EAS messages...

That Article: Frame Relay.

ERIC Educational Resources Information Center

Schuyler, Michael

1994-01-01

Compares Frame Relay with digital and analog alternatives for connecting sites on a Wide Area Network. Cost considerations, the concepts on which the technology is based, its carrying capacity, the use of CD-ROM and Graphical User Interface (GUI) on Frame Relay, and engineering bandwidth limitations are covered. (KRN)

76 FR 67118 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-31

... Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Proposed... Commission's Structure and Practices of the Video Relay Service Program, Further Notice of Proposed..., and video using wired telecommunications networks. Transmission facilities may be based on a single...

Proximity Link Design and Performance Options for a Mars Areostationary Relay Satellite

NASA Technical Reports Server (NTRS)

Edwards, Charles D.; Bell, David J.; Biswas, Abhijit; Cheung, Kar-Ming; Lock, Robert E.

2016-01-01

Current and near-term Mars relay telecommunications services are provided by a set of NASA and ESA Mars science orbiters equipped with UHF relay communication payloads employing operationally simple low-gain antennas. These have been extremely successful in supporting a series of landed Mars mission, greatly increasing data return relative to direct-to-Earth lander links. Yet their relay services are fundamentally constrained by the short contact times available from the selected science orbits. Future Mars areostationary orbiters, flying in circular, equatorial, 1- sol orbits, offer the potential for continuous coverage of Mars landers and rovers, radically changing the relay support paradigm. Achieving high rates on the longer slant ranges to areostationary altitude will require steered, high-gain links. Both RF and optical options exist for achieving data rates in excess of 100 Mb/s. Several point designs offer a measure of potential user burden, in terms of mass, volume, power, and pointing requirements for user relay payloads, as a function of desired proximity link performance.

Modeling Zone-3 Protection with Generic Relay Models for Dynamic Contingency Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Huang, Qiuhua; Vyakaranam, Bharat GNVSR; Diao, Ruisheng

This paper presents a cohesive approach for calculating and coordinating the settings of multiple zone-3 protections for dynamic contingency analysis. The zone-3 protections are represented by generic distance relay models. A two-step approach for determining zone-3 relay settings is proposed. The first step is to calculate settings, particularly, the reach, of each zone-3 relay individually by iteratively running line open-end fault short circuit analysis; the blinder is also employed and properly set to meet the industry standard under extreme loading conditions. The second step is to systematically coordinate the protection settings of the zone-3 relays. The main objective of thismore » coordination step is to address the over-reaching issues. We have developed a tool to automate the proposed approach and generate the settings of all distance relays in a PSS/E dyr format file. The calculated zone-3 settings have been tested on a modified IEEE 300 system using a dynamic contingency analysis tool (DCAT).« less

Performance of an optical relay satellite using Reed-Solomon coding over a cascaded optical PPM and BPSK channel

NASA Technical Reports Server (NTRS)

Divsalar, D.; Naderi, F.

1982-01-01

The nature of the optical/microwave interface aboard the relay satellite is considered. To allow for the maximum system flexibility, without overburdening either the optical or RF channel, demodulating the optical on board the relay satellite but leaving the optical channel decoding to be performed at the ground station is examined. The occurrence of erasures in the optical channel is treated. A hard decision on the erasure (i.e., the relay selecting a symbol at random in case of erasure occurrence) seriously degrades the performance of the overall system. Coding the erasure occurrences at the relay and transmitting this information via an extra bit to the ground station where it can be used by the decoder is suggested. Many examples with varying bit/photon energy efficiency and for the noisy and noiseless optical channel are considered. It is shown that coding the erasure occurrences dramatically improves the performance of the cascaded channel relative to the case of hard decision on the erasure by the relay.

WeaselBoard :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mulder, John C.; Schwartz, Moses Daniel; Berg, Michael J.

2013-10-01

Critical infrastructures, such as electrical power plants and oil refineries, rely on programmable logic controllers (PLCs) to control essential processes. State of the art security cannot detect attacks on PLCs at the hardware or firmware level. This renders critical infrastructure control systems vulnerable to costly and dangerous attacks. WeaselBoard is a PLC backplane analysis system that connects directly to the PLC backplane to capture backplane communications between modules. WeaselBoard forwards inter-module traffic to an external analysis system that detects changes to process control settings, sensor values, module configuration information, firmware updates, and process control program (logic) updates. WeaselBoard provides zero-daymore » exploit detection for PLCs by detecting changes in the PLC and the process. This approach to PLC monitoring is protected under U.S. Patent Application 13/947,887.« less

Comparison between genetic algorithm and self organizing map to detect botnet network traffic

NASA Astrophysics Data System (ADS)

Yugandhara Prabhakar, Shinde; Parganiha, Pratishtha; Madhu Viswanatham, V.; Nirmala, M.

2017-11-01

In Cyber Security world the botnet attacks are increasing. To detect botnet is a challenging task. Botnet is a group of computers connected in a coordinated fashion to do malicious activities. Many techniques have been developed and used to detect and prevent botnet traffic and the attacks. In this paper, a comparative study is done on Genetic Algorithm (GA) and Self Organizing Map (SOM) to detect the botnet network traffic. Both are soft computing techniques and used in this paper as data analytics system. GA is based on natural evolution process and SOM is an Artificial Neural Network type, uses unsupervised learning techniques. SOM uses neurons and classifies the data according to the neurons. Sample of KDD99 dataset is used as input to GA and SOM.

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

Situational awareness of a coordinated cyber attack

NASA Astrophysics Data System (ADS)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Non-Native Ambrosia Beetles as Opportunistic Exploiters of Living but Weakened Trees

PubMed Central

Ranger, Christopher M.; Schultz, Peter B.; Frank, Steven D.; Chong, Juang H.; Reding, Michael E.

2015-01-01

Exotic Xylosandrus spp. ambrosia beetles established in non-native habitats have been associated with sudden and extensive attacks on a diverse range of living trees, but factors driving their shift from dying/dead hosts to living and healthy ones are not well understood. We sought to characterize the role of host physiological condition on preference and colonization by two invaders, Xylosandrus germanus and Xylosandrus crassiusculus. When given free-choice under field conditions among flooded and non-flooded deciduous tree species of varying intolerance to flooding, beetles attacked flood-intolerant tree species over more tolerant species within 3 days of initiating flood stress. In particular, flood-intolerant flowering dogwood (Cornus florida) sustained more attacks than flood-tolerant species, including silver maple (Acer saccharinum) and swamp white oak (Quercus bicolor). Ethanol, a key host-derived attractant, was detected at higher concentrations 3 days after initiating flooding within stems of flood intolerant species compared to tolerant and non-flooded species. A positive correlation was also detected between ethanol concentrations in stem tissue and cumulative ambrosia beetle attacks. When adult X. germanus and X. crassiusculus were confined with no-choice to stems of flood-stressed and non-flooded C. florida, more ejected sawdust resulting from tunneling activity was associated with the flood-stressed trees. Furthermore, living foundresses, eggs, larvae, and pupae were only detected within galleries created in stems of flood-stressed trees. Despite a capability to attack diverse tree genera, X. germanus and X. crassiusculus efficiently distinguished among varying host qualities and preferentially targeted trees based on their intolerance of flood stress. Non-flooded trees were not preferred or successfully colonized. This study demonstrates the host-selection strategy exhibited by X. germanus and X. crassiusculus in non-native habitats involves detection of stress-induced ethanol emission and early colonization of living but weakened trees. PMID:26134522

Non-Native Ambrosia Beetles as Opportunistic Exploiters of Living but Weakened Trees.

PubMed

Ranger, Christopher M; Schultz, Peter B; Frank, Steven D; Chong, Juang H; Reding, Michael E

2015-01-01

Exotic Xylosandrus spp. ambrosia beetles established in non-native habitats have been associated with sudden and extensive attacks on a diverse range of living trees, but factors driving their shift from dying/dead hosts to living and healthy ones are not well understood. We sought to characterize the role of host physiological condition on preference and colonization by two invaders, Xylosandrus germanus and Xylosandrus crassiusculus. When given free-choice under field conditions among flooded and non-flooded deciduous tree species of varying intolerance to flooding, beetles attacked flood-intolerant tree species over more tolerant species within 3 days of initiating flood stress. In particular, flood-intolerant flowering dogwood (Cornus florida) sustained more attacks than flood-tolerant species, including silver maple (Acer saccharinum) and swamp white oak (Quercus bicolor). Ethanol, a key host-derived attractant, was detected at higher concentrations 3 days after initiating flooding within stems of flood intolerant species compared to tolerant and non-flooded species. A positive correlation was also detected between ethanol concentrations in stem tissue and cumulative ambrosia beetle attacks. When adult X. germanus and X. crassiusculus were confined with no-choice to stems of flood-stressed and non-flooded C. florida, more ejected sawdust resulting from tunneling activity was associated with the flood-stressed trees. Furthermore, living foundresses, eggs, larvae, and pupae were only detected within galleries created in stems of flood-stressed trees. Despite a capability to attack diverse tree genera, X. germanus and X. crassiusculus efficiently distinguished among varying host qualities and preferentially targeted trees based on their intolerance of flood stress. Non-flooded trees were not preferred or successfully colonized. This study demonstrates the host-selection strategy exhibited by X. germanus and X. crassiusculus in non-native habitats involves detection of stress-induced ethanol emission and early colonization of living but weakened trees.

Wireless Relay Selection in Pocket Switched Networks Based on Spatial Regularity of Human Mobility †

PubMed Central

Huang, Jianhui; Cheng, Xiuzhen; Bi, Jingping; Chen, Biao

2016-01-01

Pocket switched networks (PSNs) take advantage of human mobility to deliver data. Investigations on real-world trace data indicate that human mobility shows an obvious spatial regularity: a human being usually visits a few places at high frequencies. These most frequently visited places form the home of a node, which is exploited in this paper to design two HomE based Relay selectiOn (HERO) algorithms. Both algorithms input single data copy into the network at any time. In the basic HERO, only the first node encountered by the source and whose home overlaps a destination’s home is selected as a relay while the enhanced HERO keeps finding more optimal relay that visits the destination’s home with higher probability. The two proposed algorithms only require the relays to exchange the information of their home and/or the visiting frequencies to their home when two nodes meet. As a result, the information update is reduced and there is no global status information that needs to be maintained. This causes light loads on relays because of the low communication cost and storage requirements. Additionally, only simple operations are needed in the two proposed algorithms, resulting in little computation overhead at relays. At last, a theoretical analysis is performed on some key metrics and then the real-world based simulations indicate that the two HERO algorithms are efficient and effective through employing only one or a few relays. PMID:26797609

Interactions between relay helix and Src homology 1 domain helix (SH1) drive the converter domain rotation during the recovery stroke of myosin II

PubMed Central

Baumketner, Andrij

2012-01-01

Myosin motor protein exists in two alternative conformations, pre-recovery state M* and post-recovery state M**, upon ATP binding. The details of the M*-to-M** transition, known as the recovery stroke to reflect its role as the functional opposite of the force-generating power stroke, remain elusive. The defining feature of the post-recovery state is a kink in the relay helix, a key part of the protein involved in force generation. In this paper we determine the interactions that are responsible for the appearance of the kink. We design a series of computational models that contain three other segments, relay loop, converter domain and Src homology 1 domain helix (SH1), with which relay helix interacts, and determine their structure in accurate replica exchange molecular dynamics simulations in explicit solvent. By conducting an exhaustive combinatorial search among different models we find that: 1) the converter domain must be attached to the relay helix during the transition, so it does not interfere with other parts of the protein, 2) the structure of the relay helix is controlled by SH1 helix. The kink is strongly coupled to the position of SH1 helix. It arises as a result of direct interactions between SH1 and the relay helix and leads to a rotation of the C-terminal part of the relay helix which is subsequently transmitted to the converter domain. PMID:22411190

Relay Support for the Mars Science Laboratory Mission

NASA Technical Reports Server (NTRS)

Edwards, Charles D. Jr,; Bell, David J.; Gladden, Roy E.; Ilott, Peter A.; Jedrey, Thomas C.; Johnston, M. Daniel; Maxwell, Jennifer L.; Mendoza, Ricardo; McSmith, Gaylon W.; Potts, Christopher L.;

The Relay/Converter Interface Influences Hydrolysis of ATP by Skeletal Muscle Myosin II.

PubMed

Bloemink, Marieke J; Melkani, Girish C; Bernstein, Sanford I; Geeves, Michael A

2016-01-22

The interface between relay and converter domain of muscle myosin is critical for optimal myosin performance. Using Drosophila melanogaster indirect flight muscle S1, we performed a kinetic analysis of the effect of mutations in the converter and relay domain. Introduction of a mutation (R759E) in the converter domain inhibits the steady-state ATPase of myosin S1, whereas an additional mutation in the relay domain (N509K) is able to restore the ATPase toward wild-type values. The R759E S1 construct showed little effect on most steps of the actomyosin ATPase cycle. The exception was a 25-30% reduction in the rate constant of the hydrolysis step, the step coupled to the cross-bridge recovery stroke that involves a change in conformation at the relay/converter domain interface. Significantly, the double mutant restored the hydrolysis step to values similar to the wild-type myosin. Modeling the relay/converter interface suggests a possible interaction between converter residue 759 and relay residue 509 in the actin-detached conformation, which is lost in R759E but is restored in N509K/R759E. This detailed kinetic analysis of Drosophila myosin carrying the R759E mutation shows that the interface between the relay loop and converter domain is important for fine-tuning myosin kinetics, in particular ATP binding and hydrolysis. © 2016 by The American Society for Biochemistry and Molecular Biology, Inc.

47 CFR 64.6040 - Rates for Telecommunications Relay Service (TRS) calling.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 47 Telecommunication 3 2014-10-01 2014-10-01 false Rates for Telecommunications Relay Service (TRS) calling. 64.6040 Section 64.6040 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON....6040 Rates for Telecommunications Relay Service (TRS) calling. No Provider shall levy or collect any...

76 FR 59557 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-27

...] Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION... Structure and Practices of the Video Relay Service Program, Second Report and Order and Order in CG Docket... replies. In light of impending deadlines for initial and [[Page 59558

47 CFR Alphabetical Index - Part 74

Code of Federal Regulations, 2011 CFR

2011-10-01

..., Directional (Aural STL/Relays) 74.536 Antenna location— LPTV/TV Translator 74.737 FM Translators/Boosters 74... Automatic relay stations (Remote pickup) 74.436 Avoidance of interference (TV Auxiliaries) 74.604 BP='02... (Aural STL/Relays) 74.536 E Emergency information Broadcasting (All Services) 74.21 Emission authorized...

Spatial, Temporal and Spatio-Temporal Patterns of Maritime Piracy.

PubMed

Marchione, Elio; Johnson, Shane D

2013-11-01

To examine patterns in the timing and location of incidents of maritime piracy to see whether, like many urban crimes, attacks cluster in space and time. Data for all incidents of maritime piracy worldwide recorded by the National Geospatial Intelligence Agency are analyzed using time-series models and methods originally developed to detect disease contagion. At the macro level, analyses suggest that incidents of pirate attacks are concentrated in five subregions of the earth's oceans and that the time series for these different subregions differ. At the micro level, analyses suggest that for the last 16 years (or more), pirate attacks appear to cluster in space and time suggesting that patterns are not static but are also not random. Much like other types of crime, pirate attacks cluster in space, and following an attack at one location the risk of others at the same location or nearby is temporarily elevated. The identification of such regularities has implications for the understanding of maritime piracy and for predicting the future locations of attacks.

49 CFR 236.737 - Cut-section, relayed.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Cut-section, relayed. 236.737 Section 236.737..., MAINTENANCE, AND REPAIR OF SIGNAL AND TRAIN CONTROL SYSTEMS, DEVICES, AND APPLIANCES Definitions § 236.737 Cut-section, relayed. A cut-section where the energy for one track circuit is supplied through front contacts...

78 FR 54201 - Misuse of Internet Protocol (IP) Captioned Telephone Service; Telecommunications Relay Services...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-03

...] Misuse of Internet Protocol (IP) Captioned Telephone Service; Telecommunications Relay Services and... further possible actions necessary to improve internet protocol captioned telephone relay service (IP CTS... for calculating the compensation rate paid to IP CTS providers. This action is necessary to ensure...

77 FR 16486 - Airworthiness Directives; Fokker Services B.V. Airplanes

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-21

... values of nuts on circuit breakers, contactors and terminal blocks of the EPC and battery relay panel... battery relay panel]. The required actions include doing a general visual inspection to determine if... and circuit breakers, contactors, and terminal blocks of the EPC and battery relay panel, as...

49 CFR 236.737 - Cut-section, relayed.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Cut-section, relayed. 236.737 Section 236.737..., MAINTENANCE, AND REPAIR OF SIGNAL AND TRAIN CONTROL SYSTEMS, DEVICES, AND APPLIANCES Definitions § 236.737 Cut-section, relayed. A cut-section where the energy for one track circuit is supplied through front contacts...

47 CFR 90.243 - Mobile relay stations.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Service. (b) Special provisions for mobile relay operations: (1) In the Public Safety Pool, systems... authorized to operate on any frequency available for assignment to base stations. (5) A mobile station associated with mobile relay station(s) may not be authorized to operate on a frequency below 25 MHz. (c...

Potential Means of Cost Reduction in Grade Crossing Motorist-Warning Control Equipment : Volume 2. Comparison of Solid State and Relay Devices and Techniques

DOT National Transportation Integrated Search

1977-12-01

Consideration is given to the properties of solid-state circuits, miniature relays and large gravity-operated relays when applied to control systems for grade crossings equipped with train-activated motorist warnings. Factors discussed include origin...

76 FR 67070 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-31

... Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Final rule.... SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Structure and Practices of the Video Relay... supervision should be deemed to be employees of the provider, in satisfaction of the requirement that video...

75 FR 39945 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-13

... FEDERAL COMMUNICATIONS COMMISSION [CG Docket No. 10-51; FCC 10-88] Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Notice. SUMMARY: In this... Practices of the Video Relay Service Program, Declaratory Ruling, document FCC 10-88, adopted May 24, 2010...

75 FR 39859 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-13

... FEDERAL COMMUNICATIONS COMMISSION 47 CFR Part 64 [CG Docket No. 10-51; FCC 10-88] Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Interim rule... a summary of the Commission's Structure and Practices of the Video Relay Service Program, Order...

76 FR 47476 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-05

... FEDERAL COMMUNICATIONS COMMISSION 47 CFR Part 64 [CG Docket No. 10-51; FCC 11-118] Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Interim rule... summary of the Commission's Structure and Practices of the Video Relay Service Program, Order (Order...

77 FR 60630 - Structure and Practices of the Video Relay Service Program

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-04

... FEDERAL COMMUNICATIONS COMMISSION 47 CFR Part 64 [CG Docket No. 10-51; FCC 11-54] Structure and Practices of the Video Relay Service Program AGENCY: Federal Communications Commission. ACTION: Correcting... address fraud, waste, and abuse in the Video Relay Service (VRS) industry. DATES: Effective October 4...

77 FR 11997 - Consumer and Governmental Affairs Bureau Seeks To Refresh the Record Regarding Misuse of Internet...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-28

... legitimate relay calls, however, are not entitled to these transparency and confidentiality protections... Relay Service AGENCY: Federal Communications Commission. ACTION: Proposed rule. SUMMARY: In this... refresh the record regarding misuse of Internet Protocol relay service. Further comments are requested to...

77 FR 20505 - Airworthiness Directives; The Boeing Company Airplanes

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-05

... Company Model 757 airplanes. This AD requires replacing the power control relays for the fuel boost pumps and override pumps with new relays having a ground fault interrupter (GFI) feature. This AD also requires an electrical bonding resistance measurement for certain GFI relays to verify that certain bonding...