CENTERA: A Centralized Trust-Based Efficient Routing Protocol with Authentication for Wireless Sensor Networks †

PubMed Central

Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

2015-01-01

In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of “bad” nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics—maliciousness, cooperation, and compatibility—and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates “bad”, “misbehaving” or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated “bad” behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to “good” nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations. PMID:25648712

CENTERA: a centralized trust-based efficient routing protocol with authentication for wireless sensor networks.

PubMed

Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

2015-02-02

In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of "bad" nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics-maliciousness, cooperation, and compatibility-and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates "bad", "misbehaving" or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated "bad" behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to "good" nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations.

T2AR: trust-aware ad-hoc routing protocol for MANET.

PubMed

Dhananjayan, Gayathri; Subbiah, Janakiraman

2016-01-01

Secure data transfer against the malicious attacks is an important issue in an infrastructure-less independent network called mobile ad-hoc network (MANET). Trust assurance between MANET nodes is the key parameter in the high-security provision under dynamic topology variations and open wireless constraints. But, the malicious behavior of nodes reduces the trust level of the nodes that leads to an insecure data delivery. The increase in malicious attacks causes the excessive energy consumption that leads to a reduction of network lifetime. The lack of positional information update of the nodes in ad-hoc on-demand vector (AODV) protocol during the connection establishment offers less trust level between the nodes. Hence, the trust rate computation using energy and mobility models and its update are the essential tasks for secure data delivery. This paper proposes a trust-aware ad-hoc routing (T2AR) protocol to improve the trust level between the nodes in MANET. The proposed method modifies the traditional AODV routing protocol with the constraints of trust rate, energy, mobility based malicious behavior prediction. The packet sequence ID matching from the log reports of neighbor nodes determine the trust rate that avoids the malicious report generation. Besides, the direct and indirect trust observation schemes utilization increases the trust level. Besides, the received signal strength indicator utilization determines the trusted node is within the communication range or not. The comparative analysis between the proposed T2AR with the existing methods such as TRUNCMAN, RBT, GR, FBR and DICOTIDS regarding the average end-to-end delay, throughput, false positives, packet delivery ratio shows the effectiveness of T2AR in the secure MANET environment design.

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks

PubMed Central

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A.; Zulkarnain, Zuriati A.

2016-01-01

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol’s semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery. PMID:27338411

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

PubMed

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

2016-06-22

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

Integrated Social and Quality of Service Trust Management of Mobile Groups in Ad Hoc Networks

DTIC Science & Technology

2013-01-01

high resiliency to malicious attacks and misbehaving nodes. Keywords—trust management; mobile ad hoc networks; QoS trust; social trust; trust...paper we address an importance issue of trust management protocol design for MANETs: trust bias minimization despite misbehaving nodes performing

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey.

PubMed

Abdalzaher, Mohamed S; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-06-29

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs.

76 FR 22925 - Assumption Buster Workshop: Abnormal Behavior Detection Finds Malicious Actors

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-25

... Technology Research and Development (NITRD) Program, National Science Foundation. ACTION: Call for... NATIONAL SCIENCE FOUNDATION Assumption Buster Workshop: Abnormal Behavior Detection Finds...: The NCO, on behalf of the Special Cyber Operations Research and Engineering (SCORE) Committee, an...

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey

PubMed Central

Abdalzaher, Mohamed S.; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-01-01

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs. PMID:27367700

Modeling Security Aspects of Network

NASA Astrophysics Data System (ADS)

Schoch, Elmar

With more and more widespread usage of computer systems and networks, dependability becomes a paramount requirement. Dependability typically denotes tolerance or protection against all kinds of failures, errors and faults. Sources of failures can basically be accidental, e.g., in case of hardware errors or software bugs, or intentional due to some kind of malicious behavior. These intentional, malicious actions are subject of security. A more complete overview on the relations between dependability and security can be found in [31]. In parallel to the increased use of technology, misuse also has grown significantly, requiring measures to deal with it.

Web malware spread modelling and optimal control strategies

NASA Astrophysics Data System (ADS)

Liu, Wanping; Zhong, Shouming

2017-02-01

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice.

Web malware spread modelling and optimal control strategies.

PubMed

Liu, Wanping; Zhong, Shouming

2017-02-10

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice.

Web malware spread modelling and optimal control strategies

PubMed Central

Liu, Wanping; Zhong, Shouming

2017-01-01

The popularity of the Web improves the growth of web threats. Formulating mathematical models for accurate prediction of malicious propagation over networks is of great importance. The aim of this paper is to understand the propagation mechanisms of web malware and the impact of human intervention on the spread of malicious hyperlinks. Considering the characteristics of web malware, a new differential epidemic model which extends the traditional SIR model by adding another delitescent compartment is proposed to address the spreading behavior of malicious links over networks. The spreading threshold of the model system is calculated, and the dynamics of the model is theoretically analyzed. Moreover, the optimal control theory is employed to study malware immunization strategies, aiming to keep the total economic loss of security investment and infection loss as low as possible. The existence and uniqueness of the results concerning the optimality system are confirmed. Finally, numerical simulations show that the spread of malware links can be controlled effectively with proper control strategy of specific parameter choice. PMID:28186203

Using Hybrid Algorithm to Improve Intrusion Detection in Multi Layer Feed Forward Neural Networks

ERIC Educational Resources Information Center

Ray, Loye Lynn

2014-01-01

The need for detecting malicious behavior on a computer networks continued to be important to maintaining a safe and secure environment. The purpose of this study was to determine the relationship of multilayer feed forward neural network architecture to the ability of detecting abnormal behavior in networks. This involved building, training, and…

A robust cooperative spectrum sensing scheme based on Dempster-Shafer theory and trustworthiness degree calculation in cognitive radio networks

NASA Astrophysics Data System (ADS)

Wang, Jinlong; Feng, Shuo; Wu, Qihui; Zheng, Xueqiang; Xu, Yuhua; Ding, Guoru

2014-12-01

Cognitive radio (CR) is a promising technology that brings about remarkable improvement in spectrum utilization. To tackle the hidden terminal problem, cooperative spectrum sensing (CSS) which benefits from the spatial diversity has been studied extensively. Since CSS is vulnerable to the attacks initiated by malicious secondary users (SUs), several secure CSS schemes based on Dempster-Shafer theory have been proposed. However, the existing works only utilize the current difference of SUs, such as the difference in SNR or similarity degree, to evaluate the trustworthiness of each SU. As the current difference is only one-sided and sometimes inaccurate, the statistical information contained in each SU's historical behavior should not be overlooked. In this article, we propose a robust CSS scheme based on Dempster-Shafer theory and trustworthiness degree calculation. It is carried out in four successive steps, which are basic probability assignment (BPA), trustworthiness degree calculation, selection and adjustment of BPA, and combination by Dempster-Shafer rule, respectively. Our proposed scheme evaluates the trustworthiness degree of SUs from both current difference aspect and historical behavior aspect and exploits Dempster-Shafer theory's potential to establish a `soft update' approach for the reputation value maintenance. It can not only differentiate malicious SUs from honest ones based on their historical behaviors but also reserve the current difference for each SU to achieve a better real-time performance. Abundant simulation results have validated that the proposed scheme outperforms the existing ones under the impact of different attack patterns and different number of malicious SUs.

Detecting and classifying method based on similarity matching of Android malware behavior with profile.

PubMed

Jang, Jae-Wook; Yun, Jaesung; Mohaisen, Aziz; Woo, Jiyoung; Kim, Huy Kang

2016-01-01

Mass-market mobile security threats have increased recently due to the growth of mobile technologies and the popularity of mobile devices. Accordingly, techniques have been introduced for identifying, classifying, and defending against mobile threats utilizing static, dynamic, on-device, and off-device techniques. Static techniques are easy to evade, while dynamic techniques are expensive. On-device techniques are evasion, while off-device techniques need being always online. To address some of those shortcomings, we introduce Andro-profiler, a hybrid behavior based analysis and classification system for mobile malware. Andro-profiler main goals are efficiency, scalability, and accuracy. For that, Andro-profiler classifies malware by exploiting the behavior profiling extracted from the integrated system logs including system calls. Andro-profiler executes a malicious application on an emulator in order to generate the integrated system logs, and creates human-readable behavior profiles by analyzing the integrated system logs. By comparing the behavior profile of malicious application with representative behavior profile for each malware family using a weighted similarity matching technique, Andro-profiler detects and classifies it into malware families. The experiment results demonstrate that Andro-profiler is scalable, performs well in detecting and classifying malware with accuracy greater than 98 %, outperforms the existing state-of-the-art work, and is capable of identifying 0-day mobile malware samples.

DROP: Detecting Return-Oriented Programming Malicious Code

NASA Astrophysics Data System (ADS)

Chen, Ping; Xiao, Hai; Shen, Xiaobin; Yin, Xinchun; Mao, Bing; Xie, Li

Return-Oriented Programming (ROP) is a new technique that helps the attacker construct malicious code mounted on x86/SPARC executables without any function call at all. Such technique makes the ROP malicious code contain no instruction, which is different from existing attacks. Moreover, it hides the malicious code in benign code. Thus, it circumvents the approaches that prevent control flow diversion outside legitimate regions (such as W ⊕ X ) and most malicious code scanning techniques (such as anti-virus scanners). However, ROP has its own intrinsic feature which is different from normal program design: (1) uses short instruction sequence ending in "ret", which is called gadget, and (2) executes the gadgets contiguously in specific memory space, such as standard GNU libc. Based on the features of the ROP malicious code, in this paper, we present a tool DROP, which is focused on dynamically detecting ROP malicious code. Preliminary experimental results show that DROP can efficiently detect ROP malicious code, and have no false positives and negatives.

Cooperation stimulation strategies for peer-to-peer wireless live video-sharing social networks.

PubMed

Lin, W Sabrina; Zhao, H Vicky; Liu, K J Ray

2010-07-01

Human behavior analysis in video sharing social networks is an emerging research area, which analyzes the behavior of users who share multimedia content and investigates the impact of human dynamics on video sharing systems. Users watching live streaming in the same wireless network share the same limited bandwidth of backbone connection to the Internet, thus, they might want to cooperate with each other to obtain better video quality. These users form a wireless live-streaming social network. Every user wishes to watch video with high quality while paying as little as possible cost to help others. This paper focuses on providing incentives for user cooperation. We propose a game-theoretic framework to model user behavior and to analyze the optimal strategies for user cooperation simulation in wireless live streaming. We first analyze the Pareto optimality and the time-sensitive bargaining equilibrium of the two-person game. We then extend the solution to the multiuser scenario. We also consider potential selfish users' cheating behavior and malicious users' attacking behavior and analyze the performance of the proposed strategies with the existence of cheating users and malicious attackers. Both our analytical and simulation results show that the proposed strategies can effectively stimulate user cooperation, achieve cheat free and attack resistance, and help provide reliable services for wireless live streaming applications.

The Physical Layer Security Experiments of Cooperative Communication System with Different Relay Behaviors.

PubMed

Su, Yishan; Han, Guangyao; Fu, Xiaomei; Xu, Naishen; Jin, Zhigang

2017-04-06

Physical layer security is an attractive security mechanism, which exploits the randomness characteristics of wireless transmission channel to achieve security. However, it is hampered by the limitation of the channel condition that the main channel must be better than the eavesdropper channel. To alleviate the limitation, cooperative communication is introduced. Few studies have investigated the physical layer security of the relay transmission model. In this paper, we performed some experiments to evaluate the physical layer security of a cooperative communication system, with a relay operating in decode-and-forward (DF) cooperative mode, selfish and malicious behavior in real non-ideal transmission environment. Security performance is evaluated in terms of the probability of non-zero secrecy capacity. Experiments showed some different results compared to theoretical simulation: (1) to achieve the maximum secrecy capacity, the optimal relay power according to the experiments result is larger than that of ideal theoretical results under both cooperative and selfish behavior relay; (2) the relay in malicious behavior who forwards noise to deteriorate the main channel may deteriorate the eavesdropper channel more seriously than the main channel; (3) the optimal relay positions under cooperative and selfish behavior relay cases are both located near the destination because of non-ideal transmission.

Security-Enhanced Push Button Configuration for Home Smart Control.

PubMed

Han, Junghee; Park, Taejoon

2017-06-08

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment.

Security-Enhanced Push Button Configuration for Home Smart Control †

PubMed Central

Han, Junghee; Park, Taejoon

2017-01-01

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment. PMID:28594370

Awareness of Malicious Social Engineering among Facebook Users

ERIC Educational Resources Information Center

Slonka, Kevin J.

2014-01-01

With the rapid growth of Facebook, the social networking website is becoming a lucrative target for malicious activity. Users of Facebook therefore should be aware of various malicious attacks and know how to identify them. This research analyzed Facebook users' level of understanding in the domain of malicious social engineering on Facebook. The…

A Learning System for Discriminating Variants of Malicious Network Traffic

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Symons, Christopher T; Gillen, Rob

Modern computer network defense systems rely primarily on signature-based intrusion detection tools, which generate alerts when patterns that are pre-determined to be malicious are encountered in network data streams. Signatures are created reactively, and only after in-depth manual analysis of a network intrusion. There is little ability for signature-based detectors to identify intrusions that are new or even variants of an existing attack, and little ability to adapt the detectors to the patterns unique to a network environment. Due to these limitations, the need exists for network intrusion detection techniques that can more comprehensively address both known unknown networkbased attacksmore » and can be optimized for the target environment. This work describes a system that leverages machine learning to provide a network intrusion detection capability that analyzes behaviors in channels of communication between individual computers. Using examples of malicious and non-malicious traffic in the target environment, the system can be trained to discriminate between traffic types. The machine learning provides insight that would be difficult for a human to explicitly code as a signature because it evaluates many interdependent metrics simultaneously. With this approach, zero day detection is possible by focusing on similarity to known traffic types rather than mining for specific bit patterns or conditions. This also reduces the burden on organizations to account for all possible attack variant combinations through signatures. The approach is presented along with results from a third-party evaluation of its performance.« less

The Relationship between Personality and Computer Deviance

ERIC Educational Resources Information Center

Burns, Cardra E.

2013-01-01

Computer deviance by employees, defined as malicious and nonmalicious computer use behaviors, has contributed to billions of dollars of monetary and productivity losses for public and private sector organizations. The purpose of this correlational study was to examine the relationship between personality characteristics and employees' computer…

Evil acts and malicious gossip: a multiagent model of the effects of gossip in socially distributed person perception.

PubMed

Smith, Eliot R

2014-11-01

Although person perception is central to virtually all human social behavior, it is ordinarily studied in isolated individual perceivers. Conceptualizing it as a socially distributed process opens up a variety of novel issues, which have been addressed in scattered literatures mostly outside of social psychology. This article examines some of these issues using a series of multiagent models. Perceivers can use gossip (information from others about social targets) to improve their ability to detect targets who perform rare negative behaviors. The model suggests that they can simultaneously protect themselves against being influenced by malicious gossip intended to defame specific targets. They can balance these potentially conflicting goals by using specific strategies including disregarding gossip that differs from a personally obtained impression. Multiagent modeling demonstrates the outcomes produced by different combinations of assumptions about gossip, and suggests directions for further research and theoretical development. © 2014 by the Society for Personality and Social Psychology, Inc.

Encryption and the loss of patient data.

PubMed

Miller, Amalia R; Tucker, Catherine E

2011-01-01

Fast-paced IT advances have made it increasingly possible and useful for firms to collect data on their customers on an unprecedented scale. One downside of this is that firms can experience negative publicity and financial damage if their data are breached. This is particularly the case in the medical sector, where we find empirical evidence that increased digitization of patient data is associated with more data breaches. The encryption of customer data is often presented as a potential solution, because encryption acts as a disincentive for potential malicious hackers, and can minimize the risk of breached data being put to malicious use. However, encryption both requires careful data management policies to be successful and does not ward off the insider threat. Indeed, we find no empirical evidence of a decrease in publicized instances of data loss associated with the use of encryption. Instead, there are actually increases in the cases of publicized data loss due to internal fraud or loss of computer equipment.

Analysis of Malicious Traffic in Modbus/TCP Communications

NASA Astrophysics Data System (ADS)

Kobayashi, Tiago H.; Batista, Aguinaldo B.; Medeiros, João Paulo S.; Filho, José Macedo F.; Brito, Agostinho M.; Pires, Paulo S. Motta

This paper presents the results of our analysis about the influence of Information Technology (IT) malicious traffic on an IP-based automation environment. We utilized a traffic generator, called MACE (Malicious trAffic Composition Environment), to inject malicious traffic in a Modbus/TCP communication system and a sniffer to capture and analyze network traffic. The realized tests show that malicious traffic represents a serious risk to critical information infrastructures. We show that this kind of traffic can increase latency of Modbus/TCP communication and that, in some cases, can put Modbus/TCP devices out of communication.

In the Opponent's Shoes: Increasing the Behavioral Validity of Attackers' Judgments in Counterterrorism Models.

PubMed

Sri Bhashyam, Sumitra; Montibeller, Gilberto

2016-04-01

A key objective for policymakers and analysts dealing with terrorist threats is trying to predict the actions that malicious agents may take. A recent trend in counterterrorism risk analysis is to model the terrorists' judgments, as these will guide their choices of such actions. The standard assumptions in most of these models are that terrorists are fully rational, following all the normative desiderata required for rational choices, such as having a set of constant and ordered preferences, being able to perform a cost-benefit analysis of their alternatives, among many others. However, are such assumptions reasonable from a behavioral perspective? In this article, we analyze the types of assumptions made across various counterterrorism analytical models that represent malicious agents' judgments and discuss their suitability from a descriptive point of view. We then suggest how some of these assumptions could be modified to describe terrorists' preferences more accurately, by drawing knowledge from the fields of behavioral decision research, politics, philosophy of choice, public choice, and conflict management in terrorism. Such insight, we hope, might help make the assumptions of these models more behaviorally valid for counterterrorism risk analysis. © 2016 The Authors Wound Repair and Regeneration published by Wiley Periodicals, Inc. on behalf of The Wound Healing Society.

Bringing out the Best Board Behavior

ERIC Educational Resources Information Center

Caruso, Nicholas

2004-01-01

The author's advice for for a school board superintendent is to assume incompetence instead of malevolence. Board members who behave inappropriately are a minority, and those with malicious intent are extremely rare. Most misbehaving board members act out of frustration. They may not understand the appropriate role of a board member.…

Vital area identification for U.S. Nuclear Regulatory Commission nuclear power reactor licensees and new reactor applicants.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Whitehead, Donnie Wayne; Varnado, G. Bruce

2008-09-01

U.S. Nuclear Regulatory Commission nuclear power plant licensees and new reactor applicants are required to provide protection of their plants against radiological sabotage, including the placement of vital equipment in vital areas. This document describes a systematic process for the identification of the minimum set of areas that must be designated as vital areas in order to ensure that all radiological sabotage scenarios are prevented. Vital area identification involves the use of logic models to systematically identify all of the malicious acts or combinations of malicious acts that could lead to radiological sabotage. The models available in the plant probabilisticmore » risk assessment and other safety analyses provide a great deal of the information and basic model structure needed for the sabotage logic model. Once the sabotage logic model is developed, the events (or malicious acts) in the model are replaced with the areas in which the events can be accomplished. This sabotage area logic model is then analyzed to identify the target sets (combinations of areas the adversary must visit to cause radiological sabotage) and the candidate vital area sets (combinations of areas that must be protected against adversary access to prevent radiological sabotage). Any one of the candidate vital area sets can be selected for protection. Appropriate selection criteria will allow the licensee or new reactor applicant to minimize the impacts of vital area protection measures on plant safety, cost, operations, or other factors of concern.« less

IDMA: improving the defense against malicious attack for mobile ad hoc networks based on ARIP protocol

NASA Astrophysics Data System (ADS)

Peng, Chaorong; Chen, Chang Wen

2008-04-01

Malicious nodes are mounting increasingly sophisticated attacking operations on the Mobile Ad Hoc Networks (MANETs). This is mainly because the IP-based MANETs are vulnerable to attacks by various malicious nodes. However, the defense against malicious attack can be improved when a new layer of network architecture can be developed to separate true IP address from disclosing to the malicious nodes. In this paper, we propose a new algorithm to improve the defense against malicious attack (IDMA) that is based on a recently developed Assignment Router Identify Protocol (ARIP) for the clustering-based MANET management. In the ARIP protocol, we design the ARIP architecture based on the new Identity instead of the vulnerable IP addresses to provide the required security that is embedded seamlessly into the overall network architecture. We make full use of ARIP's special property to monitor gateway forward packets by Reply Request Route Packets (RREP) without additional intrusion detection layer. We name this new algorithm IDMA because of its inherent capability to improve the defense against malicious attacks. Through IDMA, a watching algorithm can be established so as to counterattack the malicious node in the routing path when it unusually drops up packets. We provide analysis examples for IDMA for the defense against a malicious node that disrupts the route discovery by impersonating the destination, or by responding with state of corrupted routing information, or by disseminating forged control traffic. The IDMA algorithm is able to counterattack the malicious node in the cases when the node lunch DoS attack by broadcast a large number of route requests, or make Target traffic congestion by delivering huge mount of data; or spoof the IP addresses and send forge packets with a fake ID to the same Target causing traffic congestion at that destination. We have implemented IDMA algorism using the GloMoSim simulator and have demonstrated its performance under a variety of operational conditions.

A Secure Trust Establishment Scheme for Wireless Sensor Networks

PubMed Central

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2014-01-01

Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior. PMID:24451471

CYBER SUPPLY CHAIN SECURITY: CAN THE BACKDOOR BE CLOSED WITH TRUSTED DESIGN, MANUFACTURING AND SUPPLY

DTIC Science & Technology

2016-08-01

components from making it into DoD systems. The benefits of trusted design and manufacturing would likely cost more, but would confidently minimize DoD...compromise products too high for an attacker. If the costs and effort needed are greater than the benefit to conduct an attack, malicious actors are...simplicity may be a better approach. While there are potential benefits to built-in hardware and software security, there may be just as many

Building and Vegetation Rasterization for the Three-dimensional Wind Field (3DWF) Model

DTIC Science & Technology

2010-12-01

Maps API. By design, JavaScript limits access to local resources. This is done to protect against the execution of malicious code. However, ActiveX ...to only use these types of objects ( ActiveX or XPCOM) from a trusted source in order to minimize the exposure of a computer system to malware...Microsoft ActiveX . There is also a need to restructure and rethink the implementation of the JavaScript code. It would be desirable to save the digitized

A Study on Architecture of Malicious Code Blocking Scheme with White List in Smartphone Environment

NASA Astrophysics Data System (ADS)

Lee, Kijeong; Tolentino, Randy S.; Park, Gil-Cheol; Kim, Yong-Tae

Recently, the interest and demands for mobile communications are growing so fast because of the increasing prevalence of smartphones around the world. In addition, the existing feature phones were replaced by smartphones and it has widely improved while using the explosive growth of Internet users using smartphones, e-commerce enabled Internet banking transactions and the importance of protecting personal information. Therefore, the development of smartphones antivirus products was developed and launched in order to prevent malicious code or virus infection. In this paper, we proposed a new scheme to protect the smartphone from malicious codes and malicious applications that are element of security threats in mobile environment and to prevent information leakage from malicious code infection. The proposed scheme is based on the white list smartphone application which only allows installing authorized applications and to prevent the installation of malicious and untrusted mobile applications which can possibly infect the applications and programs of smartphones.

The Impact of Emotions and Empathy-Related Traits on Punishment Behavior: Introduction and Validation of the Inequality Game.

PubMed

Klimecki, Olga M; Vuilleumier, Patrik; Sander, David

2016-01-01

In the prevention and resolution of conflicts in social contexts, an important step is to understand how different emotions and empathic traits are linked to punishment behaviors. Unfortunately, few paradigms exist to study these phenomena. Here, we developed the Inequality Game (IG) as an economic and verbal interaction paradigm in which participants are faced with an "unfair other" as opposed to a "fair other" and subsequently have the opportunity to engage in a range of social behaviors. These social behaviors include cooperative or competitive economic choices and nice or derogatory verbal behavior toward the unfair and fair other. Participants could thus engage in punishment or forgiveness behavior toward the unfair other as well as in cooperative or aggressive behavior toward the fair other. We validated the IG through multimodal measures comprising the assessment of personality traits, emotions (by means of facial expressions and self-reports), arousal (by means of skin conductance responses), physical effort (force exertion), and behavioral reactions. Second, we examined the influence of emotions and empathy-related traits on punishment behavior. With regard to emotions, we observed a positive relation between malicious joy and punishment behavior. This result highlights the role of reward-related mechanisms in favoring punishment behavior. In addition, different empathic traits had opposing effects on antisocial behavior. Whereas personal distress predicted aggressive verbal behavior, perspective taking and empathic concern predicted a reduction in punishment behavior. Empathic traits also modulated emotional experience and person evaluations, such that perspective taking was related to more positive affect (less frowning and more smiling) and a more favorable evaluation of the unfair other. The current data validate the IG, reveal that malicious joy is positively related to punishment behavior, and show that different types of empathic traits can have opposing effects on antisocial behavior as well as on related emotions and person evaluations.

The Impact of Emotions and Empathy-Related Traits on Punishment Behavior: Introduction and Validation of the Inequality Game

PubMed Central

Klimecki, Olga M.; Vuilleumier, Patrik; Sander, David

2016-01-01

In the prevention and resolution of conflicts in social contexts, an important step is to understand how different emotions and empathic traits are linked to punishment behaviors. Unfortunately, few paradigms exist to study these phenomena. Here, we developed the Inequality Game (IG) as an economic and verbal interaction paradigm in which participants are faced with an “unfair other” as opposed to a “fair other” and subsequently have the opportunity to engage in a range of social behaviors. These social behaviors include cooperative or competitive economic choices and nice or derogatory verbal behavior toward the unfair and fair other. Participants could thus engage in punishment or forgiveness behavior toward the unfair other as well as in cooperative or aggressive behavior toward the fair other. We validated the IG through multimodal measures comprising the assessment of personality traits, emotions (by means of facial expressions and self-reports), arousal (by means of skin conductance responses), physical effort (force exertion), and behavioral reactions. Second, we examined the influence of emotions and empathy-related traits on punishment behavior. With regard to emotions, we observed a positive relation between malicious joy and punishment behavior. This result highlights the role of reward-related mechanisms in favoring punishment behavior. In addition, different empathic traits had opposing effects on antisocial behavior. Whereas personal distress predicted aggressive verbal behavior, perspective taking and empathic concern predicted a reduction in punishment behavior. Empathic traits also modulated emotional experience and person evaluations, such that perspective taking was related to more positive affect (less frowning and more smiling) and a more favorable evaluation of the unfair other. The current data validate the IG, reveal that malicious joy is positively related to punishment behavior, and show that different types of empathic traits can have opposing effects on antisocial behavior as well as on related emotions and person evaluations. PMID:26978065

Privacy and Integrity in the Untrusted Cloud

DTIC Science & Technology

2012-06-01

TYPE 3. DATES COVERED 00-00-2012 to 00-00-2012 4 . TITLE AND SUBTITLE Privacy and Integrity in the Untrusted Cloud 5a. CONTRACT NUMBER 5b...54 4 Frientegrity 55 4.1 Introduction...but still showing them to the user [105]. This behavior is 4 an example of provider equivocation [74, 67], in which a malicious service presents

Effect of Gratitude on Benign and Malicious Envy: The Mediating Role of Social Support.

PubMed

Xiang, Yanhui; Chao, Xiaomei; Ye, Yanyan

2018-01-01

Gratitude has been investigated in various areas in psychology. The present research showed that gratitude had some positive effects on some aspects of our life, such as subjective well-being, life satisfaction, and social relationships. It can also help us relieve negative emotions. However, the existing literature has not studied the influence of gratitude on envy. The present study used structural equation modeling to test the mediating role of social support between gratitude and two types of envy (malicious and benign). We recruited 426 Chinese undergraduates to complete the Gratitude Questionnaire, Malicious and Benign Envy Scales, and the Multi-Dimensional Scale of Perceived Social Support. Results showed that gratitude positively predicted benign envy and negatively predicted malicious envy. In addition, the indirect effect of gratitude on two types of envy via social support was significant. These results revealed the direct relationship between gratitude and malicious/benign envy, and the mediating effect of social support, which will contribute to find effective measures to inhibit malicious envy and promote benign envy from the perspective of cultivating gratitude and increasing individuals' social support.

Effect of Gratitude on Benign and Malicious Envy: The Mediating Role of Social Support

PubMed Central

Xiang, Yanhui; Chao, Xiaomei; Ye, Yanyan

2018-01-01

Gratitude has been investigated in various areas in psychology. The present research showed that gratitude had some positive effects on some aspects of our life, such as subjective well-being, life satisfaction, and social relationships. It can also help us relieve negative emotions. However, the existing literature has not studied the influence of gratitude on envy. The present study used structural equation modeling to test the mediating role of social support between gratitude and two types of envy (malicious and benign). We recruited 426 Chinese undergraduates to complete the Gratitude Questionnaire, Malicious and Benign Envy Scales, and the Multi-Dimensional Scale of Perceived Social Support. Results showed that gratitude positively predicted benign envy and negatively predicted malicious envy. In addition, the indirect effect of gratitude on two types of envy via social support was significant. These results revealed the direct relationship between gratitude and malicious/benign envy, and the mediating effect of social support, which will contribute to find effective measures to inhibit malicious envy and promote benign envy from the perspective of cultivating gratitude and increasing individuals' social support. PMID:29867595

A fragile zero watermarking scheme to detect and characterize malicious modifications in database relations.

PubMed

Khan, Aihab; Husain, Syed Afaq

2013-01-01

We put forward a fragile zero watermarking scheme to detect and characterize malicious modifications made to a database relation. Most of the existing watermarking schemes for relational databases introduce intentional errors or permanent distortions as marks into the database original content. These distortions inevitably degrade the data quality and data usability as the integrity of a relational database is violated. Moreover, these fragile schemes can detect malicious data modifications but do not characterize the tempering attack, that is, the nature of tempering. The proposed fragile scheme is based on zero watermarking approach to detect malicious modifications made to a database relation. In zero watermarking, the watermark is generated (constructed) from the contents of the original data rather than introduction of permanent distortions as marks into the data. As a result, the proposed scheme is distortion-free; thus, it also resolves the inherent conflict between security and imperceptibility. The proposed scheme also characterizes the malicious data modifications to quantify the nature of tempering attacks. Experimental results show that even minor malicious modifications made to a database relation can be detected and characterized successfully.

Relationship between Effective Application of Machine Learning and Malware Detection: A Quantitative Study

ERIC Educational Resources Information Center

Enfinger, Kerry Wayne

2016-01-01

The number of malicious files present in the public domain continues to rise at a substantial rate. Current anti-malware software utilizes a signature-based method to detect the presence of malicious software. Generating these pattern signatures is time consuming due to malicious code complexity and the need for expert analysis, however, by making…

Gelotophobia and the Challenges of Implementing Laughter into Virtual Agents Interactions

PubMed Central

Ruch, Willibald F.; Platt, Tracey; Hofmann, Jennifer; Niewiadomski, Radosław; Urbain, Jérôme; Mancini, Maurizio; Dupont, Stéphane

2014-01-01

This study investigated which features of AVATAR laughter are perceived threatening for individuals with a fear of being laughed at (gelotophobia), and individuals with no gelotophobia. Laughter samples were systematically varied (e.g., intensity, laughter pitch, and energy for the voice, intensity of facial actions of the face) in three modalities: animated facial expressions, synthesized auditory laughter vocalizations, and motion capture generated puppets displaying laughter body movements. In the online study 123 adults completed, the GELOPH <15 > (Ruch and Proyer, 2008a,b) and rated randomly presented videos of the three modalities for how malicious, how friendly, how real the laughter was (0 not at all to 8 extremely). Additionally, an open question asked which markers led to the perception of friendliness/maliciousness. The current study identified features in all modalities of laughter stimuli that were perceived as malicious in general, and some that were gelotophobia specific. For facial expressions of AVATARS, medium intensity laughs triggered highest maliciousness in the gelotophobes. In the auditory stimuli, the fundamental frequency modulations and the variation in intensity were indicative of maliciousness. In the body, backwards and forward movements and rocking vs. jerking movements distinguished the most malicious from the least malicious laugh. From the open answers, the shape and appearance of the lips curling induced feelings that the expression was malicious for non-gelotophobes and that the movement round the eyes, elicited the face to appear as friendly. This was opposite for gelotophobes. Gelotophobia savvy AVATARS should be of high intensity, containing lip and eye movements and be fast, non-repetitive voiced vocalization, variable and of short duration. It should not contain any features that indicate a down-regulation in the voice or body, or indicate voluntary/cognitive modulation. PMID:25477803

Debugging classification and anti-debugging strategies

NASA Astrophysics Data System (ADS)

Gao, Shang; Lin, Qian; Xia, Mingyuan; Yu, Miao; Qi, Zhengwei; Guan, Haibing

2011-12-01

Debugging, albeit useful for software development, is also a double-edge sword since it could also be exploited by malicious attackers. This paper analyzes the prevailing debuggers and classifies them into 4 categories based on the debugging mechanism. Furthermore, as an opposite, we list 13 typical anti-debugging strategies adopted in Windows. These methods intercept specific execution points which expose the diagnostic behavior of debuggers.

Mobile code security

NASA Astrophysics Data System (ADS)

Ramalingam, Srikumar

2001-11-01

A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

Mitigating Inadvertent Insider Threats with Incentives

NASA Astrophysics Data System (ADS)

Liu, Debin; Wang, Xiaofeng; Camp, L. Jean

Inadvertent insiders are trusted insiders who do not have malicious intent (as with malicious insiders) but do not responsibly managing security. The result is often enabling a malicious outsider to use the privileges of the inattentive insider to implement an insider attack. This risk is as old as conversion of a weak user password into root access, but the term inadvertent insider is recently coined to identify the link between the behavior and the vulnerability. In this paper, we propose to mitigate this threat using a novel risk budget mechanism that offers incentives to an insider to behave according to the risk posture set by the organization. We propose assigning an insider a risk budget, which is a specific allocation of risk points, allowing employees to take a finite number of risk-seeking choice. In this way, the employee can complete her tasks without subverting the security system, as with absolute prohibitions. In the end, the organization penalizes the insider if she fails to accomplish her task within the budget while rewards her in the presence of a surplus. Most importantly. the risk budget requires that the user make conscious visible choices to take electronic risks. We describe the theory behind the system, including specific work on the insider threats. We evaluated this approach using human-subject experiments, which demonstrate the effectiveness of our risk budget mechanism. We also present a game theoretic analysis of the mechanism.

A Cross-Layer, Anomaly-Based IDS for WSN and MANET

PubMed Central

Amouri, Amar; Manthena, Raju

2018-01-01

Intrusion detection system (IDS) design for mobile adhoc networks (MANET) is a crucial component for maintaining the integrity of the network. The need for rapid deployment of IDS capability with minimal data availability for training and testing is an important requirement of such systems, especially for MANETs deployed in highly dynamic scenarios, such as battlefields. This work proposes a two-level detection scheme for detecting malicious nodes in MANETs. The first level deploys dedicated sniffers working in promiscuous mode. Each sniffer utilizes a decision-tree-based classifier that generates quantities which we refer to as correctly classified instances (CCIs) every reporting time. In the second level, the CCIs are sent to an algorithmically run supernode that calculates quantities, which we refer to as the accumulated measure of fluctuation (AMoF) of the received CCIs for each node under test (NUT). A key concept that is used in this work is that the variability of the smaller size population which represents the number of malicious nodes in the network is greater than the variance of the larger size population which represents the number of normal nodes in the network. A linear regression process is then performed in parallel with the calculation of the AMoF for fitting purposes and to set a proper threshold based on the slope of the fitted lines. As a result, the malicious nodes are efficiently and effectively separated from the normal nodes. The proposed scheme is tested for various node velocities and power levels and shows promising detection performance even at low-power levels. The results presented also apply to wireless sensor networks (WSN) and represent a novel IDS scheme for such networks. PMID:29470446

A Cross-Layer, Anomaly-Based IDS for WSN and MANET.

PubMed

Amouri, Amar; Morgera, Salvatore D; Bencherif, Mohamed A; Manthena, Raju

2018-02-22

Intrusion detection system (IDS) design for mobile adhoc networks (MANET) is a crucial component for maintaining the integrity of the network. The need for rapid deployment of IDS capability with minimal data availability for training and testing is an important requirement of such systems, especially for MANETs deployed in highly dynamic scenarios, such as battlefields. This work proposes a two-level detection scheme for detecting malicious nodes in MANETs. The first level deploys dedicated sniffers working in promiscuous mode. Each sniffer utilizes a decision-tree-based classifier that generates quantities which we refer to as correctly classified instances (CCIs) every reporting time. In the second level, the CCIs are sent to an algorithmically run supernode that calculates quantities, which we refer to as the accumulated measure of fluctuation (AMoF) of the received CCIs for each node under test (NUT). A key concept that is used in this work is that the variability of the smaller size population which represents the number of malicious nodes in the network is greater than the variance of the larger size population which represents the number of normal nodes in the network. A linear regression process is then performed in parallel with the calculation of the AMoF for fitting purposes and to set a proper threshold based on the slope of the fitted lines. As a result, the malicious nodes are efficiently and effectively separated from the normal nodes. The proposed scheme is tested for various node velocities and power levels and shows promising detection performance even at low-power levels. The results presented also apply to wireless sensor networks (WSN) and represent a novel IDS scheme for such networks.

Probabilistic Characterization of Adversary Behavior in Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08

The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

Toward a Mobile Agent Relay Network

DTIC Science & Technology

2010-03-01

in the study of particle movement. In computer science, flocking movement has been adapted for use in the collective, cooperative movement of...MARN). For our approach, we utilize a mod- ified flocking behavior to generate cooperative movement that utilizes the agent’s re- lay capability. We...Summary Our testing focuses on measuring effective cooperative movement and robustness against malicious agents. The movement testing demonstrated that a

GlobalTrust: An Attack Resilient Reputation System for Tactical Networks

DTIC Science & Technology

2014-07-03

MSA): Some malicious nodes misbehave while other malicious nodes, called malicious spies, behave normally by providing proper services. These...disseminate conflicting (or inconsistent) LTOs. For example, they may misbehave only to a subset of honest nodes (referred to as target nodes) to... misbehaving with prob. α honestly reporting LTOs NRA misbehaving with prob. α reporting opposite LTOs, 1− α CRA misbehaving with prob. α reporting

A robust trust establishment scheme for wireless sensor networks.

PubMed

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2015-03-23

Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

Leveling up and down: the experiences of benign and malicious envy.

PubMed

van de Ven, Niels; Zeelenberg, Marcel; Pieters, Rik

2009-06-01

Envy is the painful emotion caused by the good fortune of others. This research empirically supports the distinction between two qualitatively different types of envy, namely benign and malicious envy. It reveals that the experience of benign envy leads to a moving-up motivation aimed at improving one's own position, whereas the experience of malicious envy leads to a pulling-down motivation aimed at damaging the position of the superior other. Study 1 used guided recall of the two envy types in a culture (the Netherlands) that has separate words for benign and malicious envy. Analyses of the experiential content of these emotions found the predicted differences. Study 2 and 3 used one sample from the United States and one from Spain, respectively, where a single word exists for both envy types. A latent class analysis based on the experiential content of envy confirmed the existence of separate experiences of benign and malicious envy in both these cultures as well. The authors discuss the implications of distinguishing the two envy types for theories of cooperation, group performance, and Schadenfreude.

Essays on Information Assurance: Examination of Detrimental Consequences of Information Security, Privacy, and Extreme Event Concerns on Individual and Organizational Use of Systems

ERIC Educational Resources Information Center

Park, Insu

2010-01-01

The purpose of this study is to explore systems users' behavior on IS under the various circumstances (e.g., email usage and malware threats, online communication at the individual level, and IS usage in organizations). Specifically, the first essay develops a method for analyzing and predicting the impact category of malicious code, particularly…

An Architectural Concept for Intrusion Tolerance in Air Traffic Networks

NASA Technical Reports Server (NTRS)

Maddalon, Jeffrey M.; Miner, Paul S.

2003-01-01

The goal of an intrusion tolerant network is to continue to provide predictable and reliable communication in the presence of a limited num ber of compromised network components. The behavior of a compromised network component ranges from a node that no longer responds to a nod e that is under the control of a malicious entity that is actively tr ying to cause other nodes to fail. Most current data communication ne tworks do not include support for tolerating unconstrained misbehavio r of components in the network. However, the fault tolerance communit y has developed protocols that provide both predictable and reliable communication in the presence of the worst possible behavior of a limited number of nodes in the system. One may view a malicious entity in a communication network as a node that has failed and is behaving in an arbitrary manner. NASA/Langley Research Center has developed one such fault-tolerant computing platform called SPIDER (Scalable Proces sor-Independent Design for Electromagnetic Resilience). The protocols and interconnection mechanisms of SPIDER may be adapted to large-sca le, distributed communication networks such as would be required for future Air Traffic Management systems. The predictability and reliabi lity guarantees provided by the SPIDER protocols have been formally v erified. This analysis can be readily adapted to similar network stru ctures.

Statistics attack on `quantum private comparison with a malicious third party' and its improvement

NASA Astrophysics Data System (ADS)

Gu, Jun; Ho, Chih-Yung; Hwang, Tzonelih

2018-02-01

Recently, Sun et al. (Quantum Inf Process:14:2125-2133, 2015) proposed a quantum private comparison protocol allowing two participants to compare the equality of their secrets via a malicious third party (TP). They designed an interesting trap comparison method to prevent the TP from knowing the final comparison result. However, this study shows that the malicious TP can use the statistics attack to reveal the comparison result. A simple modification is hence proposed to solve this problem.

When envy leads to schadenfreude.

PubMed

van de Ven, Niels; Hoogland, Charles E; Smith, Richard H; van Dijk, Wilco W; Breugelmans, Seger M; Zeelenberg, Marcel

2015-01-01

Previous research has yielded inconsistent findings concerning the relationship between envy and schadenfreude. Three studies examined whether the distinction between benign and malicious envy can resolve this inconsistency. We found that malicious envy is related to schadenfreude, while benign envy is not. This result held both in the Netherlands where benign and malicious envy are indicated by separate words (Study 1: Sample A, N = 139; Sample B, N = 150), and in the USA where a single word is used to denote both types (Study 2, N = 180; Study 3, N = 349). Moreover, the effect of malicious envy on schadenfreude was independent of other antecedents of schadenfreude (such as feelings of inferiority, disliking the target person, anger, and perceived deservedness). These findings improve our understanding of the antecedents of schadenfreude and help reconcile seemingly contradictory findings on the relationship between envy and schadenfreude.

SQTrust: Social and QoS Trust Management and Its Application to Mission-Oriented Mobile Groups

DTIC Science & Technology

2012-08-15

ground truth status over a wide range of operational and environment conditions with high resiliency to malicious attacks and misbehaving nodes...attacks and misbehaving nodes. Furthermore, using mission-oriented mobile groups as an application, we identify the best trust formation model under...describe dy- namic behaviors of nodes in MANETs in the presence of misbehaving nodes with the objective to validate subjective trust evaluation with

The effects of malicious nodes on performance of mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Li, Fanzhi; Shi, Xiyu; Jassim, Sabah; Adams, Christopher

2006-05-01

Wireless ad hoc networking offers convenient infrastructureless communication over the shared wireless channel. However, the nature of ad hoc networks makes them vulnerable to security attacks. Unlike their wired counterpart, infrastructureless ad hoc networks do not have a clear line of defense, their topology is dynamically changing, and every mobile node can receive messages from its neighbors and can be contacted by all other nodes in its neighborhood. This poses a great danger to network security if some nodes behave in a malicious manner. The immediate concern about the security in this type of networks is how to protect the network and the individual mobile nodes against malicious act of rogue nodes from within the network. This paper is concerned with security aspects of wireless ad hoc networks. We shall present results of simulation experiments on ad hoc network's performance in the presence of malicious nodes. We shall investigate two types of attacks and the consequences will be simulated and quantified in terms of loss of packets and other factors. The results show that network performance, in terms of successful packet delivery ratios, significantly deteriorates when malicious nodes act according to the defined misbehaving characteristics.

Impact of malicious servers over trust and reputation models in wireless sensor networks

NASA Astrophysics Data System (ADS)

Verma, Vinod Kumar; Singh, Surinder; Pathak, N. P.

2016-03-01

This article deals with the impact of malicious servers over different trust and reputation models in wireless sensor networks. First, we analysed the five trust and reputation models, namely BTRM-WSN, Eigen trust, peer trust, power trust, linguistic fuzzy trust model. Further, we proposed wireless sensor network design for optimisation of these models. Finally, influence of malicious servers on the behaviour of above mentioned trust and reputation models is discussed. Statistical analysis has been carried out to prove the validity of our proposal.

CSIRT Requirements for Situational Awareness

DTIC Science & Technology

2014-01-25

deepsight-products http://www.symantec.com/security_response/publications/threatreport.jsp Verizon Verizon produces an annual data breach report...impact studies to the differences between malicious versus non-malicious data breaches . Ponemon also offers con- sulting services. Ponemon also

Method for detecting core malware sites related to biomedical information systems.

PubMed

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%.

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

PubMed Central

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%. PMID:25821511

Exchanging honest employment references: avoiding the traps of defamation and negligent hiring.

PubMed

McConnell, Charles R

2015-01-01

In present-day reference checking, many of the same organizations that seek as much information as possible about people they wish to hire resist giving out more than a bare minimum of information to other organizations. The strongest force driving this minimal reference information release is fear of legal action taken because of something said about an individual in a reference response. Many employers seem so frightened of being sued that they share nothing of substance, usually not realizing that in supposedly protecting themselves against defamation charges they are sometimes increasing the risk of negligent hiring charges. However, truthful reference information can be provided with minimal risk if it is provided in good faith, given only to those who have a legitimate need to know, is strictly job related, and is not communicated maliciously. References must always be provided objectively with information verifiable in personnel files.

Exchanging honest employment references: tiptoeing between defamation and negligent hiring.

PubMed

McConnell, Charles R

2007-01-01

In present day reference checking, many of the same organizations that seek as much information as possible about people they wish to hire resist giving out more than a bare minimum of information to other organizations. The strongest force driving this minimal reference information release is fear of legal action taken because of something said about an individual ("defamation," supposedly). Many employers seem so frightened of being sued for libel or slander that they share nothing of substance, usually not realizing that in supposedly protecting themselves against defamation charges, they are increasing the risk of negligent hiring charges. However, truthful reference information can be provided with minimal risk if it is provided in good faith, given only to those who have a legitimate need to know, is strictly job related, and is not communicated maliciously. References must always be provided objectively with information verifiable in personnel files.

Moving beyond assumptions of deviance: The reconceptualization and measurement of workplace gossip.

PubMed

Brady, Daniel L; Brown, Douglas J; Liang, Lindie Hanyu

2017-01-01

Despite decades of research from other academic fields arguing that gossip is an important and potentially functional behavior, organizational research has largely assumed that gossip is malicious talk. This has resulted in the proliferation of gossip items in deviance scales, effectively subsuming workplace gossip research into deviance research. In this paper, the authors argue that organizational research has traditionally considered only a very narrow subset of workplace gossip, focusing almost exclusively on extreme negative cases which are not reflective of typical workplace gossip behavior. Instead of being primarily malicious, typical workplace gossip can be either positive or negative in nature and may serve important functions. It is therefore recommended that workplace gossip be studied on its own, independent of deviance. To facilitate this, the authors reconceptualize the workplace gossip construct and then develop a series of general-purpose English- and Chinese-language workplace gossip scales. Using 8 samples (including qualitative, multisource, multiwave, and multicultural data), the authors demonstrate the construct validity, reliability, cross-cultural measurement invariance, and acceptable psychometric properties of the workplace gossip scales. Relationships are demonstrated between workplace gossip and a variety of other organizational variables and processes, including uncertainty, emotion validation, self-esteem, norm enforcement, networking, influence, organizational justice, performance, deviance, and turnover. Future directions in workplace gossip research are discussed. (PsycINFO Database Record (c) 2017 APA, all rights reserved).

An overview of computer viruses in a research environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1991-01-01

The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically threats aimed at subverting computer security. Here, computer viruses are examined as a malicious logic in a research and development environment. A relation is drawn between the viruses and various models of security and integrity. Current research techniques aimed at controlling the threats posed to computer systems by threatening viruses in particular and malicious logic in general are examined. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken.

Friends Indeed? Coalition Burden Sharing and the War In Iraq. Volume 1

DTIC Science & Technology

2008-08-05

Malici, "Germans as Venutians: The Culture of German Foreign Policy Behavior." 36 Joachim Krause , "The Role of the Bundestag in German Foreign Policy...Hampshire ; New York: Palgrave, 2001), 159. 37 Erb, German Foreign Policy: Navigating a New Era, 191. 38 Krause , "The Role of the Bundestag in German...policy expert Wolfgang Schaeuble accused the German government of “creating a bogey” and weakening the United Nations in the Iraq debate for its

Accuracy comparison among different machine learning techniques for detecting malicious codes

NASA Astrophysics Data System (ADS)

Narang, Komal

2016-03-01

In this paper, a machine learning based model for malware detection is proposed. It can detect newly released malware i.e. zero day attack by analyzing operation codes on Android operating system. The accuracy of Naïve Bayes, Support Vector Machine (SVM) and Neural Network for detecting malicious code has been compared for the proposed model. In the experiment 400 benign files, 100 system files and 500 malicious files have been used to construct the model. The model yields the best accuracy 88.9% when neural network is used as classifier and achieved 95% and 82.8% accuracy for sensitivity and specificity respectively.

Real Time Network Monitoring and Reporting System

ERIC Educational Resources Information Center

Massengale, Ricky L., Sr.

2009-01-01

With the ability of modern system developers to develop intelligent programs that allows machines to learn, modify and evolve themselves, current trends of reactionary methods to detect and eradicate malicious software code from infected machines is proving to be too costly. Addressing malicious software after an attack is the current methodology…

Malicious Use of Nonpharmaceuticals in Children

ERIC Educational Resources Information Center

Yin, Shan

2011-01-01

Objective: The objective of this study was to describe malicious nonpharmaceutical exposures in children reported to US poison centers. Methods: We performed a retrospective study of all nonpharmaceutical exposures involving children 7 years old reported to the US National Poison Data System (NPDS) from 2000 to 2008 for which the reason for…

Envy Up, Scorn Down: How Comparison Divides Us

PubMed Central

Fiske, Susan T.

2013-01-01

Comparison compels people, even as it stresses, depresses, and divides us. Comparison is only natural, but the collateral damage reveals envy upward and scorn downward, and these emotions, arguably, poison people and their relationships. Summaries of several experiments—using questionnaire, psychometric, response-time, electromyographic, and neuroimaging data—illustrate the dynamics of envy up and scorn down, as well as proposing how to mitigate their effects. Initial studies suggest the importance of status. Other data show how scorn down minimizes thought about another’s mind; power deactivates mental concepts. Regarding envy up, other studies demonstrate that Schadenfreude (malicious joy) targets envied outgroups. However, counterstereotypic information, empathy, and outcome dependency can mitigate both scorn and envy. PMID:21058760

Defending networks against denial-of-service attacks

NASA Astrophysics Data System (ADS)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Identifying compromised systems through correlation of suspicious traffic from malware behavioral analysis

NASA Astrophysics Data System (ADS)

Camilo, Ana E. F.; Grégio, André; Santos, Rafael D. C.

2016-05-01

Malware detection may be accomplished through the analysis of their infection behavior. To do so, dynamic analysis systems run malware samples and extract their operating system activities and network traffic. This traffic may represent malware accessing external systems, either to steal sensitive data from victims or to fetch other malicious artifacts (configuration files, additional modules, commands). In this work, we propose the use of visualization as a tool to identify compromised systems based on correlating malware communications in the form of graphs and finding isomorphisms between them. We produced graphs from over 6 thousand distinct network traffic files captured during malware execution and analyzed the existing relationships among malware samples and IP addresses.

A comprehensive Reputation mechanism for ubiquitous healthcare environment exploiting cloud model.

PubMed

Athanasiou, Georgia; Lymberopoulos, Dimitrios

2016-08-01

Absence of trust foundations may outweigh benefits of ubiquitous and personalized mental healthcare supervision provided within a Ubiquitous Healthcare environment (UH). Trust is composed by patient's Personal Interaction Experience (PIE) and social entourage accumulated PIE, i.e. Reputation (R). In this paper, a cloud-based Reputation mechanism is proposed. Since PIE is the elementary trust information source, also an Updating mechanism of PIE, is introduced, in this paper. Cloud materialization of combined mechanisms provides adaptability to UH Providers' dynamic behavior, facilitates detection of milking behaviors and complex malicious attacks while meets the challenge of limited accuracy in case of data sparseness. The effectiveness of the proposed mechanisms is verified via simulation in MATLAB.

Detecting Targeted Malicious Email through Supervised Classification of Persistent Threat and Recipient Oriented Features

ERIC Educational Resources Information Center

Amin, Rohan Mahesh

2010-01-01

Targeted email attacks to enable computer network exploitation have become more prevalent, more insidious, and more widely documented in recent years. Beyond nuisance spam or phishing designed to trick users into revealing personal information, targeted malicious email (TME) facilitates computer network exploitation and the gathering of sensitive…

Concurrent and Short-Term Longitudinal Associations between Peer Victimization and School and Recess Liking during Middle Childhood

ERIC Educational Resources Information Center

Boulton, Michael J.; Chau, Cam; Whitehand, Caroline; Amataya, Kishori; Murray, Lindsay

2009-01-01

Background: Prior studies outside of the UK have shown that peer victimization is negatively associated with school adjustment. Aims: To examine concurrent and short-term longitudinal associations between peer victimization (physical, malicious teasing, deliberate social exclusion, and malicious gossiping) and two measures of school adjustment…

Employment references: walking scared between the minefield of defamation and the specter of negligent hiring.

PubMed

McConnell, C R

2000-12-01

In present day reference checking, many of the same organizations that seek as much information as possible about people they wish to hire resist giving out more than a bare minimum of information to other organizations. The strongest force driving this minimal reference information release is fear of legal action taken because of something said about an individual (defamation, supposedly). Many employers appear so frightened of being sued for libel or slander that they share nothing of substance, usually not realizing that in trying to protect themselves against defamation charges they are increasing their legal risk associated with negligent hiring charges. However, truthful reference information can be provided with minimal risk if it is provided in good faith, given only to someone who has a legitimate need to know, is related strictly to job in character, and is not communicated maliciously. Also, reference always must be answered completely objectively with information verifiable in the individual's personnel file.

Impact of Information based Classification on Network Epidemics

PubMed Central

Mishra, Bimal Kumar; Haldar, Kaushik; Sinha, Durgesh Nandini

2016-01-01

Formulating mathematical models for accurate approximation of malicious propagation in a network is a difficult process because of our inherent lack of understanding of several underlying physical processes that intrinsically characterize the broader picture. The aim of this paper is to understand the impact of available information in the control of malicious network epidemics. A 1-n-n-1 type differential epidemic model is proposed, where the differentiality allows a symptom based classification. This is the first such attempt to add such a classification into the existing epidemic framework. The model is incorporated into a five class system called the DifEpGoss architecture. Analysis reveals an epidemic threshold, based on which the long-term behavior of the system is analyzed. In this work three real network datasets with 22002, 22469 and 22607 undirected edges respectively, are used. The datasets show that classification based prevention given in the model can have a good role in containing network epidemics. Further simulation based experiments are used with a three category classification of attack and defense strengths, which allows us to consider 27 different possibilities. These experiments further corroborate the utility of the proposed model. The paper concludes with several interesting results. PMID:27329348

Preventing and Profiling Malicious Insider Attacks

DTIC Science & Technology

2012-04-01

malicious insiders. This research program could also be extended to look at general human factors issues surrounding information security behaviours ... behaviours . This research also draws on corresponding studies into fraud and espionage in non IT scenarios. A range of preventative measures is...This includes motivating factors, personality traits and observable behaviours that may assist organisations in the detection and profiling of

Malware Memory Analysis of the Jynx2 Linux Rootkit (Part 1): Investigating a Publicly Available Linux Rootkit Using the Volatility Memory Analysis Framework

DTIC Science & Technology

2014-10-01

indication that not a single scanner was able to detect the rootkit as malicious or infected. SHA256 ...clear indication that not a single scanner was able detect it as malicious, infected or associated to the Jynx2 rootkit. SHA256

Non-developmental item computer systems and the malicious software threat

NASA Technical Reports Server (NTRS)

Bown, Rodney L.

1991-01-01

The following subject areas are covered: a DOD development system - the Army Secure Operating System; non-development commercial computer systems; security, integrity, and assurance of service (SI and A); post delivery SI and A and malicious software; computer system unique attributes; positive feedback to commercial computer systems vendors; and NDI (Non-Development Item) computers and software safety.

Crowdsourcing contest dilemma

PubMed Central

Naroditskiy, Victor; Jennings, Nicholas R.; Van Hentenryck, Pascal; Cebrian, Manuel

2014-01-01

Crowdsourcing offers unprecedented potential for solving tasks efficiently by tapping into the skills of large groups of people. A salient feature of crowdsourcing—its openness of entry—makes it vulnerable to malicious behaviour. Such behaviour took place in a number of recent popular crowdsourcing competitions. We provide game-theoretic analysis of a fundamental trade-off between the potential for increased productivity and the possibility of being set back by malicious behaviour. Our results show that in crowdsourcing competitions malicious behaviour is the norm, not the anomaly—a result contrary to the conventional wisdom in the area. Counterintuitively, making the attacks more costly does not deter them but leads to a less desirable outcome. These findings have cautionary implications for the design of crowdsourcing competitions. PMID:25142518

Protecting Dynamic Mobile Agent against Denial of Service Attacks

NASA Astrophysics Data System (ADS)

Aggarwal, Mayank; Nipur, Pallavi

2010-11-01

Mobile Agents are softwares migrating from one node to another to fulfill the task of its owner. The introduction of mobile agents has reduced network latency, network traffic a lot but at the same time it has increased the vulnerability for attacks by malicious hosts. One such attack is `Denial of Service', once the agent is launched it is free to roam without any control of its owner, this on one hand decreases the cost of agent—owner interaction and on the other hand increases the chances of `Denial Of Service'. In Denial Of Service attack the malicious host may deny resources required by the agent and kill the agent, thus the result computed so far is lost and this may happen every time the agent visits any malicious host. In this paper we continued the work done in [10] in which the authors proposed techniques by which owner can detect the malicious host for `Denial Of Service' but they did not covered technique for dynamic routes i.e. where the host or agent initiate migrations to hosts which were not contained in the route composed by the owner. We introduced an algorithm and a model which can be useful for the above purpose.

Neural Detection of Malicious Network Activities Using a New Direct Parsing and Feature Extraction Technique

DTIC Science & Technology

2015-09-01

intrusion detection systems , neural networks 15. NUMBER OF PAGES 75 16. PRICE CODE 17. SECURITY CLASSIFICATION OF... detection system (IDS) software, which learns to detect and classify network attacks and intrusions through prior training data. With the added criteria of...BACKGROUND The growing threat of malicious network activities and intrusion attempts makes intrusion detection systems (IDS) a

Job Analysis Results for Malicious-Code Reverse Engineers: A Case Study

DTIC Science & Technology

2014-05-01

Testing in Personnel Selection: Contemporary Issues in Cognitive Ability and Personality Testing .” Journal of Business Inquiry: Research , Edu- cation, and...federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of...predict the develop- ment of expertise is important. Currently, job analysis research on teams of malicious-code re- verse engineers is lacking. Therefore

Probabilistic monitoring in intrusion detection module for energy efficiency in mobile ad hoc networks

NASA Astrophysics Data System (ADS)

De Rango, Floriano; Lupia, Andrea

2016-05-01

MANETs allow mobile nodes communicating to each other using the wireless medium. A key aspect of these kind of networks is the security, because their setup is done without an infrastructure, so external nodes could interfere in the communication. Mobile nodes could be compromised, misbehaving during the multi-hop transmission of data, or they could have a selfish behavior to save energy, which is another important constraint in MANETs. The detection of these behaviors need a framework that takes into account the latest interactions among nodes, so malicious or selfish nodes could be detected also if their behavior is changed over time. The monitoring activity increases the energy consumption, so our proposal takes into account this issue reducing the energy required by the monitoring system, keeping the effectiveness of the intrusion detection system. The results show an improvement in the saved energy, improving the detection performance too.

Building a Trusted Path for Applications Using COTS Components

DTIC Science & Technology

2004-11-01

against attacks by malicious software. Trojan horse programs, i.e., programs with additional hidden, often malicious, functions, are more and more...cannot be imitated by untrusted software." Wiseman et al. (1988) propose a user interface for the SMITE system to prevent Trojan horses from...input, two of which can also be used for the hologram service. 7.0 CONCLUSION Trojan horse programs, i.e., programs with additional hidden, often

Extending Case-Based Reasoning (CBR) Approaches to Semi-automated Network Alert Reporting

DTIC Science & Technology

2013-04-01

connecting to the domain is likely infected with malware, or may have been exposed to malicious code. -- Detailed Information: The Sourcefire VRT ...to be generated by malware. After applying an extensive whitelist, the VRT pulls out the most commonly visited domains and adds them to its...malicious software. The VRT recommends ClamAV for Windows 3.0. 39 -- Contributors: Sourcefire Vulnerability Research Team -- Additional

Prediction of Sybil attack on WSN using Bayesian network and swarm intelligence

NASA Astrophysics Data System (ADS)

Muraleedharan, Rajani; Ye, Xiang; Osadciw, Lisa Ann

2008-04-01

Security in wireless sensor networks is typically sacrificed or kept minimal due to limited resources such as memory and battery power. Hence, the sensor nodes are prone to Denial-of-service attacks and detecting the threats is crucial in any application. In this paper, the Sybil attack is analyzed and a novel prediction method, combining Bayesian algorithm and Swarm Intelligence (SI) is proposed. Bayesian Networks (BN) is used in representing and reasoning problems, by modeling the elements of uncertainty. The decision from the BN is applied to SI forming an Hybrid Intelligence Scheme (HIS) to re-route the information and disconnecting the malicious nodes in future routes. A performance comparison based on the prediction using HIS vs. Ant System (AS) helps in prioritizing applications where decisions are time-critical.

Warding off the evil eye: when the fear of being envied increases prosocial behavior.

PubMed

van de Ven, Niels; Zeelenberg, Marcel; Pieters, Rik

2010-11-01

The fear of being envied makes people act prosocially, in an attempt to ward off the potentially destructive effects of envy. In three experiments, people who were in a superior position and could be envied were more likely than control participants to give time-consuming advice to a potentially envious person or to help a potentially envious person pick up erasers she had accidentally scattered. However, helping behavior increased only if envy was likely to be malicious rather than benign. People who were better off did not increase their helping behavior toward people in general, but increased their helping only toward the potentially envious. This finding is consistent with the idea that the better off act more prosocially as an appeasement strategy. The fear of being envied serves useful group functions, because it triggers prosocial behavior that is likely to dampen the potentially destructive effects of envy and simultaneously helps to improve the situation of people who are worse off.

Detecting Malicious Tweets in Twitter Using Runtime Monitoring With Hidden Information

DTIC Science & Technology

2016-06-01

text mining using Twitter streaming API and python [Online]. Available: http://adilmoujahid.com/posts/2014/07/twitter-analytics/ [22] M. Singh, B...sites with 645,750,000 registered users [3] and has open source public tweets for data mining . 2. Malicious Users and Tweets In the modern world...want to data mine in Twitter, and presents the natural language assertions and corresponding rule patterns. It then describes the steps performed using

Perceptions of aggressive conflicts and others' distress in children with callous-unemotional traits: ‘I'll show you who's boss, even if you suffer and I get in trouble'

PubMed Central

Pardini, Dustin A.; Byrd, Amy L.

2013-01-01

Background Children with callous-unemotional (CU) traits may have a particularly malevolent view of social conflicts and a pervasive insensitivity to others' distress. The current study examined whether children with CU traits have unique expectations and values regarding the consequences of aggressive conflicts and a ubiquitous lack of concern for others' feelings independent of co-occurring aggression. Methods Participants were 96 (46 males, 50 females) children recruited from elementary schools within an urban city. Associations between CU traits and child reports of outcome expectancies/values following aggressive conflicts and facets of empathy were examined after controlling for aggression, academic abilities, and demographic covariates. Results Children with higher CU traits were less likely to expect that aggression would result in victim suffering and feelings of remorse. After controlling for co-occurring aggression, children with higher CU traits were more likely to expect that aggression would result in peer dominance, while children with higher levels of aggression were more likely to expect that attacking others would reduce their aversive behavior. Children with higher CU traits were less concerned that aggressive behavior would result in punishment, victim suffering, and feelings of remorse. Moreover, children with higher CU traits reported lower levels of empathetic concern and sadness in response to others' distress outside of aggressive conflicts. Conclusions Children with CU traits tend to minimize the extent to which aggression causes victim suffering and openly acknowledge caring less about distress and suffering in others. They are less intimidated by the possibility of being punished for aggressive behavior and tend to view aggression as an effective means for dominating others. In sum, children with CU traits have a particularly malicious social schema that may be difficult to change using conventional treatment methods. PMID:22066467

Perceptions of aggressive conflicts and others' distress in children with callous-unemotional traits: 'I'll show you who's boss, even if you suffer and I get in trouble'.

PubMed

Pardini, Dustin A; Byrd, Amy L

2012-03-01

Children with callous-unemotional (CU) traits may have a particularly malevolent view of social conflicts and a pervasive insensitivity to others' distress. The current study examined whether children with CU traits have unique expectations and values regarding the consequences of aggressive conflicts and a ubiquitous lack of concern for others' feelings independent of co-occurring aggression. Participants were 96 (46 males, 50 females) children recruited from elementary schools within an urban city. Associations between CU traits and child reports of outcome expectancies/values following aggressive conflicts and facets of empathy were examined after controlling for aggression, academic abilities, and demographic covariates. Children with higher CU traits were less likely to expect that aggression would result in victim suffering and feelings of remorse. After controlling for co-occurring aggression, children with higher CU traits were more likely to expect that aggression would result in peer dominance, while children with higher levels of aggression were more likely to expect that attacking others would reduce their aversive behavior. Children with higher CU traits were less concerned that aggressive behavior would result in punishment, victim suffering, and feelings of remorse. Moreover, children with higher CU traits reported lower levels of empathetic concern and sadness in response to others' distress outside of aggressive conflicts. Children with CU traits tend to minimize the extent to which aggression causes victim suffering and openly acknowledge caring less about distress and suffering in others. They are less intimidated by the possibility of being punished for aggressive behavior and tend to view aggression as an effective means for dominating others. In sum, children with CU traits have a particularly malicious social schema that may be difficult to change using conventional treatment methods. © 2011 The Authors. Journal of Child Psychology and Psychiatry © 2011 Association for Child and Adolescent Mental Health.

Sensor Based Framework for Secure Multimedia Communication in VANET

PubMed Central

Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T.; Sher, Muhammad; Kim, Tai-Hoon

2010-01-01

Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

Prospects for Evidence -Based Software Assurance: Models and Analysis

DTIC Science & Technology

2015-09-01

virtual machine is much lighter than the workstation. The virtual machine doesn’t need to run anti- virus , firewalls, intrusion preven- tion systems...34] Maiorca, D., Corona , I., and Giacinto, G. Looking at the bag is not enough to find the bomb: An evasion of structural methods for malicious PDF...CCS ’13, ACM, pp. 119–130. [35] Maiorca, D., Giacinto, G., and Corona , I. A pattern recognition system for malicious PDF files detection. In

Development of the disable software reporting system on the basis of the neural network

NASA Astrophysics Data System (ADS)

Gavrylenko, S.; Babenko, O.; Ignatova, E.

2018-04-01

The PE structure of malicious and secure software is analyzed, features are highlighted, binary sign vectors are obtained and used as inputs for training the neural network. A software model for detecting malware based on the ART-1 neural network was developed, optimal similarity coefficients were found, and testing was performed. The obtained research results showed the possibility of using the developed system of identifying malicious software in computer systems protection systems

Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders

NASA Astrophysics Data System (ADS)

White, Jonathan; Panda, Brajendra

A major concern for computer system security is the threat from malicious insiders who target and abuse critical data items in the system. In this paper, we propose a solution to enable automatic identification of critical data items in a database by way of data dependency relationships. This identification of critical data items is necessary because insider threats often target mission critical data in order to accomplish malicious tasks. Unfortunately, currently available systems fail to address this problem in a comprehensive manner. It is more difficult for non-experts to identify these critical data items because of their lack of familiarity and due to the fact that data systems are constantly changing. By identifying the critical data items automatically, security engineers will be better prepared to protect what is critical to the mission of the organization and also have the ability to focus their security efforts on these critical data items. We have developed an algorithm that scans the database logs and forms a directed graph showing which items influence a large number of other items and at what frequency this influence occurs. This graph is traversed to reveal the data items which have a large influence throughout the database system by using a novel metric based formula. These items are critical to the system because if they are maliciously altered or stolen, the malicious alterations will spread throughout the system, delaying recovery and causing a much more malignant effect. As these items have significant influence, they are deemed to be critical and worthy of extra security measures. Our proposal is not intended to replace existing intrusion detection systems, but rather is intended to complement current and future technologies. Our proposal has never been performed before, and our experimental results have shown that it is very effective in revealing critical data items automatically.

Identifying and tracking dynamic processes in social networks

NASA Astrophysics Data System (ADS)

Chung, Wayne; Savell, Robert; Schütt, Jan-Peter; Cybenko, George

2006-05-01

The detection and tracking of embedded malicious subnets in an active social network can be computationally daunting due to the quantity of transactional data generated in the natural interaction of large numbers of actors comprising a network. In addition, detection of illicit behavior may be further complicated by evasive strategies designed to camouflage the activities of the covert subnet. In this work, we move beyond traditional static methods of social network analysis to develop a set of dynamic process models which encode various modes of behavior in active social networks. These models will serve as the basis for a new application of the Process Query System (PQS) to the identification and tracking of covert dynamic processes in social networks. We present a preliminary result from application of our technique in a real-world data stream-- the Enron email corpus.

Test and Evaluation of the Malicious Activity Simulation Tool (MAST) in a Local Area Network (LAN) Running the Common PC Operating System Environment (COMPOSE)

DTIC Science & Technology

2013-09-01

Malicious Activity Simulation Tool MMORPG Massively Multiplayer Online Role-Playing Game MMS Mission Management Server MOA Memorandum of Agreement MS...conferencing, and massively multiplayer online role- playing games (MMORPG). During all of these Internet-based exchanges and transactions, the Internet user...In its 2011 Internet Crime Report, the Internet Crime Complaint Center (IC3) stated there were more than 300,000 complaints of online criminal

A Study and Taxonomy of Vulnerabilities in Web Based Animation and Interactivity Software

DTIC Science & Technology

2010-12-01

Flash Player is available as a plugin for most common Web browsers (Firefox, Mozilla, Netscape, Opera) and as an ActiveX control for Internet...script or HTML via (1) a swf file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX ...malicious page or open a malicious file. 2. Coding an Exploit The specific flaw exists in the Flash Player ActiveX Control’s handling of the

Trouble Brewing: Using Observations of Invariant Behavior to Detect Malicious Agency in Distributed Control Systems

NASA Astrophysics Data System (ADS)

McEvoy, Thomas Richard; Wolthusen, Stephen D.

Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints.

Symmetrically private information retrieval based on blind quantum computing

NASA Astrophysics Data System (ADS)

Sun, Zhiwei; Yu, Jianping; Wang, Ping; Xu, Lingling

2015-05-01

Universal blind quantum computation (UBQC) is a new secure quantum computing protocol which allows a user Alice who does not have any sophisticated quantum technology to delegate her computing to a server Bob without leaking any privacy. Using the features of UBQC, we propose a protocol to achieve symmetrically private information retrieval, which allows a quantum limited Alice to query an item from Bob with a fully fledged quantum computer; meanwhile, the privacy of both parties is preserved. The security of our protocol is based on the assumption that malicious Alice has no quantum computer, which avoids the impossibility proof of Lo. For the honest Alice, she is almost classical and only requires minimal quantum resources to carry out the proposed protocol. Therefore, she does not need any expensive laboratory which can maintain the coherence of complicated quantum experimental setups.

A two-stage flow-based intrusion detection model for next-generation networks.

PubMed

Umer, Muhammad Fahad; Sher, Muhammad; Bi, Yaxin

2018-01-01

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

A two-stage flow-based intrusion detection model for next-generation networks

PubMed Central

2018-01-01

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results. PMID:29329294

Securing Collaborative Spectrum Sensing against Untrustworthy Secondary Users in Cognitive Radio Networks

NASA Astrophysics Data System (ADS)

Wang, Wenkai; Li, Husheng; Sun, Yan(Lindsay); Han, Zhu

2009-12-01

Cognitive radio is a revolutionary paradigm to migrate the spectrum scarcity problem in wireless networks. In cognitive radio networks, collaborative spectrum sensing is considered as an effective method to improve the performance of primary user detection. For current collaborative spectrum sensing schemes, secondary users are usually assumed to report their sensing information honestly. However, compromised nodes can send false sensing information to mislead the system. In this paper, we study the detection of untrustworthy secondary users in cognitive radio networks. We first analyze the case when there is only one compromised node in collaborative spectrum sensing schemes. Then we investigate the scenario that there are multiple compromised nodes. Defense schemes are proposed to detect malicious nodes according to their reporting histories. We calculate the suspicious level of all nodes based on their reports. The reports from nodes with high suspicious levels will be excluded in decision-making. Compared with existing defense methods, the proposed scheme can effectively differentiate malicious nodes and honest nodes. As a result, it can significantly improve the performance of collaborative sensing. For example, when there are 10 secondary users, with the primary user detection rate being equal to 0.99, one malicious user can make the false alarm rate [InlineEquation not available: see fulltext.] increase to 72%. The proposed scheme can reduce it to 5%. Two malicious users can make [InlineEquation not available: see fulltext.] increase to 85% and the proposed scheme reduces it to 8%.

SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon Rueff; Lyle Roybal; Denis Vollmer

2013-01-01

There is a significant need to protect the nation’s energy infrastructures from malicious actors using cyber methods. Supervisory, Control, and Data Acquisition (SCADA) systems may be vulnerable due to the insufficient security implemented during the design and deployment of these control systems. This is particularly true in older legacy SCADA systems that are still commonly in use. The purpose of INL’s research on the SCADA Protocol Anomaly Detection Utilizing Compression (SPADUC) project was to determine if and how data compression techniques could be used to identify and protect SCADA systems from cyber attacks. Initially, the concept was centered on howmore » to train a compression algorithm to recognize normal control system traffic versus hostile network traffic. Because large portions of the TCP/IP message traffic (called packets) are repetitive, the concept of using compression techniques to differentiate “non-normal” traffic was proposed. In this manner, malicious SCADA traffic could be identified at the packet level prior to completing its payload. Previous research has shown that SCADA network traffic has traits desirable for compression analysis. This work investigated three different approaches to identify malicious SCADA network traffic using compression techniques. The preliminary analyses and results presented herein are clearly able to differentiate normal from malicious network traffic at the packet level at a very high confidence level for the conditions tested. Additionally, the master dictionary approach used in this research appears to initially provide a meaningful way to categorize and compare packets within a communication channel.« less

Modeling Human Behavior to Anticipate Insider Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Hohimer, Ryan E.

2011-06-09

The insider threat ranks among the most pressing cybersecurity challenges that threaten government and industry information infrastructures. To date, no systematic methods have been developed that provide a complete and effective approach to prevent data leakage, espionage and sabotage. Current practice is forensic in nature, relegating to the analyst the bulk of the responsibility to monitor, analyze, and correlate an overwhelming amount of data. We describe a predictive modeling framework that integrates a diverse set of data sources from the cyber domain as well as inferred psychological/motivational factors that may underlie malicious insider exploits. This comprehensive threat assessment approach providesmore » automated support for the detection of high-risk behavioral “triggers” to help focus the analyst’s attention and inform the analysis. Designed to be domain independent, the system may be applied to many different threat and warning analysis/sensemaking problems.« less

Detecting Heap-Spraying Code Injection Attacks in Malicious Web Pages Using Runtime Execution

NASA Astrophysics Data System (ADS)

Choi, Younghan; Kim, Hyoungchun; Lee, Donghoon

The growing use of web services is increasing web browser attacks exponentially. Most attacks use a technique called heap spraying because of its high success rate. Heap spraying executes a malicious code without indicating the exact address of the code by copying it into many heap objects. For this reason, the attack has a high potential to succeed if only the vulnerability is exploited. Thus, attackers have recently begun using this technique because it is easy to use JavaScript to allocate the heap memory area. This paper proposes a novel technique that detects heap spraying attacks by executing a heap object in a real environment, irrespective of the version and patch status of the web browser. This runtime execution is used to detect various forms of heap spraying attacks, such as encoding and polymorphism. Heap objects are executed after being filtered on the basis of patterns of heap spraying attacks in order to reduce the overhead of the runtime execution. Patterns of heap spraying attacks are based on analysis of how an web browser accesses benign web sites. The heap objects are executed forcibly by changing the instruction register into the address of them after being loaded into memory. Thus, we can execute the malicious code without having to consider the version and patch status of the browser. An object is considered to contain a malicious code if the execution reaches a call instruction and then the instruction accesses the API of system libraries, such as kernel32.dll and ws_32.dll. To change registers and monitor execution flow, we used a debugger engine. A prototype, named HERAD(HEap spRAying Detector), is implemented and evaluated. In experiments, HERAD detects various forms of exploit code that an emulation cannot detect, and some heap spraying attacks that NOZZLE cannot detect. Although it has an execution overhead, HERAD produces a low number of false alarms. The processing time of several minutes is negligible because our research focuses on detecting heap spraying. This research can be applied to existing systems that collect malicious codes, such as Honeypot.

Assessing the Macro-Level Correlates of Malware Infections Using a Routine Activities Framework.

PubMed

Holt, Thomas J; Burruss, George W; Bossler, Adam M

2018-05-01

The ability to gain unauthorized access to computer systems to engage in espionage and data theft poses a massive threat to individuals worldwide. There has been minimal focus, however, on the role of malicious software, or malware, which can automate this process. This study examined the macro-correlates of malware infection at the national level by using an open repository of known malware infections and utilizing a routine activities framework. Negative inflated binomial models for counts indicated that nations with greater technological infrastructure, more political freedoms, and with less organized crime financial impact were more likely to report malware infections. The number of Computer Emergency Response Teams (CERTs) in a nation was not significantly related with reported malware infection. The implications of the study for the understanding of malware infection, routine activity theory, and target-hardening strategies are discussed.

Tumor Microenvironment Modulation via Gold Nanoparticles Targeting Malicious Exosomes: Implications for Cancer Diagnostics and Therapy

PubMed Central

Roma-Rodrigues, Catarina; Raposo, Luís R.; Cabral, Rita; Paradinha, Fabiana; Baptista, Pedro V.; Fernandes, Alexandra R.

2017-01-01

Exosomes are nanovesicles formed in the endosomal pathway with an important role in paracrine and autocrine cell communication. Exosomes secreted by cancer cells, malicious exosomes, have important roles in tumor microenvironment maturation and cancer progression. The knowledge of the role of exosomes in tumorigenesis prompted a new era in cancer diagnostics and therapy, taking advantage of the use of circulating exosomes as tumor biomarkers due to their stability in body fluids and targeting malignant exosomes’ release and/or uptake to inhibit or delay tumor development. In recent years, nanotechnology has paved the way for the development of a plethora of new diagnostic and therapeutic platforms, fostering theranostics. The unique physical and chemical properties of gold nanoparticles (AuNPs) make them suitable vehicles to pursuit this goal. AuNPs’ properties such as ease of synthesis with the desired shape and size, high surface:volume ratio, and the possibility of engineering their surface as desired, potentiate AuNPs’ role in nanotheranostics, allowing the use of the same formulation for exosome detection and restraining the effect of malicious exosomes in cancer progression. PMID:28098821

Persona: Network Layer Anonymity and Accountability for Next Generation Internet

NASA Astrophysics Data System (ADS)

Mallios, Yannis; Modi, Sudeep; Agarwala, Aditya; Johns, Christina

Individual privacy has become a major concern, due to the intrusive nature of the services and websites that collect increasing amounts of private information. One of the notions that can lead towards privacy protection is that of anonymity. Unfortunately, anonymity can also be maliciously exploited by attackers to hide their actions and identity. Thus some sort of accountability is also required. The current Internet has failed to provide both properties, as anonymity techniques are difficult to fully deploy and thus are easily attacked, while the Internet provides limited level of accountability. The Next Generation Internet (NGI) provides us with the opportunity to examine how these conflicting properties could be efficiently applied and thus protect users’ privacy while holding malicious users accountable. In this paper we present the design of a scheme, called Persona that can provide anonymity and accountability in the network layer of NGI. More specifically, our design requirements are to combine these two conflicting desires in a stateless manner within routers. Persona allows users to choose different levels of anonymity, while it allows the discovery of malicious nodes.

Tumor Microenvironment Modulation via Gold Nanoparticles Targeting Malicious Exosomes: Implications for Cancer Diagnostics and Therapy.

PubMed

Roma-Rodrigues, Catarina; Raposo, Luís R; Cabral, Rita; Paradinha, Fabiana; Baptista, Pedro V; Fernandes, Alexandra R

2017-01-14

Exosomes are nanovesicles formed in the endosomal pathway with an important role in paracrine and autocrine cell communication. Exosomes secreted by cancer cells, malicious exosomes, have important roles in tumor microenvironment maturation and cancer progression. The knowledge of the role of exosomes in tumorigenesis prompted a new era in cancer diagnostics and therapy, taking advantage of the use of circulating exosomes as tumor biomarkers due to their stability in body fluids and targeting malignant exosomes' release and/or uptake to inhibit or delay tumor development. In recent years, nanotechnology has paved the way for the development of a plethora of new diagnostic and therapeutic platforms, fostering theranostics. The unique physical and chemical properties of gold nanoparticles (AuNPs) make them suitable vehicles to pursuit this goal. AuNPs' properties such as ease of synthesis with the desired shape and size, high surface:volume ratio, and the possibility of engineering their surface as desired, potentiate AuNPs' role in nanotheranostics, allowing the use of the same formulation for exosome detection and restraining the effect of malicious exosomes in cancer progression.

Agents Based e-Commerce and Securing Exchanged Information

NASA Astrophysics Data System (ADS)

Al-Jaljouli, Raja; Abawajy, Jemal

Mobile agents have been implemented in e-Commerce to search and filter information of interest from electronic markets. When the information is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described, which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol usingSymbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data-authenticity, origin confidentiality and data non-repudiability.

Real-time detection and classification of anomalous events in streaming data

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ferragut, Erik M.; Goodall, John R.; Iannacone, Michael D.

2016-04-19

A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The events can be displayed to a user in user-defined groupings in an animated fashion. The system can include a plurality of anomaly detectors that together implement an algorithm to identify low probability events and detect atypical traffic patterns. The atypical traffic patterns can then be classified as being of interest or not. In one particular example, in a network environment, the classification can be whether the network traffic is malicious or not.

LINEBACKER: LINE-speed Bio-inspired Analysis and Characterization for Event Recognition

DOE Office of Scientific and Technical Information (OSTI.GOV)

Oehmen, Christopher S.; Bruillard, Paul J.; Matzke, Brett D.

2016-08-04

The cyber world is a complex domain, with digital systems mediating a wide spectrum of human and machine behaviors. While this is enabling a revolution in the way humans interact with each other and data, it also is exposing previously unreachable infrastructure to a worldwide set of actors. Existing solutions for intrusion detection and prevention that are signature-focused typically seek to detect anomalous and/or malicious activity for the sake of preventing or mitigating negative impacts. But a growing interest in behavior-based detection is driving new forms of analysis that move the emphasis from static indicators (e.g. rule-based alarms or tripwires)more » to behavioral indicators that accommodate a wider contextual perspective. Similar to cyber systems, biosystems have always existed in resource-constrained hostile environments where behaviors are tuned by context. So we look to biosystems as an inspiration for addressing behavior-based cyber challenges. In this paper, we introduce LINEBACKER, a behavior-model based approach to recognizing anomalous events in network traffic and present the design of this approach of bio-inspired and statistical models working in tandem to produce individualized alerting for a collection of systems. Preliminary results of these models operating on historic data are presented along with a plugin to support real-world cyber operations.« less

Intense or malicious? The decoding of eyebrow-lowering frowning in laughter animations depends on the presentation mode

PubMed Central

Hofmann, Jennifer

2014-01-01

Joyful laughter is the only laughter type that has received sufficient validation in terms of morphology (i.e., face, voice). Still, it is unclear whether joyful laughter involves one prototypical facial-morphological configuration (Duchenne Display and mouth opening) to be decoded as such, or whether qualitatively distinct facial markers occur at different stages of laughter intensity. It was proposed that intense laughter goes along with eyebrow-lowering frowning, but in decoding studies of pictures, these “frowns” were associated with perceived maliciousness rather than higher intensity. Thus, two studies were conducted to investigate the influence of the presentation mode (static, dynamic) and eyebrow-lowering frowning on the perception of laughter animations of different intensity. In Study 1, participants (N = 110) were randomly assigned to two presentation modes (static pictures vs. dynamic videos) to watch animations of Duchenne laughter and laughter with added eyebrow-lowering frowning. Ratings on the intensity, valence, and contagiousness of the laughter were completed. In Study 2, participants (N = 55) saw both animation types in both presentation modes sequentially. Results confirmed that the static presentation lead to eyebrow-lowering frowning in intense laughter being perceived as more malicious, less intense, less benevolent, and less contagious compared to the dynamic presentation. This was replicated for maliciousness in Study 2, although participants could potentially infer the “frown” as a natural element of the laugh, as they had seen the video and the picture. Thus, a dynamic presentation is necessary for detecting graduating intensity markers in the joyfully laughing face. While this study focused on the decoding, future studies should investigate the encoding of frowning in laughter. This is important, as tools assessing facially expressed joy might need to account for laughter intensity markers that differ from the Duchenne Display. PMID:25477836

Intense or malicious? The decoding of eyebrow-lowering frowning in laughter animations depends on the presentation mode.

PubMed

Hofmann, Jennifer

2014-01-01

Joyful laughter is the only laughter type that has received sufficient validation in terms of morphology (i.e., face, voice). Still, it is unclear whether joyful laughter involves one prototypical facial-morphological configuration (Duchenne Display and mouth opening) to be decoded as such, or whether qualitatively distinct facial markers occur at different stages of laughter intensity. It was proposed that intense laughter goes along with eyebrow-lowering frowning, but in decoding studies of pictures, these "frowns" were associated with perceived maliciousness rather than higher intensity. Thus, two studies were conducted to investigate the influence of the presentation mode (static, dynamic) and eyebrow-lowering frowning on the perception of laughter animations of different intensity. In Study 1, participants (N = 110) were randomly assigned to two presentation modes (static pictures vs. dynamic videos) to watch animations of Duchenne laughter and laughter with added eyebrow-lowering frowning. Ratings on the intensity, valence, and contagiousness of the laughter were completed. In Study 2, participants (N = 55) saw both animation types in both presentation modes sequentially. Results confirmed that the static presentation lead to eyebrow-lowering frowning in intense laughter being perceived as more malicious, less intense, less benevolent, and less contagious compared to the dynamic presentation. This was replicated for maliciousness in Study 2, although participants could potentially infer the "frown" as a natural element of the laugh, as they had seen the video and the picture. Thus, a dynamic presentation is necessary for detecting graduating intensity markers in the joyfully laughing face. While this study focused on the decoding, future studies should investigate the encoding of frowning in laughter. This is important, as tools assessing facially expressed joy might need to account for laughter intensity markers that differ from the Duchenne Display.

E-commerce Review System to Detect False Reviews.

PubMed

Kolhar, Manjur

2017-08-15

E-commerce sites have been doing profitable business since their induction in high-speed and secured networks. Moreover, they continue to influence consumers through various methods. One of the most effective methods is the e-commerce review rating system, in which consumers provide review ratings for the products used. However, almost all e-commerce review rating systems are unable to provide cumulative review ratings. Furthermore, review ratings are influenced by positive and negative malicious feedback ratings, collectively called false reviews. In this paper, we proposed an e-commerce review system framework developed using the cumulative sum method to detect and remove malicious review ratings.

Trust recovery model of Ad Hoc network based on identity authentication scheme

NASA Astrophysics Data System (ADS)

Liu, Jie; Huan, Shuiyuan

2017-05-01

Mobile Ad Hoc network trust model is widely used to solve mobile Ad Hoc network security issues. Aiming at the problem of reducing the network availability caused by the processing of malicious nodes and selfish nodes in mobile Ad Hoc network routing based on trust model, an authentication mechanism based on identity authentication mobile Ad Hoc network is proposed, which uses identity authentication to identify malicious nodes, And trust the recovery of selfish nodes in order to achieve the purpose of reducing network congestion and improving network quality. The simulation results show that the implementation of the mechanism can effectively improve the network availability and security.

Dataset of anomalies and malicious acts in a cyber-physical subsystem.

PubMed

Laso, Pedro Merino; Brosset, David; Puentes, John

2017-10-01

This article presents a dataset produced to investigate how data and information quality estimations enable to detect aNomalies and malicious acts in cyber-physical systems. Data were acquired making use of a cyber-physical subsystem consisting of liquid containers for fuel or water, along with its automated control and data acquisition infrastructure. Described data consist of temporal series representing five operational scenarios - Normal, aNomalies, breakdown, sabotages, and cyber-attacks - corresponding to 15 different real situations. The dataset is publicly available in the .zip file published with the article, to investigate and compare faulty operation detection and characterization methods for cyber-physical systems.

Emulating a million machines to investigate botnets.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rudish, Donald W.

2010-06-01

Researchers at Sandia National Laboratories in Livermore, California are creating what is in effect a vast digital petridish able to hold one million operating systems at once in an effort to study the behavior of rogue programs known as botnets. Botnets are used extensively by malicious computer hackers to steal computing power fron Internet-connected computers. The hackers harness the stolen resources into a scattered but powerful computer that can be used to send spam, execute phishing, scams or steal digital information. These remote-controlled 'distributed computers' are difficult to observe and track. Botnets may take over parts of tens of thousandsmore » or in some cases even millions of computers, making them among the world's most powerful computers for some applications.« less

Wireless Networks under a Backoff Attack: A Game Theoretical Perspective.

PubMed

Parras, Juan; Zazo, Santiago

2018-01-30

We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi's network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality.

Prevention of Malicious Nodes Communication in MANETs by Using Authorized Tokens

NASA Astrophysics Data System (ADS)

Chandrakant, N.; Shenoy, P. Deepa; Venugopal, K. R.; Patnaik, L. M.

A rapid increase of wireless networks and mobile computing applications has changed the landscape of network security. A MANET is more susceptible to the attacks than wired network. As a result, attacks with malicious intent have been and will be devised to take advantage of these vulnerabilities and to cripple the MANET operation. Hence we need to search for new architecture and mechanisms to protect the wireless networks and mobile computing applications. In this paper, we examine the nodes that come under the vicinity of base node and members of the network and communication is provided to genuine nodes only. It is found that the proposed algorithm is a effective algorithm for security in MANETs.

Cybersecurity through Real-Time Distributed Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kisner, Roger A; Manges, Wayne W; MacIntyre, Lawrence Paul

2010-04-01

Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections. Much work is under way in numerous organizations to characterize the cyber threat, determine means to minimize risk, and develop mitigation strategies to address potential consequences. While it seems natural that a simple application of cyber-protection methods derived from corporate business information technology (IT) domain would lead to an acceptable solution, the reality is that the characteristics of RTDCSs make many of those methods inadequatemore » and unsatisfactory or even harmful. A solution lies in developing a defense-in-depth approach that ranges from protection at communications interconnect levels ultimately to the control system s functional characteristics that are designed to maintain control in the face of malicious intrusion. This paper summarizes the nature of RTDCSs from a cybersecurity perspec tive and discusses issues, vulnerabilities, candidate mitigation approaches, and metrics.« less

Identification of Program Signatures from Cloud Computing System Telemetry Data

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nichols, Nicole M.; Greaves, Mark T.; Smith, William P.

Malicious cloud computing activity can take many forms, including running unauthorized programs in a virtual environment. Detection of these malicious activities while preserving the privacy of the user is an important research challenge. Prior work has shown the potential viability of using cloud service billing metrics as a mechanism for proxy identification of malicious programs. Previously this novel detection method has been evaluated in a synthetic and isolated computational environment. In this paper we demonstrate the ability of billing metrics to identify programs, in an active cloud computing environment, including multiple virtual machines running on the same hypervisor. The openmore » source cloud computing platform OpenStack, is used for private cloud management at Pacific Northwest National Laboratory. OpenStack provides a billing tool (Ceilometer) to collect system telemetry measurements. We identify four different programs running on four virtual machines under the same cloud user account. Programs were identified with up to 95% accuracy. This accuracy is dependent on the distinctiveness of telemetry measurements for the specific programs we tested. Future work will examine the scalability of this approach for a larger selection of programs to better understand the uniqueness needed to identify a program. Additionally, future work should address the separation of signatures when multiple programs are running on the same virtual machine.« less

Safety and security of radioactive sources in industrial radiography in Bangladesh

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mollah, A. S.; Nazrul, M. Abdullah

2013-07-01

Malicious use of radioactive sources can involve dispersal of that material through an explosive device. There has been recognition of the threat posed by the potential malicious misuse of NDT radioactive source by terrorists. The dispersal of radioactive material using conventional explosives, referred to as a 'dirty bomb', could create considerable panic, disruption and area access denial in an urban environment. However, as it is still a relatively new topic among regulators, users, and transport and storage operators worldwide, international assistance and cooperation in developing the necessary regulatory and security infrastructure is required. The most important action in reducing themore » risk of radiological terrorism is to increase the security of radioactive sources. This paper presents safety and security considerations for the transport and site storage of the industrial radiography sources as per national regulations entitled 'Nuclear Safety and Radiation Control Rules-1997'.The main emphasis was put on the stages of some safety and security actions in order to prevent theft, sabotage or other malicious acts during the transport of the packages. As a conclusion it must be mentioned that both safety and security considerations are very important aspects that must be taking in account for the transport and site storage of radioactive sources used in the practice of industrial radiography. (authors)« less

FORENSIC ANALYSIS OF WINDOW’S® VIRTUAL MEMORY INCORPORATING THE SYSTEM’S PAGEFILE COUNTERINTELLIGENCE THROUGH MALICIOUS CODE ANALYSIS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jared Stimson

FORENSIC ANALYSIS OF WINDOW’S® VIRTUAL MEMORY INCORPORATING THE SYSTEM’S PAGEFILE Computer Forensics is concerned with the use of computer investigation and analysis techniques in order to collect evidence suitable for presentation in court. The examination of volatile memory is a relatively new but important area in computer forensics. More recently criminals are becoming more forensically aware and are now able to compromise computers without accessing the hard disk of the target computer. This means that traditional incident response practice of pulling the plug will destroy the only evidence of the crime. While some techniques are available for acquiring the contentsmore » of main memory, few exist which can analyze these data in a meaningful way. One reason for this is how memory is managed by the operating system. Data belonging to one process can be distributed arbitrarily across physical memory or the hard disk, making it very difficult to recover useful information. This report will focus on how these disparate sources of information can be combined to give a single, contiguous address space for each process. Using address translation a tool is developed to reconstruct the virtual address space of a process by combining a physical memory dump with the page-file on the hard disk. COUNTERINTELLIGENCE THROUGH MALICIOUS CODE ANALYSIS As computer network technology continues to grow so does the reliance on this technology for everyday business functionality. To appeal to customers and employees alike, businesses are seeking an increased online prescience, and to increase productivity the same businesses are computerizing their day-to-day operations. The combination of a publicly accessible interface to the businesses network, and the increase in the amount of intellectual property present on these networks presents serious risks. All of this intellectual property now faces constant attacks from a wide variety of malicious software that is intended to uncover company and government secrets. Every year billions of dollars are invested in preventing and recovering from the introduction of malicious code into a system. However, there is little research being done on leveraging these attacks for counterintelligence opportunities. With the ever-increasing number of vulnerable computers on the Internet the task of attributing these attacks to an organization or a single person is a daunting one. This thesis will demonstrate the idea of intentionally running a piece of malicious code in a secure environment in order to gain counterintelligence on an attacker.« less

The development of a screening questionnaire for childhood cruelty to animals.

PubMed

Guymer, E C; Mellor, D; Luk, E S; Pearse, V

2001-11-01

Childhood cruelty to animals may be a marker of poor prognosis amongst conduct disordered children. However, other than semistructured interviews with parents or children, there are no screening instruments for this behavior. The aim of this study was to develop such an instrument. In the first phase of the study, a parent-report questionnaire, Children's Attitudes and Behaviors Towards Animals (CABTA) was designed and piloted on 360 elementary school children, enabling community norms and a factor structure for the instrument to be derived. In the second phase, the questionnaire was completed by the parents of a small sample of children (N = 17) to establish its test-retest reliability. In the third phase of the study, the CABTA was completed by the parents of 19 children who had been diagnosed with either a Disruptive Behavioral Disorder or Attention Deficit Hyperactivity Disorder, and the results were compared with the outcome of a semistructured interview with parents regarding their child's behavior toward animals. The results of the various phases of the study indicated that the CABTA consists of two factors. Typical and Malicious Cruelty to animals, and is a reliable and valid tool for detecting childhood cruelty to animals. Possible use and adaptations of the CABTA as a screening instrument in clinical and community samples are discussed.

A trust evaluation algorithm for wireless sensor networks based on node behaviors and D-S evidence theory.

PubMed

Feng, Renjian; Xu, Xiaofeng; Zhou, Xiang; Wan, Jiangwen

2011-01-01

For wireless sensor networks (WSNs), many factors, such as mutual interference of wireless links, battlefield applications and nodes exposed to the environment without good physical protection, result in the sensor nodes being more vulnerable to be attacked and compromised. In order to address this network security problem, a novel trust evaluation algorithm defined as NBBTE (Node Behavioral Strategies Banding Belief Theory of the Trust Evaluation Algorithm) is proposed, which integrates the approach of nodes behavioral strategies and modified evidence theory. According to the behaviors of sensor nodes, a variety of trust factors and coefficients related to the network application are established to obtain direct and indirect trust values through calculating weighted average of trust factors. Meanwhile, the fuzzy set method is applied to form the basic input vector of evidence. On this basis, the evidence difference is calculated between the indirect and direct trust values, which link the revised D-S evidence combination rule to finally synthesize integrated trust value of nodes. The simulation results show that NBBTE can effectively identify malicious nodes and reflects the characteristic of trust value that 'hard to acquire and easy to lose'. Furthermore, it is obvious that the proposed scheme has an outstanding advantage in terms of illustrating the real contribution of different nodes to trust evaluation.

Early-Life Stressors, Personality Development, and Fast Life Strategies: An Evolutionary Perspective on Malevolent Personality Features.

PubMed

Csathó, Árpád; Birkás, Béla

2018-01-01

Life history theory posits that behavioral adaptation to various environmental (ecological and/or social) conditions encountered during childhood is regulated by a wide variety of different traits resulting in various behavioral strategies. Unpredictable and harsh conditions tend to produce fast life history strategies, characterized by early maturation, a higher number of sexual partners to whom one is less attached, and less parenting of offspring. Unpredictability and harshness not only affects dispositional social and emotional functioning, but may also promote the development of personality traits linked to higher rates of instability in social relationships or more self-interested behavior. Similarly, detrimental childhood experiences, such as poor parental care or high parent-child conflict, affect personality development and may create a more distrustful, malicious interpersonal style. The aim of this brief review is to survey and summarize findings on the impact of negative early-life experiences on the development of personality and fast life history strategies. By demonstrating that there are parallels in adaptations to adversity in these two domains, we hope to lend weight to current and future attempts to provide a comprehensive insight of personality traits and functions at the ultimate and proximate levels.

Wireless Networks under a Backoff Attack: A Game Theoretical Perspective

PubMed Central

Zazo, Santiago

2018-01-01

We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi’s network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality. PMID:29385752

An enhanced performance through agent-based secure approach for mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Bisen, Dhananjay; Sharma, Sanjeev

2018-01-01

This paper proposes an agent-based secure enhanced performance approach (AB-SEP) for mobile ad hoc network. In this approach, agent nodes are selected through optimal node reliability as a factor. This factor is calculated on the basis of node performance features such as degree difference, normalised distance value, energy level, mobility and optimal hello interval of node. After selection of agent nodes, a procedure of malicious behaviour detection is performed using fuzzy-based secure architecture (FBSA). To evaluate the performance of the proposed approach, comparative analysis is done with conventional schemes using performance parameters such as packet delivery ratio, throughput, total packet forwarding, network overhead, end-to-end delay and percentage of malicious detection.

Intentional ethylene glycol poisoning increase after media coverage of antifreeze murders.

PubMed

Morgan, Brent W; Geller, Robert J; Kazzi, Ziad N

2011-07-01

The media can have a profound impact on human behavior. A sensational murder by ethylene glycol (EG) poisoning occurred in our state. The regional media provided extensive coverage of the murder. We undertook this investigation to evaluate our incidence of EG poisoning during the timeframe of before the first report linking a death to ethylene glycol to shortly after the first murder trial. Descriptive statistics and linear regression were used to describe and analyze the number of EG cases over time. A search of the leading regional newspaper's archives established the media coverage timeline. Between 2000 and 2004, our poison center (PC) handled a steady volume of unintentional exposures to EG [range: 105-123 per year, standard deviation (SD)=7.22]. EG exposures thought to be suicidal in intent increased from 12 cases in 2000 to 121 cases in 2004. In the 19 months prior to the first media report of this story, our PC handled a mean of 1 EG case with suicidal intent per month [range: 0-2, SD=.69]. In the month after the first media report, our PC handled 5 EG cases with suicidal intent. When media coverage was most intense (2004), our PC received a mean of 10 EG suicidal-intent calls per month [range: 5-17, SD=3.55]. Although uncommon, reports of malicious EG poisonings also increased during this same period from 2 in 2000 to 14 in 2004. Media coverage of stories involving poisonings may result in copycat events, applicable to both self-poisonings and concern for malicious poisonings. Poison centers should be aware of this phenomenon, pay attention to local media and plan accordingly if a poisoning event receives significant media coverage. The media should be more sensitive to the content of their coverage and avoid providing "how to" poisoning information.

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.

PubMed

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V

2017-03-21

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider's server contains a lot of valuable resources. LoBSs' users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs' risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs' risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing.

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks

PubMed Central

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V.

2017-01-01

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider’s server contains a lot of valuable resources. LoBSs’ users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs’ risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs’ risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing. PMID:28335569

Behavior-based network management: a unique model-based approach to implementing cyber superiority

NASA Astrophysics Data System (ADS)

Seng, Jocelyn M.

2016-05-01

Behavior-Based Network Management (BBNM) is a technological and strategic approach to mastering the identification and assessment of network behavior, whether human-driven or machine-generated. Recognizing that all five U.S. Air Force (USAF) mission areas rely on the cyber domain to support, enhance and execute their tasks, BBNM is designed to elevate awareness and improve the ability to better understand the degree of reliance placed upon a digital capability and the operational risk.2 Thus, the objective of BBNM is to provide a holistic view of the digital battle space to better assess the effects of security, monitoring, provisioning, utilization management, allocation to support mission sustainment and change control. Leveraging advances in conceptual modeling made possible by a novel advancement in software design and implementation known as Vector Relational Data Modeling (VRDM™), the BBNM approach entails creating a network simulation in which meaning can be inferred and used to manage network behavior according to policy, such as quickly detecting and countering malicious behavior. Initial research configurations have yielded executable BBNM models as combinations of conceptualized behavior within a network management simulation that includes only concepts of threats and definitions of "good" behavior. A proof of concept assessment called "Lab Rat," was designed to demonstrate the simplicity of network modeling and the ability to perform adaptation. The model was tested on real world threat data and demonstrated adaptive and inferential learning behavior. Preliminary results indicate this is a viable approach towards achieving cyber superiority in today's volatile, uncertain, complex and ambiguous (VUCA) environment.

Appraisal patterns of envy and related emotions.

PubMed

van de Ven, Niels; Zeelenberg, Marcel; Pieters, Rik

2012-06-01

Envy is a frustrating emotion that arises from upward social comparison. Two studies investigated the appraisals that distinguish benign envy (aimed at improving one's own situation) from malicious envy (aimed at pulling down the superior other). Study 1 found that appraisals of deservingness and control potential differentiated both types of envy. We manipulated these appraisals in Study 2 and found that while both did not influence the intensity of envy, they did determine the type of envy that resulted. The more a situation was appraised as undeserved, the more participants experienced malicious envy. Benign envy was experienced more when the situation was not undeserved, and the most when the situation was appraised as both deserved and controllable. The current research also clarifies how the types of envy differ from the related emotions admiration and resentment.

Cyber Security: Big Data Think II Working Group Meeting

NASA Technical Reports Server (NTRS)

Hinke, Thomas; Shaw, Derek

2015-01-01

This presentation focuses on approaches that could be used by a data computation center to identify attacks and ensure malicious code and backdoors are identified if planted in system. The goal is to identify actionable security information from the mountain of data that flows into and out of an organization. The approaches are applicable to big data computational center and some must also use big data techniques to extract the actionable security information from the mountain of data that flows into and out of a data computational center. The briefing covers the detection of malicious delivery sites and techniques for reducing the mountain of data so that intrusion detection information can be useful, and not hidden in a plethora of false alerts. It also looks at the identification of possible unauthorized data exfiltration.

A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks.

PubMed

Mi, Shichao; Han, Hui; Chen, Cailian; Yan, Jian; Guan, Xinping

2016-02-19

Heterogeneous wireless sensor networks (HWSNs) can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs) have more computation power, while relay nodes (RNs) with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS) to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

Ranking Reputation and Quality in Online Rating Systems

PubMed Central

Liao, Hao; Zeng, An; Xiao, Rui; Ren, Zhuo-Ming; Chen, Duan-Bing; Zhang, Yi-Cheng

2014-01-01

How to design an accurate and robust ranking algorithm is a fundamental problem with wide applications in many real systems. It is especially significant in online rating systems due to the existence of some spammers. In the literature, many well-performed iterative ranking methods have been proposed. These methods can effectively recognize the unreliable users and reduce their weight in judging the quality of objects, and finally lead to a more accurate evaluation of the online products. In this paper, we design an iterative ranking method with high performance in both accuracy and robustness. More specifically, a reputation redistribution process is introduced to enhance the influence of highly reputed users and two penalty factors enable the algorithm resistance to malicious behaviors. Validation of our method is performed in both artificial and real user-object bipartite networks. PMID:24819119

Identifying online user reputation in terms of user preference

NASA Astrophysics Data System (ADS)

Dai, Lu; Guo, Qiang; Liu, Xiao-Lu; Liu, Jian-Guo; Zhang, Yi-Cheng

2018-03-01

Identifying online user reputation is significant for online social systems. In this paper, taking into account the preference physics of online user collective behaviors, we present an improved group-based rating method for ranking online user reputation based on the user preference (PGR). All the ratings given by each specific user are mapped to the same rating criteria. By grouping users according to their mapped ratings, the online user reputation is calculated based on the corresponding group sizes. Results for MovieLens and Netflix data sets show that the AUC values of the PGR method can reach 0.9842 (0.9493) and 0.9995 (0.9987) for malicious (random) spammers, respectively, outperforming the results generated by the traditional group-based method, which indicates that the online preference plays an important role for measuring user reputation.

A Self-Stabilizing Byzantine-Fault-Tolerant Clock Synchronization Protocol

NASA Technical Reports Server (NTRS)

Malekpour, Mahyar R.

2009-01-01

This report presents a rapid Byzantine-fault-tolerant self-stabilizing clock synchronization protocol that is independent of application-specific requirements. It is focused on clock synchronization of a system in the presence of Byzantine faults after the cause of any transient faults has dissipated. A model of this protocol is mechanically verified using the Symbolic Model Verifier (SMV) [SMV] where the entire state space is examined and proven to self-stabilize in the presence of one arbitrary faulty node. Instances of the protocol are proven to tolerate bursts of transient failures and deterministically converge with a linear convergence time with respect to the synchronization period. This protocol does not rely on assumptions about the initial state of the system other than the presence of sufficient number of good nodes. All timing measures of variables are based on the node s local clock, and no central clock or externally generated pulse is used. The Byzantine faulty behavior modeled here is a node with arbitrarily malicious behavior that is allowed to influence other nodes at every clock tick. The only constraint is that the interactions are restricted to defined interfaces.

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2010 CFR

2010-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2014 CFR

2014-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2011 CFR

2011-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2012 CFR

2012-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

32 CFR 842.42 - Delegations of authority.

Code of Federal Regulations, 2013 CFR

2013-07-01

... claims in any amount: (i) The Deputy Judge Advocate General. (ii) The Director of Civil Law. (iii) The... process, or malicious prosecution committed by an investigative or law enforcement officer. (4) On-base...

Department of Homeland Security

MedlinePlus

... Release Joint Technical Alerts on Malicious North Korean Cyber Activity Today, DHS and FBI released a pair ... María Provide Feedback to DHS Protect Myself from Cyber Attacks Report Cyber Incidents Prepare My Family for ...

Protecting software agents from malicious hosts using quantum computing

NASA Astrophysics Data System (ADS)

Reisner, John; Donkor, Eric

2000-07-01

We evaluate how quantum computing can be applied to security problems for software agents. Agent-based computing, which merges technological advances in artificial intelligence and mobile computing, is a rapidly growing domain, especially in applications such as electronic commerce, network management, information retrieval, and mission planning. System security is one of the more eminent research areas in agent-based computing, and the specific problem of protecting a mobile agent from a potentially hostile host is one of the most difficult of these challenges. In this work, we describe our agent model, and discuss the capabilities and limitations of classical solutions to the malicious host problem. Quantum computing may be extremely helpful in addressing the limitations of classical solutions to this problem. This paper highlights some of the areas where quantum computing could be applied to agent security.

Detecting insider activity using enhanced directory virtualization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Shin, Dongwan; Claycomb, William R.

2010-07-01

Insider threats often target authentication and access control systems, which are frequently based on directory services. Detecting these threats is challenging, because malicious users with the technical ability to modify these structures often have sufficient knowledge and expertise to conceal unauthorized activity. The use of directory virtualization to monitor various systems across an enterprise can be a valuable tool for detecting insider activity. The addition of a policy engine to directory virtualization services enhances monitoring capabilities by allowing greater flexibility in analyzing changes for malicious intent. The resulting architecture is a system-based approach, where the relationships and dependencies between datamore » sources and directory services are used to detect an insider threat, rather than simply relying on point solutions. This paper presents such an architecture in detail, including a description of implementation results.« less

Formal Analysis of Key Integrity in PKCS#11

NASA Astrophysics Data System (ADS)

Falcone, Andrea; Focardi, Riccardo

PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and usb crypto-tokens. Though widely adopted, this API has been shown to be prone to attacks in which a malicious user gains access to the sensitive keys stored in the devices. In 2008, Delaune, Kremer and Steel proposed a model to formally reason on this kind of attacks. We extend this model to also describe flaws that are based on integrity violations of the stored keys. In particular, we consider scenarios in which a malicious overwriting of keys might fool honest users into using attacker's own keys, while performing sensitive operations. We further enrich the model with a trusted key mechanism ensuring that only controlled, non-tampered keys are used in cryptographic operations, and we show how this modified API prevents the above mentioned key-replacement attacks.

Comparison analysis on vulnerability of metro networks based on complex network

NASA Astrophysics Data System (ADS)

Zhang, Jianhua; Wang, Shuliang; Wang, Xiaoyuan

2018-04-01

This paper analyzes the networked characteristics of three metro networks, and two malicious attacks are employed to investigate the vulnerability of metro networks based on connectivity vulnerability and functionality vulnerability. Meanwhile, the networked characteristics and vulnerability of three metro networks are compared with each other. The results show that Shanghai metro network has the largest transport capacity, Beijing metro network has the best local connectivity and Guangzhou metro network has the best global connectivity, moreover Beijing metro network has the best homogeneous degree distribution. Furthermore, we find that metro networks are very vulnerable subjected to malicious attacks, and Guangzhou metro network has the best topological structure and reliability among three metro networks. The results indicate that the proposed methodology is feasible and effective to investigate the vulnerability and to explore better topological structure of metro networks.

Investigating weaknesses in Android certificate security

NASA Astrophysics Data System (ADS)

Krych, Daniel E.; Lange-Maney, Stephen; McDaniel, Patrick; Glodek, William

2015-05-01

Android's application market relies on secure certificate generation to establish trust between applications and their users; yet, cryptography is often not a priority for application developers and many fail to take the necessary security precautions. Indeed, there is cause for concern: several recent high-profile studies have observed a pervasive lack of entropy on Web-systems leading to the factorization of private keys.1 Sufficient entropy, or randomness, is essential to generate secure key pairs and combat predictable key generation. In this paper, we analyze the security of Android certificates. We investigate the entropy present in 550,000 Android application certificates using the Quasilinear GCD finding algorithm.1 Our results show that while the lack of entropy does not appear to be as ubiquitous in the mobile markets as on Web-systems, there is substantial reuse of certificates only one third of the certificates in our dataset were unique. In other words, we find that organizations frequently reuse certificates for different applications. While such a practice is acceptable under Google's specifications for a single developer, we find that in some cases the same certificates are used for a myriad of developers, potentially compromising Android's intended trust relationships. Further, we observed duplicate certificates being used by both malicious and non-malicious applications. The top 3 repeated certificates present in our dataset accounted for a total of 11,438 separate APKs. Of these applications, 451, or roughly 4%, were identified as malicious by antivirus services.

A Game-Theoretic Response Strategy for Coordinator Attack in Wireless Sensor Networks

PubMed Central

Liu, Jianhua; Yue, Guangxue; Shang, Huiliang; Li, Hongjie

2014-01-01

The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security. PMID:25105171

Node Immunization with Time-Sensitive Restrictions.

PubMed

Cui, Wen; Gong, Xiaoqing; Liu, Chen; Xu, Dan; Chen, Xiaojiang; Fang, Dingyi; Tang, Shaojie; Wu, Fan; Chen, Guihai

2016-12-15

When we encounter a malicious rumor or an infectious disease outbreak, immunizing k nodes of the relevant network with limited resources is always treated as an extremely effective method. The key challenge is how we can insulate limited nodes to minimize the propagation of those contagious things. In previous works, the best k immunised nodes are selected by learning the initial status of nodes and their strategies even if there is no feedback in the propagation process, which eventually leads to ineffective performance of their solutions. In this paper, we design a novel vaccines placement strategy for protecting much more healthy nodes from being infected by infectious nodes. The main idea of our solution is that we are not only utilizing the status of changing nodes as auxiliary knowledge to adjust our scheme, but also comparing the performance of vaccines in various transmission slots. Thus, our solution has a better chance to get more benefit from these limited vaccines. Extensive experiments have been conducted on several real-world data sets and the results have shown that our algorithm has a better performance than previous works.

Node Immunization with Time-Sensitive Restrictions

PubMed Central

Cui, Wen; Gong, Xiaoqing; Liu, Chen; Xu, Dan; Chen, Xiaojiang; Fang, Dingyi; Tang, Shaojie; Wu, Fan; Chen, Guihai

2016-01-01

When we encounter a malicious rumor or an infectious disease outbreak, immunizing k nodes of the relevant network with limited resources is always treated as an extremely effective method. The key challenge is how we can insulate limited nodes to minimize the propagation of those contagious things. In previous works, the best k immunised nodes are selected by learning the initial status of nodes and their strategies even if there is no feedback in the propagation process, which eventually leads to ineffective performance of their solutions. In this paper, we design a novel vaccines placement strategy for protecting much more healthy nodes from being infected by infectious nodes. The main idea of our solution is that we are not only utilizing the status of changing nodes as auxiliary knowledge to adjust our scheme, but also comparing the performance of vaccines in various transmission slots. Thus, our solution has a better chance to get more benefit from these limited vaccines. Extensive experiments have been conducted on several real-world data sets and the results have shown that our algorithm has a better performance than previous works. PMID:27983680

A game-theoretic response strategy for coordinator attack in wireless sensor networks.

PubMed

Liu, Jianhua; Yue, Guangxue; Shen, Shigen; Shang, Huiliang; Li, Hongjie

2014-01-01

The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security.

Legal Aspects of Confrontation

ERIC Educational Resources Information Center

Shannon, Thomas A.

1970-01-01

High school principals are obligated to protect the property and students entrusted to their care. As long as any action they take against student dissenters resorting to violence is non-malicious, they need not fear legal repercussions. (CK)

Streaming PCA with many missing entries.

DOT National Transportation Integrated Search

2015-12-01

This paper considers the problem of matrix completion when some number of the columns are : completely and arbitrarily corrupted, potentially by a malicious adversary. It is well-known that standard : algorithms for matrix completion can return arbit...

Calibration Testing of Network Tap Devices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Popovsky, Barbara; Chee, Brian; Frincke, Deborah A.

2007-11-14

Abstract: Understanding the behavior of network forensic devices is important to support prosecutions of malicious conduct on computer networks as well as legal remedies for false accusations of network management negligence. Individuals who seek to establish the credibility of network forensic data must speak competently about how the data was gathered and the potential for data loss. Unfortunately, manufacturers rarely provide information about the performance of low-layer network devices at a level that will survive legal challenges. This paper proposes a first step toward an independent calibration standard by establishing a validation testing methodology for evaluating forensic taps against manufacturermore » specifications. The methodology and the theoretical analysis that led to its development are offered as a conceptual framework for developing a standard and to "operationalize" network forensic readiness. This paper also provides details of an exemplar test, testing environment, procedures and results.« less

DualTrust: A Distributed Trust Model for Swarm-Based Autonomic Computing Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Maiden, Wendy M.; Dionysiou, Ioanna; Frincke, Deborah A.

2011-02-01

For autonomic computing systems that utilize mobile agents and ant colony algorithms for their sensor layer, trust management is important for the acceptance of the mobile agent sensors and to protect the system from malicious behavior by insiders and entities that have penetrated network defenses. This paper examines the trust relationships, evidence, and decisions in a representative system and finds that by monitoring the trustworthiness of the autonomic managers rather than the swarming sensors, the trust management problem becomes much more scalable and still serves to protect the swarm. We then propose the DualTrust conceptual trust model. By addressing themore » autonomic manager’s bi-directional primary relationships in the ACS architecture, DualTrust is able to monitor the trustworthiness of the autonomic managers, protect the sensor swarm in a scalable manner, and provide global trust awareness for the orchestrating autonomic manager.« less

78 FR 65923 - Schedules of Controlled Substances: Placement of Tramadol Into Schedule IV

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-04

... own motion; (2) at the request of the Secretary of the HHS; or (3) on the petition of any interested... reaction, overmedication, malicious poisoning, and accidental ingestion). Non-medical use may involve...

Consensus-Based Cooperative Spectrum Sensing with Improved Robustness Against SSDF Attacks

NASA Astrophysics Data System (ADS)

Liu, Quan; Gao, Jun; Guo, Yunwei; Liu, Siyang

2011-05-01

Based on the consensus algorithm, an attack-proof cooperative spectrum sensing (CSS) scheme is presented for decentralized cognitive radio networks (CRNs), where a common fusion center is not available and some malicious users may launch attacks with spectrum sensing data falsification (SSDF). Local energy detection is firstly performed by each secondary user (SU), and then, utilizing the consensus notions, each SU can make its own decision individually only by local information exchange with its neighbors rather than any centralized fusion used in most existing schemes. With the help of some anti-attack tricks, each authentic SU can generally identify and exclude those malicious reports during the interactions within the neighborhood. Compared with the existing solutions, the proposed scheme is proved to have much better robustness against three categories of SSDF attack, without requiring any a priori knowledge of the whole network.

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

The emotional responses of browsing Facebook: Happiness, envy, and the role of tie strength.

PubMed

Lin, Ruoyun; Utz, Sonja

2015-11-01

On Facebook, users are exposed to posts from both strong and weak ties. Even though several studies have examined the emotional consequences of using Facebook, less attention has been paid to the role of tie strength. This paper aims to explore the emotional outcomes of reading a post on Facebook and examine the role of tie strength in predicting happiness and envy. Two studies - one correlational, based on a sample of 207 American participants and the other experimental, based on a sample of 194 German participants - were conducted in 2014. In Study 2, envy was further distinguished into benign and malicious envy. Based on a multi-method approach, the results showed that positive emotions are more prevalent than negative emotions while browsing Facebook. Moreover, tie strength is positively associated with the feeling of happiness and benign envy, whereas malicious envy is independent of tie strength after reading a (positive) post on Facebook.

Radiological Exposure Devices (RED) Technical Basis for Threat Profile.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bland, Jesse John; Potter, Charles A.; Homann, Steven

Facilities that manufacture, store or transport significant quantities of radiological material must protect against the risk posed by sabotage events. Much of the analysis of this type of event has been focused on the threat from a radiological dispersion device (RDD) or "dirty bomb" scenario, in which a malicious assailant would, by explosives or other means, loft a significant quantity of radioactive material into a plume that would expose and contaminate people and property. Although the consequences in cost and psychological terror would be severe, no intentional RDD terrorism events are on record. Conversely, incidents in which a victim ormore » victims were maliciously exposed to a Radiological Exposure Device (RED), without dispersal of radioactive material, are well documented. This paper represents a technical basis for the threat profile related to the risk of nefarious use of an RED, including assailant and material characterization. Radioactive materials of concern are detailed in Appendix A.« less

Detecting malicious chaotic signals in wireless sensor network

NASA Astrophysics Data System (ADS)

Upadhyay, Ranjit Kumar; Kumari, Sangeeta

2018-02-01

In this paper, an e-epidemic Susceptible-Infected-Vaccinated (SIV) model has been proposed to analyze the effect of node immunization and worms attacking dynamics in wireless sensor network. A modified nonlinear incidence rate with cyrtoid type functional response has been considered using sleep and active mode approach. Detailed stability analysis and the sufficient criteria for the persistence of the model system have been established. We also established different types of bifurcation analysis for different equilibria at different critical points of the control parameters. We performed a detailed Hopf bifurcation analysis and determine the direction and stability of the bifurcating periodic solutions using center manifold theorem. Numerical simulations are carried out to confirm the theoretical results. The impact of the control parameters on the dynamics of the model system has been investigated and malicious chaotic signals are detected. Finally, we have analyzed the effect of time delay on the dynamics of the model system.

Real-Time SCADA Cyber Protection Using Compression Techniques

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lyle G. Roybal; Gordon H Rueff

2013-11-01

The Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OE’s Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welchmore » (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.« less

25 CFR 1000.272 - Do Tribes/Consortia need to be aware of areas which FTCA does not cover?

Code of Federal Regulations, 2010 CFR

2010-04-01

... imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, unless otherwise authorized by 28 U.S.C. 2680(h). (b) What...

A Study of Gaps in Attack Analysis

DTIC Science & Technology

2016-10-12

2014. [86] Shobha Venkataraman , David Brumley, Subhabrata Sen, and Oliver Spatscheck. Automati- cally Inferring the Evolution of Malicious Activity on...Shobha Venkataraman , Subhabrata Sen, Oliver Spatscheck, Patrick Haffner, and Dawn Song. Exploiting Network Structure for Proactive Spam Mitigation. In

A guide to California's breaches. First year of state reporting requirement reveals common privacy violations.

PubMed

Dimick, Chris

2010-04-01

Effective January 1, 2009, California healthcare providers were required to report every breach of patient information to the state. They have sent a flood of mishaps and a steady stream of malicious acts.

12 CFR 263.94 - Conduct warranting sanctions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... an attorney, or debarment or suspension from practice as a certified public accountant or public... that individual's period of suspension, debarment, or ineligibility; (f) Contemptuous conduct in... circulating or publishing malicious or libelous matter; (g) Suspension or debarment from practice before the...

Data Integrity: Backup

ERIC Educational Resources Information Center

Bergren, Martha Dewey

2005-01-01

School nurses and health office staff have an ethical and legal obligation to protect the integrity of electronic student health records. Various sources, both accidental and malicious, can threaten student health data. School nurses must employ regular and reliable methods to back up student health data.

Finding Malicious Cyber Discussions in Social Media

DTIC Science & Technology

2015-12-11

automatically filter cyber discussions from Stack Exchange, Reddit, and Twitter posts written in English. Criminal hackers often use social media...monitoring hackers on Facebook and in private chat rooms. As a result, system administrators were prepared to counter distributed denial-of-service

Information hiding techniques for infrared images: exploring the state-of-the art and challenges

NASA Astrophysics Data System (ADS)

Pomponiu, Victor; Cavagnino, Davide; Botta, Marco; Nejati, Hossein

2015-10-01

The proliferation of Infrared technology and imaging systems enables a different perspective to tackle many computer vision problems in defense and security applications. Infrared images are widely used by the law enforcement, Homeland Security and military organizations to achieve a significant advantage or situational awareness, and thus is vital to protect these data against malicious attacks. Concurrently, sophisticated malware are developed which are able to disrupt the security and integrity of these digital media. For instance, illegal distribution and manipulation are possible malicious attacks to the digital objects. In this paper we explore the use of a new layer of defense for the integrity of the infrared images through the aid of information hiding techniques such as watermarking. In this context, we analyze the efficiency of several optimal decoding schemes for the watermark inserted into the Singular Value Decomposition (SVD) domain of the IR images using an additive spread spectrum (SS) embedding framework. In order to use the singular values (SVs) of the IR images with the SS embedding we adopt several restrictions that ensure that the values of the SVs will maintain their statistics. For both the optimal maximum likelihood decoder and sub-optimal decoders we assume that the PDF of SVs can be modeled by the Weibull distribution. Furthermore, we investigate the challenges involved in protecting and assuring the integrity of IR images such as data complexity and the error probability behavior, i.e., the probability of detection and the probability of false detection, for the applied optimal decoders. By taking into account the efficiency and the necessary auxiliary information for decoding the watermark, we discuss the suitable decoder for various operating situations. Experimental results are carried out on a large dataset of IR images to show the imperceptibility and efficiency of the proposed scheme against various attack scenarios.

Evidence for surprise minimization over value maximization in choice behavior

PubMed Central

Schwartenbeck, Philipp; FitzGerald, Thomas H. B.; Mathys, Christoph; Dolan, Ray; Kronbichler, Martin; Friston, Karl

2015-01-01

Classical economic models are predicated on the idea that the ultimate aim of choice is to maximize utility or reward. In contrast, an alternative perspective highlights the fact that adaptive behavior requires agents’ to model their environment and minimize surprise about the states they frequent. We propose that choice behavior can be more accurately accounted for by surprise minimization compared to reward or utility maximization alone. Minimizing surprise makes a prediction at variance with expected utility models; namely, that in addition to attaining valuable states, agents attempt to maximize the entropy over outcomes and thus ‘keep their options open’. We tested this prediction using a simple binary choice paradigm and show that human decision-making is better explained by surprise minimization compared to utility maximization. Furthermore, we replicated this entropy-seeking behavior in a control task with no explicit utilities. These findings highlight a limitation of purely economic motivations in explaining choice behavior and instead emphasize the importance of belief-based motivations. PMID:26564686

Toward Exposing Timing-Based Probing Attacks in Web Applications †

PubMed Central

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-01-01

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach. PMID:28245610

Toward Exposing Timing-Based Probing Attacks in Web Applications.

PubMed

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-02-25

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users' browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

Detecting Payload Attacks on Programmable Logic Controllers (PLCs)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, Huan

Programmable logic controllers (PLCs) play critical roles in industrial control systems (ICS). Providing hardware peripherals and firmware support for control programs (i.e., a PLC’s “payload”) written in languages such as ladder logic, PLCs directly receive sensor readings and control ICS physical processes. An attacker with access to PLC development software (e.g., by compromising an engineering workstation) can modify the payload program and cause severe physical damages to the ICS. To protect critical ICS infrastructure, we propose to model runtime behaviors of legitimate PLC payload program and use runtime behavior monitoring in PLC firmware to detect payload attacks. By monitoring themore » I/O access patterns, network access patterns, as well as payload program timing characteristics, our proposed firmware-level detection mechanism can detect abnormal runtime behaviors of malicious PLC payload. Using our proof-of-concept implementation, we evaluate the memory and execution time overhead of implementing our proposed method and find that it is feasible to incorporate our method into existing PLC firmware. In addition, our evaluation results show that a wide variety of payload attacks can be effectively detected by our proposed approach. The proposed firmware-level payload attack detection scheme complements existing bumpin- the-wire solutions (e.g., external temporal-logic-based model checkers) in that it can detect payload attacks that violate realtime requirements of ICS operations and does not require any additional apparatus.« less

The effects of collaboration and minimal-group membership on children's prosocial behavior, liking, affiliation, and trust.

PubMed

Plötner, Maria; Over, Harriet; Carpenter, Malinda; Tomasello, Michael

2015-11-01

Recent theoretical work has highlighted potential links between interpersonal collaboration and group membership in the evolution of human sociality. Here we compared the effects of collaboration and minimal-group membership on young children's prosocial behavior (i.e., helping and resource allocation), liking, affiliation, and trust. In a design that matched as closely as possible these two ways of connecting with others, we showed that 5-year-olds' behavior was affected similarly by collaboration and minimal-group membership; both increased children's preference for their partners on multiple dimensions and produced overall effects of a similar magnitude. In contrast, 3.5-year-olds did not have a strong preference for either collaborators or minimal in-group members. Thus, both collaboration and minimal-group membership are similarly effective in their influence on children's prosocial behavior and social preferences. Copyright © 2015 Elsevier Inc. All rights reserved.

32 CFR 536.45 - Statutory exceptions.

Code of Federal Regulations, 2010 CFR

2010-07-01

... employee of the government, whether or not the discretion is abused. This exclusion does not apply to a... imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, except for acts or omissions of investigation of law...

25 CFR 900.183 - Do Indian tribes and tribal organizations need to be aware of areas which FTCA does not cover?

Code of Federal Regulations, 2010 CFR

2010-04-01

..., battery, false imprisonment, false arrest, malicious prosecution, abuse of process, libel, slander, misrepresentation, deceit, or interference with contract rights, unless otherwise authorized by 28 U.S.C. 2680(h...

Malicious Activity Simulation Tool (MAST) and Trust

DTIC Science & Technology

2015-06-01

application through discovery and remediation of flaws. B. DESIGN AND DEVELOPMENT CONSIDERATIONS Design and development focuses on the actual...protection of the backup and restoration of the application. COBR -1 X V-16846 The IAO will ensure a disaster recovery plan exists in accordance

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2010-04-01 2010-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2014-04-01 2014-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2011-04-01 2011-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2013-04-01 2013-04-01 false Supervision. 70.609... From Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When... official or made unmarketable, the liquors shall be destroyed by suitable means under supervision...

75 FR 35508 - Draft Regulatory Guide: Issuance, Availability

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-22

... Systems and Networks,'' requires licensees to develop cyber-security plans and programs to protect critical digital assets, including digital safety systems, from malicious cyber attacks. Regulatory Guide 5.71, ``Cyber Security Programs for Nuclear Facilities,'' provides guidance to meet the requirements of...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

18 CFR 39.1 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Mexico. Cybersecurity Incident means a malicious act or suspicious event that disrupts, or was an attempt... includes requirements for the operation of existing Bulk-Power System facilities, including cybersecurity... failures of such system will not occur as a result of a sudden disturbance, including a Cybersecurity...

Brainjacking: Implant Security Issues in Invasive Neuromodulation.

PubMed

Pycroft, Laurie; Boccard, Sandra G; Owen, Sarah L F; Stein, John F; Fitzgerald, James J; Green, Alexander L; Aziz, Tipu Z

2016-08-01

The security of medical devices is critical to good patient care, especially when the devices are implanted. In light of recent developments in information security, there is reason to be concerned that medical implants are vulnerable to attack. The ability of attackers to exert malicious control over brain implants ("brainjacking") has unique challenges that we address in this review, with particular focus on deep brain stimulation implants. To illustrate the potential severity of this risk, we identify several mechanisms through which attackers could manipulate patients if unauthorized access to an implant can be achieved. These include blind attacks in which the attacker requires no patient-specific knowledge and targeted attacks that require patient-specific information. Blind attacks include cessation of stimulation, draining implant batteries, inducing tissue damage, and information theft. Targeted attacks include impairment of motor function, alteration of impulse control, modification of emotions or affect, induction of pain, and modulation of the reward system. We also discuss the limitations inherent in designing implants and the trade-offs that must be made to balance device security with battery life and practicality. We conclude that researchers, clinicians, manufacturers, and regulatory bodies should cooperate to minimize the risk posed by brainjacking. Copyright © 2016 Elsevier Inc. All rights reserved.

Sensory Behaviors in Minimally Verbal Children with Autism Spectrum Disorder: How and When Do Caregivers Respond?

ERIC Educational Resources Information Center

Harrop, Clare; Tu, Nicole; Landa, Rebecca; Kasier, Ann; Kasari, Connie

2018-01-01

Sensory behaviors are widely reported in autism spectrum disorder (ASD). However, the impact of these behaviors on families remains largely unknown. This study explored how caregivers of minimally verbal children with ASD responded to their child's sensory behaviors. Using a mixed-methods approach, we examined two variables for each endorsed child…

Computer Abuse: Vandalizing the Information Society.

ERIC Educational Resources Information Center

Furnell, Steven M.; Warren, Matthew J.

1997-01-01

Computing and telecommunications, key to an information-based society, are increasingly targets for criminals and mischief makers. This article examines the effects of malicious computer abuse: hacking and viruses, highlights the apparent increase in incidents, and examines their effect on public perceptions of technology. Presents broad…

27 CFR 70.609 - Supervision.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2012-04-01 2011-04-01 true Supervision. 70.609 Section... Disaster, Vandalism, or Malicious Mischief Destruction of Liquors § 70.609 Supervision. When allowance has... or made unmarketable, the liquors shall be destroyed by suitable means under supervision satisfactory...

Unintentional Insider Threats: A Review of Phishing and Malware Incidents

DTIC Science & Technology

2014-07-01

their agency as deliberate, malicious hackers [1]. This research supports the conclusions in the 2013 Verizon Data Breach Report that 47% of...References [1] SolarWinds. SolarWinds Federal Cybersecurity Survey Summary Report. SolarWinds, 2014. [2] Verizon. 2013 Data Breach Investigations

The emotional responses of browsing Facebook: Happiness, envy, and the role of tie strength

PubMed Central

Lin, Ruoyun; Utz, Sonja

2015-01-01

On Facebook, users are exposed to posts from both strong and weak ties. Even though several studies have examined the emotional consequences of using Facebook, less attention has been paid to the role of tie strength. This paper aims to explore the emotional outcomes of reading a post on Facebook and examine the role of tie strength in predicting happiness and envy. Two studies – one correlational, based on a sample of 207 American participants and the other experimental, based on a sample of 194 German participants – were conducted in 2014. In Study 2, envy was further distinguished into benign and malicious envy. Based on a multi-method approach, the results showed that positive emotions are more prevalent than negative emotions while browsing Facebook. Moreover, tie strength is positively associated with the feeling of happiness and benign envy, whereas malicious envy is independent of tie strength after reading a (positive) post on Facebook. PMID:26877584

Application distribution model and related security attacks in VANET

NASA Astrophysics Data System (ADS)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets

NASA Astrophysics Data System (ADS)

Dittrich, David; Leder, Felix; Werner, Tillmann

It is becoming more common for researchers to find themselves in a position of being able to take over control of a malicious botnet. If this happens, should they use this knowledge to clean up all the infected hosts? How would this affect not only the owners and operators of the zombie computers, but also other researchers, law enforcement agents serving justice, or even the criminals themselves? What dire circumstances would change the calculus about what is or is not appropriate action to take? We review two case studies of long-lived malicious botnets that present serious challenges to researchers and responders and use them to illuminate many ethical issues regarding aggressive mitigation. We make no judgments about the questions raised, instead laying out the pros and cons of possible choices and allowing workshop attendees to consider how and where they would draw lines. By this, we hope to expose where there is clear community consensus as well as where controversy or uncertainty exists.

DCT-based cyber defense techniques

NASA Astrophysics Data System (ADS)

Amsalem, Yaron; Puzanov, Anton; Bedinerman, Anton; Kutcher, Maxim; Hadar, Ofer

2015-09-01

With the increasing popularity of video streaming services and multimedia sharing via social networks, there is a need to protect the multimedia from malicious use. An attacker may use steganography and watermarking techniques to embed malicious content, in order to attack the end user. Most of the attack algorithms are robust to basic image processing techniques such as filtering, compression, noise addition, etc. Hence, in this article two novel, real-time, defense techniques are proposed: Smart threshold and anomaly correction. Both techniques operate at the DCT domain, and are applicable for JPEG images and H.264 I-Frames. The defense performance was evaluated against a highly robust attack, and the perceptual quality degradation was measured by the well-known PSNR and SSIM quality assessment metrics. A set of defense techniques is suggested for improving the defense efficiency. For the most aggressive attack configuration, the combination of all the defense techniques results in 80% protection against cyber-attacks with PSNR of 25.74 db.

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

Classifier fusion for VoIP attacks classification

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Rezac, Filip

2017-05-01

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Performance Evaluation of AODV with Blackhole Attack

NASA Astrophysics Data System (ADS)

Dara, Karuna

2010-11-01

A Mobile Ad Hoc Network (MANET) is a temporary network set up by a wireless mobile computers moving arbitrary in the places that have no network infrastructure. These nodes maintain connectivity in a decentralized manner. Since the nodes communicate with each other, they cooperate by forwarding data packets to other nodes in the network. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, mobile ad-hoc networks are unprotected to attacks of the malicious nodes. One of these attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. In this paper, we simulated the black hole attack in various mobile ad-hoc network scenarios using AODV routing protocol of MANET and have tried to find a effect if number of nodes are increased with increase in malicious nodes.

Intrusion-Tolerant Replication under Attack

ERIC Educational Resources Information Center

Kirsch, Jonathan

2010-01-01

Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

Colleges Struggle To Train Experts in Protecting Computer Systems.

ERIC Educational Resources Information Center

McCollum, Kelly

2000-01-01

Describes university courses and programs in protecting computer networks and World Wide Web sites from vandals, cyberterrorists, and malicious hackers. Notes such courses are provided by East Stroudsburg University (Pennsylvania), Purdue University (Indiana), George Mason University (Virginia), and Texas A&M University. Also notes the federal…

Active Detection for Exposing Intelligent Attacks in Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Weerakkody, Sean; Ozel, Omur; Griffioen, Paul

In this paper, we consider approaches for detecting integrity attacks carried out by intelligent and resourceful adversaries in control systems. Passive detection techniques are often incorporated to identify malicious behavior. Here, the defender utilizes finely-tuned algorithms to process information and make a binary decision, whether the system is healthy or under attack. We demonstrate that passive detection can be ineffective against adversaries with model knowledge and access to a set of input/output channels. We then propose active detection as a tool to detect attacks. In active detection, the defender leverages degrees of freedom he has in the system to detectmore » the adversary. Specifically, the defender will introduce a physical secret kept hidden from the adversary, which can be utilized to authenticate the dynamics. In this regard, we carefully review two approaches for active detection: physical watermarking at the control input, and a moving target approach for generating system dynamics. We examine practical considerations for implementing these technologies and discuss future research directions.« less

Social Victimization Trajectories From Middle Childhood Through Late Adolescence

PubMed Central

Rosen, Lisa H.; Beron, Kurt J.; Underwood, Marion K.

2016-01-01

Social victimization refers to being targeted by behaviors intended to harm one’s social status or relationships (Underwood, 2003), including malicious gossip, friendship manipulation, and social exclusion (both verbal and non-verbal). The current study examined social victimization experiences longitudinally from middle childhood through late adolescence. Participants (N = 273, 139 females) reported on their social victimization experiences in grades 4–11 (ages 9 to 16 years). Using mixture (group-based) modeling, four social victimization trajectories were identified: low, medium decreasing, medium increasing, and elevated. High parent-child relationship quality decreased the odds of being in the elevated group compared to the low group; however, parent-child relationship quality was no longer a significant predictor when emotional dysfunction was added to the model. Higher emotional dysfunction and male gender increased the odds of being in the elevated group and medium increaser group relative to the low group even after controlling for parent-child relationship quality. Implications for intervention and future research directions are discussed. PMID:28408789

Developing information-space Confidence Building Measures (CBMs) between India and Pakistan

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yamin, Tughral

The Internet has changed the world in ways hitherto unknown. The international financial system, air, land and maritime transport systems are all digitally linked. Similarly most militaries are fully or partially networked. This has not only sped up the decision making processes at all levels, it has also rendered these systems vulnerable to cyber-attacks. Cyber-warfare is now recognized as the most potent form of non-kinetic war fighting. In order to prevent large scale network-attacks, cyber-powers are simultaneously spending a lot of time, money and effort to erect redundant cyber-defenses and enhancing their offensive cyber capabilities. Difficulties in creating a stablemore » environment in information-space stem from differing national perceptions regarding the freedom of the Internet, application of international law and problems associated with attribution. This paper discusses a range of Confidence Building Measures that can be created between India and Pakistan in information-space to control malicious cyber behavior and avert an inadvertent war.« less

Derivation and experimental verification of clock synchronization theory

NASA Technical Reports Server (NTRS)

Palumbo, Daniel L.

1994-01-01

The objective of this work is to validate mathematically derived clock synchronization theories and their associated algorithms through experiment. Two theories are considered, the Interactive Convergence Clock Synchronization Algorithm and the Mid-Point Algorithm. Special clock circuitry was designed and built so that several operating conditions and failure modes (including malicious failures) could be tested. Both theories are shown to predict conservative upper bounds (i.e., measured values of clock skew were always less than the theory prediction). Insight gained during experimentation led to alternative derivations of the theories. These new theories accurately predict the clock system's behavior. It is found that a 100% penalty is paid to tolerate worst case failures. It is also shown that under optimal conditions (with minimum error and no failures) the clock skew can be as much as 3 clock ticks. Clock skew grows to 6 clock ticks when failures are present. Finally, it is concluded that one cannot rely solely on test procedures or theoretical analysis to predict worst case conditions. conditions.

Experimental validation of clock synchronization algorithms

NASA Technical Reports Server (NTRS)

Palumbo, Daniel L.; Graham, R. Lynn

1992-01-01

The objective of this work is to validate mathematically derived clock synchronization theories and their associated algorithms through experiment. Two theories are considered, the Interactive Convergence Clock Synchronization Algorithm and the Midpoint Algorithm. Special clock circuitry was designed and built so that several operating conditions and failure modes (including malicious failures) could be tested. Both theories are shown to predict conservative upper bounds (i.e., measured values of clock skew were always less than the theory prediction). Insight gained during experimentation led to alternative derivations of the theories. These new theories accurately predict the behavior of the clock system. It is found that a 100 percent penalty is paid to tolerate worst-case failures. It is also shown that under optimal conditions (with minimum error and no failures) the clock skew can be as much as three clock ticks. Clock skew grows to six clock ticks when failures are present. Finally, it is concluded that one cannot rely solely on test procedures or theoretical analysis to predict worst-case conditions.

SecureCore Security Architecture: Authority Mode and Emergency Management

DTIC Science & Technology

2007-10-16

can shield first responders from social vultures (e.g., “ambulance chasers”) or malicious parties who could intentionally interfere with emergency...hierarchical design Communications Management: network communication Process Management...and Emergency Management 1 I. Introduction During many crises, first- responder access to sensitive, restricted emergency information is

Understanding and Mitigating Forum Spam

ERIC Educational Resources Information Center

Shin, Youngsang

2011-01-01

The Web is large and expanding, making it challenging to attract new visitors to websites. Website operators often use Search Engine Optimization (SEO) techniques to boost the search engine rankings of their sites, thereby maximizing the inflow of visitors. Malicious operators take SEO to the extreme through many unsavory techniques that are often…

Development and Validation of the Family Beliefs Inventory: A Measure of Unrealistic Beliefs among Parents and Adolescents.

ERIC Educational Resources Information Center

Roehling, Patricia Vincent; Robin, Arthur L.

1986-01-01

Evaluated the criterion-related validity of the Family Beliefs Inventory, a new self-report measure of unreasonable beliefs regarding parent-adolescent relationships. Distressed fathers displayed more unreasonable beliefs concerning ruination, obedience, perfectionism, and malicious intent than nondistressed fathers. Distressed adolescents…

Using Semantic Templates to Study Vulnerabilities Recorded in Large Software Repositories

ERIC Educational Resources Information Center

Wu, Yan

2011-01-01

Software vulnerabilities allow an attacker to reduce a system's Confidentiality, Availability, and Integrity by exposing information, executing malicious code, and undermine system functionalities that contribute to the overall system purpose and need. With new vulnerabilities discovered everyday in a variety of applications and user environments,…

Security Implications of Third-Party Accelerators

DTIC Science & Technology

2015-06-11

G. Wheeler, “Undocumented M6800 instructions,” BYTE Magazine, vol. 2, no. 12, pp. 46–47, Dec. 1977. [20] x0r1, “ jellyfish ,” https://github.com/x0r1... jellyfish , 2015. [21] A. Young and M. Yung, Malicious Cryptography: Exposing Cryptovi- rology. John Wiley & Sons, 2004.

Computer Viruses: Prevention, Detection, and Treatment

DTIC Science & Technology

1990-03-12

executed, also carries out its covert function, potentially undetected. This class of attack earned the term "Trojan horse" from the original of Greek ... mythology , signifying a gift which conceals a malicious purpose. 1 cause harm. The offending code may be present in a code segment the user "touches," which

Partners or Competitors?: The Evolution of the DoD/CIA Relationship Since Desert Storm and its Prospects for the Future

DTIC Science & Technology

2013-05-23

Afghanistan.” 39 the shoulders of these two organizations, but on Congressional choices as well. It...Christopher J. Lamb . United States Special Operations Forces. New York, NY: Columbia University Press, 2007. Walker, Stephen G, Akan Malici, and Mark

On Tradeoffs between Trust Accuracy and Resource Consumption in Communications and Social Networks

DTIC Science & Technology

2016-04-11

length, the use of indirect information to establish trust values, and the impact of misbehaving nodes on both communication overhead and the...evaluated). We consider the impact of misbehaving (selfish or malicious) nodes on the evaluation of trust. We also consider the interaction between

Motivating Contributions for Home Computer Security

ERIC Educational Resources Information Center

Wash, Richard L.

2009-01-01

Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

Scalability Assessments for the Malicious Activity Simulation Tool (MAST)

DTIC Science & Technology

2012-09-01

the scalability characteristics of MAST. Specifically, we show that an exponential increase in clients using the MAST software does not impact...an exponential increase in clients using the MAST software does not impact network and system resources significantly. Additionally, we...31 1. Hardware .....................................31 2. Software .....................................32 3. Common PC

Cyber Strategic Inquiry: Enabling Change through a Strategic Simulation and Megacommunity Concept

DTIC Science & Technology

2009-02-01

malicious software embedded in thumb drives and CDs that thwarted protections, such as antivirus software , on computers. In the scenario, these...Executives for National Security • The Carlyle Group • Cassat Corporation • Cisco Systems, Inc. • Cyveillance • General Dynamics • General Motors

Bullying in Spanish secondary schools: gender-based differences.

PubMed

Carrera Fernández, María Victoria; Fernández, María Lameiras; Castro, Yolanda Rodríguez; Failde Garrido, José María; Otero, María Calado

2013-01-01

The aim of this study was to determine the prevalence of bullying in its various forms from the perspective of all of the individuals involved (victims, bullies, and witnesses) and to explore its distribution as a function of gender. The study had a correlational design and used a representative sample of 1500 Spanish students attending compulsory secondary education in the academic year 2007-2008. It applied an instrument measuring different types of bullying, taken from the studies conducted by Díaz-Aguado, Martínez, and Martín (2004) and the Defensor del Pueblo (Spanish Ombudsman's Office)-UNICEF (2007). The findings reveal that all the types of bullying considered take place at school and that there is an inverse relationship between the severity and the prevalence of bullying behaviors, with verbal abuse proving to be the most common type of abusive behavior. Boys are involved in all kinds of bullying incidents as bullies significantly more often than girls are, except in cases involving 'talking about someone behind their back'; in these situations, girls are involved significantly more often as bullies than boys are. As for victimization, boys are victims of direct physical abuse significantly more often than girls are, while girls are more often the subject of malicious gossip.

Price-Minimizing Behaviors in Response to Increasing Tobacco Price: A Cross-Sectional Study of Students

ERIC Educational Resources Information Center

Rutter, Lucy; Britton, John; Langley, Tessa

2017-01-01

Background: The public health benefits of tobacco taxation are undermined when smokers engage in price-minimizing behaviors other than quitting in response to rising prices. Methods: 314 students at the University of Nottingham, UK, completed an online survey about their smoking behavior and their likely responses to hypothetical tobacco price…

Minimization In Digital Design As A Meta-Planning Problem

NASA Astrophysics Data System (ADS)

Ho, William P. C.; Wu, Jung-Gen

1987-05-01

In our model-based expert system for automatic digital system design, we formalize the design process into three sub-processes - compiling high-level behavioral specifications into primitive behavioral operations, grouping primitive operations into behavioral functions, and grouping functions into modules. Consideration of design minimization explicitly controls decision-making in the last two subprocesses. Design minimization, a key task in the automatic design of digital systems, is complicated by the high degree of interaction among the time sequence and content of design decisions. In this paper, we present an AI approach which directly addresses these interactions and their consequences by modeling the minimization prob-lem as a planning problem, and the management of design decision-making as a meta-planning problem.

How do we assign punishment? The impact of minimal and maximal standards on the evaluation of deviants.

PubMed

Kessler, Thomas; Neumann, Jörg; Mummendey, Amélie; Berthold, Anne; Schubert, Thomas; Waldzus, Sven

2010-09-01

To explain the determinants of negative behavior toward deviants (e.g., punishment), this article examines how people evaluate others on the basis of two types of standards: minimal and maximal. Minimal standards focus on an absolute cutoff point for appropriate behavior; accordingly, the evaluation of others varies dichotomously between acceptable or unacceptable. Maximal standards focus on the degree of deviation from that standard; accordingly, the evaluation of others varies gradually from positive to less positive. This framework leads to the prediction that violation of minimal standards should elicit punishment regardless of the degree of deviation, whereas punishment in response to violations of maximal standards should depend on the degree of deviation. Four studies assessed or manipulated the type of standard and degree of deviation displayed by a target. Results consistently showed the expected interaction between type of standard (minimal and maximal) and degree of deviation on punishment behavior.

Mobile Konami Codes: Analysis of Android Malware Services Utilizing Sensor and Resource-Based State Changes

DTIC Science & Technology

2015-03-01

our focus will remain on Android rather than being all-inclusive of others such as iOS, Blackberry 10, and Windows Phone. The proof-of-concept...the attack surface for malicious applications to compromise vulnerable Services grows . Additionally, Services also have a life cycle with

Characteristics of forest fuels, fire and emissions

Treesearch

Charles K. McMahon

1983-01-01

Introduction Forest fires can be divided into two broad classes--wildfires and prescribed fires. Wildfires, whether caused by nature (lightning, etc.) or by the accidental or malicious acts of man, are not planned by forest managers and do not occur under controlled conditions. They can be relatively tame, covering only a few hectares and burning...

4 Steps to Combat Malware Enterprisewide

ERIC Educational Resources Information Center

Zeltser, Lenny

2011-01-01

Too often, organizations make the mistake of treating malware infections as a series of independent occurrences. Each time a malicious program is discovered, IT simply cleans up or rebuilds the affected host, and then moves on with routine operational tasks. Yet, this approach doesn't allow the institution to keep up with the increasingly…

Transformative Rendering of Internet Resources

DTIC Science & Technology

2012-10-01

4 Securing WiFi Connections...comes from legitimate web sites that have themselves been hacked . There is no way of anticipating which of these sites have been hacked and therefore...pose a security threat to visitors. The purpose of most of this web page hacking is to plant malicious code on the web site that will attack any

Caught on Camera: Special Education Classrooms and Video Surveillance

ERIC Educational Resources Information Center

Heintzelman, Sara C.; Bathon, Justin M.

2017-01-01

In Texas, state policy anticipates that installing video cameras in special education classrooms will decrease student abuse inflicted by teachers. Lawmakers assume that collecting video footage will prevent teachers from engaging in malicious actions and prosecute those who choose to harm children. At the request of a parent, Section 29.022 of…

MalWebID-Autodetection and Identification of Malicious Web Hosts Through Live Traffic Analysis

DTIC Science & Technology

2013-03-01

blogs, video services, and popular social media sites. In December 2000, there were near 361 million Internet users and by the end of December 2012...site (i.e., Porn , Rx/Pharmaceutical, illegal activity, etc.) – propagate or contain viruses, spyware, or other harmful programs, participate in spamming

3 CFR 8427 - Proclamation 8427 of October 1, 2009. National Cybersecurity Awareness Month, 2009

Code of Federal Regulations, 2010 CFR

2010-01-01

... solutions at work and at home. Our Nation’s growing dependence on cyber and information-related technologies, coupled with an increasing threat of malicious cyber attacks and loss of privacy, has given rise to the... digital infrastructures. Cyber attacks and their viral ability to infect networks, devices, and software...

Application of Cellular Automata to Detection of Malicious Network Packets

ERIC Educational Resources Information Center

Brown, Robert L.

2014-01-01

A problem in computer security is identification of attack signatures in network packets. An attack signature is a pattern of bits that characterizes a particular attack. Because there are many kinds of attacks, there are potentially many attack signatures. Furthermore, attackers may seek to avoid detection by altering the attack mechanism so that…

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

36 CFR 262.1 - Rewards in connection with fire or property prosecutions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... fire or property prosecutions. 262.1 Section 262.1 Parks, Forests, and Public Property FOREST SERVICE... connection with fire or property prosecutions. (a) Hereafter, provided Congress shall make the necessary... of willfully or maliciously setting on fire, or causing to be set on fire, any timber, underbrush, or...

77 FR 52043 - Privacy Act of 1974; Proposed Exempt New System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-28

... study. 6. After NIH makes a finding of research misconduct and has informed ORI of the finding... Internet traffic to and from federal computer networks to prevent malicious computer code from reaching the... portable/ mobile devices including, but not limited to: Laptops, PDAs, USB drives, portable hard drives...

Students Compete to Mount Best Defense against Malicious Hackers

ERIC Educational Resources Information Center

Mejia, Robin

2008-01-01

The need for colleges to graduate students who understand computer security is growing. The Internet Crime Complaint Center, a partnership of the FBI; the National White Collar Crime Center; and the Bureau of Justice Assistance, in the Department of Justice, reported more than 90,000 crimes in 2007, with reported financial losses of almost…

Teaching Hackers: School Computing Culture and the Future of Cyber-Rights.

ERIC Educational Resources Information Center

Van Buren, Cassandra

2001-01-01

Discussion of the need for ethical computing strategies and policies at the K-12 level to acculturate computer hackers away from malicious network hacking focuses on a three-year participant observation ethnographic study conducted at the New Technology High School (California) that examined the school's attempts to socialize its hackers to act…

A malicious pattern detection engine for embedded security systems in the Internet of Things.

PubMed

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-12-16

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns.

TIUPAM: A Framework for Trustworthiness-Centric Information Sharing

NASA Astrophysics Data System (ADS)

Xu, Shouhuai; Sandhu, Ravi; Bertino, Elisa

Information is essential to decision making. Nowadays, decision makers are often overwhelmed with large volumes of information, some of which may be inaccurate, incorrect, inappropriate, misleading, or maliciously introduced. With the advocated shift of information sharing paradigm from “need to know” to “need to share” this problem will be further compounded. This poses the challenge of achieving assured information sharing so that decision makers can always get and utilize the up-to-date information for making the right decisions, despite the existence of malicious attacks and without breaching privacy of honest participants. As a first step towards answering this challenge this paper proposes a systematic framework we call TIUPAM, which stands for “Trustworthiness-centric Identity, Usage, Provenance, and Attack Management.” The framework is centered at the need of trustworthiness and risk management for decision makers, and supported by four key components: identity management, usage management, provenance management and attack management. We explore the characterization of both the core functions and the supporting components in the TIUPAM framework, which may guide the design and realization of concrete schemes in the future.

Detecting the manipulation of digital clinical records in dental practice.

PubMed

Díaz-Flores-García, V; Labajo-González, E; Santiago-Sáez, A; Perea-Pérez, B

2017-11-01

Radiography provides many advantages in the diagnosis and management of dental conditions. However, dental X-ray images may be subject to manipulation with malicious intent using easily accessible computer software. In this study, we sought to evaluate a dentist's ability to identify a manipulated dental X-ray images, when compared with the original, using a variant of the methodology described by Visser and Kruger. Sixty-six dentists were invited to participate and evaluate 20 intraoral dental X-ray images, 10 originals and 10 modified, manipulated using Adobe Photoshop to simulate fillings, root canal treatments, etc. Participating dentists were correct in identifying the manipulated image in 56% of cases, 6% higher than by chance and 10% more than in the study by Visser and Kruger. Malicious changes to dental X-ray images may go unnoticed even by experienced dentists. Professionals must be aware of the legal consequences of such changes. A system of detection/validation should be created for radiographic images. Copyright © 2017 The College of Radiographers. Published by Elsevier Ltd. All rights reserved.

Index of cyber integrity

NASA Astrophysics Data System (ADS)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

Privacy preservation and authentication on secure geographical routing in VANET

NASA Astrophysics Data System (ADS)

Punitha, A.; Manickam, J. Martin Leo

2017-05-01

Vehicular Ad hoc Networks (VANETs) play an important role in vehicle-to-vehicle communication as it offers a high level of safety and convenience to drivers. In order to increase the level of security and safety in VANETs, in this paper, we propose a Privacy Preservation and Authentication on Secure Geographical Routing Protocol (PPASGR) for VANET. It provides security by detecting and preventing malicious nodes through two directional antennas such as forward (f-antenna) and backward (b-antenna). The malicious nodes are detected by direction detection, consistency detection and conflict detection. The location of the trusted neighbour is identified using TNT-based location verification scheme after the implementation of the Vehicle Tamper Proof Device (VTPD), Trusted Authority (TA) is generated that produces the anonymous credentials. Finally, VTPD generates pseudo-identity using TA which retrieves the real identity of the sender. Through this approach, the authentication, integrity and confidentiality for routing packets can be achieved. The simulation results show that the proposed approach reduces the packet drop due to attack and improves the packet delivery ratio.

Detection, Localization, and Tracking of Unauthorized UAS and Jammers

NASA Technical Reports Server (NTRS)

Guvenc, Ismail; Ozdemir, Ozgur; Yapici, Yavuz; Mehrpouyan, Hani; Matolak, David

2017-01-01

Small unmanned aircraft systems (UASs) are expected to take major roles in future smart cities, for example, by delivering goods and merchandise, potentially serving as mobile hot spots for broadband wireless access, and maintaining surveillance and security. Although they can be used for the betterment of the society, they can also be used by malicious entities to conduct physical and cyber attacks to infrastructure, private/public property, and people. Even for legitimate use-cases of small UASs, air traffic management (ATM) for UASs becomes of critical importance for maintaining safe and collusion-free operation. Therefore, various ways to detect, track, and interdict potentially unauthorized drones carries critical importance for surveillance and ATM applications. In this paper, we will review techniques that rely on ambient radio frequency signals (emitted from UASs), radars, acoustic sensors, and computer vision techniques for detection of malicious UASs. We will present some early experimental and simulation results on radar-based range estimation of UASs, and receding horizon tracking of UASs. Subsequently, we will overview common techniques that are considered for interdiction of UASs.

Ultrabroadband photonic internet: safety aspects

NASA Astrophysics Data System (ADS)

Kalicki, Arkadiusz; Romaniuk, Ryszard

2008-11-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. There are several techniques to mitigate attacks. Most important are web application strong design, correct input validation, defined data types for each field and parameterized statements in SQL queries. Server hardening with firewall, modern security policies systems and safe web framework interpreter configuration are essential. It is advised to keep proper security level on client side, keep updated software and install personal web firewalls or IDS/IPS systems. Good habits are logging out from services just after finishing work and using even separate web browser for most important sites, like e-banking.

Microorganisms: Good or Evil, MIRRI Provides Biosecurity Awareness.

PubMed

Smith, David; Martin, Dunja; Novossiolova, Tatyana

2017-03-01

The life-science community is a key stakeholder in the effort to ensure that the advances in biotechnology are not misused. Unfortunately, to date, the engagement of life scientists with issues of biosecurity has been limited. Microorganisms have been harnessed for the benefit of humankind but in the wrong hands could be used in direct or indirect acts against humans, livestock, crops, food, water infrastructure and other economically valuable entities. The Microbial Resources Research Infrastructure in its preparatory phase has addressed the topic implementing a code of conduct as part of its programme of prevention of malicious use and continues to work with the international community to raise awareness of best practice to avoid misuse of microorganisms. Biosecurity has become a major concern for several countries creating numerous activities to put in place counter measures, risk assessment, legislation and emergency response. The goal is to implement measures to protect us against malicious use of microorganisms, their products, information and technology transfer. Through this paper, we wish to discuss some of the activities that are underway, mention key educational tools and provide scientists with information on addressing biosecurity issues.

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

Security Assessment of Cyberphysical Digital Microfluidic Biochips.

PubMed

Ali, Sk Subidh; Ibrahim, Mohamed; Sinanoglu, Ozgur; Chakrabarty, Krishnendu; Karri, Ramesh

2016-01-01

A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.

Combating QR-Code-Based Compromised Accounts in Mobile Social Networks.

PubMed

Guo, Dong; Cao, Jian; Wang, Xiaoqi; Fu, Qiang; Li, Qiang

2016-09-20

Cyber Physical Social Sensing makes mobile social networks (MSNs) popular with users. However, such attacks are rampant as malicious URLs are spread covertly through quick response (QR) codes to control compromised accounts in MSNs to propagate malicious messages. Currently, there are generally two types of methods to identify compromised accounts in MSNs: one type is to analyze the potential threats on wireless access points and the potential threats on handheld devices' operation systems so as to stop compromised accounts from spreading malicious messages; the other type is to apply the method of detecting compromised accounts in online social networks to MSNs. The above types of methods above focus neither on the problems of MSNs themselves nor on the interaction of sensors' messages, which leads to the restrictiveness of platforms and the simplification of methods. In order to stop the spreading of compromised accounts in MSNs effectively, the attacks have to be traced to their sources first. Through sensors, users exchange information in MSNs and acquire information by scanning QR codes. Therefore, analyzing the traces of sensor-related information helps to identify the compromised accounts in MSNs. This paper analyzes the diversity of information sending modes of compromised accounts and normal accounts, analyzes the regularity of GPS (Global Positioning System)-based location information, and introduces the concepts of entropy and conditional entropy so as to construct an entropy-based model based on machine learning strategies. To achieve the goal, about 500,000 accounts of Sina Weibo and about 100 million corresponding messages are collected. Through the validation, the accuracy rate of the model is proved to be as high as 87.6%, and the false positive rate is only 3.7%. Meanwhile, the comparative experiments of the feature sets prove that sensor-based location information can be applied to detect the compromised accounts in MSNs.

Combating QR-Code-Based Compromised Accounts in Mobile Social Networks

PubMed Central

Guo, Dong; Cao, Jian; Wang, Xiaoqi; Fu, Qiang; Li, Qiang

2016-01-01

Cyber Physical Social Sensing makes mobile social networks (MSNs) popular with users. However, such attacks are rampant as malicious URLs are spread covertly through quick response (QR) codes to control compromised accounts in MSNs to propagate malicious messages. Currently, there are generally two types of methods to identify compromised accounts in MSNs: one type is to analyze the potential threats on wireless access points and the potential threats on handheld devices’ operation systems so as to stop compromised accounts from spreading malicious messages; the other type is to apply the method of detecting compromised accounts in online social networks to MSNs. The above types of methods above focus neither on the problems of MSNs themselves nor on the interaction of sensors’ messages, which leads to the restrictiveness of platforms and the simplification of methods. In order to stop the spreading of compromised accounts in MSNs effectively, the attacks have to be traced to their sources first. Through sensors, users exchange information in MSNs and acquire information by scanning QR codes. Therefore, analyzing the traces of sensor-related information helps to identify the compromised accounts in MSNs. This paper analyzes the diversity of information sending modes of compromised accounts and normal accounts, analyzes the regularity of GPS (Global Positioning System)-based location information, and introduces the concepts of entropy and conditional entropy so as to construct an entropy-based model based on machine learning strategies. To achieve the goal, about 500,000 accounts of Sina Weibo and about 100 million corresponding messages are collected. Through the validation, the accuracy rate of the model is proved to be as high as 87.6%, and the false positive rate is only 3.7%. Meanwhile, the comparative experiments of the feature sets prove that sensor-based location information can be applied to detect the compromised accounts in MSNs. PMID:27657071

Optimal response to attacks on the open science grids.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Altunay, M.; Leyffer, S.; Linderoth, J. T.

2011-01-01

Cybersecurity is a growing concern, especially in open grids, where attack propagation is easy because of prevalent collaborations among thousands of users and hundreds of institutions. The collaboration rules that typically govern large science experiments as well as social networks of scientists span across the institutional security boundaries. A common concern is that the increased openness may allow malicious attackers to spread more readily around the grid. We consider how to optimally respond to attacks in open grid environments. To show how and why attacks spread more readily around the grid, we first discuss how collaborations manifest themselves in themore » grids and form the collaboration network graph, and how this collaboration network graph affects the security threat levels of grid participants. We present two mixed-integer program (MIP) models to find the optimal response to attacks in open grid environments, and also calculate the threat level associated with each grid participant. Given an attack scenario, our optimal response model aims to minimize the threat levels at unaffected participants while maximizing the uninterrupted scientific production (continuing collaborations). By adopting some of the collaboration rules (e.g., suspending a collaboration or shutting down a site), the model finds optimal response to subvert an attack scenario.« less

The optimization of phthalate analysis from plastic matrices by using GC/MS related techniques

NASA Astrophysics Data System (ADS)

Pusfitasari, Eka Dian; Hendarsyah, Hendris; Athaillah, Zatil Afrah

2017-11-01

Indication of malicious acts conducted by food vendors has been reported in many places in Indonesia and has been worrying the population. One of the issues is the indication that frying oil used by the vendors has been added with food packaging plastic to impart more crispy texture of the fried foods. One of the challenges for the monitoring process is to find suitable analytical method to identify this type of food adulteration. Because some food packaging, particularly from polyethylene group, contains plasticizer diethylhexylphthalate (DEHP), we intended to investigate the adulteration by detecting the phthalate compound. In this preliminary study, we focused on the optimization of GC equipment as well as the optimization of plastic extraction process with various types of solvents (hexane, dichloromethane, and acetonitrile) and extraction time (24, 48, and 72 hours). For 72-hour duration, treatment with solvent refreshment was also conducted to minimize solvent saturation effect. Our findings suggested that LOD and LOQ of the GC/MS instrument used for the DEHP analysis were 19.6 ng and 65.5 ng, respectively. In addition, it could be concluded that the process of plastic extraction through sonication for five minutes with n-hexane as a solvent resulted in the optimal value.

Exe-Guard Project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Rhett; Marshall, Tim; Chavez, Adrian

The exe-Guard Project is an alliance between Dominion Virginia Power (DVP), Sandia National Laboratories (SNL), Dartmouth University, and Schweitzer Engineering Laboratories (SEL). SEL is primary recipient on this project. The exe-Guard project was selected for award under DE-FOA-0000359 with CFDA number 81.122 to address Topic Area of Interest 4: Hardened platforms and Systems. The exe-Guard project developed an antivirus solution for control system embedded devices to prevent the execution of unauthorized code and maintain settings and configuration integrity. This project created a white list antivirus solution for control systems capable of running on embedded Linux® operating systems. White list antivirusmore » methods allow only credible programs to run through the use of digital signatures and hash functions. Once a system’s secure state is baselined, white list antivirus software denies deviations from that state because of the installation of malicious code as this changes hash results. Black list antivirus software has been effective in traditional IT environments but has negative implications for control systems. Black list antivirus uses pattern matching and behavioral analysis to identify system threats while relying on regular updates to the signature file and recurrent system scanning. Black list antivirus is vulnerable to zero day exploits which have not yet been incorporated into a signature file update. System scans hamper the performance of high availability applications, as revealed in NIST special publication 1058 which summarizes the impact of blacklist antivirus on control systems: Manual or “on-demand” scanning has a major effect on control processes in that they take CPU time needed by the control process (Sometimes close to 100% of CPU time). Minimizing the antivirus software throttle setting will reduce but not eliminate this effect. Signature updates can also take up to 100% of CPU time, but for a much shorter period than a typical manual scanning process. Control systems are vulnerable to performance losses if off-the-shelf blacklist antivirus solutions aren’t implemented with care. This investment in configuration in addition to constant decommissioning to perform manual signature file updates is unprecedented and impractical. Additionally, control systems are often disconnected or islanded from the network making the delivery of signature updates difficult. Exe-Guard project developed a white list antivirus solution that mitigated the above drawbacks and allows control systems to cost-effectively apply malware protection while maintaining high reliability. The application of security patches can also be minimized since white listing maintains constant defense against unauthorized code execution. Security patches can instead be applied in less frequent intervals where system decommissioning can be scheduled and planned for. Since control systems are less dynamic than IT environments, the feasibility of maintaining a secure baselined state is more practical. Because upgrades are performed in infrequent, calculated intervals, it allows a new security baseline to be established before the system is returned to service. Exe-Guard built on the efforts of SNL under the Code Seal project. SNL demonstrated prototype Trust Anchors on the project which are independent monitoring and control devices that can be integrated into untrustworthy components. The exe-Guard team started with the lessons learned under this project then designed commercial solution for white list malware protection. Malware is a real threat, even on islanded or un-networked installations, since operators can unintentionally install infected files, plug in infected mass storage devices, or infect a piece of equipment on the islanded local area network that can then spread to other connected equipment. Protection at the device level is one of the last layers of defense in a security-in-depth defense model before an asset becomes compromised. This project provided non-destructive intrusion, isolation and automated response solution, achieving a goal of the Department of Energy (DOE) Roadmap to Secure Control Systems. It also addressed CIP-007-R4 which requires asset owners to employ malicious software prevention tools on assets within the electronic security perimeter. In addition, the CIP-007-R3 requirement for security patch management is minimized because white listing narrows the impact of vulnerabilities and patch releases. The exe-Guard Project completed all tasks identified in the statement of project objective and identified additional tasks within scope that were performed and completed within the original budget. The cost share was met and all deliverables were successfully completed and submitted on time. Most importantly the technology developed and commercialized under this project has been adopted by the Energy sector and thousands of devices with exe-Guard technology integrated in them have now been deployed and are protecting our power systems today« less

DARKDROID: Exposing the Dark Side of Android Marketplaces

DTIC Science & Technology

2016-06-01

Moreover, our approaches can detect apps containing both intentional and unintentional vulnerabilities, such as unsafe code loading mechanisms and...Security, Static Analysis, Dynamic Analysis, Malware Detection , Vulnerability Scanning 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18...applications in a DoD context. ................... 1 1.2.2 Develop sophisticated whole-system static analyses to detect malicious Android applications

The Bystander's Dilemma: How Can We Turn Our Students into Upstanders?

ERIC Educational Resources Information Center

Woglom, Lauren; Pennington, Kim

2010-01-01

While bullying is often accepted as an integral aspect of "growing up," it can have detrimental and lasting effects on its victims. Bullying can occur in a variety of forms, including direct teasing and threatening, the use of physical violence, and in the spreading of malicious gossip and rumors. With the proliferation of new technology, bullying…

Shaping the Bamboo from the Shoot: Elementary Level Character Education in Malaysia

ERIC Educational Resources Information Center

Thambusamy, Roslind; Elier, Adzura Ahmad

2013-01-01

This article emphasizes the importance of introducing/providing character education during the early years of child development in order to raise morally responsive citizens. Noting the rampant acts of violence and malicious crime at a time marked with deep global turmoil in many societies, the authors argue for an exhaustive study of the recently…

Physics Does Thrive under the Strangest of Circumstances

ERIC Educational Resources Information Center

Khoon, Koh Aik; Abd-Shukor, R.; Jalal, Azman; Talib, Ibrahim Abu; Daud, Abdul Razak; Samat, Supian; Yatim, Baharudin; Radiman, Shahidan

2008-01-01

Albert Einstein had famously said that Nature is subtle but not malicious. He should know better because he had unravelled some of the secrets of Nature at a relatively young age as an obscure patent clerk working in isolation. This paper tells of stories of other scientists who had also made ground-breaking discoveries in forced or self-imposed…

Malicious Use of Technology: What Schools, Parents, and Teachers Can Do to Prevent Cyberbullying

ERIC Educational Resources Information Center

Morgan, Hani

2013-01-01

In today's hyper-connected world, children's exposure to technology as a tool to communicate, learn, and socialize has increased exponentially. As teachers and parents recognize the demands for increased use of technology among young children, they should be able to identify and address the challenges associated with such exposure. Cyberbullying,…

Cyber Exercise Playbook

DTIC Science & Technology

2014-11-01

unclassified tools and techniques that can be shared with PNs, to include social engineering, spear phishing , fake web sites, physical access attempts, and...and instead rely on commercial services such as Yahoo or Google . Some nations have quite advanced cyber security practices, but may take vastly...unauthorized access to data/systems Inject external network scanning, email phishing , malicious website access, social engineering Sample

A Software Assurance Framework for Mitigating the Risks of Malicious Software in Embedded Systems Used in Aircraft

DTIC Science & Technology

2011-09-01

to show cryptographic signature # generation on a UNIX system # SHA=/bin/ sha256 CSDB=/tmp/csdb CODEBASE=. touch "$CSDB" find "$CODEBASE" -type f...artifacts generated earlier. 81 #! /bin/sh # # Demo program to show cryptographic signature # verification on a UNIX system # SHA=/bin/ sha256 CSDB=/tmp

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2010 CFR

2010-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2011 CFR

2011-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2012 CFR

2012-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2013 CFR

2013-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

21 CFR 800.12 - Contact lens solutions and tablets; tamper-resistant packaging.

Code of Federal Regulations, 2014 CFR

2014-04-01

...-resistant retail packages, there is the opportunity for the malicious adulteration of these products with... confidence in the security of the packages of over-the-counter (OTC) health care products. The Food and Drug... used to make such a solution for retail sale that is not packaged in a tamper-resistant package and...

Polymorphic Attacks and Network Topology: Application of Concepts from Natural Systems

ERIC Educational Resources Information Center

Rangan, Prahalad

2010-01-01

The growing complexity of interactions between computers and networks makes the subject of network security a very interesting one. As our dependence on the services provided by computing networks grows, so does our investment in such technology. In this situation, there is a greater risk of occurrence of targeted malicious attacks on computers…

Building Trust-Based Sustainable Networks

DTIC Science & Technology

2013-06-05

entities to build sustainable networks with limited resources or misbehaving entities by learning from the lessons in the social sciences. We discuss...their individuality); and ■ Misbehaving nodes in terms of environmental, economic, and social perspectives. The sustainable network concerns...equitable access to particular services which are otherwise abused by misbehaving or malicious users. Such approaches provide a fair and

The Insider Threat Security Architecture: An Integrated, Inseparable, and Uninterrupted Self-Protection Autonomic Framework

ERIC Educational Resources Information Center

Jabbour, Ghassan

2010-01-01

The increasing proliferation of globally interconnected complex information systems has elevated the magnitude of attacks and the level of damage that they inflict on such systems. This open environment of intertwined financial, medical, defense, and other systems has attracted hackers to increase their malicious activities to cause harm or to…

Code White: A Signed Code Protection Mechanism for Smartphones

DTIC Science & Technology

2010-09-01

analogous to computer security is the use of antivirus (AV) software . 12 AV software is a brute force approach to security. The software ...these users, numerous malicious programs have also surfaced. And while smartphones have desktop-like capabilities to execute software , they do not...11 2.3.1 Antivirus and Mobile Phones ............................................................... 11 2.3.2

SMARTbot: A Behavioral Analysis Framework Augmented with Machine Learning to Identify Mobile Botnet Applications

PubMed Central

Karim, Ahmad; Salleh, Rosli; Khan, Muhammad Khurram

2016-01-01

Botnet phenomenon in smartphones is evolving with the proliferation in mobile phone technologies after leaving imperative impact on personal computers. It refers to the network of computers, laptops, mobile devices or tablets which is remotely controlled by the cybercriminals to initiate various distributed coordinated attacks including spam emails, ad-click fraud, Bitcoin mining, Distributed Denial of Service (DDoS), disseminating other malwares and much more. Likewise traditional PC based botnet, Mobile botnets have the same operational impact except the target audience is particular to smartphone users. Therefore, it is import to uncover this security issue prior to its widespread adaptation. We propose SMARTbot, a novel dynamic analysis framework augmented with machine learning techniques to automatically detect botnet binaries from malicious corpus. SMARTbot is a component based off-device behavioral analysis framework which can generate mobile botnet learning model by inducing Artificial Neural Networks’ back-propagation method. Moreover, this framework can detect mobile botnet binaries with remarkable accuracy even in case of obfuscated program code. The results conclude that, a classifier model based on simple logistic regression outperform other machine learning classifier for botnet apps’ detection, i.e 99.49% accuracy is achieved. Further, from manual inspection of botnet dataset we have extracted interesting trends in those applications. As an outcome of this research, a mobile botnet dataset is devised which will become the benchmark for future studies. PMID:26978523

SMARTbot: A Behavioral Analysis Framework Augmented with Machine Learning to Identify Mobile Botnet Applications.

PubMed

Karim, Ahmad; Salleh, Rosli; Khan, Muhammad Khurram

2016-01-01

Botnet phenomenon in smartphones is evolving with the proliferation in mobile phone technologies after leaving imperative impact on personal computers. It refers to the network of computers, laptops, mobile devices or tablets which is remotely controlled by the cybercriminals to initiate various distributed coordinated attacks including spam emails, ad-click fraud, Bitcoin mining, Distributed Denial of Service (DDoS), disseminating other malwares and much more. Likewise traditional PC based botnet, Mobile botnets have the same operational impact except the target audience is particular to smartphone users. Therefore, it is import to uncover this security issue prior to its widespread adaptation. We propose SMARTbot, a novel dynamic analysis framework augmented with machine learning techniques to automatically detect botnet binaries from malicious corpus. SMARTbot is a component based off-device behavioral analysis framework which can generate mobile botnet learning model by inducing Artificial Neural Networks' back-propagation method. Moreover, this framework can detect mobile botnet binaries with remarkable accuracy even in case of obfuscated program code. The results conclude that, a classifier model based on simple logistic regression outperform other machine learning classifier for botnet apps' detection, i.e 99.49% accuracy is achieved. Further, from manual inspection of botnet dataset we have extracted interesting trends in those applications. As an outcome of this research, a mobile botnet dataset is devised which will become the benchmark for future studies.

Protecting Data Privacy in Structured P2P Networks

NASA Astrophysics Data System (ADS)

Jawad, Mohamed; Serrano-Alvarado, Patricia; Valduriez, Patrick

P2P systems are increasingly used for efficient, scalable data sharing. Popular applications focus on massive file sharing. However, advanced applications such as online communities (e.g., medical or research communities) need to share private or sensitive data. Currently, in P2P systems, untrusted peers can easily violate data privacy by using data for malicious purposes (e.g., fraudulence, profiling). To prevent such behavior, the well accepted Hippocratic database principle states that data owners should specify the purpose for which their data will be collected. In this paper, we apply such principles as well as reputation techniques to support purpose and trust in structured P2P systems. Hippocratic databases enforce purpose-based privacy while reputation techniques guarantee trust. We propose a P2P data privacy model which combines the Hippocratic principles and the trust notions. We also present the algorithms of PriServ, a DHT-based P2P privacy service which supports this model and prevents data privacy violation. We show, in a performance evaluation, that PriServ introduces a small overhead.

Brief Announcement: Induced Churn to Face Adversarial Behavior in Peer-to-Peer Systems

NASA Astrophysics Data System (ADS)

Anceaume, Emmanuelle; Brasileiro, Francisco; Ludinard, Romaric; Sericola, Bruno; Tronel, Frederic

Awerbuch and Scheideler [2] have shown that peer-to-peer overlays networks can only survive Byzantine attacks if malicious nodes are not able to predict what will be the topology of the network for a given sequence of join and leave operations. A prerequisite for this condition to hold is to guarantee that nodes identifiers randomness is continuously preserved. However targeted join/leave attacks may quickly endanger the relevance of such an assumption. Inducing churn has been shown to be the other fundamental ingredient to preserve randomness. Several strategies based on these principles have been proposed. Most of them are based on locally induced churn. However either they have been proven incorrect or they involve a too high level of complexity to be practically acceptable [2]. The other ones, based on globally induced churn, enforce limited lifetime for each node in the system. However, these solutions keep the system in an unnecessary hyper-activity, and thus need to impose strict restrictions on nodes joining rate which clearly limit their applicability to open systems.

Generating a Corpus of Mobile Forensic Images for Masquerading user Experimentation.

PubMed

Guido, Mark; Brooks, Marc; Grover, Justin; Katz, Eric; Ondricek, Jared; Rogers, Marcus; Sharpe, Lauren

2016-11-01

The Periodic Mobile Forensics (PMF) system investigates user behavior on mobile devices. It applies forensic techniques to an enterprise mobile infrastructure, utilizing an on-device agent named TractorBeam. The agent collects changed storage locations for later acquisition, reconstruction, and analysis. TractorBeam provides its data to an enterprise infrastructure that consists of a cloud-based queuing service, relational database, and analytical framework for running forensic processes. During a 3-month experiment with Purdue University, TractorBeam was utilized in a simulated operational setting across 34 users to evaluate techniques to identify masquerading users (i.e., users other than the intended device user). The research team surmises that all masqueraders are undesirable to an enterprise, even when a masquerader lacks malicious intent. The PMF system reconstructed 821 forensic images, extracted one million audit events, and accurately detected masqueraders. Evaluation revealed that developed methods reduced storage requirements 50-fold. This paper describes the PMF architecture, performance of TractorBeam throughout the protocol, and results of the masquerading user analysis. © 2016 American Academy of Forensic Sciences.

Acute hydrogen sulfide–induced neuropathology and neurological sequelae: challenges for translational neuroprotective research

PubMed Central

Whitley, Elizabeth; Anantharam, Poojya; Kim, Dong‐Suk; Kanthasamy, Arthi

2016-01-01

Hydrogen sulfide (H2S), the gas with the odor of rotten eggs, was formally discovered in 1777, over 239 years ago. For many years, it was considered an environmental pollutant and a health concern only in occupational settings. Recently, however, it was discovered that H2S is produced endogenously and plays critical physiological roles as a gasotransmitter. Although at low physiological concentrations it is physiologically beneficial, exposure to high concentrations of H2S is known to cause brain damage, leading to neurodegeneration and long‐term neurological sequelae or death. Neurological sequelae include motor, behavioral, and cognitive deficits, which are incapacitating. Currently, there are concerns about accidental or malicious acute mass civilian exposure to H2S. There is a major unmet need for an ideal neuroprotective treatment, for use in the field, in the event of mass civilian exposure to high H2S concentrations. This review focuses on the neuropathology of high acute H2S exposure, knowledge gaps, and the challenges associated with development of effective neuroprotective therapy to counteract H2S‐induced neurodegeneration. PMID:27442775

How often are teens arrested for sexting? Data from a national sample of police cases.

PubMed

Wolak, Janis; Finkelhor, David; Mitchell, Kimberly J

2012-01-01

To examine characteristics of youth sexting cases handled by police and their outcomes in response to clinical and other concerns about the risks of sexting behavior. Mail surveys were sent to a stratified national sample of 2712 law enforcement agencies followed by detailed telephone interviews with investigators about a nationally representative sample of sexting cases handled by police during 2008 and 2009 (n = 675). The cases involved "youth-produced sexual images" that constituted child pornography under relevant statutes according to respondents. US law enforcement agencies handled an estimated 3477 cases of youth-produced sexual images during 2008 and 2009 (95% confidence interval: 3282-3672). Two-thirds of the cases involved an "aggravating" circumstance beyond the creation and/or dissemination of a sexual image. In these aggravated cases, either an adult was involved (36% of cases) or a minor engaged in malicious, non-consensual, or abusive behavior (31% of cases). An arrest occurred in 62% of cases with an adult involved, in 36% of the aggravated youth-only cases, and in 18% of the "experimental" cases (youth-only and no aggravating elements). Most of the images (63%) were distributed by cell phone only and did not reach the Internet. Sex offender registration applied in only a few unusual cases. Many of the youth sexting cases that come to the attention of police include aggravating circumstances that raise concerns about health and risky sexual behavior, although some cases were relatively benign. Overall, arrest is not typical in cases with no adults involved.

Minimizing deviant behavior in healthcare organizations: the effects of supportive leadership and job design.

PubMed

Chullen, C Logan; Dunford, Benjamin B; Angermeier, Ingo; Boss, R Wayne; Boss, Alan D

2010-01-01

In an era when healthcare organizations are beset by intense competition, lawsuits, and increased administrative costs, it is essential that employees perform their jobs efficiently and without distraction. Deviant workplace behavior among healthcare employees is especially threatening to organizational effectiveness, and healthcare managers must understand the antecedents of such behavior to minimize its prevalence. Deviant employee behavior has been categorized into two major types, individual and organizational, according to the intended target of the behavior. Behavior directed at the individual includes such acts as harassment and aggression, whereas behavior directed at the organization includes such acts as theft, sabotage, and voluntary absenteeism, to name a few (Robinson and Bennett 1995). Drawing on theory from organizational behavior, we examined two important features of supportive leadership, leader-member exchange (LMX) and perceived organizational support (POS), and two important features of job design, intrinsic motivation and depersonalization, as predictors of subsequent deviant behavior in a sample of over 1,900 employees within a large US healthcare organization. Employees who reported weaker perceptions of LMX and greater perceptions of depersonalization were more likely to engage in deviant behavior directed at the individual, whereas employees who reported weaker perceptions of POS and intrinsic motivation were more likely to engage in deviant behavior directed at the organization. These findings give rise to specific prescriptions for healthcare managers to prevent or minimize the frequency of deviant behavior in the workplace.

R&D100: IC ID

ScienceCinema

Hamlet, Jason; Pierson, Lyndon; Bauer, Todd

2018-06-25

Supply chain security to detect, deter, and prevent the counterfeiting of networked and stand-alone integrated circuits (ICs) is critical to cyber security. Sandia National Laboratory researchers have developed IC ID to leverage Physically Unclonable Functions (PUFs) and strong cryptographic authentication to create a unique fingerprint for each integrated circuit. IC ID assures the authenticity of ICs to prevent tampering or malicious substitution.

DSB Task Force on Cyber Supply Chain

DTIC Science & Technology

2017-04-01

seeking to exploit a maliciously inserted vulnerability must execute each step in the kill chain:  Intelligence and planning: gathering...are intended to take a comprehensive approach in considering all aspects of system security, including cybersecurity , and address initial steps to...specific integrated circuits (ASICs). That need is likely to grow for systems that support intelligent or autonomous capabilities. The current

Measuring Cyber Operations Effectiveness

DTIC Science & Technology

2014-11-01

are advanced firewalls capable of taking limited action to block malicious traffic or hacking attempts. Their capabilities vary widely and must be...using many automated tools, included in the defense hardware and software itself. These devices include hardware and software firewalls , Network...DoD networks are probed millions of times per day…the Air Force blocks roughly two billion threats and denies two million emails each week

A Study of Covert Communications in Space Platforms Hosting Government Payloads

DTIC Science & Technology

2015-02-01

possible adversarial actions (e.g., malicious software co- resident on the commercial host). Threats to the commercial supply chain are just one... supply chain to either create or exploit channel vulnerabilities. For government hosted payload missions, the critical payload data are encrypted...access to space by hosting government- supplied payloads on commercial space platforms. These commercially hosted payloads require stringent

Thermal remote sensing of active vegetation fires and biomass burning events [Chapter 18

Treesearch

Martin J. Wooster; Gareth Roberts; Alistair M.S. Smith; Joshua Johnston; Patrick Freeborn; Stefania Amici; Andrew T. Hudak

2013-01-01

Thermal remote sensing is widely used in the detection, study, and management of biomass burning occurring in open vegetation fires. Such fires may be planned for land management purposes, may occur as a result of a malicious or accidental ignition by humans, or may result from lightning or other natural phenomena. Under suitable conditions, fires may spread rapidly...

Automated Program Analysis for Cybersecurity (APAC)

DTIC Science & Technology

2016-07-14

AUTOMATED PROGRAM ANALYSIS FOR CYBERSECURITY (APAC) FIVE DIRECTIONS, INC JULY 2016 FINAL TECHNICAL REPORT APPROVED... CYBERSECURITY (APAC) 5a. CONTRACT NUMBER FA8750-14-C-0050 5b. GRANT NUMBER N/A 5c. PROGRAM ELEMENT NUMBER 61101E 6. AUTHOR(S) William Arbaugh...AC Team Adversarial Challenge Team, responsible for creating malicious applications APAC Automated Program Analysis for Cybersecurity BAE BAE Systems

Phishing E-Mails--Six Month Investigation into What People Click

ERIC Educational Resources Information Center

Lehrfeld, Michael R.

2014-01-01

Phishing and SPAM emails have been used by marketers and hackers alike since the inception of email and the Internet. Phishing messages have become so common that many legitimate emails often get flagged and placed in a user's spam bucket. No one is denying that these messages are at a minimum a nuisance, and in many cases malicious. But what is…

Verification and Validation of the Malicious Activity Simulation Tool (MAST) for Network Administrator Training and Evaluation

DTIC Science & Technology

2012-03-01

to sell fake antivirus software ; Gammima, which was used to steal gaming login information; and Zeus, which was used to steal banking information...13 3. Viruses ......................................14 C. PROOF OF CONCEPT OF SOFTWARE TRAINING USING MALWARE MIMICS...33 2. Software .....................................34 3. COMPOSE CG-71 Virtual Machines ...............37 a. Integrated Shipboard Network System

Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

PubMed Central

Paramasivan, B.; Kaliappan, M.

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP. PMID:25143986

Design and Implementation of High Interaction Client Honeypot for Drive-by-Download Attacks

NASA Astrophysics Data System (ADS)

Akiyama, Mitsuaki; Iwamura, Makoto; Kawakoya, Yuhei; Aoki, Kazufumi; Itoh, Mitsutaka

Nowadays, the number of web-browser targeted attacks that lead users to adversaries' web sites and exploit web browser vulnerabilities is increasing, and a clarification of their methods and countermeasures is urgently needed. In this paper, we introduce the design and implementation of a new client honeypot for drive-by-download attacks that has the capacity to detect and investigate a variety of malicious web sites. On the basis of the problems of existing client honeypots, we enumerate the requirements of a client honeypot: 1) detection accuracy and variety, 2) collection variety, 3) performance efficiency, and 4) safety and stability. We improve our system with regard to these requirements. The key features of our developed system are stepwise detection focusing on exploit phases, multiple crawler processing, tracking of malware distribution networks, and malware infection prevention. Our evaluation of our developed system in a laboratory experiment and field experiment indicated that its detection variety and crawling performance are higher than those of existing client honeypots. In addition, our system is able to collect information for countermeasures and is secure and stable for continuous operation. We conclude that our system can investigate malicious web sites comprehensively and support countermeasures.

Time Pattern Locking Scheme for Secure Multimedia Contents in Human-Centric Device

PubMed Central

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties. PMID:25202737

Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

PubMed

Paramasivan, B; Kaliappan, M

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

Time pattern locking scheme for secure multimedia contents in human-centric device.

PubMed

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties.

A Malicious Pattern Detection Engine for Embedded Security Systems in the Internet of Things

PubMed Central

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-01-01

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns. PMID:25521382

Social/Ethical Issues in Predictive Insider Threat Monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Frincke, Deborah A.; Zabriskie, Mariah

2011-01-01

Combining traditionally monitored cybersecurity data with other kinds of organizational data is one option for inferring the motivations of individuals, which may in turn allow early prediction and mitigation of insider threats. While unproven, some researchers believe that this combination of data may yield better results than either cybersecurity or organizational data would in isolation. However, this nontraditional approach creates a potential conflict between goals, such as conflicts between organizational security improvements and individual privacy considerations. There are many facets to debate. Should warning signs of a potential malicious insider be addressed before a malicious event has occurred to preventmore » harm to the organization and discourage the insider from violating the organization’s rules? Would intervention violate employee trust or legal guidelines? What about the possibilities of misuse? Predictive approaches cannot be validated a priori; false accusations can affect the career of the accused; and collection/monitoring of certain types of data may affect employee morale. In this chapter, we explore some of the social and ethical issues stemming from predictive insider threat monitoring and discuss ways that a predictive modeling approach brings to the forefront social and ethical issues that should be considered and resolved by stakeholders and communities of interest.« less

Understanding the Value of a Computer Emergency Response Capability for Nuclear Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gasper, Peter Donald; Rodriguez, Julio Gallardo

The international nuclear community has a great understanding of the physical security needs relating to the prevention, detection, and response of malicious acts associated with nuclear facilities and radioactive material. International Atomic Energy Agency (IAEA) Nuclear Security Recommendations (INFCIRC_225_Rev 5) outlines specific guidelines and recommendations for implementing and maintaining an organization’s nuclear security posture. An important element for inclusion into supporting revision 5 is the establishment of a “Cyber Emergency Response Team (CERT)” focused on the international communities cybersecurity needs to maintain a comprehensive nuclear security posture. Cybersecurity and the importance of nuclear cybersecurity require that there be a specificmore » focus on developing an International Nuclear CERT (NS-CERT). States establishing contingency plans should have an understanding of the cyber threat landscape and the potential impacts to systems in place to protect and mitigate malicious activities. This paper will outline the necessary components, discuss the relationships needed within the international community, and outline a process by which the NS-CERT identifies, collects, processes, and reports critical information in order to establish situational awareness (SA) and support decision-making« less

Novel Duplicate Address Detection with Hash Function

PubMed Central

Song, GuangJia; Ji, ZhenZhou

2016-01-01

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution. PMID:26991901

A Security Monitoring Framework For Virtualization Based HEP Infrastructures

NASA Astrophysics Data System (ADS)

Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

2017-10-01

High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

Deviation-based spam-filtering method via stochastic approach

NASA Astrophysics Data System (ADS)

Lee, Daekyung; Lee, Mi Jin; Kim, Beom Jun

2018-03-01

In the presence of a huge number of possible purchase choices, ranks or ratings of items by others often play very important roles for a buyer to make a final purchase decision. Perfectly objective rating is an impossible task to achieve, and we often use an average rating built on how previous buyers estimated the quality of the product. The problem of using a simple average rating is that it can easily be polluted by careless users whose evaluation of products cannot be trusted, and by malicious spammers who try to bias the rating result on purpose. In this letter we suggest how trustworthiness of individual users can be systematically and quantitatively reflected to build a more reliable rating system. We compute the suitably defined reliability of each user based on the user's rating pattern for all products she evaluated. We call our proposed method as the deviation-based ranking, since the statistical significance of each user's rating pattern with respect to the average rating pattern is the key ingredient. We find that our deviation-based ranking method outperforms existing methods in filtering out careless random evaluators as well as malicious spammers.

How do price minimizing behaviors impact smoking cessation? Findings from the International Tobacco Control (ITC) Four Country Survey.

PubMed

Licht, Andrea S; Hyland, Andrew J; O'Connor, Richard J; Chaloupka, Frank J; Borland, Ron; Fong, Geoffrey T; Nargis, Nigar; Cummings, K Michael

2011-05-01

This paper examines how price minimizing behaviors impact efforts to stop smoking. Data on 4,988 participants from the International Tobacco Control Policy Evaluation (ITC) Four-Country Survey who were smokers at baseline (wave 5) and interviewed at a 1 year follow-up were used. We examined whether price minimizing behaviors at baseline predicted: (1) cessation, (2) quit attempts, and (3) successful quit attempts at one year follow up using multivariate logistic regression modeling. A subset analysis included 3,387 participants who were current smokers at waves 5 and 6 and were followed through wave 7 to explore effects of changing purchase patterns on cessation. Statistical tests for interaction were performed to examine the joint effect of SES and price/tax avoidance behaviors on cessation outcomes. Smokers who engaged in any price/tax avoidance behaviors were 28% less likely to report cessation. Persons using low/untaxed sources were less likely to quit at follow up, those purchasing cartons were less likely to make quit attempts and quit, and those using discount cigarettes were less likely to succeed, conditional on making attempts. Respondents who utilized multiple behaviors simultaneously were less likely to make quit attempts and to succeed. SES did not modify the effects of price minimizing behaviors on cessation outcomes. The data from this paper indicate that the availability of lower priced cigarette alternatives may attenuate public health efforts aimed at to reduce reducing smoking prevalence through price and tax increases among all SES groups.

A Hypothesis-Driven Approach to Site Investigation

NASA Astrophysics Data System (ADS)

Nowak, W.

2008-12-01

Variability of subsurface formations and the scarcity of data lead to the notion of aquifer parameters as geostatistical random variables. Given an information need and limited resources for field campaigns, site investigation is often put into the context of optimal design. In optimal design, the types, numbers and positions of samples are optimized under case-specific objectives to meet the information needs. Past studies feature optimal data worth (balancing maximum financial profit in an engineering task versus the cost of additional sampling), or aim at a minimum prediction uncertainty of stochastic models for a prescribed investigation budget. Recent studies also account for other sources of uncertainty outside the hydrogeological range, such as uncertain toxicity, ingestion and behavioral parameters of the affected population when predicting the human health risk from groundwater contaminations. The current study looks at optimal site investigation from a new angle. Answering a yes/no question under uncertainty directly requires recasting the original question as a hypothesis test. Otherwise, false confidence in the resulting answer would be pretended. A straightforward example is whether a recent contaminant spill will cause contaminant concentrations in excess of a legal limit at a nearby drinking water well. This question can only be answered down to a specified chance of error, i.e., based on the significance level used in hypothesis tests. Optimal design is placed into the hypothesis-driven context by using the chance of providing a false yes/no answer as new criterion to be minimized. Different configurations apply for one-sided and two-sided hypothesis tests. If a false answer entails financial liability, the hypothesis-driven context can be re-cast in the context of data worth. The remaining difference is that failure is a hard constraint in the data worth context versus a monetary punishment term in the hypothesis-driven context. The basic principle is discussed and illustrated on the case of a hypothetical contaminant spill and the exceedance of critical contaminant levels at a downstream location. An tempting and important side question is whether site investigation could be tweaked towards a yes or no answer in maliciously biased campaigns by unfair formulation of the optimization objective.

Blow-up behavior of ground states for a nonlinear Schrödinger system with attractive and repulsive interactions

NASA Astrophysics Data System (ADS)

Guo, Yujin; Zeng, Xiaoyu; Zhou, Huan-Song

2018-01-01

We consider a nonlinear Schrödinger system arising in a two-component Bose-Einstein condensate (BEC) with attractive intraspecies interactions and repulsive interspecies interactions in R2. We get ground states of this system by solving a constrained minimization problem. For some kinds of trapping potentials, we prove that the minimization problem has a minimizer if and only if the attractive interaction strength ai (i = 1 , 2) of each component of the BEC system is strictly less than a threshold a*. Furthermore, as (a1 ,a2) ↗ (a* ,a*), the asymptotical behavior for the minimizers of the minimization problem is discussed. Our results show that each component of the BEC system concentrates at a global minimum of the associated trapping potential.

Short- and long-term effects of conscious, minimally conscious and unconscious brand logos.

PubMed

Muscarella, Charlotte; Brintazzoli, Gigliola; Gordts, Sarah; Soetens, Eric; Van den Bussche, Eva

2013-01-01

Unconsciously presented information can influence our behavior in an experimental context. However, whether these effects can be translated to a daily life context, such as advertising, is strongly debated. What hampers this translation is the widely accepted notion of the short-livedness of unconscious representations. The effect of unconscious information on behavior is assumed to rapidly vanish within a few hundreds of milliseconds. Using highly familiar brand logos (e.g., the logo of McDonald's) as subliminal and supraliminal primes in two priming experiments, we assessed whether these logos were able to elicit behavioral effects after a short (e.g., 350 ms), a medium (e.g., 1000 ms), and a long (e.g., 5000 ms) interval. Our results demonstrate that when real-life information is presented minimally consciously or even unconsciously, it can influence our subsequent behavior, even when more than five seconds pass between the presentation of the minimally conscious or unconscious information and the behavior on which it exerts its influence.

Short- and Long-Term Effects of Conscious, Minimally Conscious and Unconscious Brand Logos

PubMed Central

Gordts, Sarah; Soetens, Eric; Van den Bussche, Eva

2013-01-01

Unconsciously presented information can influence our behavior in an experimental context. However, whether these effects can be translated to a daily life context, such as advertising, is strongly debated. What hampers this translation is the widely accepted notion of the short-livedness of unconscious representations. The effect of unconscious information on behavior is assumed to rapidly vanish within a few hundreds of milliseconds. Using highly familiar brand logos (e.g., the logo of McDonald's) as subliminal and supraliminal primes in two priming experiments, we assessed whether these logos were able to elicit behavioral effects after a short (e.g., 350 ms), a medium (e.g., 1000 ms), and a long (e.g., 5000 ms) interval. Our results demonstrate that when real-life information is presented minimally consciously or even unconsciously, it can influence our subsequent behavior, even when more than five seconds pass between the presentation of the minimally conscious or unconscious information and the behavior on which it exerts its influence. PMID:23658681

Develop a solution for protecting and securing enterprise networks from malicious attacks

NASA Astrophysics Data System (ADS)

Kamuru, Harshitha; Nijim, Mais

2014-05-01

In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.

Emotional Disturbance

MedlinePlus

... body of research exists regarding methods of providing students with positive behavioral support (PBS) in the school environment, so that problem behaviors are minimized and positive, appropriate behaviors are ...

"Just the Way Things Were" or Malicious Intent?: One Professor's Effort to Facilitate Truth--A JRLE Student Voices Essay

ERIC Educational Resources Information Center

Mansfield, Katherine C.

2007-01-01

During a class discussion, a professor placed a quote on the overhead by Lewis Terman, former Stanford professor, APA president, and vicar of IQ testing and gifted education in America. The passage stressed that Mexicans and Blacks are born morons, not capable of learning, and should be segregated from Anglos in special classes. In addition, in…

Finding Malicious Cyber Discussions in Social Media

DTIC Science & Technology

2016-02-02

the author and are not necessarily endorsed by the United States Government. media discussions). This process is labor intensive and some- times...Twitter tweets [Twit- ter, 2016] provides some useful evidence that a vulnerability listed in the National Vulnerability Database (NVD) [NIST, 2017] base ...sifiers, we used a keyword- based approach that had been developed by security analysts to detect cyber discussions. This approach searches for 200

Information Assurance for Network-Centric Naval Forces

DTIC Science & Technology

2010-01-01

of engineers are designing , implementing, and vigorously testing malicious codes prior to releasing them, not unlike well-funded commercial software...the likelihood that threats would partially succeed and partially degrade the system. Individual components of Aegis are designed and tested with a...of operations (CONOPS) set that is designed to work well in a low-bandwidth environment must be extensively tested and exercised within that low

Game Theory and Uncertainty Quantification for Cyber Defense Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Halappanavar, Mahantesh; Tipireddy, Ramakrishna

Cyber-system defenders face the challenging task of protecting critical assets and information continually against multiple types of malicious attackers. Defenders typically operate within resource constraints while attackers operate at relatively low costs. As a result, design and development of resilient cyber-systems that can support mission goals under attack while accounting for the dynamics between attackers and defenders is an important research problem.

JPRS Report Environmental Issues

DTIC Science & Technology

1990-08-31

construction of ecologically devastating canals for the interbasin transfer of water ("river diversions") and to "norm" man’s impact upon water ecosystems for...Malicious poaching has increased. The fishing inspectors lack social, physical and legal protec- tion. The wage system has not yet been rectified...scale poaching by Japanese vessels carrying phony num- bers and names. Glavrybvod suspended fishing for all Japanese vessels committing violations

Separation of Benign and Malicious Network Events for Accurate Malware Family Classification

DTIC Science & Technology

2015-09-28

use Kullback - Leibler (KL) divergence [15] to measure the information ...related work in an important aspect concerning the order of events. We use n-grams to capture the order of events, which exposes richer information about...DISCUSSION Using n-grams on higher level network events helps under- stand the underlying operation of the malware, and provides a good feature set

Using Automated Network Detection & Response to Visualize Malicious IT

Science.gov Websites

answer. So I'm going to target talking for about 40 minutes, and leave some time left over for question forced operators to switch to manual mode. The media at the time reported on it, and determined that a available online. I would encourage you, if you have not read it, to please take time to read this and to

A Framework For Dynamic Subversion

DTIC Science & Technology

2003-06-01

informal methods. These methods examine the security requirements, security specification, also called the Formal Top Level Specification and its ...not be always invoked due to its possible deactivation by errant or malicious code. Further, the RVM, if no separation exists between the kernel...that this thesis focused on, is the means by which the dynamic portion of the artifice finds space to operate or is loaded, is relocated in its

Energizing the Enterprise: An Incentive-Based Approach to Homeland Security

DTIC Science & Technology

2010-12-01

participation in efforts to deter terrorists and other malicious actors and mitigate radicalization toward violence38 • Mission 3: Enforcing and...citizens are able in influence homeland security—as explained namely by public choice theory. Both paths lead individuals toward realizing enterprise...in citizen preparedness. A September 2004 survey revealed the following figures: • 58 percent of Americans had taken at least one action toward

Multiparty Quantum English Auction Scheme Using Single Photons as Message Carrier

NASA Astrophysics Data System (ADS)

Liu, Ge; Zhang, Jian-Zhong; Xie, Shu-Cui

2018-03-01

In this paper, a secure and economic multiparty english auction protocol using the single photons as message carrier of bids is proposed. In order to achieve unconditional security, fairness, undeniability and so on, we adopt the decoy photon checking technique and quantum encryption algorithm. Analysis result shows that our protocol satisfies all the characteristics of traditional english auction, meanwhile, it can resist malicious attacks.

Insider Threats in the Software Development Lifecycle

DTIC Science & Technology

2014-11-05

employee, contractor, or other business partner who • has or had authorized access to an organization’s network , system or data and • intentionally...organization’s network , system, or data and who, through • their action/inaction without malicious intent • cause harm or substantially increase...and female Male Target Network , systems, or data PII or Customer Information IP (trade secrets) or Customer Information Access Used

Cyber Adversary Dynamics

DTIC Science & Technology

2013-02-01

that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation ...preparation. Berk , V. H., Cybenko, G., Souza, I. G. D., & Murphy, J. P. (2012, January). “Managing Malicious Insider Risk through BANDIT.” In System... finances , human resources for example; • Tactics – Short term goals and techniques to achieve those goals; • Strategy – Long term outcomes and

How Do Price Minimizing Behaviors Impact Smoking Cessation? Findings from the International Tobacco Control (ITC) Four Country Survey

PubMed Central

Licht, Andrea S.; Hyland, Andrew J.; O’Connor, Richard J.; Chaloupka, Frank J.; Borland, Ron; Fong, Geoffrey T.; Nargis, Nigar; Cummings, K. Michael

2011-01-01

This paper examines how price minimizing behaviors impact efforts to stop smoking. Data on 4,988 participants from the International Tobacco Control Policy Evaluation (ITC) Four-Country Survey who were smokers at baseline (wave 5) and interviewed at a 1 year follow-up were used. We examined whether price minimizing behaviors at baseline predicted: (1) cessation, (2) quit attempts, and (3) successful quit attempts at one year follow up using multivariate logistic regression modeling. A subset analysis included 3,387 participants who were current smokers at waves 5 and 6 and were followed through wave 7 to explore effects of changing purchase patterns on cessation. Statistical tests for interaction were performed to examine the joint effect of SES and price/tax avoidance behaviors on cessation outcomes. Smokers who engaged in any price/tax avoidance behaviors were 28% less likely to report cessation. Persons using low/untaxed sources were less likely to quit at follow up, those purchasing cartons were less likely to make quit attempts and quit, and those using discount cigarettes were less likely to succeed, conditional on making attempts. Respondents who utilized multiple behaviors simultaneously were less likely to make quit attempts and to succeed. SES did not modify the effects of price minimizing behaviors on cessation outcomes. The data from this paper indicate that the availability of lower priced cigarette alternatives may attenuate public health efforts aimed at to reduce reducing smoking prevalence through price and tax increases among all SES groups. PMID:21655144

An Overview of Intervention Options for Promoting Adaptive Behavior of Persons with Acquired Brain Injury and Minimally Conscious State

ERIC Educational Resources Information Center

Lancioni, Giulio E.; Bosco, Andrea; Belardinelli, Marta Olivetti; Singh, Nirbhay N.; O'Reilly, Mark F.; Sigafoos, Jeff

2010-01-01

This paper presents an overview of the studies directed at helping post-coma persons with minimally conscious state improve their adaptive behavior. Twenty-one studies were identified for the 2000-2010 period (i.e., a period in which an intense debate has occurred about diagnostic, rehabilitative, prognostic, and ethical issues concerning people…

Accurate pan-specific prediction of peptide-MHC class II binding affinity with improved binding core identification.

PubMed

Andreatta, Massimo; Karosiene, Edita; Rasmussen, Michael; Stryhn, Anette; Buus, Søren; Nielsen, Morten

2015-11-01

A key event in the generation of a cellular response against malicious organisms through the endocytic pathway is binding of peptidic antigens by major histocompatibility complex class II (MHC class II) molecules. The bound peptide is then presented on the cell surface where it can be recognized by T helper lymphocytes. NetMHCIIpan is a state-of-the-art method for the quantitative prediction of peptide binding to any human or mouse MHC class II molecule of known sequence. In this paper, we describe an updated version of the method with improved peptide binding register identification. Binding register prediction is concerned with determining the minimal core region of nine residues directly in contact with the MHC binding cleft, a crucial piece of information both for the identification and design of CD4(+) T cell antigens. When applied to a set of 51 crystal structures of peptide-MHC complexes with known binding registers, the new method NetMHCIIpan-3.1 significantly outperformed the earlier 3.0 version. We illustrate the impact of accurate binding core identification for the interpretation of T cell cross-reactivity using tetramer double staining with a CMV epitope and its variants mapped to the epitope binding core. NetMHCIIpan is publicly available at http://www.cbs.dtu.dk/services/NetMHCIIpan-3.1 .

Conducting research with minimally verbal participants with autism spectrum disorder.

PubMed

Tager-Flusberg, Helen; Plesa Skwerer, Daniela; Joseph, Robert M; Brukilacchio, Brianna; Decker, Jessica; Eggleston, Brady; Meyer, Steven; Yoder, Anne

2017-10-01

A growing number of research groups are now including older minimally verbal individuals with autism spectrum disorder in their studies to encompass the full range of heterogeneity in the population. There are numerous barriers that prevent researchers from collecting high-quality data from these individuals, in part because of the challenging behaviors with which they present alongside their very limited means for communication. In this article, we summarize the practices that we have developed, based on applied behavioral analysis techniques, and have used in our ongoing research on behavioral, eye-tracking, and electrophysiological studies of minimally verbal children and adolescents with autism spectrum disorder. Our goal is to provide the field with useful guidelines that will promote the inclusion of the entire spectrum of individuals with autism spectrum disorder in future research investigations.

Detection of Anomalous Insiders in Collaborative Environments via Relational Analysis of Access Logs

PubMed Central

Chen, You; Malin, Bradley

2014-01-01

Collaborative information systems (CIS) are deployed within a diverse array of environments, ranging from the Internet to intelligence agencies to healthcare. It is increasingly the case that such systems are applied to manage sensitive information, making them targets for malicious insiders. While sophisticated security mechanisms have been developed to detect insider threats in various file systems, they are neither designed to model nor to monitor collaborative environments in which users function in dynamic teams with complex behavior. In this paper, we introduce a community-based anomaly detection system (CADS), an unsupervised learning framework to detect insider threats based on information recorded in the access logs of collaborative environments. CADS is based on the observation that typical users tend to form community structures, such that users with low a nity to such communities are indicative of anomalous and potentially illicit behavior. The model consists of two primary components: relational pattern extraction and anomaly detection. For relational pattern extraction, CADS infers community structures from CIS access logs, and subsequently derives communities, which serve as the CADS pattern core. CADS then uses a formal statistical model to measure the deviation of users from the inferred communities to predict which users are anomalies. To empirically evaluate the threat detection model, we perform an analysis with six months of access logs from a real electronic health record system in a large medical center, as well as a publicly-available dataset for replication purposes. The results illustrate that CADS can distinguish simulated anomalous users in the context of real user behavior with a high degree of certainty and with significant performance gains in comparison to several competing anomaly detection models. PMID:25485309

Children with Multiple Disabilities and Minimal Motor Behavior Using Chin Movements to Operate Microswitches to Obtain Environmental Stimulation

ERIC Educational Resources Information Center

Lancioni, Giulio E.; O'Reilly, Mark F.; Singh, Nirbhay N.; Sigafoos, Jeff; Tota, Alessia; Antonucci, Massimo; Oliva, Doretta

2006-01-01

In these two studies, two children with multiple disabilities and minimal motor behavior were assessed to see if they could use chin movements to operate microswitches to obtain environmental stimulation. In Study I, we applied an adapted version of a recently introduced electronic microswitch [Lancioni, G. E., O'Reilly, M. F., Singh, N. N.,…

Assisting People with Multiple Disabilities and Minimal Motor Behavior to Improve Computer Pointing Efficiency through a Mouse Wheel

ERIC Educational Resources Information Center

Shih, Ching-Hsiang; Chang, Man-Ling; Shih, Ching-Tien

2009-01-01

This study evaluated whether two people with multiple disabilities and minimal motor behavior would be able to improve their pointing performance using finger poke ability with a mouse wheel through a Dynamic Pointing Assistive Program (DPAP) and a newly developed mouse driver (i.e., a new mouse driver replaces standard mouse driver, changes a…

Assisting People with Multiple Disabilities and Minimal Motor Behavior to Control Environmental Stimulation through a Mouse Wheel

ERIC Educational Resources Information Center

Shih, Ching-Hsiang; Shih, Ching-Tien; Lin, Kun-Tsan; Chiang, Ming-Shan

2009-01-01

This study assessed whether two people with profound multiple disabilities and minimal motor behavior would be able to control environmental stimulation using thumb poke ability with a mouse wheel and a newly developed mouse driver (i.e., a new mouse driver replacing standard mouse driver, and turning a mouse into a precise thumb poke detector).…

Obesity: can behavioral economics help?

PubMed

Just, David R; Payne, Collin R

2009-12-01

Consumers regularly and predictably behave in ways that contradict standard assumptions of economic analysis such that they make decisions that prevent them from reaching rationally intended goals. These contradictions play a significant role with respect to consumers' food decisions and the effect these decisions have on their health. Food decisions that are rationally derived include those that trade short-term gains of sensory pleasure (hedonic) for longer term gains of health and wellness (utilitarian). However, extra-rational food decisions are much more common. They can occur because of the contexts in which they are made--such as being distracted or pressed for time. In these contexts, heuristics (or rules of thumb) are used. Because food decisions are made with little cognitive involvement, food policies designed to appeal to highly cognitive thought (e.g., fat taxes, detailed information labels) are likely to have little impact. Furthermore, food marketing environments influence not only what foods consumers buy but also how much. As a general principle, when individuals do not behave in their own interest, markets will feed perverse and sub-optimal behaviors. Given the limited ability of individuals to retain and use accurate health information coupled with varying levels of self control, profit motivations of marketers can become predatory--though not necessarily malicious. Alternative policy options that do not restrict choice are outlined, which enable consumers to make better decisions. These options allow for profit motivations of marketers to align with the long-term well being of the consumer.

Aerosol and Surface Deposition Characteristics of Two Surrogates for Bacillus anthracis Spores

PubMed Central

Stapleton, Helen L.

2016-01-01

ABSTRACT Spores of an acrystalliferous derivative of Bacillus thuringiensis subsp. kurstaki, termed Btcry−, are morphologically, aerodynamically, and structurally indistinguishable from Bacillus anthracis spores. Btcry− spores were dispersed in a large, open-ended barn together with spores of Bacillus atrophaeus subsp. globigii, a historically used surrogate for Bacillus anthracis. Spore suspensions (2 × 1012 CFU each of B. atrophaeus subsp. globigii and Btcry−) were aerosolized in each of five spray events using a backpack misting device incorporating an air blower; a wind of 4.9 to 7.6 m s−1 was also flowing through the barn in the same direction. Filter air samplers were situated throughout the barn to assess the aerosol density of the spores during each release. Trays filled with a surfactant in aqueous buffer were placed on the floor near the filter samplers to assess spore deposition. Spores were also recovered from arrays of solid surfaces (concrete, aluminum, and plywood) that had been laid on the floor and set up as a wall at the end of the barn. B. atrophaeus subsp. globigii spores were found to remain airborne for significantly longer periods, and to be deposited on horizontal surfaces at lower densities, than Btcry− spores, particularly near the spray source. There was a 6-fold-higher deposition of Btcry− spores than of B. atrophaeus subsp. globigii spores on vertical surfaces relative to the surrounding airborne density. This work is relevant for selecting the best B. anthracis surrogate for the prediction of human exposure, hazard assessment, and hazard management following a malicious release of B. anthracis. IMPORTANCE There is concern that pathogenic bacteria could be maliciously disseminated in the air to cause human infection and disruption of normal life. The threat from spore-forming organisms, such as the causative agent of anthrax, is particularly serious. In order to assess the extent of this risk, it is important to have a surrogate organism that can be used to replicate the dispersal characteristics of the threat agent accurately. This work compares the aerosol dispersal and deposition behaviors of the surrogates Btcry− and B. atrophaeus subsp. globigii. Btcry− spores remained in the air for a shorter time, and were markedly more likely to adhere to vertical surfaces, than B. atrophaeus subsp. globigii spores. PMID:27613681

Cyberspace: Devolution and Recovery

DTIC Science & Technology

2011-03-23

time of the source of the burst and we do not know if it was accidental, an act of God , or a malicious attack. 28 The remainder of a speech like...Security 15 Mailing List, Federal Vulnerability Knowledgebase (VKB), US-CERT Portal, US-CERT Einstein Program, Internet Health and Status Service...The US-CERT portal is a website dedicated to sharing relevant information with participants. The Einstein Program is a program that allows for the

Defense in Depth Added to Malicious Activities Simulation Tools (MAST)

DTIC Science & Technology

2015-09-01

cipher suites. The TLS Handshake is a combination of three components: handshake, change cipher spec, and alert. 41 (1) The Handshake ( Hello ) The...TLS Handshake, specifically the “ Hello ” portion, is designed to negotiate session parameters (cipher suite). The client informs the server of the...protocols and standards that it supports and then the server selects the highest common protocols and standards. Specifically, the Client Hello message

A Cooperative IDS Approach Against MPTCP Attacks

DTIC Science & Technology

2017-06-01

physical testbeds in order to present a methodology that allows distributed IDSs (DIDS) to cooperate in a manner that permits effective detection of...reconstruct MPTCP subflows and detect malicious content. Next, we build physical testbeds in order to present a methodology that allows distributed IDSs...hypotheses on a more realistic testbed environment. • Developing a methodology to incorporate multiple IDSs, real and virtual, to be able to detect cross

Characterizing and Implementing Efficient Primitives for Privacy-Preserving Computation

DTIC Science & Technology

2015-07-01

the mobile device. From this, the mobile will detect any tampering from the malicious party by a discrepancy in these returned values, eliminating...the need for an output MAC. If no tampering is detected , the mobile device then decrypts the output of computation. APPROVED FOR PUBLIC RELEASE...useful error messages when the compiler detects a problem with an application, making debugging the application significantly easier than with other

Internet Governance and National Security

DTIC Science & Technology

2012-01-01

the conflict created by headline- grabbing exploits of ad hoc hacker networks or nation-state-inspired cor­ porate espionage.5 Malicious actors add...governance of critical Internet re­ sources and their impact on US national security are often overlooked. Foreign efforts to alter the technical...crime, espio­ nage, and other forms of cyber conflict rather than on the issues related to governance of critical Internet resources, development of

Security Considerations For Network-Centric Weapon Systems

DTIC Science & Technology

2009-09-01

who exploits some weakness in these protective measures and impersonates a trusted network member can gain the ability to reprogram the victim node to...permitting the attacker to conduct a small-scale reprogramming and insert malicious code such as viruses or worms (McClure, Scambray, and Kurtz 2005, 218...people requesting this information because of the subconscious assumption that everything will end well because it has in the past. Defense

Blacklist Ecosystem Analysis Update: 2014

DTIC Science & Technology

2014-12-01

example, we checked to see if any of the blacklisted IP addresses were known sinkhole IP addresses. This information would essentially invalidate the...indicator as an indicator of malicious activity, since sinkholes are operated by CERTCC-2014-82 4 Blacklist Ecosystem Analysis CERT/CC network defenders who...clean up and collect intelligence on threats. Only one list out of 67, LI_3, contained any sinkhole IP addresses and that list contained only 10. All

Initial Approaches for Discovery of Undocumented Functionality in FPGAs

DTIC Science & Technology

2017-03-01

commercial pressures such as IP protection, support cost, and time to market , modern COTS devices contain many functions that are not exposed to the... market pressures have increased, industry increasingly uses the current generation device to do trial runs of next-generation architecture features...the product of industry operating in a highly cost competitive market , and are not inserted with malicious intent, however, this does not preclude

Advanced Protected Services: A Concept Paper on Survivable Service-Oriented Systems

DTIC Science & Technology

2010-05-07

resiliency and protection of such systems to a level where they can withstand sustained attacks from well-motivated adversaries. In this paper we...that are designed for the protection of systems that are based on service-oriented architectures. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF...resilient against malicious attacks , and to demonstrate the utility of the developed advanced protection techniques in settings that exhibit various

Safe and efficient use of the Internet.

PubMed

Downes, P K

2007-07-14

A minority of people abuse the freedom of the Internet to the detriment of the vast majority. Many people feel that the Internet requires more regulation to reduce the burden of hackers, viruses, hoaxes, adverts and spam that continue to proliferate unabated. Until this ever happens, it is down to the individual person or business to protect themselves against malicious attacks and to use the Internet in a safe and efficient manner.

Robust ECC-based authenticated key agreement scheme with privacy protection for Telecare medicine information systems.

PubMed

Zhang, Liping; Zhu, Shaohui

2015-05-01

To protect the transmission of the sensitive medical data, a secure and efficient authenticated key agreement scheme should be deployed when the healthcare delivery session is established via Telecare Medicine Information Systems (TMIS) over the unsecure public network. Recently, Islam and Khan proposed an authenticated key agreement scheme using elliptic curve cryptography for TMIS. They claimed that their proposed scheme is provably secure against various attacks in random oracle model and enjoys some good properties such as user anonymity. In this paper, however, we point out that any legal but malicious patient can reveal other user's identity. Consequently, their scheme suffers from server spoofing attack and off-line password guessing attack. Moreover, if the malicious patient performs the same time of the registration as other users, she can further launch the impersonation attack, man-in-the-middle attack, modification attack, replay attack, and strong replay attack successfully. To eliminate these weaknesses, we propose an improved ECC-based authenticated key agreement scheme. Security analysis demonstrates that the proposed scheme can resist various attacks and enables the patient to enjoy the remote healthcare services with privacy protection. Through the performance evaluation, we show that the proposed scheme achieves a desired balance between security and performance in comparisons with other related schemes.

A Game Theory Based Solution for Security Challenges in CRNs

NASA Astrophysics Data System (ADS)

Poonam; Nagpal, Chander Kumar

2018-03-01

Cognitive radio networks (CRNs) are being envisioned to drive the next generation Ad hoc wireless networks due to their ability to provide communications resilience in continuously changing environments through the use of dynamic spectrum access. Conventionally CRNs are dependent upon the information gathered by other secondary users to ensure the accuracy of spectrum sensing making them vulnerable to security attacks leading to the need of security mechanisms like cryptography and trust. However, a typical cryptography based solution is not a viable security solution for CRNs owing to their limited resources. Effectiveness of trust based approaches has always been, in question, due to credibility of secondary trust resources. Game theory with its ability to optimize in an environment of conflicting interests can be quite a suitable tool to manage an ad hoc network in the presence of autonomous selfish/malevolent/malicious and attacker nodes. The literature contains several theoretical proposals for augmenting game theory in the ad hoc networks without explicit/detailed implementation. This paper implements a game theory based solution in MATLAB-2015 to secure the CRN environment and compares the obtained results with the traditional approaches of trust and cryptography. The simulation result indicates that as the time progresses the game theory performs much better with higher throughput, lower jitter and better identification of selfish/malicious nodes.

WindTalker: A P2P-Based Low-Latency Anonymous Communication Network

NASA Astrophysics Data System (ADS)

Zhang, Jia; Duan, Haixin; Liu, Wu; Wu, Jianping

Compared with traditional static anonymous communication networks, the P2P architecture can provide higher anonymity in communication. However, the P2P architecture also leads to more challenges, such as route, stability, trust and so on. In this paper, we present WindTalker, a P2P-based low-latency anonymous communication network. It is a pure decentralized mix network and can provide low-latency services which help users hide their real identity in communication. In order to ensure stability and reliability, WindTalker imports “seed nodes” to help a peer join in the P2P network and the peer nodes can use gossip-based protocol to exchange active information. Moreover, WindTalker uses layer encryption to ensure the information of relayed messages cannot be leaked. In addition, malicious nodes in the network are the major threat to anonymity of P2P anonymous communication, so WindTalker imports a trust mechanism which can help the P2P network exclude malicious nodes and optimize the strategy of peer discovery, tunnel construction, and relaying etc. in anonymous communications. We deploy peer nodes of WindTalker in our campus network to test reliability and analyze anonymity in theory. The network measurement and simulation analysis shows that WindTalker can provide low-latency and reliable anonymous communication services.

AIDE - Advanced Intrusion Detection Environment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Cathy L.

2013-04-28

Would you like to know when someone has dropped an undesirable executable binary on our system? What about something less malicious such as a software installation by a user? What about the user who decides to install a newer version of mod_perl or PHP on your web server without letting you know beforehand? Or even something as simple as when an undocumented config file change is made by another member of the admin group? Do you even want to know about all the changes that happen on a daily basis on your server? The purpose of an intrusion detection systemmore » (IDS) is to detect unauthorized, possibly malicious activity. The purpose of a host-based IDS, or file integrity checker, is check for unauthorized changes to key system files, binaries, libraries, and directories on the system. AIDE is an Open Source file and directory integrity checker. AIDE will let you know when a file or directory has been added, deleted, modified. It is included with the Red Hat Enterprise 6. It is available for other Linux distros. This is a case study describing the process of configuring AIDE on an out of the box RHEL6 installation. Its goal is to illustrate the thinking and the process by which a useful AIDE configuration is built.« less

An epidemiological model of internet worms with hierarchical dispersal and spatial clustering of hosts.

PubMed

Hiebeler, David E; Audibert, Andrew; Strubell, Emma; Michaud, Isaac J

2017-04-07

Beginning in 2001, many instances of malicious software known as Internet worms have been using biological strategies such as hierarchical dispersal to seek out and spread to new susceptible hosts more efficiently. We measured the distribution of potentially susceptible hosts in the space of Internet addresses to determine their clustering. We have used the results to construct a full-size simulated Internet with 2 32 hosts with mean and variance of susceptible hosts chosen to match our measurements at multiple spatial scales. Epidemiological simulations of outbreaks among the roughly 2.8×10 6 susceptible hosts on this full-sized network show that local preference scanning greatly increases the chances for an infected host to locate and infect other susceptible hosts by a factor of as much as several hundred. However, once deploying this strategy, the overall success of a worm is relatively insensitive to the details of its dispersal strategy over a wide range of parameters. In addition, although using localized interactions may allow malicious software to spread more rapidly or to more hosts on average, it can also lead to increased variability in infection levels among replicate simulations. Using such dispersal strategies may therefore be a high risk, high reward strategy for the authors of such software. Copyright © 2017 Elsevier Ltd. All rights reserved.

Mediated definite delegation - Certified Grid jobs in ALICE and beyond

NASA Astrophysics Data System (ADS)

Schreiner, Steffen; Grigoras, Costin; Litmaath, Maarten; Betev, Latchezar; Buchmann, Johannes

2012-12-01

Grid computing infrastructures need to provide traceability and accounting of their users’ activity and protection against misuse and privilege escalation, where the delegation of privileges in the course of a job submission is a key concern. This work describes an improved handling of Multi-user Grid Jobs in the ALICE Grid Services. A security analysis of the ALICE Grid job model is presented with derived security objectives, followed by a discussion of existing approaches of unrestricted delegation based on X.509 proxy certificates and the Grid middleware gLExec. Unrestricted delegation has severe security consequences and limitations, most importantly allowing for identity theft and forgery of jobs and data. These limitations are discussed and formulated, both in general and with respect to an adoption in line with Multi-user Grid Jobs. A new general model of mediated definite delegation is developed, allowing a broker to dynamically process and assign Grid jobs to agents while providing strong accountability and long-term traceability. A prototype implementation allowing for fully certified Grid jobs is presented as well as a potential interaction with gLExec. The achieved improvements regarding system security, malicious job exploitation, identity protection, and accountability are emphasized, including a discussion of non-repudiation in the face of malicious Grid jobs.

Detection of inter-frame forgeries in digital videos.

PubMed

K, Sitara; Mehtre, B M

2018-05-26

Videos are acceptable as evidence in the court of law, provided its authenticity and integrity are scientifically validated. Videos recorded by surveillance systems are susceptible to malicious alterations of visual content by perpetrators locally or remotely. Such malicious alterations of video contents (called video forgeries) are categorized into inter-frame and intra-frame forgeries. In this paper, we propose inter-frame forgery detection techniques using tamper traces from spatio-temporal and compressed domains. Pristine videos containing frames that are recorded during sudden camera zooming event, may get wrongly classified as tampered videos leading to an increase in false positives. To address this issue, we propose a method for zooming detection and it is incorporated in video tampering detection. Frame shuffling detection, which was not explored so far is also addressed in our work. Our method is capable of differentiating various inter-frame tamper events and its localization in the temporal domain. The proposed system is tested on 23,586 videos of which 2346 are pristine and rest of them are candidates of inter-frame forged videos. Experimental results show that we have successfully detected frame shuffling with encouraging accuracy rates. We have achieved improved accuracy on forgery detection in frame insertion, frame deletion and frame duplication. Copyright © 2018. Published by Elsevier B.V.

Assisting People with Multiple Disabilities and Minimal Motor Behavior to Improve Computer Drag-and-Drop Efficiency through a Mouse Wheel

ERIC Educational Resources Information Center

Shih, Ching-Hsiang

2011-01-01

This study evaluated whether two people with multiple disabilities and minimal motor behavior would be able to improve their Drag-and-Drop (DnD) performance using their finger/thumb poke ability with a mouse scroll wheel through a Dynamic Drag-and-Drop Assistive Program (DDnDAP). A multiple probe design across participants was used in this study…

Evidence of complex contagion of information in social media: An experiment using Twitter bots.

PubMed

Mønsted, Bjarke; Sapieżyński, Piotr; Ferrara, Emilio; Lehmann, Sune

2017-01-01

It has recently become possible to study the dynamics of information diffusion in techno-social systems at scale, due to the emergence of online platforms, such as Twitter, with millions of users. One question that systematically recurs is whether information spreads according to simple or complex dynamics: does each exposure to a piece of information have an independent probability of a user adopting it (simple contagion), or does this probability depend instead on the number of sources of exposure, increasing above some threshold (complex contagion)? Most studies to date are observational and, therefore, unable to disentangle the effects of confounding factors such as social reinforcement, homophily, limited attention, or network community structure. Here we describe a novel controlled experiment that we performed on Twitter using 'social bots' deployed to carry out coordinated attempts at spreading information. We propose two Bayesian statistical models describing simple and complex contagion dynamics, and test the competing hypotheses. We provide experimental evidence that the complex contagion model describes the observed information diffusion behavior more accurately than simple contagion. Future applications of our results include more effective defenses against malicious propaganda campaigns on social media, improved marketing and advertisement strategies, and design of effective network intervention techniques.

Fast Flux Watch: A mechanism for online detection of fast flux networks.

PubMed

Al-Duwairi, Basheer N; Al-Hammouri, Ahmad T

2014-07-01

Fast flux networks represent a special type of botnets that are used to provide highly available web services to a backend server, which usually hosts malicious content. Detection of fast flux networks continues to be a challenging issue because of the similar behavior between these networks and other legitimate infrastructures, such as CDNs and server farms. This paper proposes Fast Flux Watch (FF-Watch), a mechanism for online detection of fast flux agents. FF-Watch is envisioned to exist as a software agent at leaf routers that connect stub networks to the Internet. The core mechanism of FF-Watch is based on the inherent feature of fast flux networks: flux agents within stub networks take the role of relaying client requests to point-of-sale websites of spam campaigns. The main idea of FF-Watch is to correlate incoming TCP connection requests to flux agents within a stub network with outgoing TCP connection requests from the same agents to the point-of-sale website. Theoretical and traffic trace driven analysis shows that the proposed mechanism can be utilized to efficiently detect fast flux agents within a stub network.

ReTrust: attack-resistant and lightweight trust management for medical sensor networks.

PubMed

He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Vasilakos, Athanasios V

2012-07-01

Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.

Minimization of lumen depreciation in LED lamps using thermal transient behavior analysis and design optimizations.

PubMed

Khan, M Nisa

2016-02-10

We expansively investigate thermal behaviors of various general-purpose light-emitting diode (LED) lamps and apply our measured results, validated by simulation, to establish lamp design rules for optimizing their optical and thermal properties. These design rules provide the means to minimize lumen depreciation over time by minimizing the periods for lamps to reach thermal steady-state while maintaining their high luminous efficacy and omnidirectional light distribution capability. While it is well known that minimizing the junction temperature of an LED leads to a longer lifetime and an increased lumen output, our study demonstrates, for the first time, to the best of our knowledge, that it is also important to minimize the time it takes to reach thermal equilibrium because doing so minimizes lumen depreciation and enhances light output and color stability during operation. Specifically, we have found that, in addition to inadequate heat-sink fin areas for a lamp configuration, LEDs mounted on multiple boards, as opposed to a single board, lead to longer periods for reaching thermal equilibrium contributing to larger lumen depreciation.

Improvement of Binary Analysis Components in Automated Malware Analysis Framework

DTIC Science & Technology

2017-02-21

analyze malicious software (malware) with minimum human interaction. The system autonomously analyze malware samples by analyzing malware binary program...AFRL-AFOSR-JP-TR-2017-0018 Improvement of Binary Analysis Components in Automated Malware Analysis Framework Keiji Takeda KEIO UNIVERSITY Final...currently valid OMB control number . PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ORGANIZATION. 1. REPORT DATE (DD-MM-YYYY)      21-02-2017 2. REPORT

Cloud Security: Issues and Research Directions

DTIC Science & Technology

2014-11-18

4. Cloud Computing Security: What Changes with Software - Defined Networking ? Maur´ıcio Tsugawa, Andr´ea Matsunaga, and Jos´e A. B. Fortes 5...machine’s memory from an untrusted or malicious hypervisor. In Chapter 4, Tsugawa et al. discuss the security issues introduced when Software - Defined ... Networking ( SDN ) is deployed within and across clouds. Chapters 5-9 are focused on the protection of data stored in the cloud. In Chapter 5, Wang et

Using Reputation Based Trust to Overcome Malfunctions and Malicious Failures in Electric Power Protection Systems

DTIC Science & Technology

2011-09-01

concert with a physical attack. Additionally, the importance of preventive measures implemented by a social human network to counteract a cyber attack...integrity of the data stored on specific computers. This coordinated cyber attack would have been successful if not for the trusted social network...established by Mr. Hillar Aarelaid, head of the Estonian computer 6 emergency response team (CERT). This social network consisted of Mr. Hillar Aarelaid

Final Report: Computer-aided Human Centric Cyber Situation Awareness

DTIC Science & Technology

2016-03-20

logs, OS audit trails, vulnerability reports, and packet dumps ), weeding out the false positives, grouping the related indicators so that different...short time duration of each visual stimulus in an fMRI study, we have designed “network security analysis cards ” that require the subject to...determine whether alerts in the cards indicate malicious events. Two types of visual displays of alerts (i.e., tabular display and node-link display) are

Operational Design and Convergent Threats: A Comparison Case Study of Plan Colombia and Afghanistan Aimed to Enhance the Fight Against Narcotic-Funded Insurgencies

DTIC Science & Technology

2012-05-17

capacity to shape the environmental conditions and prevent root causes that foster malicious partnerships. This monograph advocates for increased... legislation through the Congress for various United Stated agencies, including the Departments of State, Justice, and Defense Legislation , expanded agency...behind the Colombian and Afghan drug trades are complex nodes of national and international organizations and individuals. 19 Both, Colombia and

Using Anticipative Malware Analysis to Support Decision Making

DTIC Science & Technology

2010-11-01

specifically, we have designed and implemented a network sandbox, i.e. a sandbox that allows us to study malware behaviour from the network perspective. We...plan to use this sandbox to generate malware-sample profiles that can be used by decision making algorithms to help network administrators and security...also allows the user to specify the network topology to be used. 1 INTRODUCTION Once the presence of a malicious software (malware) threat has been

Reactive Aggregate Model Protecting Against Real-Time Threats

DTIC Science & Technology

2014-09-01

on the underlying functionality of three core components. • MS SQL server 2008 backend database. • Microsoft IIS running on Windows server 2008...services. The capstone tested a Linux-based Apache web server with the following software implementations: • MySQL as a Linux-based backend server for...malicious compromise. 1. Assumptions • GINA could connect to a backend MS SQL database through proper configuration of DotNetNuke. • GINA had access

Another Velvet Revolution Implications of the 1989 Czech Velvet Revolution on Iran

DTIC Science & Technology

2011-06-01

countries; “even censoring news from the Soviet Union, whose own period of glasnost precipitated all these gyrations.”1 Furthermore, the failure of the... America for having maliciously presented the report. For his action of passing along information to Western journalists on the reports of Smid‟s...their coverage of the demonstrations was censored . Video coverage of the demonstrations was often televised as a deterrence mechanism, meanwhile news

Managing Security in FPGA-Based Embedded Systems

DTIC Science & Technology

2008-01-01

Trans. De- sign Automation of Electronic Systems (TODAES), vol. 13, no. 3, July 2008, article 44. c©2008 ACM with permission.5) of the function would need...in the finished design. In addition, the life cycle can be subverted when engineers inject unintended functionality, some of which might be malicious...cores and a moat size of two. There are several different drawbridge configurations between the cores. (IOB: I/O block; CLB: configuration logic block

Network Security Issues

DTIC Science & Technology

1989-01-01

access. 8 An example of a Trojan Horse was one that affected many Macintosh users in 1987. The program called "Sexy Ladies " deleted files as the...be malicious, just the disruption and freezing of the system would be enough to send a panic throughout the financial world. Gold prices would soar...Protection Products," Computers and Security, Apr 88, p. 159. 15 Neil Rubenking, " Antivirus Programs Fight Data Loss," PC Magazine (First Look), 28 Jun

A Demonstration of the Subversion Threat: Facing a Critical Responsibility in the Defense of Cyberspace

DTIC Science & Technology

2002-03-01

dependence upon the proper functioning of the system is crucial. Perhaps the closest relative to subversion is the Trojan Horse attack in which the...additional malicious function. There are three primary factors that distinguish this from subversion. First, the Trojan Horse requires a legitimate...user to run it while the artifice in subversion does not. Second, the Trojan Horse program exploits the level of privilege associated with the

Security Analysis of Yeh-Tsai Security Mechanism

NASA Astrophysics Data System (ADS)

Yum, Dae Hyun; Shin, Jong Hoon; Lee, Pil Joong

Yeh and Tsai recently proposed an enhanced mobile commerce security mechanism. They modified the lightweight security mechanism due to Lam, Chung, Gu, and Sun to relieve the burden of mobile clients. However, this article shows that a malicious WAP gateway can successfully obtain the mobile client's PIN by sending a fake public key of a mobile commerce server and exploiting information leakage caused by addition operation. We also present a countermeasure against the proposed attack.

Getting the Message Across: An Analysis of Foodborne Outbreak Communications Between Federal, State, and Local Health Agencies

DTIC Science & Technology

2016-06-01

prevention essentials.13 The umbrella of food safety incorporates many components including laboratory, agriculture, manufacturing , and others.14 All are...Institute of Medicine, “ food defense” is the science and practice of protecting the food supply from malicious or intentional contamination .16...naturally occurring contamination .18 Whereas, Linton offers that “ food protection” can be considered the amalgamation of both food defense and food safety

Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services

NASA Astrophysics Data System (ADS)

Khoshgozaran, Ali; Shahabi, Cyrus

The ubiquity of smartphones and other location-aware hand-held devices has resulted in a dramatic increase in popularity of location-based services (LBS) tailored to user locations. The comfort of LBS comes with a privacy cost. Various distressing privacy violations caused by sharing sensitive location information with potentially malicious services have highlighted the importance of location privacy research aiming to protect user privacy while interacting with LBS.

Guaranteeing Spoof-Resilient Multi-Robot Networks

DTIC Science & Technology

2015-05-12

particularly challenging attack on this assumption is the so-called “Sybil attack.” In a Sybil attack a malicious agent can generate (or spoof) a large...cybersecurity in general multi-node networks (e.g. a wired LAN), the same is not true for multi- robot networks [14, 28], leaving them largely vulnerable...key passing or cryptographic authen- tication is difficult to maintain due to the highly dynamic and distributed nature of multi-robot teams where

CyberTerrorism: Cyber Prevention vs Cyber Recovery

DTIC Science & Technology

2007-12-01

appropriate available security measures (i.e. appropriate level of spy ware, IDS, and antivirus protection software installed) are unaffected by worm attacks...a worm is a form of a virus designed to copy itself by utilizing e-mail or other software applications. The main goal of using this technique is...to permeate the network or portions of the Internet with malicious code that will affect the performance of certain software applications or will

System for solving diagnosis and hitting set problems

NASA Technical Reports Server (NTRS)

Vatan, Farrokh (Inventor); Fijany, Amir (Inventor)

2007-01-01

The diagnosis problem arises when a system's actual behavior contradicts the expected behavior, thereby exhibiting symptoms (a collection of conflict sets). System diagnosis is then the task of identifying faulty components that are responsible for anomalous behavior. To solve the diagnosis problem, the present invention describes a method for finding the minimal set of faulty components (minimal diagnosis set) that explain the conflict sets. The method includes acts of creating a matrix of the collection of conflict sets, and then creating nodes from the matrix such that each node is a node in a search tree. A determination is made as to whether each node is a leaf node or has any children nodes. If any given node has children nodes, then the node is split until all nodes are leaf nodes. Information gathered from the leaf nodes is used to determine the minimal diagnosis set.

Augmenting Trust Establishment in Dynamic Systems with Social Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lagesse, Brent J; Kumar, Mohan; Venkatesh, Svetha

2010-01-01

Social networking has recently flourished in popularity through the use of social websites. Pervasive computing resources have allowed people stay well-connected to each other through access to social networking resources. We take the position that utilizing information produced by relationships within social networks can assist in the establishment of trust for other pervasive computing applications. Furthermore, we describe how such a system can augment a sensor infrastructure used for event observation with information from mobile sensors (ie, mobile phones with cameras) controlled by potentially untrusted third parties. Pervasive computing systems are invisible systems, oriented around the user. As a result,more » many future pervasive systems are likely to include a social aspect to the system. The social communities that are developed in these systems can augment existing trust mechanisms with information about pre-trusted entities or entities to initially consider when beginning to establish trust. An example of such a system is the Collaborative Virtual Observation (CoVO) system fuses sensor information from disaparate sources in soft real-time to recreate a scene that provides observation of an event that has recently transpired. To accomplish this, CoVO must efficently access services whilst protecting the data from corruption from unknown remote nodes. CoVO combines dynamic service composition with virtual observation to utilize existing infrastructure with third party services available in the environment. Since these services are not under the control of the system, they may be unreliable or malicious. When an event of interest occurs, the given infrastructure (bus cameras, etc.) may not sufficiently cover the necessary information (be it in space, time, or sensor type). To enhance observation of the event, infrastructure is augmented with information from sensors in the environment that the infrastructure does not control. These sensors may be unreliable, uncooperative, or even malicious. Additionally, to execute queries in soft real-time, processing must be distributed to available systems in the environment. We propose to use information from social networks to satisfy these requirements. In this paper, we present our position that knowledge gained from social activities can be used to augment trust mechanisms in pervasive computing. The system uses social behavior of nodes to predict a subset that it wants to query for information. In this context, social behavior such as transit patterns and schedules (which can be used to determine if a queried node is likely to be reliable) or known relationships, such as a phone's address book, that can be used to determine networks of nodes that may also be able to assist in retrieving information. Neither implicit nor explicit relationships necessarily imply that the user trusts an entity, but rather will provide a starting place for establishing trust. The proposed framework utilizes social network information to assist in trust establishment when third-party sensors are used for sensing events.« less

Effectively Utilizing the "Behavioral" in Cognitive-Behavioral Group Therapy of Sex Offenders

ERIC Educational Resources Information Center

Jennings, Jerry L.; Deming, Adam

2013-01-01

Although cognitive-behavioral therapy (CBT) is touted as the predominant approach in sex offender-specific group treatment, a review of the field shows that the "behavioral" part of CBT has become minimal in relation to that which is cognitive. The authors show how a revitalized "behavioral sensibility" may help to enhance…

Improving the performance of minimizers and winnowing schemes

PubMed Central

Marçais, Guillaume; Pellow, David; Bork, Daniel; Orenstein, Yaron; Shamir, Ron; Kingsford, Carl

2017-01-01

Abstract Motivation: The minimizers scheme is a method for selecting k-mers from sequences. It is used in many bioinformatics software tools to bin comparable sequences or to sample a sequence in a deterministic fashion at approximately regular intervals, in order to reduce memory consumption and processing time. Although very useful, the minimizers selection procedure has undesirable behaviors (e.g. too many k-mers are selected when processing certain sequences). Some of these problems were already known to the authors of the minimizers technique, and the natural lexicographic ordering of k-mers used by minimizers was recognized as their origin. Many software tools using minimizers employ ad hoc variations of the lexicographic order to alleviate those issues. Results: We provide an in-depth analysis of the effect of k-mer ordering on the performance of the minimizers technique. By using small universal hitting sets (a recently defined concept), we show how to significantly improve the performance of minimizers and avoid some of its worse behaviors. Based on these results, we encourage bioinformatics software developers to use an ordering based on a universal hitting set or, if not possible, a randomized ordering, rather than the lexicographic order. This analysis also settles negatively a conjecture (by Schleimer et al.) on the expected density of minimizers in a random sequence. Availability and Implementation: The software used for this analysis is available on GitHub: https://github.com/gmarcais/minimizers.git. Contact: gmarcais@cs.cmu.edu or carlk@cs.cmu.edu PMID:28881970

Cognitive-Behavioral and Pharmacologic Interventions for Children's Distress during Painful Medical Procedures.

ERIC Educational Resources Information Center

Jay, Susan M.; And Others

1987-01-01

Evaluated efficacy of cognitive-behavioral intervention package and low-risk pharmacologic intervention (oral Valium) as compared with minimal treatment-attention control condition, in reducing children leukemia patients' distress during bone marrow aspirations. The cognitive-behavioral therapy reduced behavioral distress, pain ratings and pulse…

Characterization of fatigue behavior of 2-D woven fabric reinforced ceramic matrix composite at elevated temperature. Final report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Groner, D.J.

This study investigated the fatigue behavior and associated damage mechanisms in notched and unnotched enhanced SiC/SiC ceramic matrix composite specimens at 1100 deg C. Stiffness degradation, strain variation, and hysteresis were evaluated to characterize material behavior. Microscopic examination was performed to characterize damage mechanisms. During high cycle/low stress fatigue tests, far less fiber/matrix interface debond was evident than in low cycle/high stress fatigue tests. Notched specimens exhibited minimal stress concentration during monotonic tensile testing and minimal notch sensitivity during fatigue testing. Damage mechanisms were also similar to unnotched.

Identifying Time Periods of Minimal Thermal Gradient for Temperature-Driven Structural Health Monitoring

PubMed Central

Reilly, John; Glisic, Branko

2018-01-01

Temperature changes play a large role in the day to day structural behavior of structures, but a smaller direct role in most contemporary Structural Health Monitoring (SHM) analyses. Temperature-Driven SHM will consider temperature as the principal driving force in SHM, relating a measurable input temperature to measurable output generalized strain (strain, curvature, etc.) and generalized displacement (deflection, rotation, etc.) to create three-dimensional signatures descriptive of the structural behavior. Identifying time periods of minimal thermal gradient provides the foundation for the formulation of the temperature–deformation–displacement model. Thermal gradients in a structure can cause curvature in multiple directions, as well as non-linear strain and stress distributions within the cross-sections, which significantly complicates data analysis and interpretation, distorts the signatures, and may lead to unreliable conclusions regarding structural behavior and condition. These adverse effects can be minimized if the signatures are evaluated at times when thermal gradients in the structure are minimal. This paper proposes two classes of methods based on the following two metrics: (i) the range of raw temperatures on the structure, and (ii) the distribution of the local thermal gradients, for identifying time periods of minimal thermal gradient on a structure with the ability to vary the tolerance of acceptable thermal gradients. The methods are tested and validated with data collected from the Streicker Bridge on campus at Princeton University. PMID:29494496

Identifying Time Periods of Minimal Thermal Gradient for Temperature-Driven Structural Health Monitoring.

PubMed

Reilly, John; Glisic, Branko

2018-03-01

Temperature changes play a large role in the day to day structural behavior of structures, but a smaller direct role in most contemporary Structural Health Monitoring (SHM) analyses. Temperature-Driven SHM will consider temperature as the principal driving force in SHM, relating a measurable input temperature to measurable output generalized strain (strain, curvature, etc.) and generalized displacement (deflection, rotation, etc.) to create three-dimensional signatures descriptive of the structural behavior. Identifying time periods of minimal thermal gradient provides the foundation for the formulation of the temperature-deformation-displacement model. Thermal gradients in a structure can cause curvature in multiple directions, as well as non-linear strain and stress distributions within the cross-sections, which significantly complicates data analysis and interpretation, distorts the signatures, and may lead to unreliable conclusions regarding structural behavior and condition. These adverse effects can be minimized if the signatures are evaluated at times when thermal gradients in the structure are minimal. This paper proposes two classes of methods based on the following two metrics: (i) the range of raw temperatures on the structure, and (ii) the distribution of the local thermal gradients, for identifying time periods of minimal thermal gradient on a structure with the ability to vary the tolerance of acceptable thermal gradients. The methods are tested and validated with data collected from the Streicker Bridge on campus at Princeton University.

Managing information technology security risk

NASA Technical Reports Server (NTRS)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

An Approach for Detecting Malicious Emails Using Runtime Monitoring with Hidden Data

DTIC Science & Technology

2016-09-01

demonstrating that a system meets the user’s true requirements--often called ‘building the right system’” [14]. To select a validation and verification...requirements [18]. For example, we give a generalization of how natural language can be ambiguous. No restaurants will allow smoking inside. Here no...can qualify the rest of the sentence, meaning thereby there is not a restaurant that will allow smoking inside. On the other hand, it can qualify only

A Multi Agent System for Flow-Based Intrusion Detection Using Reputation and Evolutionary Computation

DTIC Science & Technology

2011-03-01

the actions of malicious and benign users of the Internet, as well as the engi- neering decisions giving rise to observed network topologies. Say and...with resilience, which is particularly important in the domain of quickly-evolving cyber threats. “Self-organization,” says Meadows, “is basically the...system design paradigm is to leverage the advantages of a distributed approach? What is meant by saying the witness conceptually rates the target

Graphs for information security control in software defined networks

NASA Astrophysics Data System (ADS)

Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

2017-07-01

Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

Testing Dialog-Verification of SIP Phones with Single-Message Denial-of-Service Attacks

NASA Astrophysics Data System (ADS)

Seedorf, Jan; Beckers, Kristian; Huici, Felipe

The Session Initiation Protocol (SIP) is widely used for signaling in multimedia communications. However, many SIP implementations are still in their infancy and vulnerable to malicious messages. We investigate flaws in the SIP implementations of eight phones, showing that the deficient verification of SIP dialogs further aggravates the problem by making it easier for attacks to succeed. Our results show that the majority of the phones we tested are susceptible to these attacks.

The Implications of Self-Reporting Systems for Maritime Domain Awareness

DTIC Science & Technology

2006-12-01

SIA), offrent des avantages significatifs comparativement à la poursuite des navires par détecteur ordinaire et que la disponibilité de l’information...reporting system for sea-going vessels that originated in Sweden in the early 1990s. It was designed primarily for safety of life at sea (SOLAS) and...report information is prone to human error and potential malicious altering and the system itself was not designed with these vulnerabilities in mind

Towards Countering the Rise of the Silicon Trojan

DTIC Science & Technology

The Trojan Horse has a venerable if unwelcome history and it is still regarded by many as the primary component in Computer Network Attack. Trojans ... Trojans have in the vast majority taken the form of malicious software. However, more recent times have seen the emergence of what has been dubbed by some...as the ’Silicon Trojan ’ these trojans are embedded at the hardware level and can be designed directly into chips and devices. The complexity of the

A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks.

PubMed

Alauthaman, Mohammad; Aslam, Nauman; Zhang, Li; Alasem, Rafe; Hossain, M A

2018-01-01

In recent years, Botnets have been adopted as a popular method to carry and spread many malicious codes on the Internet. These malicious codes pave the way to execute many fraudulent activities including spam mail, distributed denial-of-service attacks and click fraud. While many Botnets are set up using centralized communication architecture, the peer-to-peer (P2P) Botnets can adopt a decentralized architecture using an overlay network for exchanging command and control data making their detection even more difficult. This work presents a method of P2P Bot detection based on an adaptive multilayer feed-forward neural network in cooperation with decision trees. A classification and regression tree is applied as a feature selection technique to select relevant features. With these features, a multilayer feed-forward neural network training model is created using a resilient back-propagation learning algorithm. A comparison of feature set selection based on the decision tree, principal component analysis and the ReliefF algorithm indicated that the neural network model with features selection based on decision tree has a better identification accuracy along with lower rates of false positives. The usefulness of the proposed approach is demonstrated by conducting experiments on real network traffic datasets. In these experiments, an average detection rate of 99.08 % with false positive rate of 0.75 % was observed.

An Efficient Location Verification Scheme for Static Wireless Sensor Networks.

PubMed

Kim, In-Hwan; Kim, Bo-Sung; Song, JooSeok

2017-01-24

In wireless sensor networks (WSNs), the accuracy of location information is vital to support many interesting applications. Unfortunately, sensors have difficulty in estimating their location when malicious sensors attack the location estimation process. Even though secure localization schemes have been proposed to protect location estimation process from attacks, they are not enough to eliminate the wrong location estimations in some situations. The location verification can be the solution to the situations or be the second-line defense. The problem of most of the location verifications is the explicit involvement of many sensors in the verification process and requirements, such as special hardware, a dedicated verifier and the trusted third party, which causes more communication and computation overhead. In this paper, we propose an efficient location verification scheme for static WSN called mutually-shared region-based location verification (MSRLV), which reduces those overheads by utilizing the implicit involvement of sensors and eliminating several requirements. In order to achieve this, we use the mutually-shared region between location claimant and verifier for the location verification. The analysis shows that MSRLV reduces communication overhead by 77% and computation overhead by 92% on average, when compared with the other location verification schemes, in a single sensor verification. In addition, simulation results for the verification of the whole network show that MSRLV can detect the malicious sensors by over 90% when sensors in the network have five or more neighbors.

An Efficient Location Verification Scheme for Static Wireless Sensor Networks

PubMed Central

Kim, In-hwan; Kim, Bo-sung; Song, JooSeok

2017-01-01

In wireless sensor networks (WSNs), the accuracy of location information is vital to support many interesting applications. Unfortunately, sensors have difficulty in estimating their location when malicious sensors attack the location estimation process. Even though secure localization schemes have been proposed to protect location estimation process from attacks, they are not enough to eliminate the wrong location estimations in some situations. The location verification can be the solution to the situations or be the second-line defense. The problem of most of the location verifications is the explicit involvement of many sensors in the verification process and requirements, such as special hardware, a dedicated verifier and the trusted third party, which causes more communication and computation overhead. In this paper, we propose an efficient location verification scheme for static WSN called mutually-shared region-based location verification (MSRLV), which reduces those overheads by utilizing the implicit involvement of sensors and eliminating several requirements. In order to achieve this, we use the mutually-shared region between location claimant and verifier for the location verification. The analysis shows that MSRLV reduces communication overhead by 77% and computation overhead by 92% on average, when compared with the other location verification schemes, in a single sensor verification. In addition, simulation results for the verification of the whole network show that MSRLV can detect the malicious sensors by over 90% when sensors in the network have five or more neighbors. PMID:28125007

Practical quantum private query with better performance in resisting joint-measurement attack

NASA Astrophysics Data System (ADS)

Wei, Chun-Yan; Wang, Tian-Yin; Gao, Fei

2016-04-01

As a kind of practical protocol, quantum-key-distribution (QKD)-based quantum private queries (QPQs) have drawn lots of attention. However, joint-measurement (JM) attack poses a noticeable threat to the database security in such protocols. That is, by JM attack a malicious user can illegally elicit many more items from the database than the average amount an honest one can obtain. Taking Jacobi et al.'s protocol as an example, by JM attack a malicious user can obtain as many as 500 bits, instead of the expected 2.44 bits, from a 104-bit database in one query. It is a noticeable security flaw in theory, and would also arise in application with the development of quantum memories. To solve this problem, we propose a QPQ protocol based on a two-way QKD scheme, which behaves much better in resisting JM attack. Concretely, the user Alice cannot get more database items by conducting JM attack on the qubits because she has to send them back to Bob (the database holder) before knowing which of them should be jointly measured. Furthermore, JM attack by both Alice and Bob would be detected with certain probability, which is quite different from previous protocols. Moreover, our protocol retains the good characters of QKD-based QPQs, e.g., it is loss tolerant and robust against quantum memory attack.

Limit behavior of mass critical Hartree minimization problems with steep potential wells

NASA Astrophysics Data System (ADS)

Guo, Yujin; Luo, Yong; Wang, Zhi-Qiang

2018-06-01

We consider minimizers of the following mass critical Hartree minimization problem: eλ(N ) ≔inf {u ∈H1(Rd ) , ‖u‖2 2=N } Eλ(u ) , where d ≥ 3, λ > 0, and the Hartree energy functional Eλ(u) is defined by Eλ(u ) ≔∫Rd|∇u (x ) |2d x +λ ∫Rdg (x ) u2(x ) d x -1/2 ∫Rd∫Rdu/2(x ) u2(y ) |x -y |2 d x d y . Here the steep potential g(x) satisfies 0 =g (0 ) =infRdg (x ) ≤g (x ) ≤1 and 1 -g (x ) ∈Ld/2(Rd ) . We prove that there exists a constant N* > 0, independent of λg(x), such that if N ≥ N*, then eλ(N) does not admit minimizers for any λ > 0; if 0 < N < N*, then there exists a constant λ*(N) > 0 such that eλ(N) admits minimizers for any λ > λ*(N) and eλ(N) does not admit minimizers for 0 < λ < λ*(N). For any given 0 < N < N*, the limit behavior of positive minimizers for eλ(N) is also studied as λ → ∞, where the mass concentrates at the bottom of g(x).

Convergence of Weak Kähler-Ricci Flows on Minimal Models of Positive Kodaira Dimension

NASA Astrophysics Data System (ADS)

Eyssidieux, Phylippe; Guedj, Vincent; Zeriahi, Ahmed

2018-02-01

Studying the behavior of the Kähler-Ricci flow on mildly singular varieties, one is naturally lead to study weak solutions of degenerate parabolic complex Monge-Ampère equations. In this article, the third of a series on this subject, we study the long term behavior of the normalized Kähler-Ricci flow on mildly singular varieties of positive Kodaira dimension, generalizing results of Song and Tian who dealt with smooth minimal models.

Caffeinated and Non-caffeinated Alcohol Use and Indirect Aggression: The Impact of Self-regulation

PubMed Central

Sheehan, Brynn E.; Linden-Carmichael, Ashley N.; Lau-Barraco, Cathy

2016-01-01

Research shows that heavier alcohol use is associated with physical aggression. Scant research has examined the way in which alcohol relates to other forms of aggression, such as indirect aggression (e.g., malicious humor, social exclusion). Given the possible negative consequences of indirect aggression and the limited evidence suggesting alcohol use can elicit indirectly aggressive responses, research is needed to further investigate the association between drinking behavior and indirect aggression. Additionally, specific alcoholic beverages, such as caffeinated alcoholic beverages (CABs; e.g., Red Bull and vodka), may potentiate aggression above the influence of typical use, thus warrant examination with regard to indirect aggression. One factor that may impact the strength of the alcohol-indirect aggression and CAB-indirect aggression relationships is one's level of self-regulation. Consequently, our study examined the relationships between (1) alcohol use and indirect aggression, (2) CAB use and indirect aggression, and (3) self-regulation as a moderator. Participants were 733 (67.6% female) undergraduate students who reported their CAB and alcohol use, self-regulation, and aggressive behaviors. Results revealed that heavier alcohol use was associated with more frequent indirect aggression after controlling for dispositional aggression. Heavier CAB use was related to more frequent indirect aggression after accounting for typical use and dispositional aggression. Self-regulation moderated these associations such that for those with lower self-regulation, greater alcohol and CAB consumption was associated with greater indirect aggression. Our findings suggest that heavier alcohol and CAB consumption may be risk factors for engaging in indirect aggression and this risk is impacted by one's regulatory control. PMID:26905765

Improving the performance of minimizers and winnowing schemes.

PubMed

Marçais, Guillaume; Pellow, David; Bork, Daniel; Orenstein, Yaron; Shamir, Ron; Kingsford, Carl

2017-07-15

The minimizers scheme is a method for selecting k -mers from sequences. It is used in many bioinformatics software tools to bin comparable sequences or to sample a sequence in a deterministic fashion at approximately regular intervals, in order to reduce memory consumption and processing time. Although very useful, the minimizers selection procedure has undesirable behaviors (e.g. too many k -mers are selected when processing certain sequences). Some of these problems were already known to the authors of the minimizers technique, and the natural lexicographic ordering of k -mers used by minimizers was recognized as their origin. Many software tools using minimizers employ ad hoc variations of the lexicographic order to alleviate those issues. We provide an in-depth analysis of the effect of k -mer ordering on the performance of the minimizers technique. By using small universal hitting sets (a recently defined concept), we show how to significantly improve the performance of minimizers and avoid some of its worse behaviors. Based on these results, we encourage bioinformatics software developers to use an ordering based on a universal hitting set or, if not possible, a randomized ordering, rather than the lexicographic order. This analysis also settles negatively a conjecture (by Schleimer et al. ) on the expected density of minimizers in a random sequence. The software used for this analysis is available on GitHub: https://github.com/gmarcais/minimizers.git . gmarcais@cs.cmu.edu or carlk@cs.cmu.edu. © The Author 2017. Published by Oxford University Press. All rights reserved. For Permissions, please e-mail: journals.permissions@oup.com

Practical Strategies for Minimizing Challenging Behaviors in the Preschool Classroom

ERIC Educational Resources Information Center

Jiang, Hui S.; Jones, Sarah Y.

2016-01-01

Challenging behaviors can happen to children with a variety of abilities in all kinds of settings, and children's early experiences as members of classroom communities serve as the foundation on which lifelong patterns of social behaviors are constructed. Therefore, helping children with challenging behaviors become fully included is essential for…

CrossTalk: The Journal of Defense Software Engineering. Volume 20, Number 9, September 2007

DTIC Science & Technology

2007-09-01

underlying application framework, e.g., Java Enter- prise Edition or .NET. This increases the risk that consumer Web services not based on the same...weaknesses and vulnera- bilities that are targeted by attackers and malicious code. For example, Apache Axis 2 enables a Java devel- oper to simply...load his/her Java objects into the Axis SOAP engine. At runtime, it is the SOAP engine that determines which incoming SOAP request messages should be

Host Immunity via Mutable Virtualized Large-Scale Network Containers

DTIC Science & Technology

2016-07-25

and constrain the distributed persistent inside crawlers that have va.lid credentials to access the web services. The main idea is to add a marker...to each web page URL and use the URL path and user inforn1ation contained in the marker to help accurately detect crawlers at its earliest stage...more than half of all website traffic, and malicious bots contributes almost one third of the traffic. As one type of bots, web crawlers have been

Novel Use of Ophthalmic pH Paper to Diagnose Malicious Caustic Ingestion in a Pediatric Patient

PubMed Central

Bruno, Eric C.

2018-01-01

Occult caustic ingestion in the pediatric population is a challenging diagnosis to make in the emergency department. Failure to suspect and diagnose a caustic ingestion can lead to potentially life-changing comorbidities. Historically, the diagnosis of caustic ingestion has been clinical without any suitable diagnostic tools to aid in the suspicion of occult cases. In this case, we describe a novel use of ophthalmic pH paper to diagnose caustic ingestion in a three-year-old.

A Definitive Interoperability Test Methodology for the Malicious Activity Simulation Tool (MAST)

DTIC Science & Technology

2013-03-01

Information Assurance Range DON Department of the Navy DON CIO Department of the Navy Chief Information Officer DoS Denial of Service EOL End-of...came “as part of PMW 160’s solution to the risk posed by Windows™ NT End-of-Life 43 ( EOL ).” Second, “[it] marked the beginning of a steady and...sometimes outdated, systems and programs. [34]. Table 1 shows the basic implementation and EOL timeline, the OS version for both server and

Change of Detection: To Find the Terrorist within the Identification of the U.S. Army’s Insider Threat

DTIC Science & Technology

2012-06-08

Management, usually used in conjunction with the word System TRADOC Training and Doctrine Command UCMJ Uniform Code of Military Justice U.S. United...information system , whether a military member, a DOD civilian employee, or employee of another Federal agency or the private sector. Some...recommendations, however, address the broader scope of “ system components” or “computer software code” inside a system and intended to carry out a malicious

Modeling Malicious Domain Name Take-down Dynamics: Why eCrime Pays

DTIC Science & Technology

2014-04-01

the change in the number of registered but inactive domains. Since xν represents domains that have been registered, but not used, it is decremented by...the defender’s losses may be reduced by legal action or insurance payments, however these recuperations will not, for the community as a whole, exceed...the costs of providing them. For example, any insurance provider will have to charge more for premiums than they give out, or else that provider will

Dynamic Detection of Malicious Code in COTS Software

DTIC Science & Technology

2000-04-01

run the following documented hostile applets or ActiveX of these tools work only on mobile code (Java, ActiveX , controls: 16-11 Hostile Applets Tiny...Killer App Exploder Runner ActiveX Check Spy eSafe Protect Desktop 9/9 blocked NB B NB 13/17 blocked NB Surfinshield Online 9/9 blocked NB B B 13/17...Exploder is an ActiveX control top (@). that performs a clean shutdown of your computer. The interface is attractive, although rather complex, as McLain’s

Information Warfare: Issues Associated with the Defense of DOD Computers and Computer Networks

DTIC Science & Technology

2002-04-12

professionals; any mistakes that remain are mine and mine alone. Finally, I wish to thank my family, my wife Cecilia , my daughters Leslie and Marguerite, and my...Accessed 15 January 2002. Malicious Activity Continues to Climb Virus Growth Per Month (Internet - “Wild List”) J a n May NovS e pJul 130 140 150 160...28 Original brief previously unpublished. Briefing is currently held in Operation Directorate ( J -3) of the Joint Task

Evaluation of Malware Target Recognition Deployed in a Cloud-Based Fileserver Environment

DTIC Science & Technology

2012-03-01

many of these detection techniques could be evaded with simple obfuscation. Kolter and Maloof extend Schultz’s research in [KM04] and [KM06]. Their...69 [KM04] Jeremy Z. Kolter and Marcus A. Maloof. Learning to detect malicious executables in the wild. In Proceedings of the tenth ACM SIGKDD...international conference on Knowledge discovery and data mining, KDD ’04, pages 470–478, New York, NY, USA, 2004. ACM. [KM06] J.Z. Kolter and M.A. Maloof

Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders

DTIC Science & Technology

2013-01-01

under Contract No. FA8721-05- C -0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded...logging capabilities or further modify the control to best suit its needs. 1.1 Audience and Structure of This Report This report is a hands -on guide...the follow- ing directory: C :\\Admin_Tools\\USB_Audit\\ When selecting a deployment path, avoid using spaces in directory names since this will cause

Development and evaluation of devices designed to minimize deer-vehicle collisions : phase II.

DOT National Transportation Integrated Search

2010-12-01

We evaluated behavioral responses of captive white-tailed deer to visual and physical barriers designed to minimize deer-vehicle collisions, determined effects of exclusion fencing on movements of free-ranging deer, and further tested the visual capa...

Television viewing and forms of bullying among adolescents from eight countries.

PubMed

Kuntsche, Emmanuel; Pickett, William; Overpeck, Mary; Craig, Wendy; Boyce, William; de Matos, Margarida Gaspar

2006-12-01

Based on theories suggesting that frequent television viewers act and react in hostile, malicious, malevolent, or verbally aggressive ways rather than being physically violent, the present study investigates relationships between television viewing and different forms of bullying. Multilevel regression models were estimated based on cross-sectional data from 31,177 adolescents aged 11, 13, and 15 years from Canada, Estonia, Israel, Latvia, Macedonia, Poland, Portugal, and the United States who participated in the 2001-2002 Health Behavior in School-aged Children Survey. Although all different forms of bullying were associated with television viewing in bivariate analyses, only the verbal forms (i.e. "calling mean names" and "spreading rumors") remained significant in multiple regression models. These relationships were observed consistently in all eight participating countries. However, the association between television viewing and physical forms of bullying such as kicking, pushing, or shoving around, varied across countries. In most weekend TV viewing cultures, frequent television viewers were prone to kick or push another student in addition to verbal forms of bullying, which was not the case in weekday viewing cultures. These results demonstrate the importance of limiting adolescents' time engaged in unsupervised television watching, and the need to motivate adolescents to engage in joint family activities or organized after-school activities.

Modeling Misbehavior in Cooperative Diversity: A Dynamic Game Approach

NASA Astrophysics Data System (ADS)

Dehnie, Sintayehu; Memon, Nasir

2009-12-01

Cooperative diversity protocols are designed with the assumption that terminals always help each other in a socially efficient manner. This assumption may not be valid in commercial wireless networks where terminals may misbehave for selfish or malicious intentions. The presence of misbehaving terminals creates a social-dilemma where terminals exhibit uncertainty about the cooperative behavior of other terminals in the network. Cooperation in social-dilemma is characterized by a suboptimal Nash equilibrium where wireless terminals opt out of cooperation. Hence, without establishing a mechanism to detect and mitigate effects of misbehavior, it is difficult to maintain a socially optimal cooperation. In this paper, we first examine effects of misbehavior assuming static game model and show that cooperation under existing cooperative protocols is characterized by a noncooperative Nash equilibrium. Using evolutionary game dynamics we show that a small number of mutants can successfully invade a population of cooperators, which indicates that misbehavior is an evolutionary stable strategy (ESS). Our main goal is to design a mechanism that would enable wireless terminals to select reliable partners in the presence of uncertainty. To this end, we formulate cooperative diversity as a dynamic game with incomplete information. We show that the proposed dynamic game formulation satisfied the conditions for the existence of perfect Bayesian equilibrium.

A Smart Collaborative Routing Protocol for Reliable Data Diffusion in IoT Scenarios.

PubMed

Ai, Zheng-Yang; Zhou, Yu-Tong; Song, Fei

2018-06-13

It is knotty for current routing protocols to meet the needs of reliable data diffusion during the Internet of Things (IoT) deployments. Due to the random placement, limited resources and unattended features of existing sensor nodes, the wireless transmissions are easily exposed to unauthorized users, which becomes a vulnerable area for various malicious attacks, such as wormhole and Sybil attacks. However, the scheme based on geographic location is a suitable candidate to defend against them. This paper is inspired to propose a smart collaborative routing protocol, Geographic energy aware routing and Inspecting Node (GIN), for guaranteeing the reliability of data exchanging. The proposed protocol integrates the directed diffusion routing, Greedy Perimeter Stateless Routing (GPSR), and the inspecting node mechanism. We first discuss current wireless routing protocols from three diverse perspectives (improving transmission rate, shortening transmission range and reducing transmission consumption). Then, the details of GIN, including the model establishment and implementation processes, are presented by means of the theoretical analysis. Through leveraging the game theory, the inspecting node is elected to monitor the network behaviors. Thirdly, we evaluate the network performances, in terms of transmission delay, packet loss ratio, and throughput, between GIN and three traditional schemes (i.e., Flooding, GPSR, and GEAR). The simulation results illustrate that the proposed protocol is able to outperform the others.

Design for Survivability: An Approach to Assured Autonomy

NASA Technical Reports Server (NTRS)

Alexandrov, Natalia M.; Ozoroski, Thomas A.

2016-01-01

Rapidly expanding unmanned air traffic includes and will continue to include non-cooperative participants. Non-cooperative behavior may be due to technical failure, a lack of appropriate equipment, a careless or malicious operator. Regardless of the cause, the outcome remains: growing density of non-cooperative traffic will increase the risk of collision between unmanned vehicles and aircraft carrying humans. As a result, the degraded safety of airspace may limit access to airspace, with adverse consequences for the traveling public and the economy. Because encounters with small non-cooperative objects, such as birds or wayward drones, can happen too rapidly for an external control system to mitigate them, it is imperative that the aircraft that carry humans survive encounters with non-cooperative vehicles. To-date, design for survivability has been practiced explicitly in the military domain. Survivability against collisions in civil aviation has been limited to tolerances against bird strikes; and these tolerances have proved inadequate on occasion. The growing risk of collision with unmanned vehicles now requires the development of survivability discipline for civilian transport aircraft. The new discipline must be infused into multidisciplinary design methods, on par with traditional disciplines. In this paper, we report on a preliminary study of survivability considerations for the civil aviation domain.

Exploring the Link between Pet Abuse and Controlling Behaviors in Violent Relationships

ERIC Educational Resources Information Center

Simmons, Catherine A.; Lehmann, Peter

2007-01-01

Domestic violence is not as simple as one partner physically harming another. Instead, it consists of a complex range of controlling behaviors including physical, emotional, sexual, and economic maltreatment as well as isolation, male privilege, blaming, intimidation, threats, and minimizing/denying behaviors. In addition to the controlling…

Implementing Cooperative Behavior & Control Using Open Source Technology Across Heterogeneous Vehicles

DTIC Science & Technology

2015-03-26

8 January 2015]. [34] M. Pursifull, " DIY Drones," 1 August 2012. [Online]. Available: http://diydrones.com/group/arducopterusergroup/forum/topics...Camp Atterbury Range Safety course and has his range control safety card . 2. GENERAL MINIMIZING CONDITIONS The following general minimizing

Minimizing Bullying Behavior of Middle School Students through Behavioral Intervention and Instruction

ERIC Educational Resources Information Center

Drosopoulos, J. Dan; Heald, A. Zachariah; McCue, M. John

2008-01-01

This action research project report examined all forms of bullying behaviors and ways to reduce those behaviors. The project included 63 students from both a high school health class and a 6th and 7th grade middle school homeroom. The research was conducted from September 17, 2007 through December 14, 2007. In the specified locations, female to…

Testing simple deceptive honeypot tools

NASA Astrophysics Data System (ADS)

Yahyaoui, Aymen; Rowe, Neil C.

2015-05-01

Deception can be a useful defensive technique against cyber-attacks; it has the advantage of unexpectedness to attackers and offers a variety of tactics. Honeypots are a good tool for deception. They act as decoy computers to confuse attackers and exhaust their time and resources. This work tested the effectiveness of two free honeypot tools in real networks by varying their location and virtualization, and the effects of adding more deception to them. We tested a Web honeypot tool, Glastopf and an SSH honeypot tool Kippo. We deployed the Web honeypot in both a residential network and our organization's network and as both real and virtual machines; the organization honeypot attracted more attackers starting in the third week. Results also showed that the virtual honeypots received attacks from more unique IP addresses. They also showed that adding deception to the Web honeypot, in the form of additional linked Web pages and interactive features, generated more interest by attackers. For the purpose of comparison, we used examined log files of a legitimate Web-site www.cmand.org. The traffic distributions for the Web honeypot and the legitimate Web site showed similarities (with much malicious traffic from Brazil), but the SSH honeypot was different (with much malicious traffic from China). Contrary to previous experiments where traffic to static honeypots decreased quickly, our honeypots received increasing traffic over a period of three months. It appears that both honeypot tools are useful for providing intelligence about cyber-attack methods, and that additional deception is helpful.

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

GenInfoGuard--a robust and distortion-free watermarking technique for genetic data.

PubMed

Iftikhar, Saman; Khan, Sharifullah; Anwar, Zahid; Kamran, Muhammad

2015-01-01

Genetic data, in digital format, is used in different biological phenomena such as DNA translation, mRNA transcription and protein synthesis. The accuracy of these biological phenomena depend on genetic codes and all subsequent processes. To computerize the biological procedures, different domain experts are provided with the authorized access of the genetic codes; as a consequence, the ownership protection of such data is inevitable. For this purpose, watermarks serve as the proof of ownership of data. While protecting data, embedded hidden messages (watermarks) influence the genetic data; therefore, the accurate execution of the relevant processes and the overall result becomes questionable. Most of the DNA based watermarking techniques modify the genetic data and are therefore vulnerable to information loss. Distortion-free techniques make sure that no modifications occur during watermarking; however, they are fragile to malicious attacks and therefore cannot be used for ownership protection (particularly, in presence of a threat model). Therefore, there is a need for a technique that must be robust and should also prevent unwanted modifications. In this spirit, a watermarking technique with aforementioned characteristics has been proposed in this paper. The proposed technique makes sure that: (i) the ownership rights are protected by means of a robust watermark; and (ii) the integrity of genetic data is preserved. The proposed technique-GenInfoGuard-ensures its robustness through the "watermark encoding" in permuted values, and exhibits high decoding accuracy against various malicious attacks.

Sodium fluoroacetate toxicity: a case report of malicious poisoning in dogs across a Phoenix, Arizona neighborhood.

PubMed

Brower, Alexandra; Struthers, Jason; Schmidt, Jemima

2017-12-01

In May 2016, thirteen dogs housed in backyards within a single neighborhood were reported to have developed convulsions and died within a 24 h period. An investigation of the scene by law enforcement resulted in submission of eight dogs for postmortem examination. It was suspected that a rapid acting toxin was the cause of death. A gas chromatography-mass spectrophotometry (GC-MS) protocol combined with thin-layer chromatography that allows screening for common convulsants failed to identify a toxin in either pooled gastric content or liver samples from select cases. After consultation with a veterinary toxicologist, sodium fluoroacetate poisoning was investigated. Sodium fluoroacetate, also known as 1080, is a pesticide that was available in the United States from the 1940's to the 1970's, but since 1972 has been banned or under EPA restricted use. When gastric content was re-tested using a GC-MS protocol with selective fluoroacetate ion monitoring and carbon 14 radiolabeling to facilitate quantification, 379 ppb sodium fluoroacetate was detected in a pooled gastric content sample. In spite of its banned status, sodium fluoroacetate remains a rarely reported cause of malicious poisoning in domestic dogs in the United Sates. This compound is highly toxic and is capable of causing death in dogs, humans, other mammals, and insects in ingested quantities as small as a few droplets. Even when geographic or historical proximity to a source is not evident, this intoxication should be considered in dogs exhibiting compatible clinical signs.

Automatic analysis of attack data from distributed honeypot network

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Voznak, MIroslav; Rezac, Filip; Partila, Pavol; Tomala, Karel

2013-05-01

There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data.

A framework for analyzing the impact of data integrity/quality on electricity market operations

NASA Astrophysics Data System (ADS)

Choi, Dae Hyun

This dissertation examines the impact of data integrity/quality in the supervisory control and data acquisition (SCADA) system on real-time locational marginal price (LMP) in electricity market operations. Measurement noise and/or manipulated sensor errors in a SCADA system may mislead system operators about real-time conditions in a power system, which, in turn, may impact the price signals in real-time power markets. This dissertation serves as a first attempt to analytically investigate the impact of bad/malicious data on electric power market operations. In future power system operations, which will probably involve many more sensors, the impact of sensor data integrity/quality on grid operations will become increasingly important. The first part of this dissertation studies from a market participant's perspective a new class of malicious data attacks on state estimation, which subsequently influences the result of the newly emerging look-ahead dispatch models in the real-time power market. In comparison with prior work of cyber-attack on static dispatch where no inter-temporal ramping constraint is considered, we propose a novel attack strategy, named ramp-induced data (RID) attack, with which the attacker can manipulate the limits of ramp constraints of generators in look-ahead dispatch. It is demonstrated that the proposed attack can lead to financial profits via malicious capacity withholding of selected generators, while being undetected by the existing bad data detection algorithm embedded in today's state estimation software. In the second part, we investigate from a system operator's perspective the sensitivity of locational marginal price (LMP) with respect to data corruption-induced state estimation error in real-time power market. Two data corruption scenarios are considered, in which corrupted continuous data (e.g., the power injection/flow and voltage magnitude) falsify power flow estimate whereas corrupted discrete data (e.g., the on/off status of a circuit breaker) do network topology estimate, thus leading to the distortion of LMP. We present an analytical framework to quantify real-time LMP sensitivity subject to continuous and discrete data corruption via state estimation. The proposed framework offers system operators an analytical tool to identify economically sensitive buses and transmission lines to data corruption as well as find sensors that impact LMP changes significantly. This dissertation serves as a first step towards rigorous understanding of the fundamental coupling among cyber, physical and economical layers of operations in future smart grid.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks.

PubMed

Tang, Jiawei; Liu, Anfeng; Zhang, Jian; Xiong, Neal N; Zeng, Zhiwen; Wang, Tian

2018-03-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks

PubMed Central

Tang, Jiawei; Zhang, Jian; Zeng, Zhiwen; Wang, Tian

2018-01-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%. PMID:29494561

Securing mobile code.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Link, Hamilton E.; Schroeppel, Richard Crabtree; Neumann, William Douglas

2004-10-01

If software is designed so that the software can issue functions that will move that software from one computing platform to another, then the software is said to be 'mobile'. There are two general areas of security problems associated with mobile code. The 'secure host' problem involves protecting the host from malicious mobile code. The 'secure mobile code' problem, on the other hand, involves protecting the code from malicious hosts. This report focuses on the latter problem. We have found three distinct camps of opinions regarding how to secure mobile code. There are those who believe special distributed hardware ismore » necessary, those who believe special distributed software is necessary, and those who believe neither is necessary. We examine all three camps, with a focus on the third. In the distributed software camp we examine some commonly proposed techniques including Java, D'Agents and Flask. For the specialized hardware camp, we propose a cryptographic technique for 'tamper-proofing' code over a large portion of the software/hardware life cycle by careful modification of current architectures. This method culminates by decrypting/authenticating each instruction within a physically protected CPU, thereby protecting against subversion by malicious code. Our main focus is on the camp that believes that neither specialized software nor hardware is necessary. We concentrate on methods of code obfuscation to render an entire program or a data segment on which a program depends incomprehensible. The hope is to prevent or at least slow down reverse engineering efforts and to prevent goal-oriented attacks on the software and execution. The field of obfuscation is still in a state of development with the central problem being the lack of a basis for evaluating the protection schemes. We give a brief introduction to some of the main ideas in the field, followed by an in depth analysis of a technique called 'white-boxing'. We put forth some new attacks and improvements on this method as well as demonstrating its implementation for various algorithms. We also examine cryptographic techniques to achieve obfuscation including encrypted functions and offer a new application to digital signature algorithms. To better understand the lack of security proofs for obfuscation techniques, we examine in detail general theoretical models of obfuscation. We explain the need for formal models in order to obtain provable security and the progress made in this direction thus far. Finally we tackle the problem of verifying remote execution. We introduce some methods of verifying remote exponentiation computations and some insight into generic computation checking.« less

Deep PDF parsing to extract features for detecting embedded malware.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Munson, Miles Arthur; Cross, Jesse S.

2011-09-01

The number of PDF files with embedded malicious code has risen significantly in the past few years. This is due to the portability of the file format, the ways Adobe Reader recovers from corrupt PDF files, the addition of many multimedia and scripting extensions to the file format, and many format properties the malware author may use to disguise the presence of malware. Current research focuses on executable, MS Office, and HTML formats. In this paper, several features and properties of PDF Files are identified. Features are extracted using an instrumented open source PDF viewer. The feature descriptions of benignmore » and malicious PDFs can be used to construct a machine learning model for detecting possible malware in future PDF files. The detection rate of PDF malware by current antivirus software is very low. A PDF file is easy to edit and manipulate because it is a text format, providing a low barrier to malware authors. Analyzing PDF files for malware is nonetheless difficult because of (a) the complexity of the formatting language, (b) the parsing idiosyncrasies in Adobe Reader, and (c) undocumented correction techniques employed in Adobe Reader. In May 2011, Esparza demonstrated that PDF malware could be hidden from 42 of 43 antivirus packages by combining multiple obfuscation techniques [4]. One reason current antivirus software fails is the ease of varying byte sequences in PDF malware, thereby rendering conventional signature-based virus detection useless. The compression and encryption functions produce sequences of bytes that are each functions of multiple input bytes. As a result, padding the malware payload with some whitespace before compression/encryption can change many of the bytes in the final payload. In this study we analyzed a corpus of 2591 benign and 87 malicious PDF files. While this corpus is admittedly small, it allowed us to test a system for collecting indicators of embedded PDF malware. We will call these indicators features throughout the rest of this report. The features are extracted using an instrumented PDF viewer, and are the inputs to a prediction model that scores the likelihood of a PDF file containing malware. The prediction model is constructed from a sample of labeled data by a machine learning algorithm (specifically, decision tree ensemble learning). Preliminary experiments show that the model is able to detect half of the PDF malware in the corpus with zero false alarms. We conclude the report with suggestions for extending this work to detect a greater variety of PDF malware.« less

Minimal agent based model for financial markets I. Origin and self-organization of stylized facts

NASA Astrophysics Data System (ADS)

Alfi, V.; Cristelli, M.; Pietronero, L.; Zaccaria, A.

2009-02-01

We introduce a minimal agent based model for financial markets to understand the nature and self-organization of the stylized facts. The model is minimal in the sense that we try to identify the essential ingredients to reproduce the most important deviations of price time series from a random walk behavior. We focus on four essential ingredients: fundamentalist agents which tend to stabilize the market; chartist agents which induce destabilization; analysis of price behavior for the two strategies; herding behavior which governs the possibility of changing strategy. Bubbles and crashes correspond to situations dominated by chartists, while fundamentalists provide a long time stability (on average). The stylized facts are shown to correspond to an intermittent behavior which occurs only for a finite value of the number of agents N. Therefore they correspond to finite size effects which, however, can occur at different time scales. We propose a new mechanism for the self-organization of this state which is linked to the existence of a threshold for the agents to be active or not active. The feedback between price fluctuations and number of active agents represents a crucial element for this state of self-organized intermittency. The model can be easily generalized to consider more realistic variants.

Representations in Dynamical Embodied Agents: Re-Analyzing a Minimally Cognitive Model Agent

ERIC Educational Resources Information Center

Mirolli, Marco

2012-01-01

Understanding the role of "representations" in cognitive science is a fundamental problem facing the emerging framework of embodied, situated, dynamical cognition. To make progress, I follow the approach proposed by an influential representational skeptic, Randall Beer: building artificial agents capable of minimally cognitive behaviors and…

Specializing network analysis to detect anomalous insider actions

PubMed Central

Chen, You; Nyemba, Steve; Zhang, Wen; Malin, Bradley

2012-01-01

Collaborative information systems (CIS) enable users to coordinate efficiently over shared tasks in complex distributed environments. For flexibility, they provide users with broad access privileges, which, as a side-effect, leave such systems vulnerable to various attacks. Some of the more damaging malicious activities stem from internal misuse, where users are authorized to access system resources. A promising class of insider threat detection models for CIS focuses on mining access patterns from audit logs, however, current models are limited in that they assume organizations have significant resources to generate label cases for training classifiers or assume the user has committed a large number of actions that deviate from “normal” behavior. In lieu of the previous assumptions, we introduce an approach that detects when specific actions of an insider deviate from expectation in the context of collaborative behavior. Specifically, in this paper, we introduce a specialized network anomaly detection model, or SNAD, to detect such events. This approach assesses the extent to which a user influences the similarity of the group of users that access a particular record in the CIS. From a theoretical perspective, we show that the proposed model is appropriate for detecting insider actions in dynamic collaborative systems. From an empirical perspective, we perform an extensive evaluation of SNAD with the access logs of two distinct environments: the patient record access logs a large electronic health record system (6,015 users, 130,457 patients and 1,327,500 accesses) and the editing logs of Wikipedia (2,394,385 revisors, 55,200 articles and 6,482,780 revisions). We compare our model with several competing methods and demonstrate SNAD is significantly more effective: on average it achieves 20–30% greater area under an ROC curve. PMID:23399988

Tools for Large-Scale Mobile Malware Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bierma, Michael

Analyzing mobile applications for malicious behavior is an important area of re- search, and is made di cult, in part, by the increasingly large number of appli- cations available for the major operating systems. There are currently over 1.2 million apps available in both the Google Play and Apple App stores (the respec- tive o cial marketplaces for the Android and iOS operating systems)[1, 2]. Our research provides two large-scale analysis tools to aid in the detection and analysis of mobile malware. The rst tool we present, Andlantis, is a scalable dynamic analysis system capa- ble of processing over 3000more » Android applications per hour. Traditionally, Android dynamic analysis techniques have been relatively limited in scale due to the compu- tational resources required to emulate the full Android system to achieve accurate execution. Andlantis is the most scalable Android dynamic analysis framework to date, and is able to collect valuable forensic data, which helps reverse-engineers and malware researchers identify and understand anomalous application behavior. We discuss the results of running 1261 malware samples through the system, and provide examples of malware analysis performed with the resulting data. While techniques exist to perform static analysis on a large number of appli- cations, large-scale analysis of iOS applications has been relatively small scale due to the closed nature of the iOS ecosystem, and the di culty of acquiring appli- cations for analysis. The second tool we present, iClone, addresses the challenges associated with iOS research in order to detect application clones within a dataset of over 20,000 iOS applications.« less

Phantom behavior bounce with tachyon and non-minimal derivative coupling

DOE Office of Scientific and Technical Information (OSTI.GOV)

Banijamali, A.; Fazlpour, B., E-mail: a.banijamali@nit.ac.ir, E-mail: b.fazlpour@umz.ac.ir

2012-01-01

The bouncing cosmology provides a successful solution of the cosmological singularity problem. In this paper, we study the bouncing behavior of a single scalar field model with tachyon field non-minimally coupled to itself, its derivative and to the curvature. By utilizing the numerical calculations we will show that the bouncing solution can appear in the universe dominated by such a quintom matter with equation of state crossing the phantom divide line. We also investigate the classical stability of our model using the phase velocity of the homogeneous perturbations of the tachyon scalar field.

The anatomy of choice: active inference and agency.

PubMed

Friston, Karl; Schwartenbeck, Philipp; Fitzgerald, Thomas; Moutoussis, Michael; Behrens, Timothy; Dolan, Raymond J

2013-01-01

This paper considers agency in the setting of embodied or active inference. In brief, we associate a sense of agency with prior beliefs about action and ask what sorts of beliefs underlie optimal behavior. In particular, we consider prior beliefs that action minimizes the Kullback-Leibler (KL) divergence between desired states and attainable states in the future. This allows one to formulate bounded rationality as approximate Bayesian inference that optimizes a free energy bound on model evidence. We show that constructs like expected utility, exploration bonuses, softmax choice rules and optimism bias emerge as natural consequences of this formulation. Previous accounts of active inference have focused on predictive coding and Bayesian filtering schemes for minimizing free energy. Here, we consider variational Bayes as an alternative scheme that provides formal constraints on the computational anatomy of inference and action-constraints that are remarkably consistent with neuroanatomy. Furthermore, this scheme contextualizes optimal decision theory and economic (utilitarian) formulations as pure inference problems. For example, expected utility theory emerges as a special case of free energy minimization, where the sensitivity or inverse temperature (of softmax functions and quantal response equilibria) has a unique and Bayes-optimal solution-that minimizes free energy. This sensitivity corresponds to the precision of beliefs about behavior, such that attainable goals are afforded a higher precision or confidence. In turn, this means that optimal behavior entails a representation of confidence about outcomes that are under an agent's control.

Approximate solution of the p-median minimization problem

NASA Astrophysics Data System (ADS)

Il'ev, V. P.; Il'eva, S. D.; Navrotskaya, A. A.

2016-09-01

A version of the facility location problem (the well-known p-median minimization problem) and its generalization—the problem of minimizing a supermodular set function—is studied. These problems are NP-hard, and they are approximately solved by a gradient algorithm that is a discrete analog of the steepest descent algorithm. A priori bounds on the worst-case behavior of the gradient algorithm for the problems under consideration are obtained. As a consequence, a bound on the performance guarantee of the gradient algorithm for the p-median minimization problem in terms of the production and transportation cost matrix is obtained.

Patient information: confidentiality and the electronic record.

PubMed

Griffith, Richard

The rise of the electronic record now allows nurses to access a large archive of patient information that was more difficult to obtain when records consisted of manually held paper files. There have been several instances where curiosity and, occasionally, more malicious motivations have led nurses to access these records and read the notes of a celebrity or a person they know. In this article, Richard Griffith considers whether nurses' accessing and reading of the record of someone who is not in their care is in breach of their duty of confidentiality.

Using a Prediction Model to Manage Cyber Security Threats.

PubMed

Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

Using a Prediction Model to Manage Cyber Security Threats

PubMed Central

Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

Attacks on public telephone networks: technologies and challenges

NASA Astrophysics Data System (ADS)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Security engineering: systems engineering of security through the adaptation and application of risk management

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Comparing Phlebotomy by Tail Tip Amputation, Facial Vein Puncture, and Tail Vein Incision in C57BL/6 Mice by Using Physiologic and Behavioral Metrics of Pain and Distress

PubMed Central

Moore, Elizabeth S; Cleland, Thomas A; Williams, Wendy O; Peterson, Christine M; Singh, Bhupinder; Southard, Teresa L; Pasch, Bret; Labitt, Rachael N; Daugherity, Erin K

2017-01-01

Tail tip amputation with minimal restraint is not widely used for mouse phlebotomy. In part, this infrequency may reflect policies influenced by tail tip amputation procedures for genotyping, which involve greater handling and tissue removal. To assess tail tip amputation with minimal restraint as a phlebotomy technique, we compared it with 2 more common methods: scruffing with facial vein puncture and lateral tail vein incision with minimal restraint. Blood glucose levels, audible and ultrasonic vocalizations, postphlebotomy activity and grooming behavior, open field and elevated plus maze behaviors, nest-building scores, and histologic changes at the phlebotomy site were evaluated. Mice in the facial vein phlebotomy group produced more audible vocalizations, exhibited lower postphlebotomy activity in the open field, and had more severe histologic changes than did mice in the tail incision and tail tip amputation groups. Facial vein phlebotomy did not affect grooming behavior relative to sham groups, whereas tail vein incision—but not tail tip amputation—increased tail grooming compared with that in control mice. Blood glucose levels, nest-building scores, and elevated plus maze behavior did not differ between groups, and no mice in any group produced ultrasonic vocalizations. Tail tip amputation mice did not perform differently than sham mice in any metric analyzed, indicating that this technique is a potentially superior method of blood collection in mice in terms of animal wellbeing. PMID:28535866

Comparing Phlebotomy by Tail Tip Amputation, Facial Vein Puncture, and Tail Vein Incision in C57BL/6 Mice by Using Physiologic and Behavioral Metrics of Pain and Distress.

PubMed

Moore, Elizabeth S; Cleland, Thomas A; Williams, Wendy O; Peterson, Christine M; Singh, Bhupinder; Southard, Teresa L; Pasch, Bret; Labitt, Rachael N; Daugherity, Erin K

2017-05-01

Tail tip amputation with minimal restraint is not widely used for mouse phlebotomy. In part, this infrequency may reflect policies influenced by tail tip amputation procedures for genotyping, which involve greater handling and tissue removal. To assess tail tip amputation with minimal restraint as a phlebotomy technique, we compared it with 2 more common methods: scruffing with facial vein puncture and lateral tail vein incision with minimal restraint. Blood glucose levels, audible and ultrasonic vocalizations, postphlebotomy activity and grooming behavior, open field and elevated plus maze behaviors, nest-building scores, and histologic changes at the phlebotomy site were evaluated. Mice in the facial vein phlebotomy group produced more audible vocalizations, exhibited lower postphlebotomy activity in the open field, and had more severe histologic changes than did mice in the tail incision and tail tip amputation groups. Facial vein phlebotomy did not affect grooming behavior relative to sham groups, whereas tail vein incision-but not tail tip amputation-increased tail grooming compared with that in control mice. Blood glucose levels, nest-building scores, and elevated plus maze behavior did not differ between groups, and no mice in any group produced ultrasonic vocalizations. Tail tip amputation mice did not perform differently than sham mice in any metric analyzed, indicating that this technique is a potentially superior method of blood collection in mice in terms of animal wellbeing.

Robotic intelligence kernel

DOEpatents

Bruemmer, David J [Idaho Falls, ID

2009-11-17

A robot platform includes perceptors, locomotors, and a system controller. The system controller executes a robot intelligence kernel (RIK) that includes a multi-level architecture and a dynamic autonomy structure. The multi-level architecture includes a robot behavior level for defining robot behaviors, that incorporate robot attributes and a cognitive level for defining conduct modules that blend an adaptive interaction between predefined decision functions and the robot behaviors. The dynamic autonomy structure is configured for modifying a transaction capacity between an operator intervention and a robot initiative and may include multiple levels with at least a teleoperation mode configured to maximize the operator intervention and minimize the robot initiative and an autonomous mode configured to minimize the operator intervention and maximize the robot initiative. Within the RIK at least the cognitive level includes the dynamic autonomy structure.

The Reduction of Bullying in an Elementary Program: An Action Research Study

ERIC Educational Resources Information Center

Brock, Jacqueline M.

2013-01-01

Bully Prevention in Positive Behavior Support (BP-PBS) is a prevention-oriented program created to support students with strategies to combat bullying. BP-PBS supports the idea that all students should have access to positive behavior support to minimize problem behavior at school (Horner, 2011). The goal of this study was to investigate the…

An Original Behavior Modification Program for Weight Reduction: Minimal Intervention and Permanent Habit Change.

ERIC Educational Resources Information Center

Lublin, Irwin; Kirkish, Patricia

This description of a weight reduction program, based on generalizations derived from eight years of work with overweight persons, discusses the clients' rationalization of overeating behaviors. In this behavior modification program, the client is required to permanently give up one high calorie food and to write down all foods eaten before actual…

Serious Gaming for Test & Evaluation of Clean-Slate (Ab Initio) National Airspace System (NAS) Designs

NASA Technical Reports Server (NTRS)

Allen, B. Danette; Alexandrov, Natalia

2016-01-01

Incremental approaches to air transportation system development inherit current architectural constraints, which, in turn, place hard bounds on system capacity, efficiency of performance, and complexity. To enable airspace operations of the future, a clean-slate (ab initio) airspace design(s) must be considered. This ab initio National Airspace System (NAS) must be capable of accommodating increased traffic density, a broader diversity of aircraft, and on-demand mobility. System and subsystem designs should scale to accommodate the inevitable demand for airspace services that include large numbers of autonomous Unmanned Aerial Vehicles and a paradigm shift in general aviation (e.g., personal air vehicles) in addition to more traditional aerial vehicles such as commercial jetliners and weather balloons. The complex and adaptive nature of ab initio designs for the future NAS requires new approaches to validation, adding a significant physical experimentation component to analytical and simulation tools. In addition to software modeling and simulation, the ability to exercise system solutions in a flight environment will be an essential aspect of validation. The NASA Langley Research Center (LaRC) Autonomy Incubator seeks to develop a flight simulation infrastructure for ab initio modeling and simulation that assumes no specific NAS architecture and models vehicle-to-vehicle behavior to examine interactions and emergent behaviors among hundreds of intelligent aerial agents exhibiting collaborative, cooperative, coordinative, selfish, and malicious behaviors. The air transportation system of the future will be a complex adaptive system (CAS) characterized by complex and sometimes unpredictable (or unpredicted) behaviors that result from temporal and spatial interactions among large numbers of participants. A CAS not only evolves with a changing environment and adapts to it, it is closely coupled to all systems that constitute the environment. Thus, the ecosystem that contains the system and other systems evolves with the CAS as well. The effects of the emerging adaptation and co-evolution are difficult to capture with only combined mathematical and computational experimentation. Therefore, an ab initio flight simulation environment must accommodate individual vehicles, groups of self-organizing vehicles, and large-scale infrastructure behavior. Inspired by Massively Multiplayer Online Role Playing Games (MMORPG) and Serious Gaming, the proposed ab initio simulation environment is similar to online gaming environments in which player participants interact with each other, affect their environment, and expect the simulation to persist and change regardless of any individual player's active participation.

Decision Making and the Avoidance of Cognitive Demand

ERIC Educational Resources Information Center

Kool, Wouter; McGuire, Joseph T.; Rosen, Zev B.; Botvinick, Matthew M.

2010-01-01

Behavioral and economic theories have long maintained that actions are chosen so as to minimize demands for exertion or work, a principle sometimes referred to as the "law of less work". The data supporting this idea pertain almost entirely to demands for physical effort. However, the same minimization principle has often been assumed also to…

Daunorubicin and gambogic acid coloaded cysteamine-CdTe quantum dots minimizing the multidrug resistance of lymphoma in vitro and in vivo

PubMed Central

Zhou, Yi; Wang, Ruju; Chen, Bing; Sun, Dan; Hu, Yong; Xu, Peipei

2016-01-01

To minimize the side effects and the multidrug resistance (MDR) arising from daunorubicin (DNR) treatment of malignant lymphoma, a chemotherapy formulation of cysteamine-modified cadmium tellurium (Cys-CdTe) quantum dots coloaded with DNR and gambogic acid (GA) nanoparticles (DNR-GA-Cys-CdTe NPs) was developed. The physical property, drug-loading efficiency and drug release behavior of these DNR-GA-Cys-CdTe NPs were evaluated, and their cytotoxicity was explored by 3-[4,5-dimethylthiazol-2-y1]-2,5-diphenyltetrazolium bromide assay. These DNR-GA-Cys-CdTe NPs possessed a pH-responsive behavior, and displayed a dose-dependent antiproliferative activity on multidrug-resistant lymphoma Raji/DNR cells. The accumulation of DNR inside the cells, revealed by flow cytometry assay, and the down-regulated expression of P-glycoprotein inside the Raji/DNR cells measured by Western blotting assay indicated that these DNR-GA-Cys-CdTe NPs could minimize the MDR of Raji/DNR cells. This multidrug delivery system would be a promising strategy for minimizing MDR against the lymphoma. PMID:27799767

Analytical solution of Schrödinger equation in minimal length formalism for trigonometric potential using hypergeometry method

NASA Astrophysics Data System (ADS)

Nurhidayati, I.; Suparmi, A.; Cari, C.

2018-03-01

The Schrödinger equation has been extended by applying the minimal length formalism for trigonometric potential. The wave function and energy spectra were used to describe the behavior of subatomic particle. The wave function and energy spectra were obtained by using hypergeometry method. The result showed that the energy increased by the increasing both of minimal length parameter and the potential parameter. The energy were calculated numerically using MatLab.

Cognitive-Behavioral Therapy for Anxiety in Youth with an Autism Spectrum Disorder: A Follow-Up Study

ERIC Educational Resources Information Center

Selles, Robert R.; Arnold, Elysse B.; Phares, Vicky; Lewin, Adam B.; Murphy, Tanya K.; Storch, Eric A.

2015-01-01

Cognitive-behavioral therapy for anxiety in youth with an autism spectrum disorder appears efficacious; however, maintenance of treatment gains has not yet been studied. Using a sample of 32 youth who had benefited at least minimally from a past trial of cognitive-behavioral therapy for anxiety in autism spectrum disorder, this study assessed…

THRIVE: threshold homomorphic encryption based secure and privacy preserving biometric verification system

NASA Astrophysics Data System (ADS)

Karabat, Cagatay; Kiraz, Mehmet Sabir; Erdogan, Hakan; Savas, Erkay

2015-12-01

In this paper, we introduce a new biometric verification and template protection system which we call THRIVE. The system includes novel enrollment and authentication protocols based on threshold homomorphic encryption where a private key is shared between a user and a verifier. In the THRIVE system, only encrypted binary biometric templates are stored in a database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during authentication. Due to the underlying threshold homomorphic encryption scheme, a malicious database owner cannot perform full decryption on encrypted templates of the users in the database. In addition, security of the THRIVE system is enhanced using a two-factor authentication scheme involving user's private key and biometric data. Using simulation-based techniques, the proposed system is proven secure in the malicious model. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form, but needs to prove her identity by using biometrics. The system can be used with any biometric modality where a feature extraction method yields a fixed size binary template and a query template is verified when its Hamming distance to the database template is less than a threshold. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biometric templates on a desktop PC running with quad core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real-life applications.

Effects of malicious ocular laser exposure in commercial airline pilots.

PubMed

Palakkamanil, Mathew M; Fielden, Michael P

2015-12-01

Intentional malicious laser strikes on commercial pilots are committed by individuals who target a laser into airplane cockpits during takeoff and landing. Because laser exposure to pilots is a relatively new but growing occurrence, our study investigates the ocular effect of this laser exposure in pilots. Retrospective chart review by a single ophthalmologist. All commercial airline pilots (58 male, 3 female) who experienced a laser strike while flying between April 2012 and November 2014 who presented to our clinic were included. A retrospective chart review was performed in a retinal specialist's practice. Ocular assessment was performed within 3 days of laser exposure. A complete ophthalmic evaluation was conducted, including Early Treatment Diabetic Retinopathy Study visual acuity, colour vision, visual fields, intraocular pressure, slit-lamp examination, dilated fundus examination, colour fundus photographs, and ocular coherence tomography. Sixty-four laser strike incidents involving commercial pilots were included. All pilots in the study experienced some degree of immediate ocular irritation or light sensitivity. No definite cases of ocular damage were attributed to laser strikes. No pilot had any functional ocular deficits. Our study revealed that laser strikes on aircraft did not result in permanent visual functional or structural deficits. However, laser strikes cause immediate visual effects, including glare, flash blindness, and ocular irritation that can interfere with a pilot's visual function. Given the widespread accessibility of high-power lasers and the rapid increase in incidents, laser strikes threaten to jeopardize aviation safety unless effective preventative measures are put in place. Copyright © 2015 Canadian Ophthalmological Society. Published by Elsevier Inc. All rights reserved.

The Mouse Forced Swim Test

PubMed Central

Can, Adem; Dao, David T.; Arad, Michal; Terrillion, Chantelle E.; Piantadosi, Sean C.; Gould, Todd D.

2012-01-01

The forced swim test is a rodent behavioral test used for evaluation of antidepressant drugs, antidepressant efficacy of new compounds, and experimental manipulations that are aimed at rendering or preventing depressive-like states. Mice are placed in an inescapable transparent tank that is filled with water and their escape related mobility behavior is measured. The forced swim test is straightforward to conduct reliably and it requires minimal specialized equipment. Successful implementation of the forced swim test requires adherence to certain procedural details and minimization of unwarranted stress to the mice. In the protocol description and the accompanying video, we explain how to conduct the mouse version of this test with emphasis on potential pitfalls that may be detrimental to interpretation of results and how to avoid them. Additionally, we explain how the behaviors manifested in the test are assessed. PMID:22314943

Behavioral Marital Bibliotherapy: An Initial Investigation of Therapeutic Efficacy.

ERIC Educational Resources Information Center

Bornstein, Philip H.; And Others

1984-01-01

Reports an attempt to validate a self-help behavioral marital bibliotherapy program. Evaluated five clinical distressed couples via a multiple baseline analysis. Treatment involved reading and exercises covering communications, problem solving, and sexual dysfunction. Results were highly variable and reflected minimal change. (BH)

Neuropsychological Disorders in Children: Effects of Medication on Learning and Behavior in Hyperactivity.

ERIC Educational Resources Information Center

Hartlage, Lawrence C.; Telzrow, Cathy Fultz

1982-01-01

Hyperactivity is defined, and the relationships among minimal brain dysfunction, cerebral stimulants, and student characteristics such as activity level, attention and learning, and behavior are discussed. Hyperactive children's responses to the use of Ritalin and methylphenidate are reported. (CJ)

Clinical Profiles of Children with Disruptive Behaviors Based on the Severity of Their Conduct Problems, Callous-Unemotional Traits and Emotional Difficulties.

PubMed

Andrade, Brendan F; Sorge, Geoff B; Na, Jennifer Jiwon; Wharton-Shukster, Erika

2015-08-01

This study identified clinical profiles of referred children based on the severity of callous-unemotional (CU) traits, emotional difficulties, and conduct problems. Parents of 166 children (132 males) aged 6-12 years referred to a hospital clinic because of disruptive behavior completed measures to assess these key indicators, and person-centered analysis was used to identify profiles. Four distinct profiles were identified that include: (1) Children low in severity on the three domains, (2) Children high in severity on the three domains, (3) Children high in severity in conduct problems and CU traits with minimal emotional difficulties, and (4) Children high in severity in conduct problems and emotional difficulties with minimal CU traits. Profiles differed in degree of aggression and behavioral impairment. Findings show that clinic-referred children with disruptive behaviors can be grouped based on these important indicators into profiles that have important implications for assessment and treatment selection.

Insights for Exercise Adherence from a Minimal Planning Intervention to Increase Physical Activity

ERIC Educational Resources Information Center

Chapman, Janine; Campbell, Marianne; Wilson, Carlene

2015-01-01

Objective: To test the impact of a minimal, online planning intervention on physical activity in Australian office workers. Method: Employees were randomized to an implementation intention intervention (n = 124) or health information control group (n = 130). Measures of physical activity, past behavior, and motivation were taken at baseline and 6…

Minimally Verbal School-Aged Children with Autism: Communication, Academic Engagement and Classroom Quality

ERIC Educational Resources Information Center

Krueger, Kathryne Kelley

2013-01-01

Minimally verbal school aged children with autism (MVSACwA) receive the bulk of their behavioral and academic support in schools yet we know little about the environments to which they are exposed. This population of children has often been excluded from studies and thus, underrepresented in current data on autism. As increasing numbers of…

The anatomy of choice: active inference and agency

PubMed Central

Friston, Karl; Schwartenbeck, Philipp; FitzGerald, Thomas; Moutoussis, Michael; Behrens, Timothy; Dolan, Raymond J.

2013-01-01

This paper considers agency in the setting of embodied or active inference. In brief, we associate a sense of agency with prior beliefs about action and ask what sorts of beliefs underlie optimal behavior. In particular, we consider prior beliefs that action minimizes the Kullback–Leibler (KL) divergence between desired states and attainable states in the future. This allows one to formulate bounded rationality as approximate Bayesian inference that optimizes a free energy bound on model evidence. We show that constructs like expected utility, exploration bonuses, softmax choice rules and optimism bias emerge as natural consequences of this formulation. Previous accounts of active inference have focused on predictive coding and Bayesian filtering schemes for minimizing free energy. Here, we consider variational Bayes as an alternative scheme that provides formal constraints on the computational anatomy of inference and action—constraints that are remarkably consistent with neuroanatomy. Furthermore, this scheme contextualizes optimal decision theory and economic (utilitarian) formulations as pure inference problems. For example, expected utility theory emerges as a special case of free energy minimization, where the sensitivity or inverse temperature (of softmax functions and quantal response equilibria) has a unique and Bayes-optimal solution—that minimizes free energy. This sensitivity corresponds to the precision of beliefs about behavior, such that attainable goals are afforded a higher precision or confidence. In turn, this means that optimal behavior entails a representation of confidence about outcomes that are under an agent's control. PMID:24093015

Spatial-temporal modeling of malware propagation in networks.

PubMed

Chen, Zesheng; Ji, Chuanyi

2005-09-01

Network security is an important task of network management. One threat to network security is malware (malicious software) propagation. One type of malware is called topological scanning that spreads based on topology information. The focus of this work is on modeling the spread of topological malwares, which is important for understanding their potential damages, and for developing countermeasures to protect the network infrastructure. Our model is motivated by probabilistic graphs, which have been widely investigated in machine learning. We first use a graphical representation to abstract the propagation of malwares that employ different scanning methods. We then use a spatial-temporal random process to describe the statistical dependence of malware propagation in arbitrary topologies. As the spatial dependence is particularly difficult to characterize, the problem becomes how to use simple (i.e., biased) models to approximate the spatially dependent process. In particular, we propose the independent model and the Markov model as simple approximations. We conduct both theoretical analysis and extensive simulations on large networks using both real measurements and synthesized topologies to test the performance of the proposed models. Our results show that the independent model can capture temporal dependence and detailed topology information and, thus, outperforms the previous models, whereas the Markov model incorporates a certain spatial dependence and, thus, achieves a greater accuracy in characterizing both transient and equilibrium behaviors of malware propagation.

Victim Satisfaction With the Criminal Justice System and Emotional Recovery: A Systematic and Critical Review of the Literature.

PubMed

Kunst, Maarten; Popelier, Lieke; Varekamp, Ellen

2015-07-01

The current study systematically and critically reviewed the empirical literature to evaluate the association between satisfaction with the criminal justice system and adult crime victims' emotional recovery. Despite the widely accepted notion that involvement in the criminal justice system may impact recovery from crime victimization--either beneficially or maliciously--a systematic review of empirical studies that addresses this topic has never been conducted. Electronic literature databases (ISI Web of Knowledge [including Web of Science and MEDLINE], EBSCO host [including PsychInfo, CINAHL, Criminal Justice Abstracts, ERIC, PsychARTICLES, and Psychology and Behavioral Sciences Collection], and ProQuest [including PILOTS, Social Services Abstracts, and Sociological Abstracts]) were searched to identify relevant quantitative studies. The Cambridge Quality Checklists were used to evaluate the quality of selected studies. These checklists can be used to assess the quality of risk and protective factors in criminal justice research. In this study they were used to explore the impact of victim satisfaction on crime victims' emotional and cognitive states post-victimization. The review process revealed mixed results, with some studies suggesting a healing impact of victim satisfaction and others not. More consistent were findings regarding the existence of an association between victim satisfaction and (alterations in) positive cognitions. However, since the majority of studies suffered from severe methodological shortcomings, definite conclusions cannot be drawn yet. © The Author(s) 2014.

Classification of Automated Search Traffic

NASA Astrophysics Data System (ADS)

Buehrer, Greg; Stokes, Jack W.; Chellapilla, Kumar; Platt, John C.

As web search providers seek to improve both relevance and response times, they are challenged by the ever-increasing tax of automated search query traffic. Third party systems interact with search engines for a variety of reasons, such as monitoring a web site’s rank, augmenting online games, or possibly to maliciously alter click-through rates. In this paper, we investigate automated traffic (sometimes referred to as bot traffic) in the query stream of a large search engine provider. We define automated traffic as any search query not generated by a human in real time. We first provide examples of different categories of query logs generated by automated means. We then develop many different features that distinguish between queries generated by people searching for information, and those generated by automated processes. We categorize these features into two classes, either an interpretation of the physical model of human interactions, or as behavioral patterns of automated interactions. Using the these detection features, we next classify the query stream using multiple binary classifiers. In addition, a multiclass classifier is then developed to identify subclasses of both normal and automated traffic. An active learning algorithm is used to suggest which user sessions to label to improve the accuracy of the multiclass classifier, while also seeking to discover new classes of automated traffic. Performance analysis are then provided. Finally, the multiclass classifier is used to predict the subclass distribution for the search query stream.

Real time biometric surveillance with gait recognition

NASA Astrophysics Data System (ADS)

Mohapatra, Subasish; Swain, Anisha; Das, Manaswini; Mohanty, Subhadarshini

2018-04-01

Bio metric surveillance has become indispensable for every system in the recent years. The contribution of bio metric authentication, identification, and screening purposes are widely used in various domains for preventing unauthorized access. A large amount of data needs to be updated, segregated and safeguarded from malicious software and misuse. Bio metrics is the intrinsic characteristics of each individual. Recently fingerprints, iris, passwords, unique keys, and cards are commonly used for authentication purposes. These methods have various issues related to security and confidentiality. These systems are not yet automated to provide the safety and security. The gait recognition system is the alternative for overcoming the drawbacks of the recent bio metric based authentication systems. Gait recognition is newer as it hasn't been implemented in the real-world scenario so far. This is an un-intrusive system that requires no knowledge or co-operation of the subject. Gait is a unique behavioral characteristic of every human being which is hard to imitate. The walking style of an individual teamed with the orientation of joints in the skeletal structure and inclinations between them imparts the unique characteristic. A person can alter one's own external appearance but not skeletal structure. These are real-time, automatic systems that can even process low-resolution images and video frames. In this paper, we have proposed a gait recognition system and compared the performance with conventional bio metric identification systems.

Adaptive Responses to Prochloraz Exposure That Alter Dose-Response and Time-Course Behaviors

EPA Science Inventory

Dose response and time-course (DRTC) are, along with exposure, the major determinants of health risk. Adaptive changes within exposed organisms in response to environmental stress are common, and alter DRTC behaviors to minimize the effects caused by stressors. In this project, ...

The Effects of Slow Frame Rates on Human Performance

DTIC Science & Technology

2006-06-01

Minimalism context-aware displays. CyberPsychology and Behavior 2004, 7 (6), 635-644. Card, S. K.; Moran, T. P.; Newell, A. The psychology of human...2005. Kolasinski, E. M. Simulator sickness in virtual environments; Tech. Rep. 1027; U.S. Army Research Institute for Behavioral and Social Sciences...50 studies and summarized them in the areas of psychomotor performance, perceptual performance, behavioral effects, and subjective perception

Experiments to Generate New Data about School Choice: Commentary on "Defining Continuous Improvement and Cost Minimization Possibilities through School Choice Experiments" and Merrifield's Reply

ERIC Educational Resources Information Center

Berg, Nathan; Merrifield, John

2009-01-01

Benefiting from new data provided by experimental economists, behavioral economics is now moving beyond empirical tests of standard behavioral assumptions to the problem of designing improved institutions that are tuned to fit real-world behavior. It is therefore worthwhile to consider the potential for new experiments to advance school choice…

Behavioral and reproductive effects of bird-borne data logger attachment on Brown Pelicans (Pelecanus occidentalis) on three temporal scales

USGS Publications Warehouse

Lamb, Juliet S.; Satgé, Yvan G.; Fiorello, Christine V.; Jodice, Patrick G. R.

2017-01-01

Although the use of bird-borne data loggers has become widespread in avian field research, the effects of capture and transmitter attachment on behavior and demographic rates are not often measured. Tag- and capture-induced effects on individual behavior, survival and reproduction may limit extrapolation of transmitter data to wider populations. However, measuring individual responses to capture and tagging is a necessary step in developing research techniques that minimize negative effects. We measured the short-term behavioral effects of handling and GPS transmitter attachment on Brown Pelicans under both captive and field conditions, and followed tagged individuals through a full breeding season to assess whether capture and transmitter attachment increased rates of nest abandonment or breeding failure. We observed slight increases in preening among tagged individuals 0–2 h after capture relative to controls that had not been captured or tagged, with a corresponding reduction in time spent resting. One to three days post-capture, nesting behavior of tagged pelicans resembled that of neighbors that had not been captured or tagged. Eighty-eight percent of tagged breeders remained at the same nest location for more than 48 h after capture, attending nests and chicks for an average of 49 days, and 51% were assumed to successfully fledge young. Breeding success was driven primarily by variation in location; however, sex and handling time also influenced the probability of successful breeding in tagged pelicans, suggesting that individual characteristics and the capture process itself can confound the effects of capture and transmitter attachment. We conclude that pelicans fitted with GPS transmitters exhibit comparable behaviors to untagged individuals within a day of capture and that GPS tracking is a viable technique for studying behavior and demography in this species. We also identify measures to minimize post-capture nest abandonment rates in tracking studies, including minimizing handling time and covering nests during processing.

Design and Implementation of Secure Area Expansion Scheme for Public Wireless LAN Services

NASA Astrophysics Data System (ADS)

Watanabe, Ryu; Tanaka, Toshiaki

Recently, wireless LAN (WLAN) technology has become a major wireless communication method. The communication bandwidth is increasing and speeds have attained rates exceeding 100 Mbps. Therefore, WLAN technology is regarded as one of the promising communication methods for future networks. In addition, public WLAN connection services can be used in many locations. However, the number of the access points (AP) is insufficient for seamless communication and it cannot be said that users can use the service ubiquitously. An ad-hoc network style connection can be used to expand the coverage area of a public WLAN service. By relaying the user messages among the user nodes, a node can obtain an Internet connection via an AP, even though the node is located outside the AP's direct wireless connection area. Such a coverage area extending technology has many advantages thanks to the feature that no additional infrastructure is required. Therefore, there is a strong demand for this technology as it allows the cost-effective construction of future networks. When a secure ad-hoc routing protocol is used for message exchange in the WLAN service, the message routes are protected from malicious behavior such as route forging and can be maintained appropriately. To do this, however, a new node that wants to join the WLAN service has to obtain information such as the public key certificate and IP address in order to start secure ad-hoc routing. In other words, an initial setup is required for every network node to join the WLAN service properly. Ordinarily, such information should be assigned from the AP. However, new nodes cannot always contact an AP directly. Therefore, there are problems about information delivery in the initial setup of a network node. These problems originate in the multi hop connection based on the ad-hoc routing protocols. In order to realize an expanded area WLAN service, in this paper, the authors propose a secure public key certificate and address provision scheme during the initial setup phase on mobile nodes for the service. The proposed scheme also considers the protection of user privacy. Accordingly, none of the user nodes has to reveal their unique and persistent information to other nodes. Instead of using such information, temporary values are sent by an AP to mobile nodes and used for secure ad-hoc routing operations. Therefore, our proposed scheme prevents tracking by malicious parties by avoiding the use of unique information. Moreover, a test bed was also implemented based on the proposal and an evaluation was carried out in order to confirm performance. In addition, the authors describe a countermeasure against denial of service (DoS) attacks based on the approach to privacy protection described in our proposal.

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

PubMed

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

Comment on id-based remote data integrity checking with data privacy preserving

NASA Astrophysics Data System (ADS)

Zhang, Jianhong; Meng, Hongxin

2017-09-01

Recently, an ID-based remote data integrity checking protocol with perfect data privacy preserving (IEEE Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2016.2615853) was proposed to achieve data privacy protection and integrity checking. Unfortunately, in this letter, we demonstrate that their protocol is insecure. An active hacker can modify the stored data without being detected by the verifier in the auditing. And we also show malicious cloud server can convince the verifier that the stored data are kept intact after the outsourced data blocks are deleted. Finally, the reasons to produce such attacks are given.

Malicious MXit? South African adolescents' use of mobile-based communication applications.

PubMed

Swanepoel, Tarah L; Thomas, Kevin Gf

2012-10-01

Across the globe, and particularly in the high-income countries of the developed world, adolescents are resorting in increasing numbers to the virtual world for peer interaction and socialisation (Subrahmanyam, Smahel and Greenfield 2006). This new and popular way of relating through virtual mediums such as the Internet has sparked public concern, and has been a focus of academic debate. Ongoing debate in psychology literature discusses the notion of compulsive usage of online communication platforms (commonly termed Internet addiction), particularly among adolescents (Kim et al. 2006, Fu et al. 2010, Israelashvili, Kim and Bukobza 2012).

Cryptanalysis of the Quantum Group Signature Protocols

NASA Astrophysics Data System (ADS)

Zhang, Ke-Jia; Sun, Ying; Song, Ting-Ting; Zuo, Hui-Juan

2013-11-01

Recently, the researches of quantum group signature (QGS) have attracted a lot of attentions and some typical protocols have been designed for e-payment system, e-government, e-business, etc. In this paper, we analyze the security of the quantum group signature with the example of two novel protocols. It can be seen that both of them cannot be implemented securely since the arbitrator cannot solve the disputes fairly. In order to show that, some possible attack strategies, which can be used by the malicious participants, are proposed. Moreover, the further discussions of QGS are presented finally, including some insecurity factors and improved ideas.

A new clustering strategy

NASA Astrophysics Data System (ADS)

Feng, Jian-xin; Tang, Jia-fu; Wang, Guang-xing

2007-04-01

On the basis of the analysis of clustering algorithm that had been proposed for MANET, a novel clustering strategy was proposed in this paper. With the trust defined by statistical hypothesis in probability theory and the cluster head selected by node trust and node mobility, this strategy can realize the function of the malicious nodes detection which was neglected by other clustering algorithms and overcome the deficiency of being incapable of implementing the relative mobility metric of corresponding nodes in the MOBIC algorithm caused by the fact that the receiving power of two consecutive HELLO packet cannot be measured. It's an effective solution to cluster MANET securely.

LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP

NASA Astrophysics Data System (ADS)

Chenait, Manel

Mobile IP represents a simple and scalable global mobility solution. However, it inhibits various vulnerabilities to malicious attacks and, therefore, requires the integration of appropriate security services. In this paper, we discuss two authentication schemes suggested for Mobile IP: standard authentication and Mobile IP/AAA authentication. In order to provide Mobile IP roaming services including identity verication, we propose an improvement to Mobile/AAA authentication scheme by applying a local politic key management in each domain, hence we reduce hando latency by avoiding the involvement of AAA infrastructure during mobile node roaming.

Keylogger Application to Monitoring Users Activity with Exact String Matching Algorithm

NASA Astrophysics Data System (ADS)

Rahim, Robbi; Nurdiyanto, Heri; Saleh A, Ansari; Abdullah, Dahlan; Hartama, Dedy; Napitupulu, Darmawan

2018-01-01

The development of technology is very fast, especially in the field of Internet technology that at any time experiencing significant changes, The development also supported by the ability of human resources, Keylogger is a tool that most developed because this application is very rarely recognized a malicious program by antivirus, keylogger will record all activities related to keystrokes, the recording process is accomplished by using string matching method. The application of string matching method in the process of recording the keyboard is to help the admin in knowing what the user accessed on the computer.

Mortality in tundra swans Cygnus columbianus

USGS Publications Warehouse

Bartonek, J.C.; Serie, J.R.; Converse, K.A.

1991-01-01

Our paper identifies and examines the significance of hunting and non-hunting mortality affecting the Eastern Population (EP) and Western Population (WP) (see Serie & Bartonek 1991a) of Tundra Swans. Sport hunting (Serie & Bartonek 1991b), native subsistence hunting (Copp 1989, Stewart & Bernier 1989), malicious shooting (McKelvey & MacNeill 1981), avian cholera (Friend et al. 1981, Schroeder 1983), ecto- and endoparasites (Trauger & Bartonek 1977, Woebeser 1981), lead poisoning (Sherwood 1960, Friend et al. 1981), collision (Willard 1978), and drowning (Miller et al. 1986) have been documented as being direct or indirect causes of mortality in fledged Tundra Swans; but their relative importance remains unknown.

Integrating security in a group oriented distributed system

NASA Technical Reports Server (NTRS)

Reiter, Michael; Birman, Kenneth; Gong, LI

1992-01-01

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

How Minimal Grade Goals and Self-Control Capacity Interact in Predicting Test Grades

ERIC Educational Resources Information Center

Bertrams, Alex

2012-01-01

The present research examined the prediction of school students' grades in an upcoming math test via their minimal grade goals (i.e., the minimum grade in an upcoming test one would be satisfied with). Due to its significance for initiating and maintaining goal-directed behavior, self-control capacity was expected to moderate the relation between…

Minimal Brain Dysfunction Child: Some Clinical Manifestations, Definitions, Descriptions and Remediation Approaches.

ERIC Educational Resources Information Center

Stock, Claudette, Comp.

Remediation of learning disabilities is discussed and a table of teaching materials related to psychological and motor functions is provided. Guides on 11 behavioral manifestations and three specific learning disabilities furnish definitions and description as well as techniques for training and management. Behavioral manifestations considered…

77 FR 10760 - Request for Information (RFI): Input Into the Deliberations of the Council of Councils Working...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-23

... antibody therapies, research on comparative genomics, and non-invasive studies of social and behavioral...: Criteria to assess ``minimally invasive'' procedures for comparative genomics and behavioral research and... of federally-owned chimpanzees and input on the design of the plan; Circumstances under which...

Surveying FIFA Instructors' Behavioral Intention toward the Multimedia Teaching Materials

ERIC Educational Resources Information Center

Armenteros, M.; Liaw, Shu-Sheng; Fernandez, M.; Diaz, R. Flores; Sanchez, R. Arteaga

2013-01-01

Instruction delivered via multimedia applications is changing the way elite football refereeing instructors teach the Laws of the Game. Although e-learning applications are popular, there is minimal research on instructors' attitudes toward these teaching materials. The purpose of this research is to explore instructors' behavioral intentions…

Behavioral Treatment and Normal Educational and Intellectual Functioning in Young Autistic Children.

ERIC Educational Resources Information Center

Lovaas, O. Ivar

1987-01-01

Reports the results of behavior modification treatment for two groups of similarly constituted, young autistic children. Pretreatment measures revealed no significant differences between the intensively treated experimental group and the minimally treated control groups. At follow-up, experimental group subjects (N=19) did significantly better…

Effects of Behavioral and Pharmacological Treatment on Smokeless Tobacco Users.

ERIC Educational Resources Information Center

Hatsukami, Dorothy; And Others

1996-01-01

Examined the effects of 2 mg of nicotine polacrilex versus placebo gum and a group behavioral treatment versus minimal contact on cessation of smokeless tobacco use. Participants (n=210) were randomly assigned 1 of the 4 treatment conditions. Withdrawal symptoms were assessed throughout the treatment. Discusses findings. (KW)

Crying Behavior and the "Nonviolent" Leboyer Method of Delivery.

ERIC Educational Resources Information Center

Hamilton, Joan Safran

This paper reports on a 3-month longitudinal study comparing the crying behavior of a group of babies delivered by the "nonviolent" Leboyer method with a control group delivered by traditional methods. Subjects were 24 white, middle class infants delivered by minimally medicated, multiparous and primiparous mothers. Fourteen newborns…

Influence of Inorganic Ions and Aggregation and Adsorption Behaviors of Human Adenovirus

EPA Science Inventory

In this study, influence of solution chemistries to the transport properties (aggregation and attachment behavior) of human adenovirus (HAdV) was investigated. Results showed isoelectric point (IEP) of HAdV in different salt conditions varied minimally, and it ranged from pH 3.5 ...