Real-time network security situation visualization and threat assessment based on semi-Markov process

NASA Astrophysics Data System (ADS)

Chen, Junhua

2013-03-01

To cope with a large amount of data in current sensed environments, decision aid tools should provide their understanding of situations in a time-efficient manner, so there is an increasing need for real-time network security situation awareness and threat assessment. In this study, the state transition model of vulnerability in the network based on semi-Markov process is proposed at first. Once events are triggered by an attacker's action or system response, the current states of the vulnerabilities are known. Then we calculate the transition probabilities of the vulnerability from the current state to security failure state. Furthermore in order to improve accuracy of our algorithms, we adjust the probabilities that they exploit the vulnerability according to the attacker's skill level. In the light of the preconditions and post-conditions of vulnerabilities in the network, attack graph is built to visualize security situation in real time. Subsequently, we predict attack path, recognize attack intention and estimate the impact through analysis of attack graph. These help administrators to insight into intrusion steps, determine security state and assess threat. Finally testing in a network shows that this method is reasonable and feasible, and can undertake tremendous analysis task to facilitate administrators' work.

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

Automating Risk Analysis of Software Design Models

PubMed Central

Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P.

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance. PMID:25136688

Automating risk analysis of software design models.

PubMed

Frydman, Maxime; Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

R2U2: Monitoring and Diagnosis of Security Threats for Unmanned Aerial Systems

NASA Technical Reports Server (NTRS)

Schumann, Johann; Moosbruger, Patrick; Rozier, Kristin Y.

2015-01-01

We present R2U2, a novel framework for runtime monitoring of security properties and diagnosing of security threats on-board Unmanned Aerial Systems (UAS). R2U2, implemented in FPGA hardware, is a real-time, REALIZABLE, RESPONSIVE, UNOBTRUSIVE Unit for security threat detection. R2U2 is designed to continuously monitor inputs from the GPS and the ground control station, sensor readings, actuator outputs, and flight software status. By simultaneously monitoring and performing statistical reasoning, attack patterns and post-attack discrepancies in the UAS behavior can be detected. R2U2 uses runtime observer pairs for linear and metric temporal logics for property monitoring and Bayesian networks for diagnosis of security threats. We discuss the design and implementation that now enables R2U2 to handle security threats and present simulation results of several attack scenarios on the NASA DragonEye UAS.

Monitoring Malware Activity on the LAN Network

NASA Astrophysics Data System (ADS)

Skrzewski, Mirosław

Many security related organizations periodically publish current network and systems security information, with the lists of top malware programs. These lists raises the question how these threats spreads out, if the worms (the only threat with own communication abilities) are low or missing on these lists. The paper discuss the research on malware network activity, aimed to deliver the answer to the question, what is the main infection channel of modern malware, done with the usage of virtual honeypot systems on dedicated, unprotected network. Systems setup, network and systems monitoring solutions, results of over three months of network traffic and malware monitoring are presented, along with the proposed answer to our research question.

Supporting Research and Development of Security Technologies through Network and Security Data Collection

DTIC Science & Technology

Research and development targeted at identifying and mitigating Internet security threats require current network data. To fulfill this need... researchers working for the Center for Applied Internet Data Analysis (CAIDA), a program at the San Diego Supercomputer Center (SDSC) which is based at the...vetted network and security researchers using the PREDICT/IMPACT portal and legal framework. We have also contributed to community building efforts that

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks.

PubMed

Baig, Ahmed Fraz; Hassan, Khwaja Mansoor Ul; Ghani, Anwar; Chaudhry, Shehzad Ashraf; Khan, Imran; Ashraf, Muhammad Usman

2018-01-01

Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.'s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols.

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

PubMed Central

2018-01-01

Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.’s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols. PMID:29702675

Attacks on Bluetooth Security Architecture and Its Countermeasures

NASA Astrophysics Data System (ADS)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

Threats and countermeasures for network security

NASA Technical Reports Server (NTRS)

Denning, Peter J.

1991-01-01

In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented.

Tag ID Subdivision Scheme for Efficient Authentication and Security-Enhancement of RFID System in USN

NASA Astrophysics Data System (ADS)

Lee, Kijeong; Park, Byungjoo; Park, Gil-Cheol

Radio frequency identification (RFID) is a generic term that is used to describe a system that transmits the identity (in the form of a unique serial number) of an object or person wirelessly, using radio waves. However, there are security threats in the RFID system related to its technical components. For example, illegal RFID tag readers can read tag ID and recognize most RFID Readers, a security threat that needs in-depth attention. Previous studies show some ideas on how to minimize these security threats like studying the security protocols between tag, reader and Back-end DB. In this research, the team proposes an RFID Tag ID Subdivision Scheme to authenticate the permitted tag only in USN (Ubiquitous Sensor Network). Using the proposed scheme, the Back-end DB authenticates selected tags only to minimize security threats like eavesdropping and decreasing traffic in Back-end DB.

Continuous Security Metrics for Prevalent Network Threats: Introduction and First Four Metrics

DTIC Science & Technology

2012-05-22

cyber at- tack. Recently, high -prole successful attacks have been detected against the International Mon- etary Fund, Citibank, Lockheed Martin, Google...RSA Security, Sony, and Oak Ridge National Laboratory[13]. These and other attacks have heightened securing networks as a high priority for many...of high -severity vulnerabilities found by network vulnerability scanners (e.g., [40]) and the numbers or percentages of hosts that are are not

Network Security Validation Using Game Theory

NASA Astrophysics Data System (ADS)

Papadopoulou, Vicky; Gregoriades, Andreas

Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

Analyzing Cyber-Physical Threats on Robotic Platforms.

PubMed

Ahmad Yousef, Khalil M; AlMajali, Anas; Ghalyon, Salah Abu; Dweik, Waleed; Mohd, Bassam J

2018-05-21

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBot TM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

Analyzing Cyber-Physical Threats on Robotic Platforms †

PubMed Central

2018-01-01

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications. PMID:29883403

Review: Security in Wireless Technologies in Business

NASA Astrophysics Data System (ADS)

Sattarova, F. Y.; Kim, Tai-Hoon

Wireless technology seems to be everywhere now - but it is still relatively in its infancy. New standards and protocols continue to emerge and problems and bugs are discovered. Nevertheless, wireless networks make many things much more convenient and it appears that wireless networks are here to stay. The differences and similarities of wireless and wired security, the new threats brought by mobility, the security of networks and devices and effects of security, or lack of it are shortly discussed in this review paper.

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills,more » and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between those threats and the defensive capabilities of control systems can be analyzed. The results of the gap analysis drive changes in the cyber security of critical infrastructure networks to close the gap between current exploits and existing defenses. The analysis also provides defenders with an idea of how threat technology is evolving and how defenses will need to be modified to address these emerging trends.« less

Using Swarming Agents for Scalable Security in Large Network Environments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Crouse, Michael; White, Jacob L.; Fulp, Errin W.

2011-09-23

The difficulty of securing computer infrastructures increases as they grow in size and complexity. Network-based security solutions such as IDS and firewalls cannot scale because of exponentially increasing computational costs inherent in detecting the rapidly growing number of threat signatures. Hostbased solutions like virus scanners and IDS suffer similar issues, and these are compounded when enterprises try to monitor these in a centralized manner. Swarm-based autonomous agent systems like digital ants and artificial immune systems can provide a scalable security solution for large network environments. The digital ants approach offers a biologically inspired design where each ant in the virtualmore » colony can detect atoms of evidence that may help identify a possible threat. By assembling the atomic evidences from different ant types the colony may detect the threat. This decentralized approach can require, on average, fewer computational resources than traditional centralized solutions; however there are limits to its scalability. This paper describes how dividing a large infrastructure into smaller managed enclaves allows the digital ant framework to effectively operate in larger environments. Experimental results will show that using smaller enclaves allows for more consistent distribution of agents and results in faster response times.« less

Leveraging the laboratory response network model for the global health security agenda.

PubMed

Mangal, Chris N; Maryogo-Robinson, Lucy

2014-01-01

Promoting global health security as an international priority is a challenge; the US Centers for Disease Control and Prevention (CDC) in its Global Health Security Agenda has articulated the importance of accelerating progress toward a world safe and secure from infectious disease threats. The goals are to (1) prevent and reduce the likelihood of outbreaks-natural, accidental, or intentional; (2) detect threats early to save lives; and (3) respond rapidly and effectively using multisectoral, international coordination and communication. Foundational to this agenda is the World Health Organization (WHO) Revised International Health Regulations (IHR) of 2005, which provide the legal framework for countries to strengthen their health systems in order to be able to respond to any public health emergency of international concern. This article proposes leveraging the distributed structure of the US-managed Laboratory Response Network for Biological Threats Preparedness (LRN-B) to develop the core capacity of laboratory testing and to fulfill the laboratory-strengthening component of the Global Health Security Agenda. The LRN model offers an effective mechanism to detect and respond to public health emergencies of international concern.

Leveraging the Laboratory Response Network Model for the Global Health Security Agenda

PubMed Central

Maryogo-Robinson, Lucy

2014-01-01

Promoting global health security as an international priority is a challenge; the US Centers for Disease Control and Prevention (CDC) in its Global Health Security Agenda has articulated the importance of accelerating progress toward a world safe and secure from infectious disease threats. The goals are to (1) prevent and reduce the likelihood of outbreaks—natural, accidental, or intentional; (2) detect threats early to save lives; and (3) respond rapidly and effectively using multisectoral, international coordination and communication. Foundational to this agenda is the World Health Organization (WHO) Revised International Health Regulations (IHR) of 2005, which provide the legal framework for countries to strengthen their health systems in order to be able to respond to any public health emergency of international concern. This article proposes leveraging the distributed structure of the US-managed Laboratory Response Network for Biological Threats Preparedness (LRN-B) to develop the core capacity of laboratory testing and to fulfill the laboratory-strengthening component of the Global Health Security Agenda. The LRN model offers an effective mechanism to detect and respond to public health emergencies of international concern. PMID:25254916

The cyber threat landscape: Challenges and future research directions

NASA Astrophysics Data System (ADS)

Gil, Santiago; Kott, Alexander; Barabási, Albert-László

2014-07-01

While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

Analysis on the University’s Network Security Level System in the Big Data Era

NASA Astrophysics Data System (ADS)

Li, Tianli

2017-12-01

The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

NASA Blue Team: Determining Operational Security Posture of Critical Systems and Networks

NASA Technical Reports Server (NTRS)

Alley, Adam David

2016-01-01

Emergence of Cybersecurity has increased the focus on security risks to Information Technology (IT) assets going beyond traditional Information Assurance (IA) concerns: More sophisticated threats have emerged from increasing sources as advanced hacker tools and techniques have emerged and proliferated to broaden the attack surface available across globally interconnected networks.

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo

2006-01-01

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglectedmore » or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .« less

A Privacy Preservation Model for Health-Related Social Networking Sites.

PubMed

Li, Jingquan

2015-07-08

The increasing use of social networking sites (SNS) in health care has resulted in a growing number of individuals posting personal health information online. These sites may disclose users' health information to many different individuals and organizations and mine it for a variety of commercial and research purposes, yet the revelation of personal health information to unauthorized individuals or entities brings a concomitant concern of greater risk for loss of privacy among users. Many users join multiple social networks for different purposes and enter personal and other specific information covering social, professional, and health domains into other websites. Integration of multiple online and real social networks makes the users vulnerable to unintentional and intentional security threats and misuse. This paper analyzes the privacy and security characteristics of leading health-related SNS. It presents a threat model and identifies the most important threats to users and SNS providers. Building on threat analysis and modeling, this paper presents a privacy preservation model that incorporates individual self-protection and privacy-by-design approaches and uses the model to develop principles and countermeasures to protect user privacy. This study paves the way for analysis and design of privacy-preserving mechanisms on health-related SNS.

A Privacy Preservation Model for Health-Related Social Networking Sites

PubMed Central

2015-01-01

The increasing use of social networking sites (SNS) in health care has resulted in a growing number of individuals posting personal health information online. These sites may disclose users' health information to many different individuals and organizations and mine it for a variety of commercial and research purposes, yet the revelation of personal health information to unauthorized individuals or entities brings a concomitant concern of greater risk for loss of privacy among users. Many users join multiple social networks for different purposes and enter personal and other specific information covering social, professional, and health domains into other websites. Integration of multiple online and real social networks makes the users vulnerable to unintentional and intentional security threats and misuse. This paper analyzes the privacy and security characteristics of leading health-related SNS. It presents a threat model and identifies the most important threats to users and SNS providers. Building on threat analysis and modeling, this paper presents a privacy preservation model that incorporates individual self-protection and privacy-by-design approaches and uses the model to develop principles and countermeasures to protect user privacy. This study paves the way for analysis and design of privacy-preserving mechanisms on health-related SNS. PMID:26155953

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

A Network Access Control Framework for 6LoWPAN Networks

PubMed Central

Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

2013-01-01

Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

If it walks like a duck: nanosensor threat assessment

NASA Astrophysics Data System (ADS)

Chachis, George C.

2003-09-01

A convergence of technologies is making deployment of unattended ground nanosensors operationally feasible in terms of energy, communications for both arbitrated and self-organizing distributed, collective behaviors. A number of nano communications technologies are already making network-centric systems possible for MicroElectrical Mechanical (MEM) sensor devices today. Similar technologies may make NanoElectrical Mechanical (NEM) sensor devices operationally feasible a few years from now. Just as organizational behaviors of large numbers of nanodevices can derive strategies from social insects and other group-oriented animals, bio-inspired heuristics for threat assessment provide a conceptual approach for successful integration of nanosensors into unattended smart sensor networks. Biological models such as the organization of social insects or the dynamics of immune systems show promise as biologically-inspired paradigms for protecting nanosensor networks for security scene analysis and battlespace awareness. The paradox of nanosensors is that the smaller the device is the more useful it is but the smaller it is the more vulnerable it is to a variety of threats. In other words simpler means networked nanosensors are more likely to fall prey to a wide-range of attacks including jamming, spoofing, Janisserian recruitment, Pied-Piper distraction, as well as typical attacks computer network security. Thus, unattended sensor technologies call for network architectures that include security and countermeasures to provide reliable scene analysis or battlespace awareness information. Such network centric architectures may well draw upon a variety of bio-inspired approaches to safeguard, validate and make sense of large quantities of information.

Software To Secure Distributed Propulsion Simulations

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

Medical systems and malware.

PubMed

Kusche, Kristopher P

2004-01-01

No longer just an information technology issue, network security requires a multifaceted, multidisciplinary approach to ensuring critical equipment functionality, data security, and patient safety. This article provides insight into the threat of malware and ways to deal with it.

A novel interacting multiple model based network intrusion detection scheme

NASA Astrophysics Data System (ADS)

Xin, Ruichi; Venkatasubramanian, Vijay; Leung, Henry

2006-04-01

In today's information age, information and network security are of primary importance to any organization. Network intrusion is a serious threat to security of computers and data networks. In internet protocol (IP) based network, intrusions originate in different kinds of packets/messages contained in the open system interconnection (OSI) layer 3 or higher layers. Network intrusion detection and prevention systems observe the layer 3 packets (or layer 4 to 7 messages) to screen for intrusions and security threats. Signature based methods use a pre-existing database that document intrusion patterns as perceived in the layer 3 to 7 protocol traffics and match the incoming traffic for potential intrusion attacks. Alternately, network traffic data can be modeled and any huge anomaly from the established traffic pattern can be detected as network intrusion. The latter method, also known as anomaly based detection is gaining popularity for its versatility in learning new patterns and discovering new attacks. It is apparent that for a reliable performance, an accurate model of the network data needs to be established. In this paper, we illustrate using collected data that network traffic is seldom stationary. We propose the use of multiple models to accurately represent the traffic data. The improvement in reliability of the proposed model is verified by measuring the detection and false alarm rates on several datasets.

Big data, little security: Addressing security issues in your platform

NASA Astrophysics Data System (ADS)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

Security Investment in Contagious Networks.

PubMed

Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

2018-01-16

Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

Continued Development of the AF/SGR Tricorder Program for Homeland Security, Military, Public Health, and Medical Operations

DTIC Science & Technology

2012-05-15

Method for Ubiquitous Robots Based on Wireless Sensor Networks , in 1st European Conference on Smart Sensing and Context2006, Springer: Enschede, The...SUBJECT TERMS Directed Energy, Lasers, Networking , Wireless , Threat, Remote, Sensors , Database, Targets, Security, Transmit, Mobile, Unmanned...the researchers explore the potential for a network that could transport any type of sensor data now or in the future. 29 3. Methods , Assumptions

Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

NASA Astrophysics Data System (ADS)

Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

2017-10-01

With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

PeerShield: determining control and resilience criticality of collaborative cyber assets in networks

NASA Astrophysics Data System (ADS)

Cam, Hasan

2012-06-01

As attackers get more coordinated and advanced in cyber attacks, cyber assets are required to have much more resilience, control effectiveness, and collaboration in networks. Such a requirement makes it essential to take a comprehensive and objective approach for measuring the individual and relative performances of cyber security assets in network nodes. To this end, this paper presents four techniques as to how the relative importance of cyber assets can be measured more comprehensively and objectively by considering together the main variables of risk assessment (e.g., threats, vulnerabilities), multiple attributes (e.g., resilience, control, and influence), network connectivity and controllability among collaborative cyber assets in networks. In the first technique, a Bayesian network is used to include the random variables for control, recovery, and resilience attributes of nodes, in addition to the random variables of threats, vulnerabilities, and risk. The second technique shows how graph matching and coloring can be utilized to form collaborative pairs of nodes to shield together against threats and vulnerabilities. The third technique ranks the security assets of nodes by incorporating multiple weights and thresholds of attributes into a decision-making algorithm. In the fourth technique, the hierarchically well-separated tree is enhanced to first identify critical nodes of a network with respect to their attributes and network connectivity, and then selecting some nodes as driver nodes for network controllability.

Computer Security-Risks, Threats, and Safeguards.

ERIC Educational Resources Information Center

Ekhaml, Leticia

2001-01-01

Describes a variety of Internet threats to computers and networks used in schools. Discusses electronic trashing; clearing hard drives; cyber spying on Web sites visited; protection against cyber spying, including disposable email accounts; password sniffers; privacy policies; email snooping; email attachments that carry viruses; and hoaxes. (LRW)

Network systems security analysis

NASA Astrophysics Data System (ADS)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

A systems approach to risk reduction of transportation infrastructure networks subject to multiple hazards : final report, December 31, 2008.

DOT National Transportation Integrated Search

2008-12-31

Integrity, robustness, reliability, and resiliency of infrastructure networks are vital to the economy, : security and well-being of any country. Faced with threats caused by natural and man-made hazards, : transportation infrastructure network manag...

Cyber Fighter Associate

DTIC Science & Technology

2016-01-01

accomplish a patch- management mission while securing a critical path. As a first proof of concept a simulation with a network of 10 nodes and 4...software-agility walk of the “PERFORMANCE Each Threat Managed ” tree is slightly more complex than the network -agility walk. The original design of the...CyFiA was tested to accomplish a patch- management mission while securing a critical path. As a first proof of concept a simulation with a network of 10

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

Eavesdropping-aware routing and spectrum allocation based on multi-flow virtual concatenation for confidential information service in elastic optical networks

NASA Astrophysics Data System (ADS)

Bai, Wei; Yang, Hui; Yu, Ao; Xiao, Hongyun; He, Linkuan; Feng, Lei; Zhang, Jie

2018-01-01

The leakage of confidential information is one of important issues in the network security area. Elastic Optical Networks (EON) as a promising technology in the optical transport network is under threat from eavesdropping attacks. It is a great demand to support confidential information service (CIS) and design efficient security strategy against the eavesdropping attacks. In this paper, we propose a solution to cope with the eavesdropping attacks in routing and spectrum allocation. Firstly, we introduce probability theory to describe eavesdropping issue and achieve awareness of eavesdropping attacks. Then we propose an eavesdropping-aware routing and spectrum allocation (ES-RSA) algorithm to guarantee information security. For further improving security and network performance, we employ multi-flow virtual concatenation (MFVC) and propose an eavesdropping-aware MFVC-based secure routing and spectrum allocation (MES-RSA) algorithm. The presented simulation results show that the proposed two RSA algorithms can both achieve greater security against the eavesdropping attacks and MES-RSA can also improve the network performance efficiently.

Design of a Threat-Based Gunnery Performance Test: Issues and Procedures for Crew and Platoon Tank Gunnery

DTIC Science & Technology

1990-06-01

Uses visual communication . _._Changes direction/formation __Crews transmit timely, accurate quickly. messages. NOTES. Figure 22. Sample engagement...and concise. The network control station (NCS) effectively maintains network discipline. Radio security equipment, visual communication , wire...net discipline, (c) clarity and brevity of radio messages, (d) use of transmission security equipment, (e) use of visual communication , (f) use of wire

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

Personal privacy, information assurance, and the threat posed by malware techology

NASA Astrophysics Data System (ADS)

Stytz, Martin R.; Banks, Sheila B.

2006-04-01

In spite of our best efforts to secure the cyber world, the threats posed to personal privacy by attacks upon networks and software continue unabated. While there are many reasons for this state of affairs, clearly one of the reasons for continued vulnerabilities in software is the inability to assess their security properties and test their security systems while they are in development. A second reason for this growing threat to personal privacy is the growing sophistication and maliciousness of malware coupled with the increasing difficulty of detecting malware. The pervasive threat posed by malware coupled with the difficulties faced when trying to detect its presence or an attempted intrusion make addressing the malware threat one of the most pressing issues that must be solved in order to insure personal privacy to users of the internet. In this paper, we will discuss the threat posed by malware, the types of malware found in the wild (outside of computer laboratories), and current techniques that are available for from a successful malware penetration. The paper includes a discussion of anti-malware tools and suggestions for future anti-malware efforts.

Enabling SDN in VANETs: What is the Impact on Security?

PubMed Central

Di Maio, Antonio; Palattella, Maria Rita; Soua, Ridha; Lamorte, Luca; Vilajosana, Xavier; Alonso-Zarate, Jesus; Engel, Thomas

2016-01-01

The demand for safe and secure journeys over roads and highways has been growing at a tremendous pace over recent decades. At the same time, the smart city paradigm has emerged to improve citizens’ quality of life by developing the smart mobility concept. Vehicular Ad hoc NETworks (VANETs) are widely recognized to be instrumental in realizing such concept, by enabling appealing safety and infotainment services. Such networks come with their own set of challenges, which range from managing high node mobility to securing data and user privacy. The Software Defined Networking (SDN) paradigm has been identified as a suitable solution for dealing with the dynamic network environment, the increased number of connected devices, and the heterogeneity of applications. While some preliminary investigations have been already conducted to check the applicability of the SDN paradigm to VANETs, and its presumed benefits for managing resources and mobility, it is still unclear what impact SDN will have on security and privacy. Security is a relevant issue in VANETs, because of the impact that threats can have on drivers’ behavior and quality of life. This paper opens a discussion on the security threats that future SDN-enabled VANETs will have to face, and investigates how SDN could be beneficial in building new countermeasures. The analysis is conducted in real use cases (smart parking, smart grid of electric vehicles, platooning, and emergency services), which are expected to be among the vehicular applications that will most benefit from introducing an SDN architecture. PMID:27929443

Enabling SDN in VANETs: What is the Impact on Security?

PubMed

Di Maio, Antonio; Palattella, Maria Rita; Soua, Ridha; Lamorte, Luca; Vilajosana, Xavier; Alonso-Zarate, Jesus; Engel, Thomas

2016-12-06

The demand for safe and secure journeys over roads and highways has been growing at a tremendous pace over recent decades. At the same time, the smart city paradigm has emerged to improve citizens' quality of life by developing the smart mobility concept. Vehicular Ad hoc NETworks (VANETs) are widely recognized to be instrumental in realizing such concept, by enabling appealing safety and infotainment services. Such networks come with their own set of challenges, which range from managing high node mobility to securing data and user privacy. The Software Defined Networking (SDN) paradigm has been identified as a suitable solution for dealing with the dynamic network environment, the increased number of connected devices, and the heterogeneity of applications. While some preliminary investigations have been already conducted to check the applicability of the SDN paradigm to VANETs, and its presumed benefits for managing resources and mobility, it is still unclear what impact SDN will have on security and privacy. Security is a relevant issue in VANETs, because of the impact that threats can have on drivers' behavior and quality of life. This paper opens a discussion on the security threats that future SDN-enabled VANETs will have to face, and investigates how SDN could be beneficial in building new countermeasures. The analysis is conducted in real use cases (smart parking, smart grid of electric vehicles, platooning, and emergency services), which are expected to be among the vehicular applications that will most benefit from introducing an SDN architecture.

Intentional cargo disruption by nefarious means: Examining threats, systemic vulnerabilities and securitisation measures in complex global supply chains.

PubMed

McGreevy, Conor; Harrop, Wayne

2015-01-01

Global trade and commerce requires products to be securely contained and transferred in a timely way across great distances and between national boundaries. Throughout the process, cargo and containers are stored, handled and checked by a range of authorities and authorised agents. Intermodal transportation involves the use of container ships, planes, railway systems, land bridges, road networks and barges. This paper examines the the nefarious nature of intentional disruption and nefarious risks associated with the movement of cargo and container freight. The paper explores main threats, vulnerabilities and security measures relevant to significant intermodal transit risk issues such as theft, piracy, terrorism, contamination, counterfeiting and product tampering. Three risk and vulnerability models are examined and basic standards and regulations that are relevant to safe and secure transit of container goods across international supply networks are outlined.

Asian Transnational Security Challenge: Emerging Trends, Regional Visions

DTIC Science & Technology

2010-10-01

the official policy or position of the Defense Threat Reduction Agency, the Department of Defense, or the United States Government . This report...the terrorist threat as seen through Southeast Asian eyes. IDA drew on its extensive network of academic and government contacts across Asia to...Asia would advance both government and non- government efforts to develop a better understanding of the roots of the terrorist threat and its links

Research and realization implementation of monitor technology on illegal external link of classified computer

NASA Astrophysics Data System (ADS)

Zhang, Hong

2017-06-01

In recent years, with the continuous development and application of network technology, network security has gradually entered people's field of vision. The host computer network external network of violations is an important reason for the threat of network security. At present, most of the work units have a certain degree of attention to network security, has taken a lot of means and methods to prevent network security problems such as the physical isolation of the internal network, install the firewall at the exit. However, these measures and methods to improve network security are often not comply with the safety rules of human behavior damage. For example, the host to wireless Internet access and dual-network card to access the Internet, inadvertently formed a two-way network of external networks and computer connections [1]. As a result, it is possible to cause some important documents and confidentiality leak even in the the circumstances of user unaware completely. Secrecy Computer Violation Out-of-band monitoring technology can largely prevent the violation by monitoring the behavior of the offending connection. In this paper, we mainly research and discuss the technology of secret computer monitoring.

Trusted computation through biologically inspired processes

NASA Astrophysics Data System (ADS)

Anderson, Gustave W.

2013-05-01

Due to supply chain threats it is no longer a reasonable assumption that traditional protections alone will provide sufficient security for enterprise systems. The proposed cognitive trust model architecture extends the state-of-the-art in enterprise anti-exploitation technologies by providing collective immunity through backup and cross-checking, proactive health monitoring and adaptive/autonomic threat response, and network resource diversity.

Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jim Alves-Foss

2011-08-01

Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL providesmore » a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.« less

Neural Detection of Malicious Network Activities Using a New Direct Parsing and Feature Extraction Technique

DTIC Science & Technology

2015-09-01

intrusion detection systems , neural networks 15. NUMBER OF PAGES 75 16. PRICE CODE 17. SECURITY CLASSIFICATION OF... detection system (IDS) software, which learns to detect and classify network attacks and intrusions through prior training data. With the added criteria of...BACKGROUND The growing threat of malicious network activities and intrusion attempts makes intrusion detection systems (IDS) a

AVQS: attack route-based vulnerability quantification scheme for smart grid.

PubMed

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

Low-Cost, Robust, Threat-aware Wireless Sensor Network for Assuring the Nation's Energy Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlos H. Rentel

2007-03-31

The objective of this project was to create a low-cost, robust anticipatory wireless sensor network (A-WSN) to ensure the security and reliability of the United States energy infrastructure. This document highlights Eaton Corporation's plan to bring these technologies to market.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

PubMed

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

PubMed Central

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-01-01

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism. PMID:26694409

Controller–Pilot Data Link Communication Security

PubMed Central

Polishchuk, Tatiana; Wernberg, Max

2018-01-01

The increased utilization of the new types of cockpit communications, including controller–pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system. PMID:29783791

Controller⁻Pilot Data Link Communication Security.

PubMed

Gurtov, Andrei; Polishchuk, Tatiana; Wernberg, Max

2018-05-20

The increased utilization of the new types of cockpit communications, including controller⁻pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system.

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

PubMed Central

Masys, D. R.; Baker, D. B.

1997-01-01

The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks. PMID:9357644

The cyber security threat stops in the boardroom.

PubMed

Scully, Tim

The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

PubMed

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

A decoy chain deployment method based on SDN and NFV against penetration attack

PubMed Central

Zhao, Qi; Zhang, Chuanhao

2017-01-01

Penetration attacks are one of the most serious network security threats. However, existing network defense technologies do not have the ability to entirely block the penetration behavior of intruders. Therefore, the network needs additional defenses. In this paper, a decoy chain deployment (DCD) method based on SDN+NFV is proposed to address this problem. This method considers about the security status of networks, and deploys decoy chains with the resource constraints. DCD changes the attack surface of the network and makes it difficult for intruders to discern the current state of the network. Simulation experiments and analyses show that DCD can effectively resist penetration attacks by increasing the time cost and complexity of a penetration attack. PMID:29216257

A decoy chain deployment method based on SDN and NFV against penetration attack.

PubMed

Zhao, Qi; Zhang, Chuanhao; Zhao, Zheng

2017-01-01

Penetration attacks are one of the most serious network security threats. However, existing network defense technologies do not have the ability to entirely block the penetration behavior of intruders. Therefore, the network needs additional defenses. In this paper, a decoy chain deployment (DCD) method based on SDN+NFV is proposed to address this problem. This method considers about the security status of networks, and deploys decoy chains with the resource constraints. DCD changes the attack surface of the network and makes it difficult for intruders to discern the current state of the network. Simulation experiments and analyses show that DCD can effectively resist penetration attacks by increasing the time cost and complexity of a penetration attack.

Securing Information in the Healthcare Industry: Network Security, Incident Management, and Insider Threat

DTIC Science & Technology

2010-09-23

Chris, ―An Analysis of Breaches Affecting 500 or More Individuals in Healthcare‖, HITRUST, August 2010. 2. ―2009 Annual Study: Cost of a Data Breach ,‖ Ponemon...penalties for willful neglect • Loss of human life? — While many concerns focus on a data breach , some vulnerabilities can be more severe

Distributed generation of shared RSA keys in mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Liu, Yi-Liang; Huang, Qin; Shen, Ying

2005-12-01

Mobile Ad Hoc Networks is a totally new concept in which mobile nodes are able to communicate together over wireless links in an independent manner, independent of fixed physical infrastructure and centralized administrative infrastructure. However, the nature of Ad Hoc Networks makes them very vulnerable to security threats. Generation and distribution of shared keys for CA (Certification Authority) is challenging for security solution based on distributed PKI(Public-Key Infrastructure)/CA. The solutions that have been proposed in the literature and some related issues are discussed in this paper. The solution of a distributed generation of shared threshold RSA keys for CA is proposed in the present paper. During the process of creating an RSA private key share, every CA node only has its own private security. Distributed arithmetic is used to create the CA's private share locally, and that the requirement of centralized management institution is eliminated. Based on fully considering the Mobile Ad Hoc network's characteristic of self-organization, it avoids the security hidden trouble that comes by holding an all private security share of CA, with which the security and robustness of system is enhanced.

State of the Practice of Intrusion Detection Technologies

DTIC Science & Technology

2000-01-01

security incident response teams ) - the role of IDS in threat management, such as defining alarm severity, monitoring, alerting, and policy-based...attacks in an effort to sneak under the radar of security specialists and intrusion detection software, a U.S. Navy network security team said today...to get the smoking gun," said Stephen Northcutt, head of the Shadow intrusion detection team at the Naval Surface Warfare Center. "To know what’s

Using Anticipative Malware Analysis to Support Decision Making

DTIC Science & Technology

2010-11-01

specifically, we have designed and implemented a network sandbox, i.e. a sandbox that allows us to study malware behaviour from the network perspective. We...plan to use this sandbox to generate malware-sample profiles that can be used by decision making algorithms to help network administrators and security...also allows the user to specify the network topology to be used. 1 INTRODUCTION Once the presence of a malicious software (malware) threat has been

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

PubMed Central

Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification. PMID:25152923

Optimal response to attacks on the open science grids.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Altunay, M.; Leyffer, S.; Linderoth, J. T.

2011-01-01

Cybersecurity is a growing concern, especially in open grids, where attack propagation is easy because of prevalent collaborations among thousands of users and hundreds of institutions. The collaboration rules that typically govern large science experiments as well as social networks of scientists span across the institutional security boundaries. A common concern is that the increased openness may allow malicious attackers to spread more readily around the grid. We consider how to optimally respond to attacks in open grid environments. To show how and why attacks spread more readily around the grid, we first discuss how collaborations manifest themselves in themore » grids and form the collaboration network graph, and how this collaboration network graph affects the security threat levels of grid participants. We present two mixed-integer program (MIP) models to find the optimal response to attacks in open grid environments, and also calculate the threat level associated with each grid participant. Given an attack scenario, our optimal response model aims to minimize the threat levels at unaffected participants while maximizing the uninterrupted scientific production (continuing collaborations). By adopting some of the collaboration rules (e.g., suspending a collaboration or shutting down a site), the model finds optimal response to subvert an attack scenario.« less

Cyber-Threat Assessment for the Air Traffic Management System: A Network Controls Approach

NASA Technical Reports Server (NTRS)

Roy, Sandip; Sridhar, Banavar

2016-01-01

Air transportation networks are being disrupted with increasing frequency by failures in their cyber- (computing, communication, control) systems. Whether these cyber- failures arise due to deliberate attacks or incidental errors, they can have far-reaching impact on the performance of the air traffic control and management systems. For instance, a computer failure in the Washington DC Air Route Traffic Control Center (ZDC) on August 15, 2015, caused nearly complete closure of the Centers airspace for several hours. This closure had a propagative impact across the United States National Airspace System, causing changed congestion patterns and requiring placement of a suite of traffic management initiatives to address the capacity reduction and congestion. A snapshot of traffic on that day clearly shows the closure of the ZDC airspace and the resulting congestion at its boundary, which required augmented traffic management at multiple locations. Cyber- events also have important ramifications for private stakeholders, particularly the airlines. During the last few months, computer-system issues have caused several airlines fleets to be grounded for significant periods of time: these include United Airlines (twice), LOT Polish Airlines, and American Airlines. Delays and regional stoppages due to cyber- events are even more common, and may have myriad causes (e.g., failure of the Department of Homeland Security systems needed for security check of passengers, see [3]). The growing frequency of cyber- disruptions in the air transportation system reflects a much broader trend in the modern society: cyber- failures and threats are becoming increasingly pervasive, varied, and impactful. In consequence, an intense effort is underway to develop secure and resilient cyber- systems that can protect against, detect, and remove threats, see e.g. and its many citations. The outcomes of this wide effort on cyber- security are applicable to the air transportation infrastructure, and indeed security solutions are being implemented in the current system. While these security solutions are important, they only provide a piecemeal solution. Particular computers or communication channels are protected from particular attacks, without a holistic view of the air transportation infrastructure. On the other hand, the above-listed incidents highlight that a holistic approach is needed, for several reasons. First, the air transportation infrastructure is a large scale cyber-physical system with multiple stakeholders and diverse legacy assets. It is impractical to protect every cyber- asset from known and unknown disruptions, and instead a strategic view of security is needed. Second, disruptions to the cyber- system can incur complex propagative impacts across the air transportation network, including its physical and human assets. Also, these implications of cyber- events are exacerbated or modulated by other disruptions and operational specifics, e.g. severe weather, operator fatigue or error, etc. These characteristics motivate a holistic and strategic perspective on protecting the air transportation infrastructure from cyber- events. The analysis of cyber- threats to the air traffic system is also inextricably tied to the integration of new autonomy into the airspace. The replacement of human operators with cyber functions leaves the network open to new cyber threats, which must be modeled and managed. Paradoxically, the mitigation of cyber events in the airspace will also likely require additional autonomy, given the fast time scale and myriad pathways of cyber-attacks which must be managed. The assessment of new vulnerabilities upon integration of new autonomy is also a key motivation for a holistic perspective on cyber threats.

[Biological security confronting bioterrorism].

PubMed

Suárez Fernández, Guillermo

2002-01-01

A review is made on Biosecurity at both local and global level in relationship with Bioterrorism as a real threat and its control and prevention. The function of the network of High Security Laboratories around the world able to make immediate diagnosis, research on vaccines, fundamental and urgent epidemiological studies, conform a steady basis to control natural infections and also the possible bioterrorism attacks.

Secure and Efficient Network Fault Localization

DTIC Science & Technology

2012-02-27

ORGANIZATION NAME(S) AND ADDRESS (ES) Carnegie Mellon University,School of Computer Science,Computer Science Department,Pittsburgh,PA,15213 8. PERFORMING...ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS (ES) 10. SPONSOR/MONITOR’S ACRONYM(S) 11. SPONSOR/MONITOR’S REPORT...efficiency than previously known protocols for fault localization. Our proposed fault localization protocols also address the security threats that

System Requirement Analyses for Ubiquitous Environment Management System

NASA Astrophysics Data System (ADS)

Lim, Sang Boem; Gil, Kyung Jun; Choe, Ho Rim; Eo, Yang Dam

We are living in new stage of society. U-City introduces new paradigm that cannot be archived in traditional city to future city. Korea is one of the most active countries to construct U-City based on advances of IT technologies - especially based on high-speed network through out country [1]. Peoples are realizing ubiquitous service is key factor of success of U-City. Among the U-services, U-security service is one of the most important services. Nowadays we have to concern about traditional threat and also personal information. Since apartment complex is the most common residence type in Korea. We are developing security rules and system based on analyses of apartment complex and assert of apartment complex. Based on these analyses, we are developing apartment complex security using various technologies including home network system. We also will discuss basic home network security architecture.

DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments.

PubMed

Song, Min Su; Lee, Jae Dong; Jeong, Young-Sik; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system.

DS-ARP: A New Detection Scheme for ARP Spoofing Attacks Based on Routing Trace for Ubiquitous Environments

PubMed Central

Song, Min Su; Lee, Jae Dong; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system. PMID:25243205

Internetting tactical security sensor systems

NASA Astrophysics Data System (ADS)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control stations.

A Real-Time Decision Support System for Voltage Collapse Avoidance in Power Supply Networks

NASA Astrophysics Data System (ADS)

Chang, Chen-Sung

This paper presents a real-time decision support system (RDSS) based on artificial intelligence (AI) for voltage collapse avoidance (VCA) in power supply networks. The RDSS scheme employs a fuzzy hyperrectangular composite neural network (FHRCNN) to carry out voltage risk identification (VRI). In the event that a threat to the security of the power supply network is detected, an evolutionary programming (EP)-based algorithm is triggered to determine the operational settings required to restore the power supply network to a secure condition. The effectiveness of the RDSS methodology is demonstrated through its application to the American Electric Power Provider System (AEP, 30-bus system) under various heavy load conditions and contingency scenarios. In general, the numerical results confirm the ability of the RDSS scheme to minimize the risk of voltage collapse in power supply networks. In other words, RDSS provides Power Provider Enterprises (PPEs) with a viable tool for performing on-line voltage risk assessment and power system security enhancement functions.

49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for... SECURITY CIVIL AVIATION SECURITY INDIRECT AIR CARRIER SECURITY § 1548.15 Access to cargo: Security threat... must successfully complete a security threat assessment or comparable security threat assessment...

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

PubMed Central

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

SPOT: Optimization Tool for Network Adaptable Security

NASA Astrophysics Data System (ADS)

Ksiezopolski, Bogdan; Szalachowski, Pawel; Kotulski, Zbigniew

Recently we have observed the growth of the intelligent application especially with its mobile character, called e-anything. The implementation of these applications provides guarantee of security requirements of the cryptographic protocols which are used in the application. Traditionally the protocols have been configured with the strongest possible security mechanisms. Unfortunately, when the application is used by means of the mobile devices, the strongest protection can lead to the denial of services for them. The solution of this problem is introducing the quality of protection models which will scale the protection level depending on the actual threat level. In this article we would like to introduce the application which manages the protection level of the processes in the mobile environment. The Security Protocol Optimizing Tool (SPOT) optimizes the cryptographic protocol and defines the protocol version appropriate to the actual threat level. In this article the architecture of the SPOT is presented with a detailed description of the included modules.

SCA security verification on wireless sensor network node

NASA Astrophysics Data System (ADS)

He, Wei; Pizarro, Carlos; de la Torre, Eduardo; Portilla, Jorge; Riesgo, Teresa

2011-05-01

Side Channel Attack (SCA) differs from traditional mathematic attacks. It gets around of the exhaustive mathematic calculation and precisely pin to certain points in the cryptographic algorithm to reveal confidential information from the running crypto-devices. Since the introduction of SCA by Paul Kocher et al [1], it has been considered to be one of the most critical threats to the resource restricted but security demanding applications, such as wireless sensor networks. In this paper, we focus our work on the SCA-concerned security verification on WSN (wireless sensor network). A detailed setup of the platform and an analysis of the results of DPA (power attack) and EMA (electromagnetic attack) is presented. The setup follows the way of low-cost setup to make effective SCAs. Meanwhile, surveying the weaknesses of WSNs in resisting SCA attacks, especially for the EM attack. Finally, SCA-Prevention suggestions based on Differential Security Strategy for the FPGA hardware implementation in WSN will be given, helping to get an improved compromise between security and cost.

Analysis Of Using Firewall And Single Honeypot In Training Attack On Wireless Network

NASA Astrophysics Data System (ADS)

Mohd. Diansyah, Tengku.; Faisal, Ilham; Perdana, Adidtya; Octaviani Sembiring, Boni; Hidayati Sinaga, Tantri

2017-12-01

Security issues become one of the important aspects of a network, especially a network security on the server. These problems underlie the need to build a system that can detect threats from parties who do not have access rights (hackers) that are by building a security system honeypot. A Honeypot is a diversion of intruders' attention, in order for intruders to think that it has managed to break down and retrieve data from a network, when in fact the data is not important and the location is isolated. A way to trap or deny unauthorized use of effort in an information system. One type of honeypot is honeyd. Honeyd is a low interaction honeypot that has a smaller risk compared to high interaction types because the interaction with the honeypot does not directly involve the real system. The purpose of the implementation of honeypot and firewall, firewall is used on Mikrotik. Can be used as an administrative tool to view reports of Honeyd generated activity and administrators can also view reports that are stored in the logs in order to assist in determining network security policies.

An ethernet/IP security review with intrusion detection applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Laughter, S. A.; Williams, R. D.

2006-07-01

Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IPmore » networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)« less

Design and Implementation of a Secure Modbus Protocol

NASA Astrophysics Data System (ADS)

Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

Cybersecurity and Optimization in Smart “Autonomous” Buildings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mylrea, Michael E.; Gourisetti, Sri Nikhil Gup

Significant resources have been invested in making buildings “smart” by digitizing, networking and automating key systems and operations. Smart autonomous buildings create new energy efficiency, economic and environmental opportunities. But as buildings become increasingly networked to the Internet, they can also become more vulnerable to various cyber threats. Automated and Internet-connected buildings systems, equipment, controls, and sensors can significantly increase cyber and physical vulnerabilities that threaten the confidentiality, integrity, and availability of critical systems in organizations. Securing smart autonomous buildings presents a national security and economic challenge to the nation. Ignoring this challenge threatens business continuity and the availability ofmore » critical infrastructures that are enabled by smart buildings. In this chapter, the authors address challenges and explore new opportunities in securing smart buildings that are enhanced by machine learning, cognitive sensing, artificial intelligence (AI) and smart-energy technologies. The chapter begins by identifying cyber-threats and challenges to smart autonomous buildings. Then it provides recommendations on how AI enabled solutions can help smart buildings and facilities better protect, detect and respond to cyber-physical threats and vulnerabilities. Next, the chapter will provide case studies that examine how combining AI with innovative smart-energy technologies can increase both cybersecurity and energy efficiency savings in buildings. The chapter will conclude by proposing recommendations for future cybersecurity and energy optimization research for examining AI enabled smart-energy technology.« less

DoD Cybersecurity Discipline Implementation Plan

DTIC Science & Technology

2016-02-01

provided email services are disabled for commercial mobile devices. N/A Commanders and Supervisors must ensure all servers and network infrastructure ... infrastructure physically and logically. All of these protections come from security measures that are already required. This line of effort supports...networks and critical infrastructure . These threats and risks have been recognized by DoD for several years, and the Department has responded with

On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

NASA Astrophysics Data System (ADS)

Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

2015-05-01

An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

Firewall systems: the next generation

NASA Astrophysics Data System (ADS)

McGhie, Lynda L.

1996-01-01

To be competitive in today's globally connected marketplace, a company must ensure that their internal network security methodologies and supporting policies are current and reflect an overall understanding of today's technology and its resultant threats. Further, an integrated approach to information security should ensure that new ways of sharing information and doing business are accommodated; such as electronic commerce, high speed public broadband network services, and the federally sponsored National Information Infrastructure. There are many challenges, and success is determined by the establishment of a solid and firm baseline security architecture that accommodate today's external connectivity requirements, provides transitional solutions that integrate with evolving and dynamic technologies, and ultimately acknowledges both the strategic and tactical goals of an evolving network security architecture and firewall system. This paper explores the evolution of external network connectivity requirements, the associated challenges and the subsequent development and evolution of firewall security systems. It makes the assumption that a firewall is a set of integrated and interoperable components, coming together to form a `SYSTEM' and must be designed, implement and managed as such. A progressive firewall model will be utilized to illustrates the evolution of firewall systems from earlier models utilizing separate physical networks, to today's multi-component firewall systems enabling secure heterogeneous and multi-protocol interfaces.

Design and Implementation of Secure and Reliable Communication using Optical Wireless Communication

NASA Astrophysics Data System (ADS)

Saadi, Muhammad; Bajpai, Ambar; Zhao, Yan; Sangwongngam, Paramin; Wuttisittikulkij, Lunchakorn

2014-11-01

Wireless networking intensify the tractability in the home and office environment to connect the internet without wires but at the cost of risks associated with stealing the data or threat of loading malicious code with the intention of harming the network. In this paper, we proposed a novel method of establishing a secure and reliable communication link using optical wireless communication (OWC). For security, spatial diversity based transmission using two optical transmitters is used and the reliability in the link is achieved by a newly proposed method for the construction of structured parity check matrix for binary Low Density Parity Check (LDPC) codes. Experimental results show that a successful secure and reliable link between the transmitter and the receiver can be achieved by using the proposed novel technique.

Security for Multimedia Space Data Distribution over the Internet

NASA Technical Reports Server (NTRS)

Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

1995-01-01

Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

SNM-DAT: Simulation of a heterogeneous network for nuclear border security

NASA Astrophysics Data System (ADS)

Nemzek, R.; Kenyon, G.; Koehler, A.; Lee, D. M.; Priedhorsky, W.; Raby, E. Y.

2007-08-01

We approach the problem of detecting Special Nuclear Material (SNM) smuggling across open borders by modeling a heterogeneous sensor network using an agent-based simulation. Our simulation SNM Data Analysis Tool (SNM-DAT) combines fixed seismic, metal, and radiation detectors with a mobile gamma spectrometer. Decision making within the simulation determines threat levels by combined signatures. The spectrometer is a limited-availability asset, and is only deployed for substantial threats. "Crossers" can be benign or carrying shielded SNM. Signatures and sensors are physics based, allowing us to model realistic sensor networks. The heterogeneous network provides great gains in detection efficiency compared to a radiation-only system. We can improve the simulation through better sensor and terrain models, additional signatures, and crossers that mimic actual trans-border traffic. We expect further gains in our ability to design sensor networks as we learn the emergent properties of heterogeneous detection, and potential adversary responses.

Random Time Identity Based Firewall In Mobile Ad hoc Networks

NASA Astrophysics Data System (ADS)

Suman, Patel, R. B.; Singh, Parvinder

2010-11-01

A mobile ad hoc network (MANET) is a self-organizing network of mobile routers and associated hosts connected by wireless links. MANETs are highly flexible and adaptable but at the same time are highly prone to security risks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized control. Firewall is an effective means of protecting a local network from network-based security threats and forms a key component in MANET security architecture. This paper presents a review of firewall implementation techniques in MANETs and their relative merits and demerits. A new approach is proposed to select MANET nodes at random for firewall implementation. This approach randomly select a new node as firewall after fixed time and based on critical value of certain parameters like power backup. This approach effectively balances power and resource utilization of entire MANET because responsibility of implementing firewall is equally shared among all the nodes. At the same time it ensures improved security for MANETs from outside attacks as intruder will not be able to find out the entry point in MANET due to the random selection of nodes for firewall implementation.

Research on the information security system in electrical gis system in mobile application

NASA Astrophysics Data System (ADS)

Zhou, Chao; Feng, Renjun; Jiang, Haitao; Huang, Wei; Zhu, Daohua

2017-05-01

With the rapid development of social informatization process, the demands of government, enterprise, and individuals for spatial information becomes larger. In addition, the combination of wireless network technology and spatial information technology promotes the generation and development of mobile technologies. In today’s rapidly developed information technology field, network technology and mobile communication have become the two pillar industries by leaps and bounds. They almost absorbed and adopted all the latest information, communication, computer, electronics and so on new technologies. Concomitantly, the network coverage is more and more big, the transmission rate is faster and faster, the volume of user’s terminal is smaller and smaller. What’s more, from LAN to WAN, from wired network to wireless network, from wired access to mobile wireless access, people’s demand for communication technology is increasingly higher. As a result, mobile communication technology is facing unprecedented challenges as well as unprecedented opportunities. When combined with the existing mobile communication network, it led to the development of leaps and bounds. However, due to the inherent dependence of the system on the existing computer communication network, information security problems cannot be ignored. Today’s information security has penetrated into all aspects of life. Information system is a complex computer system, and it’s physical, operational and management vulnerabilities constitute the security vulnerability of the system. Firstly, this paper analyzes the composition of mobile enterprise network and information security threat. Secondly, this paper puts forward the security planning and measures, and constructs the information security structure.

49 CFR 1540.205 - Procedures for security threat assessment.

Code of Federal Regulations, 2010 CFR

2010-10-01

... threat; (ii) The basis for the determination; (iii) Information about how the applicant may appeal the... 49 Transportation 9 2010-10-01 2010-10-01 false Procedures for security threat assessment. 1540... SECURITY: GENERAL RULES Security Threat Assessments § 1540.205 Procedures for security threat assessment...

49 CFR 1540.203 - Security threat assessment.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 9 2011-10-01 2011-10-01 false Security threat assessment. 1540.203 Section 1540... Security Threat Assessments § 1540.203 Security threat assessment. (a) Each operator subject to this subpart must ensure that each of the following undergoes a security threat assessment or a comparable...

49 CFR 1540.209 - Fees for security threat assessment.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under subpart. (a...

Transnational Crime and Security Threats in Indonesia

DTIC Science & Technology

2010-03-01

archipelagos, while the region’s climate and cultures have also made it highly attractive to leisure activities. Piracy has been a traditional way of...coordinated patrols by Indonesia, Malaysia , and Singapore, along with increased security on vessels have sparked a dramatic downturn in piracy according to...just local but also international. Some sources believe that the network route runs from Cambodia to Southern Philippines to Malaysia then enters

Automated X-ray image analysis for cargo security: Critical review and future promise.

PubMed

Rogers, Thomas W; Jaccard, Nicolas; Morton, Edward J; Griffin, Lewis D

2017-01-01

We review the relatively immature field of automated image analysis for X-ray cargo imagery. There is increasing demand for automated analysis methods that can assist in the inspection and selection of containers, due to the ever-growing volumes of traded cargo and the increasing concerns that customs- and security-related threats are being smuggled across borders by organised crime and terrorist networks. We split the field into the classical pipeline of image preprocessing and image understanding. Preprocessing includes: image manipulation; quality improvement; Threat Image Projection (TIP); and material discrimination and segmentation. Image understanding includes: Automated Threat Detection (ATD); and Automated Contents Verification (ACV). We identify several gaps in the literature that need to be addressed and propose ideas for future research. Where the current literature is sparse we borrow from the single-view, multi-view, and CT X-ray baggage domains, which have some characteristics in common with X-ray cargo.

A Layered Social and Operational Network Analysis

DTIC Science & Technology

2007-03-01

organizations, networks and individuals” (OPOTUS, 2006: 5). These transnational threats, which compromise the security of the US , consist of...The focus of criminal groups is money ; the trafficking of 2-7 drugs or people, the money laundering , and the corruption are a means to generate...assassination is used (National Defense University, 1999:250). 2-8 Economic and industrial espionage, bank fraud, financial market manipulation, and

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew A.

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew

2013-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

Hybrid Radio Frequency/Free-Space Optics (RF/FSO) Wireless Sensor Network: Security Concerns and Protective Measures

NASA Astrophysics Data System (ADS)

Banerjee, Koushik; Sharma, Hemant; Sengupta, Anasuya

Wireless sensor networks (WSNs) are ad hoc wireless networks that are written off as spread out structure and ad hoc deployment. Sensor networks have all the rudimentary features of ad hoc networks but to altered points—for instance, considerably lesser movement and far more energy necessities. Commonly used technology for communication is radio frequency (RF) communications. Free-space optics (FSO) is relatively new technology which has the prospective to deliver remarkable increases in network lifetime of WSN. Hybrid RF/FSO communications has been suggested to decrease power consumption by a single sensor node. It is observed that security plays a very important role for either RF WSN or hybrid RF/FSO WSN as those are vulnerable to numerous threats. In this paper, various possible attacks in RF/FSO WSN are discussed and aimed to propose some way out from those attacks.

AEGIS: A Lightweight Firewall for Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Hossain, Mohammad Sajjad; Raghunathan, Vijay

Firewalls are an essential component in today's networked computing systems (desktops, laptops, and servers) and provide effective protection against a variety of over-the-network security attacks. With the development of technologies such as IPv6 and 6LoWPAN that pave the way for Internet-connected embedded systems and sensor networks, these devices will soon be subject to (and need to be defended against) similar security threats. As a first step, this paper presents Aegis, a lightweight, rule-based firewall for networked embedded systems such as wireless sensor networks. Aegis is based on a semantically rich, yet simple, rule definition language. In addition, Aegis is highly efficient during operation, runs in a transparent manner from running applications, and is easy to maintain. Experimental results obtained using real sensor nodes and cycle-accurate simulations demonstrate that Aegis successfully performs gatekeeping of a sensor node's communication traffic in a flexible manner with minimal overheads.

Practical recommendations for strengthening national and regional laboratory networks in Africa in the Global Health Security era.

PubMed

Best, Michele; Sakande, Jean

2016-01-01

The role of national health laboratories in support of public health response has expanded beyond laboratory testing to include a number of other core functions such as emergency response, training and outreach, communications, laboratory-based surveillance and data management. These functions can only be accomplished by an efficient and resilient national laboratory network that includes public health, reference, clinical and other laboratories. It is a primary responsibility of the national health laboratory in the Ministry of Health to develop and maintain the national laboratory network in the country. In this article, we present practical recommendations based on 17 years of network development experience for the development of effective national laboratory networks. These recommendations and examples of current laboratory networks, are provided to facilitate laboratory network development in other states. The development of resilient, integrated laboratory networks will enhance each state's public health system and is critical to the development of a robust national laboratory response network to meet global health security threats.

Practical recommendations for strengthening national and regional laboratory networks in Africa in the Global Health Security era

PubMed Central

2016-01-01

The role of national health laboratories in support of public health response has expanded beyond laboratory testing to include a number of other core functions such as emergency response, training and outreach, communications, laboratory-based surveillance and data management. These functions can only be accomplished by an efficient and resilient national laboratory network that includes public health, reference, clinical and other laboratories. It is a primary responsibility of the national health laboratory in the Ministry of Health to develop and maintain the national laboratory network in the country. In this article, we present practical recommendations based on 17 years of network development experience for the development of effective national laboratory networks. These recommendations and examples of current laboratory networks, are provided to facilitate laboratory network development in other states. The development of resilient, integrated laboratory networks will enhance each state’s public health system and is critical to the development of a robust national laboratory response network to meet global health security threats. PMID:28879137

Towards an integrated defense system for cyber security situation awareness experiment

NASA Astrophysics Data System (ADS)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

Camouflage Traffic: Minimizing Message Delay for Smart Grid Applications under Jamming

DTIC Science & Technology

2014-04-01

technologies. To facilitate efficient information exchange, wireless networks have been proposed to be widely used in the smart grid. However, the jamming...attack that constantly broadcasts radio interference is a primary security threat to prevent the deployment of wireless networks in the smart grid. Hence... wireless communications, while at the same time providing latency guarantee for control messages. An open question is how to minimize message delay for

Mexican Drug Trafficking Organizations: Matching Strategy to Threat

DTIC Science & Technology

2013-03-01

raids,16 family ties, and heritage. Issues ranging from national security to the environment and migration are complex issues that demand involvement...the perfect network for the Sinaloa Cartel to move heroin and methamphetamine26, and this is just one of the aforementioned 1000 cities where DTOs

A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model.

PubMed

Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

2016-09-28

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained.

A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model

PubMed Central

Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

2016-01-01

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained. PMID:27690042

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

PubMed Central

Alajmi, Naser; Elleithy, Khaled

2015-01-01

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable. PMID:26610499

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

PubMed

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

49 CFR 1548.16 - Security threat assessments for each proprietor, general partner, officer, director, and certain...

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security threat assessments for each proprietor..., or owner of the entity must successfully complete a security threat assessment or comparable security... owner of the entity has successfully completed a Security Threat Assessment under part 1540, subpart C...

Open source IPSEC software in manned and unmanned space missions

NASA Astrophysics Data System (ADS)

Edwards, Jacob

Network security is a major topic of research because cyber attackers pose a threat to national security. Securing ground-space communications for NASA missions is important because attackers could endanger mission success and human lives. This thesis describes how an open source IPsec software package was used to create a secure and reliable channel for ground-space communications. A cost efficient, reproducible hardware testbed was also created to simulate ground-space communications. The testbed enables simulation of low-bandwidth and high latency communications links to experiment how the open source IPsec software reacts to these network constraints. Test cases were built that allowed for validation of the testbed and the open source IPsec software. The test cases also simulate using an IPsec connection from mission control ground routers to points of interest in outer space. Tested open source IPsec software did not meet all the requirements. Software changes were suggested to meet requirements.

Triage Visualization for Digital Media Exploitation

DTIC Science & Technology

2013-09-01

and responding to threats. Previous work includes NVisionIP [17], a network visualization 8 tool that processes Argus NetFlow [18] data. NVisionIP...2012.02.021 [17] K. Lakkaraju et al., “Nvisionip: netflow visualizations of system state for security situational awareness,” in Proceedings of the 2004 ACM

Risk assessment for Industrial Control Systems quantifying availability using mean failure cost (MFC)

DOE PAGES

Chen, Qian; Abercrombie, Robert K; Sheldon, Frederick T.

2015-09-23

Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control.Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet ofmore » Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure.Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). Finally, the metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).« less

49 CFR 1572.9 - Applicant information required for HME security threat assessment.

Code of Federal Regulations, 2011 CFR

2011-10-01

... threat assessment. 1572.9 Section 1572.9 Transportation Other Regulations Relating to Transportation... TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Procedures and General Standards § 1572.9 Applicant information required for HME security threat assessment. An applicant must supply the information...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for...: Security threat assessments for cargo personnel in the United States. This section applies in the United...— (1) Each individual must successfully complete a security threat assessment or comparable security...

A Bayesian Belief Network of Threat Anticipation and Terrorist Motivations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Olama, Mohammed M; Allgood, Glenn O; Davenport, Kristen M

Recent events highlight the need for efficient tools for anticipating the threat posed by terrorists, whether individual or groups. Antiterrorism includes fostering awareness of potential threats, deterring aggressors, developing security measures, planning for future events, halting an event in process, and ultimately mitigating and managing the consequences of an event. To analyze such components, one must understand various aspects of threat elements like physical assets and their economic and social impacts. To this aim, we developed a three-layer Bayesian belief network (BBN) model that takes into consideration the relative threat of an attack against a particular asset (physical layer) asmore » well as the individual psychology and motivations that would induce a person to either act alone or join a terrorist group and commit terrorist acts (social and economic layers). After researching the many possible motivations to become a terrorist, the main factors are compiled and sorted into categories such as initial and personal indicators, exclusion factors, and predictive behaviors. Assessing such threats requires combining information from disparate data sources most of which involve uncertainties. BBN combines these data in a coherent, analytically defensible, and understandable manner. The developed BBN model takes into consideration the likelihood and consequence of a threat in order to draw inferences about the risk of a terrorist attack so that mitigation efforts can be optimally deployed. The model is constructed using a network engineering process that treats the probability distributions of all the BBN nodes within the broader context of the system development process.« less

49 CFR 1572.500 - Scope.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Fees for Security Threat Assessments for Transportation Worker Identification Credential (TWIC... Transportation Worker Identification Credential and must undergo a security threat assessment under 49 CFR part...

The impact of internet-connected control systems on the oil and gas industry

NASA Astrophysics Data System (ADS)

Martel, Ruth T.

In industry and infrastructure today, communication is a way of life. In the oil and gas industry, the use of devices that communicate with the network at large is both commonplace and expected. Unfortunately, security on these devices is not always best. Many industrial control devices originate from legacy devices not originally configured with security in mind. All infrastructure and industry today has seen an increase in attacks on their networks and in some cases, a very dramatic increase, which should be a cause for alarm and action. The purpose of this research was to highlight the threat that Internet-connected devices present to an organization's network in the oil and gas industry and ultimately, to the business and possibly even human life. Although there are several previous studies that highlight the problem of these Internet-connected devices, there remains evidence that security response has not been adequate. The analysis conducted on only one easily discovered device serves as an example of the ongoing issue of the security mindset in the oil and gas industry. The ability to connect to a network through an Internet-connected device gives a hacker an anonymous backdoor to do great damage in that network. The hope is that the approach to security in infrastructure and especially the oil and gas industry, changes before a major catastrophe occurs involving human life.

Analyzing Risks and Vulnerabilities of Various Computer Systems and Undergoing Exploitation using Embedded Devices

NASA Technical Reports Server (NTRS)

Branch, Drew Alexander

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated, patched and secured state in a launch control system environment. Attacks on critical systems are becoming more and more relevant and frequent. Nation states are hacking into critical networks that might control electrical power grids or water dams as well as carrying out advanced persistent threat (APTs) attacks on government entities. NASA, as an organization, must protect its self from attacks from all different types of attackers with different motives. Although the International Space Station was created, there is still competition between the different space programs. With that in mind, NASA might get attacked and breached for various reasons such as espionage or sabotage. My project will provide a way for NASA to complete an in house penetration test which includes: asset discovery, vulnerability scans, exploit vulnerabilities and also provide forensic information to harden systems. Completing penetration testing is a part of the compliance requirements of the Federal Information Security Act (FISMA) and NASA NPR 2810.1 and related NASA Handbooks. This project is to demonstrate how in house penetration testing can be conducted that will satisfy all of the compliance requirements of the National Institute of Standards and Technology (NIST), as outlined in FISMA. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

Controlled information destruction: the final frontier in preserving information security for every organisation

NASA Astrophysics Data System (ADS)

Curiac, Daniel-Ioan; Pachia, Mihai

2015-05-01

Information security represents the cornerstone of every data processing system that resides in an organisation's trusted network, implementing all necessary protocols, mechanisms and policies to be one step ahead of possible threats. Starting from the need to strengthen the set of security services, in this article we introduce a new and innovative process named controlled information destruction (CID) that is meant to secure sensitive data that are no longer needed for the organisation's future purposes but would be very damaging if revealed. The disposal of this type of data has to be controlled carefully in order to delete not only the information itself but also all its splinters spread throughout the network, thus denying any possibility of recovering the information after its alleged destruction. This process leads to a modified model of information assurance and also reconfigures the architecture of any information security management system. The scheme we envisioned relies on a reshaped information lifecycle, which reveals the impact of the CID procedure directly upon the information states.

49 CFR 1515.3 - Terms used in this part.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... Applicant means an individual who has applied for one of the security threat assessments identified in 49... for the security threat assessment but TSA later determined that the individual poses a security.... Security threat assessment means the threat assessment for which the applicant has applied, as described in...

Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2007-09-01

A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node and trust neighborhood, collecting parametric information and executing assigned decision tasks. The communications overhead due to security mechanisms and the latency in network response are thus minimized by reducing the need to move large amounts of audit data through resource-limited nodes and by locating detection/identification programs closer to audit data. If network partitioning occurs due to uncoordinated node exhaustion, data compromise or other effects of the attacks, the mobile agents can continue to operate, thereby increasing fault tolerance in the network response to intrusions. Since the mobile agents behave like an ant colony in securing the WSN, published ant colony optimization (ACO) routines and other evolutionary algorithms are adapted to protect network security, using data at and through nodes to create audit records to detect and respond to denial-of-service attacks. Performance evaluations of algorithms are performed by simulation of a few intrusion attacks, such as black hole, flooding, Sybil and others, to validate the ability of the cross-layer algorithms to enable WSNs to survive the attacks. Results are compared for the different algorithms.

An Anticipatory and Deceptive AI Utilizing Bayesian Belief Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lake, Joe E; Allgood, Glenn O; Olama, Mohammed M

The U.S. military defines antiterrorism as the defensive posture taken against terrorist threats. Antiterrorism includes fostering awareness of potential threats, deterring aggressors, developing security measures, planning for future events, interdicting an event in progress, and ultimately mitigating and managing the consequences of an event. Recent events highlight the need for efficient tools for training our military and homeland security officers for anticipating threats posed by terrorists. These tools need to be easy enough so that they are readily usable without substantial training, but still maintain the complexity to allow for a level of deceptive reasoning on the part of themore » opponent. To meet this need, we propose to integrate a Bayesian Belief Network (BBN) model for threat anticipation and deceptive reasoning into training simulation environments currently utilized by several organizations within the Department of Defense (DoD). BBNs have the ability to deal with various types of uncertainties; such as identities, capabilities, target attractiveness, and the combinations of the previous. They also allow for disparate types of data to be fused in a coherent, analytically defensible, and understandable manner. A BBN has been developed by ORNL uses a network engineering process that treats the probability distributions of each node with in the broader context of the system development effort as a whole, and not in isolation. The network will be integrated into the Research Network Inc,(RNI) developed Game Distributed Interactive Simulation (GDIS) as a smart artificial intelligence module. GDIS is utilized by several DoD and civilian organizations as a distributed training tool for a multiplicity of reasons. It has garnered several awards for its realism, ease of use, and popularity. One area that it still has room to excel in, as most video training tools do, is in the area of artificial intelligence of opponent combatants. It is believed that by utilizing BBN as the backbone of the artificial intelligence code, a more realistic and helpful training experience will be available and enemy combatants that move and strategize with purpose will be obtained.« less

High Fidelity Simulations of Large-Scale Wireless Networks (Plus-Up)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Onunkwo, Uzoma

Sandia has built a strong reputation in scalable network simulation and emulation for cyber security studies to protect our nation’s critical information infrastructures. Georgia Tech has preeminent reputation in academia for excellence in scalable discrete event simulations, with strong emphasis on simulating cyber networks. Many of the experts in this field, such as Dr. Richard Fujimoto, Dr. George Riley, and Dr. Chris Carothers, have strong affiliations with Georgia Tech. The collaborative relationship that we intend to immediately pursue is in high fidelity simulations of practical large-scale wireless networks using ns-3 simulator via Dr. George Riley. This project will have mutualmore » benefits in bolstering both institutions’ expertise and reputation in the field of scalable simulation for cyber-security studies. This project promises to address high fidelity simulations of large-scale wireless networks. This proposed collaboration is directly in line with Georgia Tech’s goals for developing and expanding the Communications Systems Center, the Georgia Tech Broadband Institute, and Georgia Tech Information Security Center along with its yearly Emerging Cyber Threats Report. At Sandia, this work benefits the defense systems and assessment area with promise for large-scale assessment of cyber security needs and vulnerabilities of our nation’s critical cyber infrastructures exposed to wireless communications.« less

Towards a Standard for Highly Secure SCADA Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlson, R.

1998-09-25

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied tomore » automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.« less

A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

NASA Astrophysics Data System (ADS)

Balamurugan, A. M.; Sivasubramanian, A.

2014-06-01

The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

RUASN: a robust user authentication framework for wireless sensor networks.

PubMed

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost.

A Framework for Architecture-Based Planning and Assessment to Support Modeling and Simulation of Network-Centric Command and Control

DTIC Science & Technology

2006-02-17

included system-unique specifications derived to counter these threats. But the international security environment has changed --- and it will continue... Netowrk -Centric Command and Control 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e. TASK...contains color images. 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 20 19a. NAME

49 CFR 1572.13 - State responsibilities for issuance of hazardous materials endorsement.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Information System (CDLIS) operator of the results of the security threat assessment. (3) Revoke or deny the... TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Procedures and General Standards § 1572.13... security threat assessment in 49 CFR 1572.5 and issues an Initial Determination of Threat Assessment and...

Resilience to leaking--dynamic systems modeling of information security.

PubMed

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack 'unjust' systems or 'conspiracies'. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for 'just' and 'unjust' entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the 'conspiracy'). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean' in direct adversary relations, but do not necessarily increase public benefit and societal immunization to 'conspiracies'. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here.

ATM encryption testing

NASA Astrophysics Data System (ADS)

Capell, Joyce; Deeth, David

1996-01-01

This paper describes why encryption was selected by Lockheed Martin Missiles & Space as the means for securing ATM networks. The ATM encryption testing program is part of an ATM network trial provided by Pacific Bell under the California Research Education Network (CalREN). The problem being addressed is the threat to data security which results when changing from a packet switched network infrastructure to a circuit switched ATM network backbone. As organizations move to high speed cell-based networks, there is a break down in the traditional security model which is designed to protect packet switched data networks from external attacks. This is due to the fact that most data security firewalls filter IP packets, restricting inbound and outbound protocols, e.g. ftp. ATM networks, based on cell-switching over virtual circuits, does not support this method for restricting access since the protocol information is not carried by each cell. ATM switches set up multiple virtual connections, thus there is no longer a single point of entry into the internal network. The problem is further complicated by the fact that ATM networks support high speed multi-media applications, including real time video and video teleconferencing which are incompatible with packet switched networks. The ability to restrict access to Lockheed Martin networks in support of both unclassified and classified communications is required before ATM network technology can be fully deployed. The Lockheed Martin CalREN ATM testbed provides the opportunity to test ATM encryption prototypes with actual applications to assess the viability of ATM encryption methodologies prior to installing large scale ATM networks. Two prototype ATM encryptors are being tested: (1) `MILKBUSH' a prototype encryptor developed by NSA for transmission of government classified data over ATM networks, and (2) a prototype ATM encryptor developed by Sandia National Labs in New Mexico, for the encryption of proprietary data.

Cocaine Trafficking Through West Africa: The Hybridized Illicit Network as an Emerging Transnational Threat

DTIC Science & Technology

2010-02-17

a country whose primary sources of legitimate income are cashew nuts and fish, the GDP was only about $900 million US dollars in 2008. 43 When the...of fish or cashew export businesses. Today, the Colombians live extravagantly in lavish villas with armed security guards. Local police and judges

78 FR 28707 - National Defense Transportation Day and National Transportation Week, 2013

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-15

... challenges we face. We need to restore our roads, bridges, and ports-- transportation networks that are... security. At a time when our cities face unprecedented threats and hazards, we must do more to ensure our... infrastructure. In recognition of the importance of our Nation's transportation infrastructure, and of the men...

49 CFR 1549.103 - Qualifications and training of individuals with security-related duties.

Code of Federal Regulations, 2010 CFR

2010-10-01

... with security-related duties. (a) Security threat assessments. Each certified cargo screening facility... certified cargo screening facility complete a security threat assessment or comparable security threat... acuity, physical coordination, and motor skills to the extent required to effectively operate cargo...

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Capacity Development through the US President's Malaria Initiative-Supported Antimalarial Resistance Monitoring in Africa Network.

PubMed

Halsey, Eric S; Venkatesan, Meera; Plucinski, Mateusz M; Talundzic, Eldin; Lucchi, Naomi W; Zhou, Zhiyong; Mandara, Celine I; Moonga, Hawela; Hamainza, Busiku; Beavogui, Abdoul Habib; Kariuki, Simon; Samuels, Aaron M; Steinhardt, Laura C; Mathanga, Don P; Gutman, Julie; Denon, Yves Eric; Uwimana, Aline; Assefa, Ashenafi; Hwang, Jimee; Shi, Ya Ping; Dimbu, Pedro Rafael; Koita, Ousmane; Ishengoma, Deus S; Ndiaye, Daouda; Udhayakumar, Venkatachalam

2017-12-01

Antimalarial drug resistance is an evolving global health security threat to malaria control. Early detection of Plasmodium falciparum resistance through therapeutic efficacy studies and associated genetic analyses may facilitate timely implementation of intervention strategies. The US President's Malaria Initiative-supported Antimalarial Resistance Monitoring in Africa Network has assisted numerous laboratories in partner countries in acquiring the knowledge and capability to independently monitor for molecular markers of antimalarial drug resistance.

Governance and Risk Management of Network and Information Security: The Role of Public Private Partnerships in Managing the Existing and Emerging Risks

NASA Astrophysics Data System (ADS)

Navare, Jyoti; Gemikonakli, Orhan

Globalisation and new technology has opened the gates to more security risks. As the strategic importance of communication networks and information increased, threats to the security and safety of communication infrastructures, as well as information stored in and/or transmitted increased significantly. The development of the self replicating programmes has become a nightmare for Internet users. Leading companies, strategic organisations were not immune to attacks; they were also "hacked" and overtaken by intruders. Incidents of recent years have also shown that national/regional crisis may also trigger cyber attacks at large scale. Experts forecast that cyber wars are likely to take the stage as tension mounts between developed societies. New risks such as cyber-attacks, network terrorism and disintegration of traditional infrastructures has somewhat blurred the boundaries of operation and control. This paper seeks to consider the risk management and governance and looking more specifically at implications for emerging economies.

Hybrid methods for cybersecurity analysis :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, Warren Leon,; Dunlavy, Daniel M.

2014-01-01

Early 2010 saw a signi cant change in adversarial techniques aimed at network intrusion: a shift from malware delivered via email attachments toward the use of hidden, embedded hyperlinks to initiate sequences of downloads and interactions with web sites and network servers containing malicious software. Enterprise security groups were well poised and experienced in defending the former attacks, but the new types of attacks were larger in number, more challenging to detect, dynamic in nature, and required the development of new technologies and analytic capabilities. The Hybrid LDRD project was aimed at delivering new capabilities in large-scale data modeling andmore » analysis to enterprise security operators and analysts and understanding the challenges of detection and prevention of emerging cybersecurity threats. Leveraging previous LDRD research e orts and capabilities in large-scale relational data analysis, large-scale discrete data analysis and visualization, and streaming data analysis, new modeling and analysis capabilities were quickly brought to bear on the problems in email phishing and spear phishing attacks in the Sandia enterprise security operational groups at the onset of the Hybrid project. As part of this project, a software development and deployment framework was created within the security analyst work ow tool sets to facilitate the delivery and testing of new capabilities as they became available, and machine learning algorithms were developed to address the challenge of dynamic threats. Furthermore, researchers from the Hybrid project were embedded in the security analyst groups for almost a full year, engaged in daily operational activities and routines, creating an atmosphere of trust and collaboration between the researchers and security personnel. The Hybrid project has altered the way that research ideas can be incorporated into the production environments of Sandias enterprise security groups, reducing time to deployment from months and years to hours and days for the application of new modeling and analysis capabilities to emerging threats. The development and deployment framework has been generalized into the Hybrid Framework and incor- porated into several LDRD, WFO, and DOE/CSL projects and proposals. And most importantly, the Hybrid project has provided Sandia security analysts with new, scalable, extensible analytic capabilities that have resulted in alerts not detectable using their previous work ow tool sets.« less

Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

NASA Astrophysics Data System (ADS)

Bui, Francis Minhthang; Hatzinakos, Dimitrios

2007-12-01

As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

State-of-the-art research on electromagnetic information security

NASA Astrophysics Data System (ADS)

Hayashi, Yu-ichi

2016-07-01

As information security is becoming increasingly significant, security at the hardware level is as important as in networks and applications. In recent years, instrumentation has become cheaper and more precise, computation has become faster, and capacities have increased. With these advancements, the threat of advanced attacks that were considerably difficult to carry out previously has increased not only in military and diplomatic fields but also in general-purpose manufactured devices. This paper focuses on the problem of the security limitations concerning electromagnetic waves (electromagnetic information security) that has rendered attack detection particularly difficult at the hardware level. In addition to reviewing the mechanisms of these information leaks and countermeasures, this paper also presents the latest research trends and standards.

Integrated situational awareness for cyber attack detection, analysis, and mitigation

NASA Astrophysics Data System (ADS)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

49 CFR 1549.7 - Approval, amendment, renewal of the security program and certification of a certified cargo...

Code of Federal Regulations, 2010 CFR

2010-10-01

... information requested by TSA concerning Security Threat Assessments. (viii) A statement acknowledging and ensuring that each individual will successfully complete a Security Threat Assessment under § 1549.111... Security Coordinator for an applicant successfully completes a security threat assessment, TSA will provide...

The Evolution and Expansion of Regional Disease Surveillance Networks and Their Role in Mitigating the Threat of Infectious Disease Outbreaks

PubMed Central

Bond, Katherine C.; Macfarlane, Sarah B.; Burke, Charlanne; Ungchusak, Kumnuan; Wibulpolprasert, Suwit

2013-01-01

We examine the emergence, development, and value of regional infectious disease surveillance networks that neighboring countries worldwide are organizing to control cross-border outbreaks at their source. The regional perspective represented in the paper is intended to serve as an instructive framework for others who decide to launch such networks as new technologies and emerging threats bring countries even closer together. Distinct from more formal networks in geographic regions designated by the World Health Organization (WHO), these networks usually involve groupings of fewer countries chosen by national governments to optimize surveillance efforts. Sometimes referred to as sub-regional, these “self-organizing” networks complement national and local government recognition with informal relationships across borders among epidemiologists, scientists, ministry officials, health workers, border officers, and community members. Their development over time reflects both incremental learning and growing connections among network actors; and changing disease patterns, with infectious disease threats shifting over time from local to regional to global levels. Not only has this regional disease surveillance network model expanded across the globe, it has also expanded from a mostly practitioner-based network model to one that covers training, capacity-building, and multidisciplinary research. Today, several of these networks are linked through Connecting Organizations for Regional Disease Surveillance (CORDS). We explore how regional disease surveillance networks add value to global disease detection and response by complementing other systems and efforts, by harnessing their power to achieve other goals such as health and human security, and by helping countries adapt to complex challenges via multi-sectoral solutions. We note that governmental commitment and trust among participating individuals are critical to the success of regional infectious disease surveillance networks. PMID:23362414

49 CFR 1522.107 - Application.

Code of Federal Regulations, 2010 CFR

2010-10-01

... security threat assessments. (8) A statement acknowledging that all personnel of the applicant who must successfully complete a security threat assessment under the requirements of this part must do so before the... the Security Coordinator successfully completes a security threat assessment, TSA will provide to the...

49 CFR 1548.7 - Approval, amendment, annual renewal, and withdrawal of approval of the security program.

Code of Federal Regulations, 2010 CFR

2010-10-01

... requested by TSA concerning Security Threat Assessments. (ix) A statement acknowledging and ensuring that each employee and agent will successfully complete a Security Threat Assessment under § 1548.15 before... training and Security Threat Assessments by relevant personnel. (4) Duration of security program. The...

Application distribution model and related security attacks in VANET

NASA Astrophysics Data System (ADS)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

76 FR 21768 - Privacy Act of 1974; Department of Homeland Security/Office of Health Affairs-001 Contractor...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-18

... expands a coordinated network of S&T Laboratories and other FFRDC to help deliver critical homeland... typically in place at institutions conducting biological research involving potentially high- risk agents to... biological threats and select agents and toxins. During such research, there is always a possibility that DHS...

A Public-Key Based Authentication and Key Establishment Protocol Coupled with a Client Puzzle.

ERIC Educational Resources Information Center

Lee, M. C.; Fung, Chun-Kan

2003-01-01

Discusses network denial-of-service attacks which have become a security threat to the Internet community and suggests the need for reliable authentication protocols in client-server applications. Presents a public-key based authentication and key establishment protocol coupled with a client puzzle protocol and validates it through formal logic…

Measuring Cybersecurity Competency: An Exploratory Investigation of the Cybersecurity Knowledge, Skills, and Abilities Necessary for Organizational Network Access Privileges

ERIC Educational Resources Information Center

Nilsen, Richard K.

2017-01-01

Organizational information system users (OISU) that are victimized by cyber threats are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, it has been argued that cybersecurity competency is critical for advancing economic prosperity and maintaining national security. The fact remains…

Top 10 Threats to Computer Systems Include Professors and Students

ERIC Educational Resources Information Center

Young, Jeffrey R.

2008-01-01

User awareness is growing in importance when it comes to computer security. Not long ago, keeping college networks safe from cyberattackers mainly involved making sure computers around campus had the latest software patches. New computer worms or viruses would pop up, taking advantage of some digital hole in the Windows operating system or in…

Analysis and solutions of security issues in Ethernet PON

NASA Astrophysics Data System (ADS)

Meng, Yu; Jiang, Tao; Xiao, Dingzhong

2005-02-01

Ethernet Passive Optical Network (EPON), which combines the low cost Ethernet equipment and economic fiber infrastructure, is being considered as a promising solution for Fiber-To-The-Home (FTTH). However, since EPON is an optical shared medium network, some unique features make it more vulnerable to security attacks. In this paper, the key security threats of EPON are firstly analyzed. And then, considering some specific properties which might be utilized for security, such as the safety of transmissions in upstream direction, some novel methods are presented to solve security problems. Firstly, based on some modification about registration, the mechanism of access control is achieved. Secondly, we implement an AES-128 symmetrical encryption and decryption in the EPON system. The AES-128 algorithm can process data blocks of 128 bits, but the length of Ethernet frame is variable. How to deal with the last block, which is not up to 128 bits, is discussed in detail. Finally, key update is accomplished through a vendor specific OAM frame in order to enhance the level of security. The proposed mechanism will remain in conformance with P2MP specification defined by 802.3ah TF, and can supply a complete security solution for EPON.

Angle and Context Free Grammar Based Precarious Node Detection and Secure Data Transmission in MANETs.

PubMed

Veerasamy, Anitha; Madane, Srinivasa Rao; Sivakumar, K; Sivaraman, Audithan

2016-01-01

Growing attractiveness of Mobile Ad Hoc Networks (MANETs), its features, and usage has led to the launching of threats and attacks to bring negative consequences in the society. The typical features of MANETs, especially with dynamic topology and open wireless medium, may leave MANETs vulnerable. Trust management using uncertain reasoning scheme has previously attempted to solve this problem. However, it produces additional overhead while securing the network. Hence, a Location and Trust-based secure communication scheme (L&TS) is proposed to overcome this limitation. Since the design securing requires more than two data algorithms, the cost of the system goes up. Another mechanism proposed in this paper, Angle and Context Free Grammar (ACFG) based precarious node elimination and secure communication in MANETs, intends to secure data transmission and detect precarious nodes in a MANET at a comparatively lower cost. The Elliptic Curve function is used to isolate a malicious node, thereby incorporating secure data transfer. Simulation results show that the dynamic estimation of the metrics improves throughput by 26% in L&TS when compared to the TMUR. ACFG achieves 33% and 51% throughput increase when compared to L&TS and TMUR mechanisms, respectively.

An Enhanced Privacy-Preserving Authentication Scheme for Vehicle Sensor Networks.

PubMed

Zhou, Yousheng; Zhao, Xiaofeng; Jiang, Yi; Shang, Fengjun; Deng, Shaojiang; Wang, Xiaojun

2017-12-08

Vehicle sensor networks (VSNs) are ushering in a promising future by enabling more intelligent transportation systems and providing a more efficient driving experience. However, because of their inherent openness, VSNs are subject to a large number of potential security threats. Although various authentication schemes have been proposed for addressing security problems, they are not suitable for VSN applications because of their high computation and communication costs. Chuang and Lee have developed a trust-extended authentication mechanism (TEAM) for vehicle-to-vehicle communication using a transitive trust relationship, which they claim can resist various attacks. However, it fails to counter internal attacks because of the utilization of a shared secret key. In this paper, to eliminate the vulnerability of TEAM, an enhanced privacy-preserving authentication scheme for VSNs is constructed. The security of our proposed scheme is proven under the random oracle model based on the assumption of the computational Diffie-Hellman problem.

An Enhanced Privacy-Preserving Authentication Scheme for Vehicle Sensor Networks

PubMed Central

Zhou, Yousheng; Zhao, Xiaofeng; Jiang, Yi; Shang, Fengjun; Deng, Shaojiang; Wang, Xiaojun

2017-01-01

Vehicle sensor networks (VSNs) are ushering in a promising future by enabling more intelligent transportation systems and providing a more efficient driving experience. However, because of their inherent openness, VSNs are subject to a large number of potential security threats. Although various authentication schemes have been proposed for addressing security problems, they are not suitable for VSN applications because of their high computation and communication costs. Chuang and Lee have developed a trust-extended authentication mechanism (TEAM) for vehicle-to-vehicle communication using a transitive trust relationship, which they claim can resist various attacks. However, it fails to counter internal attacks because of the utilization of a shared secret key. In this paper, to eliminate the vulnerability of TEAM, an enhanced privacy-preserving authentication scheme for VSNs is constructed. The security of our proposed scheme is proven under the random oracle model based on the assumption of the computational Diffie–Hellman problem. PMID:29292792

Risk of Zika virus transmission in the Euro-Mediterranean area and the added value of building preparedness to arboviral threats from a One Health perspective.

PubMed

Escadafal, Camille; Gaayeb, Lobna; Riccardo, Flavia; Pérez-Ramírez, Elisa; Picard, Marie; Dente, Maria Grazia; Fernández-Pinero, Jovita; Manuguerra, Jean-Claude; Jiménez-Clavero, Miguel-Ángel; Declich, Silvia; Victoir, Kathleen; Robert, Vincent

2016-12-03

In the alarming context of risk of Zika virus (ZIKV) transmission in the Euro-Mediterranean area, there is a need to examine whether capacities to detect, diagnose and notify ZIKV infections in the region are in place and whether ongoing capacity-building initiatives are filling existing gaps.The MediLabSecure network, created in 2014, comprises 55 laboratories of virology and medical entomology and 19 public health institutions in 19 countries in the Balkans, North-Africa, the Middle-East and the Black Sea regions. It aims to set up awareness, risk assessment, monitoring and control of emerging and re-emerging vector-borne viruses. We here examine the actions and strategies that MediLabSecure has been implementing and how they will contribute to the prevention and control of the ZIKV threat in the Euro-Mediterranean area.Capacity-building for arbovirus diagnostics is a major objective of the project and follows a methodological rather than disease-driven approach. This enables the implementation of laboratory trainings on techniques that are common to several arboviruses, including ZIKV, and putting into action appropriate diagnostic tools in the target region.Moreover, by its One Health approach and the interaction of its four sub-networks in human virology, animal virology, medical entomology and public health, MediLabSecure is fostering intersectoral collaboration, expertise and sharing of information. The resulting exchanges (methodological, communication and operational) across disciplines and across countries, dedicated research on intersectoral collaboration and increasing diagnostic capacities are providing new paths and tools to public health professionals to face emerging viral threats such as a ZIKV epidemic in the Euro-Mediterranean region.

Combatting Insider Threats

NASA Astrophysics Data System (ADS)

Neumann, Peter G.

Risks from insider threats are strongly context dependent, and arise in many ways at different layers of system abstraction for different types of systems. We discuss various basic characteristics of insider threats, and consider approaches to the development and use of computer-related environments that require systems and networking to be trustworthy in spite of insider misuse. We also consider future research that could improve both detectability, prevention, and response. This chapter seeks to cope with insider misuse in a broad range of application domains - for example, critical infrastructures, privacy-preserving database systems, financial systems, and interoperable health-care infrastructures. To illustrate this, we apply the principles considered here to the task of detecting and preventing insider misuse in systems that might be used to facilitate trustworthy elections. This discussion includes an examination of the relevance of the Saltzer-Schroeder-Kaashoek security principles and the Clark-Wilson integrity properties for end-to-end election integrity. Trustworthy system developments must consider insider misuse as merely one set of threats that must be addressed consistently together with many other threats such as penetrations, denials of service, system faults and failures, and other threats to survivability. In addition, insider misuse cannot be realistically addressed unless significant improvements are made in the trustworthiness of component systems and their networking as well as their predictably trustworthy compositions into enterprise solutions - architecturally, developmentally, and operationally.

Examining the Relationship of Business Operations and the Information Security Culture in the United States

ERIC Educational Resources Information Center

Wynn, Cynthia L.

2017-01-01

An increase in information technology has caused and increased in threats towards information security. Threats are malware, viruses, sabotage from employees, and hacking into computer systems. Organizations have to find new ways to combat vulnerabilities and threats of internal and external threats to protect their information security and…

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2010 CFR

2010-10-01

... threat assessments for cargo personnel in the United States. 1544.228 Section 1544.228 Transportation... COMMERCIAL OPERATORS Operations § 1544.228 Access to cargo and cargo screening: Security threat assessments... paragraph (b) of this section— (1) Each individual must successfully complete a security threat assessment...

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

PubMed

Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-06-23

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

RUASN: A Robust User Authentication Framework for Wireless Sensor Networks

PubMed Central

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost. PMID:22163888

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Resilience to Leaking — Dynamic Systems Modeling of Information Security

PubMed Central

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack ‘unjust’ systems or ‘conspiracies’. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for ‘just’ and ‘unjust’ entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the ‘conspiracy’). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean’ in direct adversary relations, but do not necessarily increase public benefit and societal immunization to ‘conspiracies’. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here. PMID:23227151

Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems

NASA Astrophysics Data System (ADS)

Shyu, Mei-Ling; Huang, Zifang; Luo, Hongli

In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

Secured network sensor-based defense system

NASA Astrophysics Data System (ADS)

Wei, Sixiao; Shen, Dan; Ge, Linqiang; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

Network sensor-based defense (NSD) systems have been widely used to defend against cyber threats. Nonetheless, if the adversary finds ways to identify the location of monitor sensors, the effectiveness of NSD systems can be reduced. In this paper, we propose both temporal and spatial perturbation based defense mechanisms to secure NSD systems and make the monitor sensor invisible to the adversary. The temporal-perturbation based defense manipulates the timing information of published data so that the probability of successfully recognizing monitor sensors can be reduced. The spatial-perturbation based defense dynamically redeploys monitor sensors in the network so that the adversary cannot obtain the complete information to recognize all of the monitor sensors. We carried out experiments using real-world traffic traces to evaluate the effectiveness of our proposed defense mechanisms. Our data shows that our proposed defense mechanisms can reduce the attack accuracy of recognizing detection sensors.

Cyber security issues in online games

NASA Astrophysics Data System (ADS)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks.

PubMed

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V

2017-03-21

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider's server contains a lot of valuable resources. LoBSs' users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs' risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs' risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing.

A Quantitative Risk Assessment Model Involving Frequency and Threat Degree under Line-of-Business Services for Infrastructure of Emerging Sensor Networks

PubMed Central

Jing, Xu; Hu, Hanwen; Yang, Huijun; Au, Man Ho; Li, Shuqin; Xiong, Naixue; Imran, Muhammad; Vasilakos, Athanasios V.

2017-01-01

The prospect of Line-of-Business Services (LoBSs) for infrastructure of Emerging Sensor Networks (ESNs) is exciting. Access control remains a top challenge in this scenario as the service provider’s server contains a lot of valuable resources. LoBSs’ users are very diverse as they may come from a wide range of locations with vastly different characteristics. Cost of joining could be low and in many cases, intruders are eligible users conducting malicious actions. As a result, user access should be adjusted dynamically. Assessing LoBSs’ risk dynamically based on both frequency and threat degree of malicious operations is therefore necessary. In this paper, we proposed a Quantitative Risk Assessment Model (QRAM) involving frequency and threat degree based on value at risk. To quantify the threat degree as an elementary intrusion effort, we amend the influence coefficient of risk indexes in the network security situation assessment model. To quantify threat frequency as intrusion trace effort, we make use of multiple behavior information fusion. Under the influence of intrusion trace, we adapt the historical simulation method of value at risk to dynamically access LoBSs’ risk. Simulation based on existing data is used to select appropriate parameters for QRAM. Our simulation results show that the duration influence on elementary intrusion effort is reasonable when the normalized parameter is 1000. Likewise, the time window of intrusion trace and the weight between objective risk and subjective risk can be set to 10 s and 0.5, respectively. While our focus is to develop QRAM for assessing the risk of LoBSs for infrastructure of ESNs dynamically involving frequency and threat degree, we believe it is also appropriate for other scenarios in cloud computing. PMID:28335569

Finite Energy and Bounded Attacks on Control System Sensor Signals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Djouadi, Seddik M; Melin, Alexander M; Ferragut, Erik M

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) has been in securing the networks using information security techniques and protection and reliability concerns at the control system level against random hardware and software failures. However, besides these failures the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis and detection methods need to be developed. In this paper, sensor signalmore » attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop system under optimal signal attacks are provided. Illustrative numerical examples are provided together with an application to a power network with distributed LQ controllers.« less

Identifying changing aviation threat environments within an adaptive Homeland Security Advisory System.

PubMed

Lee, Adrian J; Jacobson, Sheldon H

2012-02-01

A critical component of aviation security consists of screening passengers and baggage to protect airports and aircraft from terrorist threats. Advancements in screening device technology have increased the ability to detect these threats; however, specifying the operational configurations of these devices in response to changes in the threat environment can become difficult. This article proposes to use Fisher information as a statistical measure for detecting changes in the threat environment. The perceived risk of passengers, according to prescreening information and behavior analysis, is analyzed as the passengers sequentially enter the security checkpoint. The alarm responses from the devices used to detect threats are also analyzed to monitor significant changes in the frequency of threat items uncovered. The key results are that this information-based measure can be used within the Homeland Security Advisory System to indicate changes in threat conditions in real time, and provide the flexibility of security screening detection devices to responsively and automatically adapt operational configurations to these changing threat conditions. © 2012 Society for Risk Analysis. All rights reserved.

49 CFR 1540.203 - Security threat assessment.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Security threat assessment. 1540.203 Section 1540.203 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY CIVIL AVIATION SECURITY: GENERAL RULES...

Introduction

NASA Astrophysics Data System (ADS)

Thoma, Klaus; Hiller, Daniel

Security research as a practical discipline has a long-standing history. Faced with myriad hazards throughout its past, mankind has developed sophisticated means to counter such threats. The latter include natural disasters such as earthquakes, floods and fires, but also encompass man-made hazards such as military aggression, terrorist attacks or threats resulting from the malicious application of technological developments. Since the end of the Cold War major armed conflicts between nations of the Western hemisphere have become highly unlikely and genuinely different security issues have become the focus of concern. The terrorist attacks of 2001 against the United States, the train bombings of Madrid in 2004 and the bombings of London in 2005 were horrific embodiments of a new security environment that has evolved on a global scale. One could list numerous other examples of both executed attacks and successfully deterred attempts from around the world. Our modern industrial societies are interlinked with infrastructure networks, providing citizens with mobility, energy and information flows, which also open the door to a whole new dimension of vulnerabilities. Security research, once anything but a practical discipline with a capacity for reacting to short-term demands, has in the span of only a few years evolved into an entirely new scientific discipline uniting various fields of research. Today, security research (in Europe) encompasses a broad community of natural/engineering and social sciences.

Threats to cross-border wildlife linkages in the Sky Islands Wildlands Network

Treesearch

Kim Vacariu

2005-01-01

One of the greatest challenges facing conservationists in the Sky Islands region is finding a realistic means to maintain historic travel routes for wide-ranging species crossing the United States-Mexico border. This challenge is made difficult due to the ongoing efforts by the Federal government to install additional security infrastructure to stem the flood of...

CYBER DETERRENCE

DTIC Science & Technology

2016-02-11

directed.36 Protected systems operating on secure networks will weigh into the adversaries calculus of risk and cost of their actions versus this... calculus deterring them from attack. Our extended defense with forts and lookouts searching outside the perimeter providing current intelligence of any...Last accessed 30 January 2016). 51 Phil Stewart , U.S. Defense Chief says pre-emptive action possible over cyber threat, Oct 11, 2012, http

An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks.

PubMed

Wang, Chenyu; Xu, Guoai; Sun, Jing

2017-12-19

As an essential part of Internet of Things (IoT), wireless sensor networks (WSNs) have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows-Abadi-Needham (BAN) logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks

PubMed Central

Xu, Guoai; Sun, Jing

2017-01-01

As an essential part of Internet of Things (IoT), wireless sensor networks (WSNs) have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows–Abadi–Needham (BAN) logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme. PMID:29257066

Impacts of Vehicle (In)Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chugg, J.; Rohde, K.

Nuclear and radioactive material is routinely transported worldwide every day. Since 2010, the complexity of the transport vehicle to support such activities has grown exponentially. Many core functions of a vehicle are now handled by small embedded computer modules with more being added each year to enhance the owner’s experience and convenience. With a system as complex as today’s automobile, the potential for cyber security issues is certain. Hackers have begun exploring this new domain with public information increasingly disseminated. Because vehicles are allowed into and around secure nuclear facilities, the potential for using a vehicle as a new cybermore » entry point or vector into the facility is now plausible and must be mitigated. In addition, compromising such a vehicle could aide in illicit removal of nuclear material, putting sensitive cargo at risk. Because cyber attacks can now be introduced using vehicles, cyber security, needs to be integrated into an organization’s design basis threat document. Essentially, a vehicle now extends the perimeter for which security professionals are responsible.Electronic Control Units (ECU) responsible for handling all core and ancillary vehicle functions are interconnected using the controller area network (CAN) bus. A typical CAN network in a modern automobile contains 50 or more ECUs. The CAN protocol now supports a wide variety of areas, including automotive, road transportation, rail transportation, industrial automation, power generation, maritime, military vehicles, aviation, and medical devices. In many ways, the nuclear industry is employing the CAN bus protocol or other similar broadcast serial networks. This paper will provide an overview of the current state of automobile and CAN Bus security, as well as an overview of what has been publicly disclosed by many research organizations. It will then present several hypotheses of how vehicle security issues may impact nuclear activities. An initial discussion of how a vehicle can be used as a new threat vector to penetrate secure facilities will be presented. This includes how a modern automobile can be used as the exploitation mechanism for nearby devices such as laptops, cell phones, and wireless access points. Additional discussion will highlight how vehicle security might impact transportation of nuclear material through remote exploitation of a moving vehicle. The final discussion will include what possible implications might be relative to the physical protection systems at nuclear facilities. The audience will also be given details regarding the complexity of attack, thus implying the likelihood of successful exploitation, and information on how such attacks may be mitigated. Emerging security products for automobiles will be discussed and other mitigation methods will be detailed (e.g. disabling vehicle cellular modems). As a result, the audience will have a greater understanding of how to add vehicle security as a part of a comprehensive nuclear security policy.Finally, this paper will highlight the similarities between CAN Bus and other broadcast serial bus networks such as Profibus or DeviceNet, helping educate the reader on how susceptible this type of networking is to nefarious attacks and how it might affect components connected to many different nuclear systems, including control systems, safety systems, emergency systems, and support systems.« less

U.S. Maritime Security: Sustainability Challenges

DTIC Science & Technology

2011-09-01

Security Council ICE Immigration and Customs Enforcement IOC Interagency Operation Center JHOC Joint Harbor Operation Center JIATF-S Joint...maritime threats into nation threats, transnational criminal and piracy threats, environmental destruction, and illegal seaborne immigration (U.S...safe and secure borders, welcome lawful immigrants and visitors and promote the free-flow of commerce (U.S. Department of Homeland Security, 2011

49 CFR 1540.209 - Fees for security threat assessment.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Fees for security threat assessment. 1540.209 Section 1540.209 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY CIVIL AVIATION SECURITY...

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor development kid and Embedded Linux operation system.

CrossTalk. The Journal of Defense Software Engineering. Volume 25, Number 6

DTIC Science & Technology

2012-12-01

Cyber Security Threat Definition Communicable Noncommunicable Based on Risky Behavior Coordinated Trojan horse programs Threats hidden in a...for Cyber Security Threats Cyber Security Threat Communicable Noncommunicable Risky Behaviors Coordinated Type of Intervention (at the System...types of data are breached. Further, educational materials on risky behaviors (e.g., for home Internet users) as well as recommended guide- lines for

Organization of the secure distributed computing based on multi-agent system

NASA Astrophysics Data System (ADS)

Khovanskov, Sergey; Rumyantsev, Konstantin; Khovanskova, Vera

2018-04-01

Nowadays developing methods for distributed computing is received much attention. One of the methods of distributed computing is using of multi-agent systems. The organization of distributed computing based on the conventional network computers can experience security threats performed by computational processes. Authors have developed the unified agent algorithm of control system of computing network nodes operation. Network PCs is used as computing nodes. The proposed multi-agent control system for the implementation of distributed computing allows in a short time to organize using of the processing power of computers any existing network to solve large-task by creating a distributed computing. Agents based on a computer network can: configure a distributed computing system; to distribute the computational load among computers operated agents; perform optimization distributed computing system according to the computing power of computers on the network. The number of computers connected to the network can be increased by connecting computers to the new computer system, which leads to an increase in overall processing power. Adding multi-agent system in the central agent increases the security of distributed computing. This organization of the distributed computing system reduces the problem solving time and increase fault tolerance (vitality) of computing processes in a changing computing environment (dynamic change of the number of computers on the network). Developed a multi-agent system detects cases of falsification of the results of a distributed system, which may lead to wrong decisions. In addition, the system checks and corrects wrong results.

49 CFR 1554.103 - Security Directives.

Code of Federal Regulations, 2014 CFR

2014-10-01

... necessary to respond to a threat assessment or to a specific threat against civil aviation, TSA issues a..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT REPAIR STATION SECURITY Security Measures... each Security Directive TSA issues to the repair station within the time prescribed. Each repair...

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

PubMed Central

Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-01-01

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

An investigative analysis of information assurance issues associated with the GIG's P&P architecture

NASA Astrophysics Data System (ADS)

Farroha, B. S.; Cole, R. G.; Farroha, D. L.; DeSimone, A.

2007-04-01

The Global Information Grid (GIG) is a collection of systems, programs and initiatives aimed at building a secure network and set of information capabilities modeled after the Internet. The GIG is expected to facilitate DoD's transformation by allowing warfighters, policy makers and support personnel to engage in rapid decision making. The roadmap is designed to take advantage of converged services of voice, data, video, and imagery over common data links. The vision is to have commanders identify threats more effectively, make informed decisions, and respond with greater precision and lethality. The information advantage gained through the GIG and network-centric warfare (NCW) allows a warfighting force to achieve dramatically improved information positions, in the form of common operational pictures that provide the basis for shared situational awareness and knowledge, and a resulting increase in combat power. The GIG Precedence and Preemption (P&P) requirements stem from the need to utilize scarce resources at critical times in the most effective way in support of national security, the intelligence community and the war-fighter. Information Assurance (IA) enables all information and data to be available end-to-end to support any mission without delay in accordance to the sensitivity of the task. Together, P&P and IA ensure data availability integrity, authentication, confidentiality, and non-repudiation. This study addresses and analyzes the QoS and P & P requirements and architecture for the GIG. Threat scenarios are presented and used to evaluate the reference architectures. The goal of the study is to assess the Information Assurance concerns associated with implementing Precedence and Preemption within the GIG and to guarantee an acceptable minimum level of security and protection for DoD networks.

49 CFR 1540.205 - Procedures for security threat assessment.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Procedures for security threat assessment. 1540.205 Section 1540.205 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY CIVIL AVIATION...

Cyber threats within civil aviation

NASA Astrophysics Data System (ADS)

Heitner, Kerri A.

Existing security policies in civil aviation do not adequately protect against evolving cyber threats. Cybersecurity has been recognized as a top priority among some aviation industry leaders. Heightened concerns regarding cyber threats and vulnerabilities surround components utilized in compliance with the Federal Aviation Administration's (FAA) Next Generation Air Transportation (NextGen) implementation. Automated Dependent Surveillance-B (ADS-B) and Electronic Flight Bags (EFB) have both been exploited through the research of experienced computer security professionals. Civil aviation is essential to international infrastructure and if its critical assets were compromised, it could pose a great risk to public safety and financial infrastructure. The purpose of this research was to raise awareness of aircraft system vulnerabilities in order to provoke change among current national and international cybersecurity policies, procedures and standards. Although the education of cyber threats is increasing in the aviation industry, there is not enough urgency when creating cybersecurity policies. This project intended to answer the following questions: What are the cyber threats to ADS-B of an aircraft in-flight? What are the cyber threats to EFB? What is the aviation industry's response to the issue of cybersecurity and in-flight safety? ADS-B remains unencrypted while the FAA's mandate to implement this system is rapidly approaching. The cyber threat of both portable and non-portable EFB's have received increased publicity, however, airlines are not responding quick enough (if at all) to create policies for the use of these devices. Collectively, the aviation industry is not being proactive enough to protect its aircraft or airport network systems. That is not to say there are not leaders in cybersecurity advancement. These proactive organizations must set the standard for the future to better protect society and it's most reliable form of transportation.

33 CFR 101.405 - Maritime Security (MARSEC) Directives.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.405 Maritime... necessary to respond to a threat assessment or to a specific threat against the maritime elements of the...

Security aspects of space operations data

NASA Technical Reports Server (NTRS)

Schmitz, Stefan

1993-01-01

This paper deals with data security. It identifies security threats to European Space Agency's (ESA) In Orbit Infrastructure Ground Segment (IOI GS) and proposes a method of dealing with its complex data structures from the security point of view. It is part of the 'Analysis of Failure Modes, Effects Hazards and Risks of the IOI GS for Operations, including Backup Facilities and Functions' carried out on behalf of the European Space Operations Center (ESOC). The security part of this analysis has been prepared with the following aspects in mind: ESA's large decentralized ground facilities for operations, the multiple organizations/users involved in the operations and the developments of ground data systems, and the large heterogeneous network structure enabling access to (sensitive) data which does involve crossing organizational boundaries. An IOI GS data objects classification is introduced to determine the extent of the necessary protection mechanisms. The proposal of security countermeasures is oriented towards the European 'Information Technology Security Evaluation Criteria (ITSEC)' whose hierarchically organized requirements can be directly mapped to the security sensitivity classification.

Information Exchange Between Resilient and High-Threat Networks: Techniques for Threat Mitigation

DTIC Science & Technology

2004-11-01

Information Exchange between Resilient and High-Threat Networks : Techniques for Threat Mitigation Tim Dean and Graham Wyatt QinetiQ...SUMMARY High resilience military networks frequently have requirements for exchange of information with networks of low assurance, including networks of...assured, two-way, information flow between high resilience networks and other networks of unknown threat. The techniques include conventional and

Information Security Issues in Higher Education and Institutional Research

ERIC Educational Resources Information Center

Custer, William L.

2010-01-01

Information security threats to educational institutions and their data assets have worsened significantly over the past few years. The rich data stores of institutional research are especially vulnerable, and threats from security breaches represent no small risk. New genres of threat require new kinds of controls if the institution is to prevent…

Identifying and tracking attacks on networks: C3I displays and related technologies

NASA Astrophysics Data System (ADS)

Manes, Gavin W.; Dawkins, J.; Shenoi, Sujeet; Hale, John C.

2003-09-01

Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

Neural Network Based Intrusion Detection System for Critical Infrastructures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Todd Vollmer; Ondrej Linda; Milos Manic

2009-07-01

Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recordedmore » from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.« less

A Risk Management Approach to the "Insider Threat"

NASA Astrophysics Data System (ADS)

Bishop, Matt; Engle, Sophie; Frincke, Deborah A.; Gates, Carrie; Greitzer, Frank L.; Peisert, Sean; Whalen, Sean

Recent surveys indicate that the financial impact and operating losses due to insider intrusions are increasing. But these studies often disagree on what constitutes an "insider;" indeed, manydefine it only implicitly. In theory, appropriate selection of, and enforcement of, properly specified security policies should prevent legitimate users from abusing their access to computer systems, information, and other resources. However, even if policies could be expressed precisely, the natural mapping between the natural language expression of a security policy, and the expression of that policyin a form that can be implemented on a computer system or network, createsgaps in enforcement. This paper defines "insider" precisely, in termsof thesegaps, andexploresan access-based modelfor analyzing threats that include those usually termed "insider threats." This model enables an organization to order its resources based on thebusinessvalue for that resource andof the information it contains. By identifying those users with access to high-value resources, we obtain an ordered list of users who can cause the greatest amount of damage. Concurrently with this, we examine psychological indicators in order to determine which usersareatthe greatestriskofacting inappropriately. We concludebyexamining how to merge this model with one of forensic logging and auditing.

49 CFR 1540.203 - Security threat assessment.

Code of Federal Regulations, 2010 CFR

2010-10-01

... prevent completion of the threat assessment). (5) Gender. (6) Country of citizenship. (7) If the applicant... subpart remains valid for five years from the date that TSA issues a Determination of No Security Threat...

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey.

PubMed

Abdalzaher, Mohamed S; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-06-29

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs.

Information jet: Handling noisy big data from weakly disconnected network

NASA Astrophysics Data System (ADS)

Aurongzeb, Deeder

Sudden aggregation (information jet) of large amount of data is ubiquitous around connected social networks, driven by sudden interacting and non-interacting events, network security threat attacks, online sales channel etc. Clustering of information jet based on time series analysis and graph theory is not new but little work is done to connect them with particle jet statistics. We show pre-clustering based on context can element soft network or network of information which is critical to minimize time to calculate results from noisy big data. We show difference between, stochastic gradient boosting and time series-graph clustering. For disconnected higher dimensional information jet, we use Kallenberg representation theorem (Kallenberg, 2005, arXiv:1401.1137) to identify and eliminate jet similarities from dense or sparse graph.

IT Security Support for the Spaceport Command Control System Development

NASA Technical Reports Server (NTRS)

Varise, Brian

2014-01-01

My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

Securing food from field to table: what can we do?

PubMed

Li, Duo; Wahlqvist, Mark L

2011-01-01

Food security has emerged as one of the most pressing socio-economic and health issues of our time. While the formal processes of international and national governance are short-changing the need for action, an increasing number of professional science-based organisations are rallying to reduce the presence and risks of food insecurity. Examples are the Food in Health Security Network (FIHS) for the Asia Pacific region and the 'Healthy Agriculture, Healthy Nutrition, Healthy People’ initiative of the World Council on Genetics, Nutrition and Fitness for Health. The common denominator is the threat to ecosytems which are intrinsic to food and health systems. To increase their prospects for sustainability and health promotion, coordinated partnerships between agriculture and health as well as other sectors are imperative.

49 CFR 1548.19 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information... security measures are necessary to respond to a threat assessment, or to a specific threat against civil...

Information Technology Security and Human Risk: Exploring Factors of Unintended Insider Threat and Organizational Resilience

ERIC Educational Resources Information Center

Thompson, Eleanor Elizabeth

2014-01-01

That organizations face threats to the security of their computer systems from external hackers is well documented. Intentional or unintentional behaviors by organizational insiders can severely compromise computer security as well. Less is known, however, about the nature of this threat from insiders. The purpose of this study was to bridge this…

Insider Threat Security Reference Architecture

DTIC Science & Technology

2012-04-01

this challenge. CMU/SEI-2012-TR-007 | 2 2 The Components of the ITSRA Figure 2 shows the four layers of the ITSRA. The Business Security layer......organizations improve their level of preparedness to address the insider threat. Business Security Architecture Data Security Architecture

Forensic Analysis of Terrorist Counter-Financing to Combat Nuclear Proliferation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Drame, B.; Toler, L.; Bachner, Katherine

The single greatest threat to U.S. homeland security remains the proliferation of nuclear weapons, especially among terrorists and other non-state actors who are not governed by the Non-Proliferation Treaty. One of the most important tools for combating terrorism among such rogue actors is counter-financing. Without funding, terrorists cannot acquire, maintain, or deploy nuclear weapons. According to the official report of the 9/11 Commission, counter-financing could have prevented the attacks of September 11, 2001. Unfortunately, no single country can defeat global terrorism. Successful counter-financing requires significant international cooperation. Since 2001, the United States and the European Union, despite vastly different approachesmore » to intelligence gathering, have shared information through the Terrorist Finance Tracking Program (TFTP). That shared information allows authorities to trace suspicious transactions, identify culprits, and map out global terrorist networks. The TFTP successfully thwarted a 2011 plot to assassinate the Saudi Arabian Ambassador to the U.S. and multiple threats during the 2012 Summer Olympics in London; it also aided in the investigation of the 2013 Boston Marathon bombing. That program is necessary but not sufficient. To strengthen our ability to detect and disrupt terrorist plotting and prevent nuclear proliferation, we must expand and coordinate two additional transnational measures: (1) the Society for Worldwide Interbank Financial Telecommunications (SWIFT), a standardized global messaging network for financial institutions to quickly, accurately, and securely send and receive money transfer instructions, and (2) International Bank Account Numbers (IBAN) to identify individual accounts involved in international transactions. Both initiatives were incompletely adopted in the wake of 9/11, but most global banks use one or neither. More fully implementing and coordinating these two systems would allow for coherent information sharing, an essential tool for combating money laundering and terrorist financing, verifying sanctions against rogue nations and non-state actors, tracking nuclear proliferation networks, and protecting dual-use materials. These steps can save lives without interfering with state sovereignty or individual rights. The specter of nuclear threat is real and constant. This paper will provide forensic analysis of the most effective financial tools and policies to combat that threat, placing special emphasis on multinational and public-private cooperation.« less

New Technologies and Emerging Threats: Personnel Security Adjudicative Guidelines in the Age of Social Networking

DTIC Science & Technology

2012-12-01

behavior unless it becomes criminal or involves the publishing of sensitive information. This means that malicious doxing, cyberbullying or other...workplace or background investigation realms, as well as the many forms of cyberbullying and malicious rumor-spreading online could be addressed. Doxing...None Sexually harass another person online None Engage in cyberbullying by using the Internet to send offensive, inappropriate verbal allack

UCLA High Speed, High Volume Laboratory Network for Infectious Diseases. Addendum

DTIC Science & Technology

2009-08-01

s) and should not be construed as an official Department of the Army position, policy or decision unless so designated by other documentation... Design : Because of current public health and national security threats, influenza surveillance and analysis will be the initial focus. In the upcoming...throughput and automated systems will enable processing of tens of thousands of samples and provide critical laboratory capacity. Its overall design and

Survey of Malware Threats and Recommendations to Improve Cybersecurity for Industrial Control Systems Version 1.0

DTIC Science & Technology

2015-02-01

not normally blocked by enterprise firewalls . • Some malware exploited zero-day vulnerabilities as well as attempted to exploit vulnerabilities for...servers, receiving updates, and exfiltrating data. Firewalls are routinely configured to block incoming connections while malware within a target...implemented with layers of technical security controls (e.g., ICS-aware firewalls ) to control network traffic and prevent the spread of malware . Intrusion

The Vulnerability of Social Networking Media and the Insider Threat: New Eyes for Bad Guys

DTIC Science & Technology

2011-09-01

purchased the best security technologies that money can buy...(and still be) totally vulnerable” (Mitnick, 2002). According to the 2011 Data Breach Investigations...Report, for data breach avenues that used social engineering methods, criminals are increasingly relying on direct contact with a...Spitler, M. (2011). 2011 Data breach investigations report. New York: Verizon Business. Bishop, M., Engle, S., Peisert, S., Whalen, S., & Gates, C

Control Systems Cyber Security:Defense in Depth Strategies

DOE Office of Scientific and Technical Information (OSTI.GOV)

David Kuipers; Mark Fabro

2006-05-01

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecturemore » that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.« less

Control Systems Cyber Security: Defense-in-Depth Strategies

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mark Fabro

2007-10-01

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecturemore » that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.« less

The European Union Joint Procurement Agreement for cross-border health threats: what is the potential for this new mechanism of health system collaboration?

PubMed

Azzopardi-Muscat, Natasha; Schroder-Bäck, Peter; Brand, Helmut

2017-01-01

The Joint Procurement Agreement (JPA) is an innovative instrument for multi-country procurement of medical countermeasures against cross-border health threats. This paper aims to assess its potential performance. A literature review was conducted to identify key features of successful joint procurement programmes. Documentary analysis and a key informants' interview were carried out to analyse the European Union (EU) JPA. Ownership, equity, transparency, stable central financing, standardisation, flexibility and gradual development were identified as important prerequisites for successful establishment of multi-country joint procurement programmes in the literature while security of supply, favourable prices, reduction of operational costs and administrative burden and creation of professional expert networks were identified as desirable outcomes. The EU JPA appears to fulfil the criteria of ownership, transparency, equity, flexibility and gradual development. Standardisation is only partly fulfilled and central EU level financing is not provided. Security of supply is an important outcome for all EU Member States (MS). Price savings, reduction in administrative burden and creation of professional networks may be particularly attractive for the smaller MS. The JPA has the potential to increase health system collaboration and efficiency at EU level provided that the incentives for sustained commitment of larger MS are sufficiently attractive.

Impact modeling and prediction of attacks on cyber targets

NASA Astrophysics Data System (ADS)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

A quantum network of clocks

NASA Astrophysics Data System (ADS)

Kómár, P.; Kessler, E. M.; Bishof, M.; Jiang, L.; Sørensen, A. S.; Ye, J.; Lukin, M. D.

2014-08-01

The development of precise atomic clocks plays an increasingly important role in modern society. Shared timing information constitutes a key resource for navigation with a direct correspondence between timing accuracy and precision in applications such as the Global Positioning System. By combining precision metrology and quantum networks, we propose a quantum, cooperative protocol for operating a network of geographically remote optical atomic clocks. Using nonlocal entangled states, we demonstrate an optimal utilization of global resources, and show that such a network can be operated near the fundamental precision limit set by quantum theory. Furthermore, the internal structure of the network, combined with quantum communication techniques, guarantees security both from internal and external threats. Realization of such a global quantum network of clocks may allow construction of a real-time single international time scale (world clock) with unprecedented stability and accuracy.

Distributed denial of service (DDoS) attack in cloud- assisted wireless body area networks: a systematic literature review.

PubMed

Latif, Rabia; Abbas, Haider; Assar, Saïd

2014-11-01

Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient's data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.

Design of Provider-Provisioned Website Protection Scheme against Malware Distribution

NASA Astrophysics Data System (ADS)

Yagi, Takeshi; Tanimoto, Naoto; Hariu, Takeo; Itoh, Mitsutaka

Vulnerabilities in web applications expose computer networks to security threats, and many websites are used by attackers as hopping sites to attack other websites and user terminals. These incidents prevent service providers from constructing secure networking environments. To protect websites from attacks exploiting vulnerabilities in web applications, service providers use web application firewalls (WAFs). WAFs filter accesses from attackers by using signatures, which are generated based on the exploit codes of previous attacks. However, WAFs cannot filter unknown attacks because the signatures cannot reflect new types of attacks. In service provider environments, the number of exploit codes has recently increased rapidly because of the spread of vulnerable web applications that have been developed through cloud computing. Thus, generating signatures for all exploit codes is difficult. To solve these problems, our proposed scheme detects and filters malware downloads that are sent from websites which have already received exploit codes. In addition, to collect information for detecting malware downloads, web honeypots, which automatically extract the communication records of exploit codes, are used. According to the results of experiments using a prototype, our scheme can filter attacks automatically so that service providers can provide secure and cost-effective network environments.

Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

NASA Technical Reports Server (NTRS)

Gunawan, Ryan A.

2016-01-01

With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

Rationality Validation of a Layered Decision Model for Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wei, Huaqiang; Alves-Foss, James; Zhang, Du

2007-08-31

We propose a cost-effective network defense strategy built on three key: three decision layers: security policies, defense strategies, and real-time defense tactics for countering immediate threats. A layered decision model (LDM) can be used to capture this decision process. The LDM helps decision-makers gain insight into the hierarchical relationships among inter-connected entities and decision types, and supports the selection of cost-effective defense mechanisms to safeguard computer networks. To be effective as a business tool, it is first necessary to validate the rationality of model before applying it to real-world business cases. This paper describes our efforts in validating the LDMmore » rationality through simulation.« less

One health security: an important component of the global health security agenda.

PubMed

Gronvall, Gigi; Boddie, Crystal; Knutsson, Rickard; Colby, Michelle

2014-01-01

The objectives of the Global Health Security Agenda (GHSA) will require not only a "One Health" approach to counter natural disease threats against humans, animals, and the environment, but also a security focus to counter deliberate threats to human, animal, and agricultural health and to nations' economies. We have termed this merged approach "One Health Security." It will require the integration of professionals with expertise in security, law enforcement, and intelligence to join the veterinary, agricultural, environmental, and human health experts essential to One Health and the GHSA. Working across such different professions, which occasionally have conflicting aims and different professional cultures, poses multiple challenges, but a multidisciplinary and multisectoral approach is necessary to prevent disease threats; detect them as early as possible (when responses are likely to be most effective); and, in the case of deliberate threats, find who may be responsible. This article describes 2 project areas that exemplify One Health Security that were presented at a workshop in January 2014: the US government and private industry efforts to reduce vulnerabilities to foreign animal diseases, especially foot-and-mouth disease; and AniBioThreat, an EU project to counter deliberate threats to agriculture by raising awareness and implementing prevention and response policies and practices.

Physician office readiness for managing Internet security threats.

PubMed

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks.Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done.

Physician Office Readiness for Managing Internet Security Threats

PubMed Central

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks. Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done. PMID:17238600

A new matrix for scoring the functionality of national laboratory networks in Africa: introducing the LABNET scorecard.

PubMed

Ondoa, Pascale; Datema, Tjeerd; Keita-Sow, Mah-Sere; Ndihokubwayo, Jean-Bosco; Isadore, Jocelyn; Oskam, Linda; Nkengasong, John; Lewis, Kim

2016-01-01

Functional national laboratory networks and systems are indispensable to the achievement of global health security targets according to the International Health Regulations. The lack of indicators to measure the functionality of national laboratory network has limited the efficiency of past and current interventions to enhance laboratory capacity in resource-limited-settings. We have developed a matrix for the assessment of national laboratory network functionality and progress thereof, with support from the African Society of Laboratory Medicine and the Association of Public Health Laboratories. The laboratory network (LABNET) scorecard was designed to: (1) Measure the status of nine overarching core capabilities of laboratory network required to achieve global health security targets, as recommended by the main normative standards; (2) Complement the World Health Organization joint external evaluation tool for the assessment of health system preparedness to International Health Regulations (2005) by providing detailed information on laboratory systems; and (3) Serve as a clear roadmap to guide the stepwise implementation of laboratory capability to prevent, detect and act upon infectious threats. The application of the LABNET scorecard under the coordination of the African Society of Laboratory Medicine and the Association of Public Health Laboratories could contribute to the design, monitoring and evaluation of upcoming Global Health Security Agenda-supported laboratory capacity building programmes in sub Saharan-Africa and other resource-limited settings, and inform the development of national laboratory policies and strategic plans. Endorsement by the World Health Organization Regional Office for Africa is foreseen.

49 CFR 1572.203 - Transportation of explosives from Canada to the United States via railroad carrier.

Code of Federal Regulations, 2010 CFR

2010-10-01

... to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Transportation of... determines is not known or is a threat to security. (e) At the border. (1) Train crew members who are not U.S...

Centralized Cryptographic Key Management and Critical Risk Assessment - CRADA Final Report For CRADA Number NFE-11-03562

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, R. K.; Peters, Scott

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) Cyber Security for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing Cyber Security for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modifiedmore » and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Cryptographic Key Management and Critical Risk Assessment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) CyberSecurity for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing CyberSecurity for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and usedmore » as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Threats to information security of real-time disease surveillance systems.

PubMed

Henriksen, Eva; Johansen, Monika A; Baardsgaard, Anders; Bellika, Johan G

2009-01-01

This paper presents the main results from a qualitative risk assessment of information security aspects for a new real-time disease surveillance approach in general, and for the Snow surveillance system in particular. All possible security threats and acceptable solutions, and the implications these solutions had to the design of the system, were discussed. Approximately 30 threats were identified. None of these got an unacceptable high risk level originally, but two got medium risk level, of which one was concluded to be unacceptable after further investigation. Of the remaining low risk threats, some have severe consequence, thus requiring particular assessment. Since it is very important to identify and solve all security threats before real-time solutions can be used in a wide scale, additional investigations are needed.

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

A quantum network of clocks

NASA Astrophysics Data System (ADS)

Komar, Peter; Kessler, Eric; Bishof, Michael; Jiang, Liang; Sorensen, Anders; Ye, Jun; Lukin, Mikhail

2014-05-01

Shared timing information constitutes a key resource for positioning and navigation with a direct correspondence between timing accuracy and precision in applications such as the Global Positioning System (GPS). By combining precision metrology and quantum networks, we propose here a quantum, cooperative protocol for the operation of a network consisting of geographically remote optical atomic clocks. Using non-local entangled states, we demonstrate an optimal utilization of the global network resources, and show that such a network can be operated near the fundamental limit set by quantum theory yielding an ultra-precise clock signal. Furthermore, the internal structure of the network, combined with basic techniques from quantum communication, guarantees security both from internal and external threats. Realization of such a global quantum network of clocks may allow construction of a real-time single international time scale (world clock) with unprecedented stability and accuracy. See also: Komar et al. arXiv:1310.6045 (2013) and Kessler et al. arXiv:1310.6043 (2013).

Research on computer virus database management system

NASA Astrophysics Data System (ADS)

Qi, Guoquan

2011-12-01

The growing proliferation of computer viruses becomes the lethal threat and research focus of the security of network information. While new virus is emerging, the number of viruses is growing, virus classification increasing complex. Virus naming because of agencies' capture time differences can not be unified. Although each agency has its own virus database, the communication between each other lacks, or virus information is incomplete, or a small number of sample information. This paper introduces the current construction status of the virus database at home and abroad, analyzes how to standardize and complete description of virus characteristics, and then gives the information integrity, storage security and manageable computer virus database design scheme.

"SWING": A European project for a new application of an ionospheric network

NASA Astrophysics Data System (ADS)

Zolesi, B.; Bianchi, C.; Meloni, A.; Baskaradas, J. A.; Belehaki, A.; Altadill, D.; Dalle Mese, E.

2016-05-01

The SWING (Short Wave critical Infrastructure Network based on a new Generation high survival radio communication system) is a European project aimed at studying a high survival high-frequency (HF) radio network to link European Critical Infrastructures (ECIs). This system is thought to replace broadband internet communication, maintaining the minimum flux of essential information for the ECIs management and control, in case of wide-scale threats, including terrorist attacks, able to put out of order internet links over the Mediterranean region. SWING is designed to evaluate the threat and increase the security awareness, as well as the level of protection, of analogous and/or interdependent ECIs. In order to meet these goals, SWING was finalized to recognize how and when the internet communication fails and to develop the standard software and hardware tools necessary for implementing communication protocols suited for a reliable and interoperable short-wave (SW) or high-frequency (HF) radio network backup. The internet broadband description and internet failure recognition were taken into consideration in the project but are not treated in this paper. It has been assessed that in case of complete failure of the internet broadband communication fundamental information for the management and control of ECIs over the Mediterranean region can be maintained with a HF network, even in case of moderate ionospheric perturbations.

What Are the Security Threats to Further Development of Nuclear Power Plants in the U.S.

DTIC Science & Technology

2010-03-01

as-a-secure- fuel -alternative &catid=94:0409content&itemid=342. (accessed May 2009). Bush, President George W. “Expand the Circle of Development by...SECURITY THREATS TO FURTHER DEVELOPMENT OF NUCLEAR POWER PLANTS IN THE U.S.? by Tammie L. Nottestad March 2010 Thesis Advisor: Robert Looney...Master’s Thesis 4. TITLE AND SUBTITLE What Are the Security Threats to Further Development of Nuclear Power Plants in the U.S.? 6. AUTHOR(S

49 CFR 1544.305 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.305 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify aircraft operators of...

49 CFR 1515.11 - Review by administrative law judge and TSA Final Decision Maker.

Code of Federal Regulations, 2010 CFR

2010-10-01

... PROCEDURAL RULES APPEAL AND WAIVER PROCEDURES FOR SECURITY THREAT ASSESSMENTS FOR INDIVIDUALS § 1515.11... Threat Assessment on the grounds that he or she poses a security threat after an appeal as described in... been issued a Final Determination of Threat Assessment after an appeal as described in 49 CFR 1515.9...

Three Essays on Information Security Policies

ERIC Educational Resources Information Center

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

A new matrix for scoring the functionality of national laboratory networks in Africa: introducing the LABNET scorecard

PubMed Central

Datema, Tjeerd; Keita-Sow, Mah-Sere; Ndihokubwayo, Jean-Bosco; Isadore, Jocelyn; Oskam, Linda; Nkengasong, John; Lewis, Kim

2016-01-01

Background Functional national laboratory networks and systems are indispensable to the achievement of global health security targets according to the International Health Regulations. The lack of indicators to measure the functionality of national laboratory network has limited the efficiency of past and current interventions to enhance laboratory capacity in resource-limited-settings. Scorecard for laboratory networks We have developed a matrix for the assessment of national laboratory network functionality and progress thereof, with support from the African Society of Laboratory Medicine and the Association of Public Health Laboratories. The laboratory network (LABNET) scorecard was designed to: (1) Measure the status of nine overarching core capabilities of laboratory network required to achieve global health security targets, as recommended by the main normative standards; (2) Complement the World Health Organization joint external evaluation tool for the assessment of health system preparedness to International Health Regulations (2005) by providing detailed information on laboratory systems; and (3) Serve as a clear roadmap to guide the stepwise implementation of laboratory capability to prevent, detect and act upon infectious threats. Conclusions The application of the LABNET scorecard under the coordination of the African Society of Laboratory Medicine and the Association of Public Health Laboratories could contribute to the design, monitoring and evaluation of upcoming Global Health Security Agenda-supported laboratory capacity building programmes in sub Saharan-Africa and other resource-limited settings, and inform the development of national laboratory policies and strategic plans. Endorsement by the World Health Organization Regional Office for Africa is foreseen. PMID:28879141

Security systems engineering overview

NASA Astrophysics Data System (ADS)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

Joint Operating Environment: Trends and Challenges for the Future Joint Force Through 2030

DTIC Science & Technology

2007-12-01

unmanned underwater vehicles loom on the horizon that can be swarmed against our ports and cities. Self - healing , networked minefields will... robots in an effort to provide the basic physical labor needed by the society. Russia has seen a major withdrawal of it population from the Far...of criminal elements. International organized crime, motivated by greed and self -interest, may increase as potential security threats to the

Security risks associated with radio frequency identification in medical environments.

PubMed

Hawrylak, Peter J; Schimke, Nakeisha; Hale, John; Papa, Mauricio

2012-12-01

Radio frequency identification (RFID) is a form of wireless communication that is used to identify assets and people. RFID has significant benefits to the medical environment. However, serious security threats are present in RFID systems that must be addressed in a medical environment. Of particular interest are threats to patient privacy and safety based on interception of messages, interruption of communication, modification of data, and fabrication of messages and devices. This paper presents an overview of these security threats present in RFID systems in a medical environment and provides guidance on potential solutions to these threats. This paper provides a roadmap for researchers and implementers to address the security issues facing RFID in the medical space.

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey

PubMed Central

Abdalzaher, Mohamed S.; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-01-01

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs. PMID:27367700

Protecting computer-based medical devices: defending against viruses and other threats.

PubMed

2005-07-01

The increasing integration of computer hardware has exposed medical devices to greater risks than ever before. More and more devices rely on commercial off-the-shelf software and operating systems, which are vulnerable to the increasing proliferation of viruses and other malicious programs that target computers. Therefore, it is necessary for hospitals to take steps such as those outlined in this article to ensure that their computer-based devices are made safe and continue to remain safe in the future. Maintaining the security of medical devices requires planning, careful execution, and a commitment of resources. A team should be created to develop a process for surveying the security status of all computerized devices in the hospital and making sure that patches and other updates are applied as needed. These patches and updates should be approved by the medical system supplier before being implemented. The team should consider using virtual local area networks to isolate susceptible devices on the hospital's network. All security measures should be carefully documented, and the documentation should be kept up-to-date. Above all, care must be taken to ensure that medical device security involves a collaborative, supportive partnership between the hospital's information technology staff and biomedical engineering personnel.

76 FR 81516 - Homeland Security Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... security; and provide information on the threat of an electromagnetic pulse attack and its associated... Operational Update. Electromagnetic Pulse (EMP) Threat--Lessons Learned and Areas of Vulnerability, and... and the potential threat of an electromagnetic pulse attack. Both will include lessons learned and...

Oil market power and United States national security

PubMed Central

Stern, Roger

2006-01-01

It is widely believed that an oil weapon could impose scarcity upon the United States. Impending resource exhaustion is thought to exacerbate this threat. However, threat seems implausible when we consider strategic deficits of prospective weapon users and the improbability of impending resource exhaustion. Here, we explore a hypothesis relating oil to national security under a different assumption, abundance. We suggest that an oil cartel exerts market power to keep abundance at bay, commanding monopoly rents [or wealth transfers (wt)] that underwrite security threats. We then compare security threats attributed to the oil weapon to those that may arise from market power. We first reexamine whether oil is abundant or scarce by reviewing current development data, then we estimate a competitive price for oil. From this, we derive wt2004 collections by Persian Gulf states ≈ $132-178 × 109. We find that wt and the behavior of states collecting it interact to actuate security threats. Threats underwritten by wt are (i) the potential for emergence of a Persian Gulf superpower and (ii) terrorism. It is therefore oil market power, not oil per se, that actuates threats. We also describe a paradox in the relation of market power to the United States' defense doctrine of force projection to preempt a Gulf superpower. Because the superpower threat derives from wt, force alone cannot preempt it. A further paradox is that because foreign policy is premised on oil weapon fear, market power is appeased. Threats thereby grow unimpeded. PMID:16428291

Spousal Coping Strategies in the Shadow of Terrorism.

PubMed

Shechory-Bitton, Mally; Cohen-Louck, Keren

2017-11-01

The present study focuses on spousal differences in reaction to ongoing exposure to terror and security threats. Sixty-eight married couples with children living in a region exposed to ongoing security threats were evaluated. All participants completed questionnaires on objective exposure (number of incidents) and subjective exposure (sense of fear) to terrorism and security threats, posttraumatic stress disorder (PTSD) symptoms, and their coping strategies with this ongoing exposure. Mothers reported higher levels of fear and PTSD symptoms, although their objective levels of exposure did not differ from those of their husbands. Similarities were found in coping strategies adopted by mothers and fathers to cope with life in the shadow of terrorism. Both mothers and fathers integrated emotion- and problem-focused coping strategies, with greater use of the latter. These similarities partially contradict research findings suggesting gender differences in coping with exposure to security threats. The results support the need for further research into investigating the role of dyadic coping in the context of prolonged exposure to security threats.

Compliance with HIPAA security standards in U.S. Hospitals.

PubMed

Davis, Diane; Having, Karen

2006-01-01

With the widespread use of computer networks, the amount of information stored electronically has grown exponentially, resulting in increased concern for privacy and security of information. The healthcare industry has been put to the test with the federally mandated Health Insurance Portability and Accountability Act (HIPAA) of 1996. To assess the compliance status of HIPAA security standards, a random sample of 1,000 U.S. hospitals was surveyed in January 2004, yielding a return rate of 29 percent. One year later, a follow-up survey was sent to all previous respondents, with 50 percent replying. HIPAA officers'perceptions of security compliance in 2004 and 2005 are compared in this article. The security standards achieving the highest level of compliance in both 2004 and 2005 were obtaining required business associate agreements and physical safeguards to limit access to electronic information systems. Respondents indicated least compliance both years in performing periodic evaluation of security practices governed by the Security Rule. Roadblocks, threats, problems and solutions regarding HIPAA compliance are discussed. This information may be applied to current and future strategies toward maintaining security of information systems throughout the healthcare industry.

Providing security assurance in line with national DBT assumptions

NASA Astrophysics Data System (ADS)

Bajramovic, Edita; Gupta, Deeksha

2017-01-01

As worldwide energy requirements are increasing simultaneously with climate change and energy security considerations, States are thinking about building nuclear power to fulfill their electricity requirements and decrease their dependence on carbon fuels. New nuclear power plants (NPPs) must have comprehensive cybersecurity measures integrated into their design, structure, and processes. In the absence of effective cybersecurity measures, the impact of nuclear security incidents can be severe. Some of the current nuclear facilities were not specifically designed and constructed to deal with the new threats, including targeted cyberattacks. Thus, newcomer countries must consider the Design Basis Threat (DBT) as one of the security fundamentals during design of physical and cyber protection systems of nuclear facilities. IAEA NSS 10 describes the DBT as "comprehensive description of the motivation, intentions and capabilities of potential adversaries against which protection systems are designed and evaluated". Nowadays, many threat actors, including hacktivists, insider threat, cyber criminals, state and non-state groups (terrorists) pose security risks to nuclear facilities. Threat assumptions are made on a national level. Consequently, threat assessment closely affects the design structures of nuclear facilities. Some of the recent security incidents e.g. Stuxnet worm (Advanced Persistent Threat) and theft of sensitive information in South Korea Nuclear Power Plant (Insider Threat) have shown that these attacks should be considered as the top threat to nuclear facilities. Therefore, the cybersecurity context is essential for secure and safe use of nuclear power. In addition, States should include multiple DBT scenarios in order to protect various target materials, types of facilities, and adversary objectives. Development of a comprehensive DBT is a precondition for the establishment and further improvement of domestic state nuclear-related regulations in the field of physical and cyber protection. These national regulations have to be met later on by I&C platform suppliers, electrical systems suppliers, system integrators and turn-key providers.

Prototype of smart office system using based security system

NASA Astrophysics Data System (ADS)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

Research and application of ARP protocol vulnerability attack and defense technology based on trusted network

NASA Astrophysics Data System (ADS)

Xi, Huixing

2017-03-01

With the continuous development of network technology and the rapid spread of the Internet, computer networks have been around the world every corner. However, the network attacks frequently occur. The ARP protocol vulnerability is one of the most common vulnerabilities in the TCP / IP four-layer architecture. The network protocol vulnerabilities can lead to the intrusion and attack of the information system, and disable or disable the normal defense function of the system [1]. At present, ARP spoofing Trojans spread widely in the LAN, the network security to run a huge hidden danger, is the primary threat to LAN security. In this paper, the author summarizes the research status and the key technologies involved in ARP protocol, analyzes the formation mechanism of ARP protocol vulnerability, and analyzes the feasibility of the attack technique. Based on the summary of the common defensive methods, the advantages and disadvantages of each defense method. At the same time, the current defense method is improved, and the advantage of the improved defense algorithm is given. At the end of this paper, the appropriate test method is selected and the test environment is set up. Experiment and test are carried out for each proposed improved defense algorithm.

Security Concepts for Satellite Links

NASA Astrophysics Data System (ADS)

Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.

2008-08-01

The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

Why food in health security (FIHS)?

PubMed

Wahlqvist, Mark L

2009-01-01

Health is intrinsic to human security (HumS) although it is somewhat anthropocentric and about our own psychosocial and biomedical status more than various external threats. The 1994 United Nations Development Program definition of HumS includes economic, food, environmental, personal, community and political security with freedom from fear and want. Environmental factors are critical for health security (HealS), especially with widespread socio-economic difficulty, and health systems less affordable or accessible. The nexus between nutritionally-related disorders and infectious disease is the most pervasive world health problem. Most if not all of the Millennium Development Goals are food-linked. Maternal nutrition has life-long health effects on the yet-to-be born child. The mix of essential nutrient deprivation and energy imbalance is rife across many societies. Food systems require deeper understanding and governance to overcome these food-related health risks which are matters of food security (FoodS). Nutritionally-related Disability Adjusted Life Years (DALYS) are improving markedly in many parts of the world, along with poverty and hunger reduction and health system advances. But recent economic, energy, food, water, climate change and health crises along with conflict are limiting. It is time for international and regional understanding of how households and communities can collectively manage these threats in affordable and sustainable ways. There is untapped problem-solving capacity at the international local level if supported by combined food--health systems expertise, innovation, infrastructure and governance. Principles of equity and ethics must apply. The Food in Health Security (FIHS) roundtable aims to develop a Network to facilitate this process.

49 CFR 1540.203 - Security threat assessment.

Code of Federal Regulations, 2013 CFR

2013-10-01

.... (3) Date and place of birth. (4) Social security number (submission is voluntary, although failure to provide it may delay or prevent completion of the threat assessment). (5) Gender. (6) Country of... Border Protection. (i) If asserting completion of a comparable threat assessment listed in paragraph (h...

49 CFR 1540.203 - Security threat assessment.

Code of Federal Regulations, 2012 CFR

2012-10-01

.... (3) Date and place of birth. (4) Social security number (submission is voluntary, although failure to provide it may delay or prevent completion of the threat assessment). (5) Gender. (6) Country of... Border Protection. (i) If asserting completion of a comparable threat assessment listed in paragraph (h...

Countering Threat Networks

DTIC Science & Technology

2016-12-21

PLANNING TO COUNTER THREAT NETWORKS  Joint Intelligence Preparation of the Operational Environment and Threat Networks...Army Expeditionary Forensic Facility in Afghanistan ........ E-9 E-4 Exploitation Support to Intelligence Fusion and Decision Making ......... E-10...Approach The groundwork for successful countering threat networks activities starts with information and intelligence to develop an understanding

Communicating Homeland Security Threats: Government and Public Efforts

DTIC Science & Technology

2010-12-01

States has never operated at a threat level lower than blue - guarded risk. The Homeland Security Advisory Council’s primary recommendations included...changing the alert level baseline to blue (guarded risk). Their rationale for resetting the threat level baseline includes acknowledging that a...accustomed to the guarded blue level indicative of a general threat of terrorist attack. To assume that public officials and citizens would ever

Improving the Quality of Backup Process for Publishing Houses and Printing Houses

NASA Astrophysics Data System (ADS)

Proskuriakov, N. E.; Yakovlev, B. S.; Pries, V. V.

2018-04-01

The analysis of main types for data threats, used by print media, and their influence on the vitality and security of information is made. The influence of the programs settings for preparing archive files, the types of file managers on the backup process is analysed. We proposed a simple and economical version of the practical implementation of the backup process consisting of 4 components: the command line interpreter, the 7z archiver, the Robocopy utility, and network storage. We recommend that the best option would be to create backup copies, consisting of three local copies of data and two network copies.

A Pilot Examination of the Methods Used to Counteract Insider Threat Security Risks Associated with the Use of Radioactive Materials in the Research and Clinical Setting.

PubMed

Tsenov, B G; Emery, R J; Whitehead, L W; Gonzalez, J Reingle; Gemeinhardt, G L

2018-03-01

While many organizations maintain multiple layers of security control methodologies to prevent outsiders from gaining unauthorized access, persons such as employees or contractors who have been granted legitimate access can represent an "insider threat" risk. Interestingly, some of the most notable radiological events involving the purposeful contamination or exposure of individuals appear to have been perpetrated by insiders. In the academic and medical settings, radiation safety professionals focus their security efforts on (1) ensuring controls are in place to prevent unauthorized access or removal of sources, and (2) increasing security controls for the unescorted accessing of large sources of radioactivity (known as "quantities of concern"). But these controls may not completely address the threat insiders represent when radioactive materials below these quantities are present. The goal of this research project was to characterize the methodologies currently employed to counteract the insider security threat for the misuse or purposeful divergence of radioactive materials used in the academic and medical settings. A web-based survey was used to assess how practicing radiation safety professionals in academic and medical settings anticipate, evaluate, and control insider threat security risks within their institutions. While all respondents indicated that radioactive sources are being used in amounts below quantities of concern, only 6 % consider insider threat security issues as part of the protocol review for the use of general radioactive materials. The results of this survey identify several opportunities for improvement for institutions to address security gaps.

The Cybercitizen Dimension: A Quantitative Study Using a Threat Avoidance Perspective

ERIC Educational Resources Information Center

Manzano, Debbie L.

2012-01-01

The importance of information security is understated and theory-based empirical research that explains computer users voluntary IT threat avoidance behavior is lacking. Most existing information security research on individual behaviors has been focused in organizational settings where the threat avoidance behavior is mandatory and dictated by…

The Threat of Security: Hindering Technology Integration in the Classroom

ERIC Educational Resources Information Center

Robinson, LeAnne K.; Brown, Abbie; Green, Tim

2007-01-01

For the last year the authors have been gathering examples of how perceived "threats of security" are hampering the integration of technology in teaching and learning. They hope that educators will examine both the challenges of increased security demands and ways in which security might enhance, rather than detract from, the use of technology for…

ICS logging solution for network-based attacks using Gumistix technology

NASA Astrophysics Data System (ADS)

Otis, Jeremy R.; Berman, Dustin; Butts, Jonathan; Lopez, Juan

2013-05-01

Industrial Control Systems (ICS) monitor and control operations associated with the national critical infrastructure (e.g., electric power grid, oil and gas pipelines and water treatment facilities). These systems rely on technologies and architectures that were designed for system reliability and availability. Security associated with ICS was never an inherent concern, primarily due to the protections afforded by network isolation. However, a trend in ICS operations is to migrate to commercial networks via TCP/IP in order to leverage commodity benefits and cost savings. As a result, system vulnerabilities are now exposed to the online community. Indeed, recent research has demonstrated that many exposed ICS devices are being discovered using readily available applications (e.g., ShodanHQ search engine and Google-esque queries). Due to the lack of security and logging capabilities for ICS, most knowledge about attacks are derived from real world incidents after an attack has already been carried out and the damage has been done. This research provides a method for introducing sensors into the ICS environment that collect information about network-based attacks. The sensors are developed using an inexpensive Gumstix platform that can be deployed and incorporated with production systems. Data obtained from the sensors provide insight into attack tactics (e.g., port scans, Nessus scans, Metasploit modules, and zero-day exploits) and characteristics (e.g., attack origin, frequency, and level of persistence). Findings enable security professionals to draw an accurate, real-time awareness of the threats against ICS devices and help shift the security posture from reactionary to preventative.

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids

PubMed Central

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham- Yahalom logic. PMID:27007951

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

PubMed

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

HPC Annual Report: Emulytics.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Crussell, Jonathan; Boote, Jeffrey W.; Fritz, David Jakob

Networked Information Technology systems play a key role supporting critical government, military, and private computer installations. Many of today's critical infrastructure systems have strong dependencies on secure information exchange among geographically dispersed facilities. As operations become increasingly dependent on the information exchange they also become targets for exploitation. The need to protect data and defend these systems from external attack has become increasingly vital while the nature of the threats has become sophisticated and pervasive making the challenges daunting. Enter Emulytics.

Examining the Return on Investment of a Security Information and Event Management Solution in a Notional Department of Defense Network Environment

DTIC Science & Technology

2013-06-01

collection are the facts that devices the lack encryption or compression methods and that the log file must be saved on the host system prior to transfer...time. Statistical correlation utilizes numerical algorithms to detect deviations from normal event levels and other routine activities (Chuvakin...can also assist in detecting low volume threats. Although easy and logical to implement, the implementation of statistical correlation algorithms

Regulatory Underpinnings of Global Health Security: FDA's Roles in Preventing, Detecting, and Responding to Global Health Threats

PubMed Central

Bond, Katherine C.; Maher, Carmen

2014-01-01

In February 2014, health officials from around the world announced the Global Health Security Agenda, a critical effort to strengthen national and global systems to prevent, detect, and respond to infectious disease threats and to foster stronger collaboration across borders. With its increasing global roles and broad range of regulatory responsibilities in ensuring the availability, safety, and security of medical and food products, the US Food and Drug Administration (FDA) is engaged in a range of efforts in support of global health security. This article provides an overview of FDA's global health security roles, focusing on its responsibilities related to the development and use of medical countermeasures (MCMs) for preventing, detecting, and responding to global infectious disease and other public health emergency threats. The article also discusses several areas—antimicrobial resistance, food safety, and supply chain integrity—in which FDA's global health security roles continue to evolve and extend beyond MCMs and, in some cases, beyond traditional infectious disease threats. PMID:25254912

Regulatory underpinnings of Global Health security: FDA's roles in preventing, detecting, and responding to global health threats.

PubMed

Courtney, Brooke; Bond, Katherine C; Maher, Carmen

2014-01-01

In February 2014, health officials from around the world announced the Global Health Security Agenda, a critical effort to strengthen national and global systems to prevent, detect, and respond to infectious disease threats and to foster stronger collaboration across borders. With its increasing global roles and broad range of regulatory responsibilities in ensuring the availability, safety, and security of medical and food products, the US Food and Drug Administration (FDA) is engaged in a range of efforts in support of global health security. This article provides an overview of FDA's global health security roles, focusing on its responsibilities related to the development and use of medical countermeasures (MCMs) for preventing, detecting, and responding to global infectious disease and other public health emergency threats. The article also discusses several areas-antimicrobial resistance, food safety, and supply chain integrity-in which FDA's global health security roles continue to evolve and extend beyond MCMs and, in some cases, beyond traditional infectious disease threats.

Susceptibility of SCADA systems and the energy sector

NASA Astrophysics Data System (ADS)

Goike, Lindsay

The research in this paper focused on analyzing SCADA systems in the energy sector for susceptibility to cyber attacks, in furtherance of providing suggestions to mitigate current and future cyber attacks. The research will be addressing the questions: how are SCADA systems susceptible to cyber attacks, and what are the suggested ways to mitigate both current and future cyber attacks. The five main categories of security vulnerabilities facing current SCADA systems were found to be: connectivity to the Internet, failure to plan, interdependency of sectors, numerous different types of threats, and outdated software. Some of the recommendations mentioned to mitigate current and future risks were: virtual private networks, risk assessments, increased physical security, updating of software, and firewalls.

Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM) in advanced metering infrastructure of smart grid.

PubMed

Li, Yuancheng; Qiu, Rixuan; Jing, Sitong

2018-01-01

Advanced Metering Infrastructure (AMI) realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM) is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

Access Control of Web and Java Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

Threats to US energy security: the challenge of Arab oil

DOE Office of Scientific and Technical Information (OSTI.GOV)

Phillips, J.

1979-08-13

Assured access to foreign oil supplies is a vital national interest of the United States which has been repeatedly jeopardized in the 1970s and one that will face additional critical challenges in the 1980s. This paper identifies and analyzes various threats to US energy security both in terms of their past use and future usability. Since the most ominous threat to US energy security is posed in connection with the Arab-Israeli conflict, the paper focuses on the Arab oil weapon, although the energy-security implications of the Iranian revolution are also assessed.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Buckner, Mark A; Bobrek, Miljko; Farquhar, Ethan

Wireless Access Points (WAP) remain one of the top 10 network security threats. This research is part of an effort to develop a physical (PHY) layer aware Radio Frequency (RF) air monitoring system with multi-factor authentication to provide a first-line of defense for network security--stopping attackers before they can gain access to critical infrastructure networks through vulnerable WAPs. This paper presents early results on the identification of OFDM-based 802.11a WiFi devices using RF Distinct Native Attribute (RF-DNA) fingerprints produced by the Fractional Fourier Transform (FRFT). These fingerprints are input to a "Learning from Signals" (LFS) classifier which uses hybrid Differentialmore » Evolution/Conjugate Gradient (DECG) optimization to determine the optimal features for a low-rank model to be used for future predictions. Results are presented for devices under the most challenging conditions of intra-manufacturer classification, i.e., same-manufacturer, same-model, differing only in serial number. The results of Fractional Fourier Domain (FRFD) RF-DNA fingerprints demonstrate significant improvement over results based on Time Domain (TD), Spectral Domain (SD) and even Wavelet Domain (WD) fingerprints.« less

Non-Traditional Security Threats in the Border Areas: Terrorism, Piracy, Environmental Degradation in Southeast Asian Maritime Domain

NASA Astrophysics Data System (ADS)

Dabova, E. L.

2013-11-01

In addition to facilitating peaceful trade and economic development, sovereign territory, territorial waters and international waters are being used by various criminal groups that pose threats to governments, businesses and civilian population in Southeast Asia. Nonstate criminal maritime activities were not receiving appropriate attention as they were overshadowed by traditional military security challenges. Yet more and more frequently, the non-traditional actors challenge lines of communication, jeopardize access to strategic resources, complicate traditional defence tasks, and harm the environment. Understanding the nature of non-traditional threats, and the ways to combat them, requires international legal, historical and political science analysis within a united problem-oriented approach. A fair critique to pure interest, power and knowledge -based theories of regime formation was developed by E.K. Leonard's1, who explained the evolution of the international system from the global governance perspective. The present study is based on the premise that pure nation-state approaches are incapable of providing a theoretical ground for addressing the growing influence of international criminal networks in South East Asia. From an international relations theory perspective, the author of this study agrees with D.Snidal2 that the hegemonic stability theory has "limits" and is insufficient in describing modern challenges to sustainable international security regime, including non-traditional threats, where collective action is more efficient from an interest and capability standpoint. At the same time the author of this study does not share the viewpoint on "marginalization"3 of international law in current international order due to its fragmentation and regionalization4 and "global power shifts"5 . The United Nations, as a global institution at the top of the vertical hierarchy of international legal order, and the EU as an example of "self-contained" regime along with other subsystems like South East Asia may have different approaches to global governance, international constitutional order, or particular cases such as the measure of infringement of human rights when targeting individuals suspected of terrorist links. Yet international law remains the key part of the Asian and global security regime. The hypothesis of this study is that the "void of governance" regime in territorial and international waters provides lucrative environment for developing terrorism, piracy, environmental degradation, and other criminal activities that pose untraditional threats to the regional security. This "void of governance" regime can be caused by either, or both, de jure or de facto insufficient control over particular marine territories.

The MANPAD Threat to Civilian Airliners

DTIC Science & Technology

2006-03-03

PAGES: 19 KEY TERMS: Homeland Security; Non-Proliferation; Airport Security CLASSIFICATION: Unclassified This paper investigates strategic approaches...technological solutions and law enforcement operations to provide a competent airport security perimeter.”18 To combat this ominous threat of MANPADS...sites for phone and computer tips should be established with access for airport security , local and federal law enforcement, as well as intelligence

Kaliningrad and Baltic Security

DTIC Science & Technology

2001-06-01

Kennedy-Minott, Thesis Co-Advisor ___________________________________________ James Wirtz , Chairman Department of National Security Affairs iv...39 Jochen Prantl, �Security and Stability in Northern Europe � A Threat Assessment,� Program on the Northern Dimension of the CFSP, 29...www.usis.usemb.se/ wireless/500/eur508.htm Prantl, Jochen . �Security and Stability in Northern Europe � A Threat Assessment.� Program on the Northern Dimension

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2012 CFR

2012-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2014 CFR

2014-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2014-10-01 2014-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2013 CFR

2013-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2011 CFR

2011-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2011-10-01 2011-10-01 false Access to cargo: Security threat assessments for...

The cyber threat, trophy information and the fortress mentality.

PubMed

Scully, Tim

2011-10-01

'It won't happen to me' is a prevalent mindset among senior executives in the private and public sectors when considering targeted cyber intrusions. This is exacerbated by the long-term adoption of a 'fortress mentality' towards cyber security, and by the attitude of many of our cyber-security professionals, who speak a different language when it comes to communicating cyber-security events to senior executives. The prevailing approaches to cyber security have clearly failed. Almost every week another serious, targeted cyber intrusion is reported, but reported intrusions are only the tip of the iceberg. Why have we got it so wrong? It must be acknowledged that cyber security is no longer the domain of cyber-security experts alone. Many more of us at various levels of leadership must understand, and be more deeply engaged in, the cyber-security challenge if we are to deal with the threat holistically and effectively. Governments cannot combat the cyber threat alone, particularly the so-called advanced persistent threat; they must work closely with industry as trusted partners. Industry will be the 'boots on the ground' in cyber security, but there are challenges to building this relationship, which must be based on sound principles.

Analysis on the threats and spatiotemporal distribution pattern of security in World Natural Heritage Sites.

PubMed

Wang, Zhaoguo; Yang, Zhaoping; Du, Xishihui

2015-01-01

World Natural Heritage Sites (WNHS) are treasures that need human protection and invite appreciation, which makes conservation of WNHS an urgent task. This paper assesses where in the world threats are most pressing and which WNHS require emergency assistance. Using an analysis of "hot spots" and inverse distance weighting, it finds that Africa is the region where WNHS are least secure. Reports of the state of the conservation of WNHS describe the many threats that exist. Of these, management activities and institutional factors are the primary threats. The paper suggests relevant measures to improve the WNHS security.

Russia’s Security Relations with Finland, Norway, and Sweden

DTIC Science & Technology

2017-09-01

and the United States as threats to its national security. The thesis encompasses economic and political consideration; the historical context...threats to its national security. The thesis encompasses economic and political consideration; the historical context between Russia and Finland...15 A. ECONOMIC RELATIONS ....................................................................15 B. POLITICAL

Securitising health: Australian newspaper coverage of pandemic influenza.

PubMed

Stephenson, Niamh; Jamieson, Michelle

2009-05-01

This paper analyses contemporary Australian newspaper coverage of the threat of pandemic influenza in humans, specifically in the light of recent transformations in biomedical and public health understandings of infectious disease as continuously emerging. Our analysis suggests that the spectre of pandemic influenza is characterised, in newspaper accounts, as invoking a specific form of nation building. The Australian nation is depicted as successfully securing itself in the face of a threat from Asia (and in the absence of an effective international health body). What is described in newspaper accounts reflects a shift in the public health response to infectious disease. This response does not entail a direct focus on protecting either the population or national territory. Instead, it involves the continuous rehearsal of readiness to react to disasters through the networking of government and private agencies responsible for maintaining critical infrastructure. In this way, coverage of pandemic influenza positions health as central to national security, with little reporting of the reasons for or the potential implications of this alliance. Thus, the imperative to 'be prepared' is presented as self-evident.

Security systems engineering overview

DOE Office of Scientific and Technical Information (OSTI.GOV)

Steele, B.J.

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, andmore » counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).« less

Development of quantitative security optimization approach for the picture archives and carrying system between a clinic and a rehabilitation center

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Kajima, Toshio; Koyama, Tadashi; Muranaka, Hiroyuki; Dojo, Hirofumi; Aratani, Yasuhiko

2002-05-01

The target of our study is to analyze the level of necessary security requirements, to search for suitable security measures and to optimize security distribution to every portion of the medical practice. Quantitative expression must be introduced to our study, if possible, to enable simplified follow-up security procedures and easy evaluation of security outcomes or results. Using fault tree analysis (FTA), system analysis showed that system elements subdivided into groups by details result in a much more accurate analysis. Such subdivided composition factors greatly depend on behavior of staff, interactive terminal devices, kinds of services provided, and network routes. Security measures were then implemented based on the analysis results. In conclusion, we identified the methods needed to determine the required level of security and proposed security measures for each medical information system, and the basic events and combinations of events that comprise the threat composition factors. Methods for identifying suitable security measures were found and implemented. Risk factors for each basic event, a number of elements for each composition factor, and potential security measures were found. Methods to optimize the security measures for each medical information system were proposed, developing the most efficient distribution of risk factors for basic events.

Religious Education and the Prevention of Islamic Radicalization: Albania, Britain, France and the Former Yugoslav Republic of Macedonia

DTIC Science & Technology

2009-09-01

whether Muslim girls should wear the hijab at school is a premium example to which they refer to as a deprivation of their religious freedom. The...ORGANIZATION REPORT NUMBER 9. SPONSORING /MONITORING AGENCY NAME(S) AND ADDRESS(ES) N/ A 10. SPONSORING/MONITORING AGENCY REPORT NUMBER 11...countries, combined with the fact that a growing number of young Muslims have become members of terrorist networks, constitutes a security threat to

Constructing paths through social networks for disease surveillance

NASA Astrophysics Data System (ADS)

Greene, Marjorie

2011-06-01

Global health security needs better information on biological threats such as pandemics and bioterrorism that pose ever-increasing dangers for the health of populations worldwide. A vast amount of real-time information about infectious disease outbreaks is found in various forms of Web-based data streams. There are advantages and disadvantages of Internet-based surveillance and it has been suggested that an important research area will be to evaluate the application of technologies that will provide benefits to outbreak disease control at local, national, and international levels.

Insider Threat to Computer Security at Nuclear Facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

West, Rebecca Lynn

After completing this session, you should be able to: Describe the Insider Threat; Characterize the cyber insider threat; Describe preventive measures against the insider threat; Describe protective measures against the insider threat.

Review of July 2013 Nuclear Security Insider Threat Exercise November 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pederson, Ann C.; Snow, Catherine L.; Townsend, Jeremy

2013-11-01

This document is a review of the Nuclear Security Insider Threat Exercise which was hosted at ORNL in July 2013. Nuclear security culture and the insider threat are best learned through experience. Culture is inherently difficult to teach, and as such is best learned through modeled behaviors and learning exercise. This TTX, NSITE, is a tool that strives to aid students in learning what an effective (and ineffective) nuclear security culture might look like by simulating dynamic events that strengthen or weaken the nuclear security regime. The goals of NSITE are to stimulate complex thought and discussion and assist decisionmore » makers and management in determining the most effective policies and procedures for their country or facility.« less

Prediction of Sybil attack on WSN using Bayesian network and swarm intelligence

NASA Astrophysics Data System (ADS)

Muraleedharan, Rajani; Ye, Xiang; Osadciw, Lisa Ann

2008-04-01

Security in wireless sensor networks is typically sacrificed or kept minimal due to limited resources such as memory and battery power. Hence, the sensor nodes are prone to Denial-of-service attacks and detecting the threats is crucial in any application. In this paper, the Sybil attack is analyzed and a novel prediction method, combining Bayesian algorithm and Swarm Intelligence (SI) is proposed. Bayesian Networks (BN) is used in representing and reasoning problems, by modeling the elements of uncertainty. The decision from the BN is applied to SI forming an Hybrid Intelligence Scheme (HIS) to re-route the information and disconnecting the malicious nodes in future routes. A performance comparison based on the prediction using HIS vs. Ant System (AS) helps in prioritizing applications where decisions are time-critical.

Network security vulnerabilities and personal privacy issues in Healthcare Information Systems: a case study in a private hospital in Turkey.

PubMed

Namoğlu, Nihan; Ulgen, Yekta

2013-01-01

Healthcare industry has become widely dependent on information technology and internet as it moves from paper to electronic records. Healthcare Information System has to provide a high quality service to patients and a productive knowledge share between healthcare staff by means of patient data. With the internet being commonly used across hospitals, healthcare industry got its own share from cyber threats like other industries in the world. The challenge is allowing knowledge transfer to hospital staff while still ensuring compliance with security mandates. Working in collaboration with a private hospital in Turkey; this study aims to reveal the essential elements of a 21st century business continuity plan for hospitals while presenting the security vulnerabilities in the current hospital information systems and personal privacy auditing standards proposed by regulations and laws. We will survey the accreditation criteria in Turkey and counterparts in US and EU. We will also interview with medical staff in the hospital to understand the needs for personal privacy and the technical staff to perceive the technical requirements in terms of network security configuration and deployment. As hospitals are adopting electronic transactions, it should be considered a must to protect these electronic health records in terms of personal privacy aspects.

Security model for VM in cloud

NASA Astrophysics Data System (ADS)

Kanaparti, Venkataramana; Naveen K., R.; Rajani, S.; Padmvathamma, M.; Anitha, C.

2013-03-01

Cloud computing is a new approach emerged to meet ever-increasing demand for computing resources and to reduce operational costs and Capital Expenditure for IT services. As this new way of computation allows data and applications to be stored away from own corporate server, it brings more issues in security such as virtualization security, distributed computing, application security, identity management, access control and authentication. Even though Virtualization forms the basis for cloud computing it poses many threats in securing cloud. As most of Security threats lies at Virtualization layer in cloud we proposed this new Security Model for Virtual Machine in Cloud (SMVC) in which every process is authenticated by Trusted-Agent (TA) in Hypervisor as well as in VM. Our proposed model is designed to with-stand attacks by unauthorized process that pose threat to applications related to Data Mining, OLAP systems, Image processing which requires huge resources in cloud deployed on one or more VM's.

Video calls from lay bystanders to dispatch centers - risk assessment of information security.

PubMed

Bolle, Stein R; Hasvold, Per; Henriksen, Eva

2011-09-30

Video calls from mobile phones can improve communication during medical emergencies. Lay bystanders can be instructed and supervised by health professionals at Emergency Medical Communication Centers. Before implementation of video mobile calls in emergencies, issues of information security should be addressed. Information security was assessed for risk, based on the information security standard ISO/IEC 27005:2008. A multi-professional team used structured brainstorming to find threats to the information security aspects confidentiality, quality, integrity, and availability. Twenty security threats of different risk levels were identified and analyzed. Solutions were proposed to reduce the risk level. Given proper implementation, we found no risks to information security that would advocate against the use of video calls between lay bystanders and Emergency Medical Communication Centers. The identified threats should be used as input to formal requirements when planning and implementing video calls from mobile phones for these call centers.

Video calls from lay bystanders to dispatch centers - risk assessment of information security

PubMed Central

2011-01-01

Background Video calls from mobile phones can improve communication during medical emergencies. Lay bystanders can be instructed and supervised by health professionals at Emergency Medical Communication Centers. Before implementation of video mobile calls in emergencies, issues of information security should be addressed. Methods Information security was assessed for risk, based on the information security standard ISO/IEC 27005:2008. A multi-professional team used structured brainstorming to find threats to the information security aspects confidentiality, quality, integrity, and availability. Results Twenty security threats of different risk levels were identified and analyzed. Solutions were proposed to reduce the risk level. Conclusions Given proper implementation, we found no risks to information security that would advocate against the use of video calls between lay bystanders and Emergency Medical Communication Centers. The identified threats should be used as input to formal requirements when planning and implementing video calls from mobile phones for these call centers. PMID:21958387

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gibbs, P. W.

Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

Strategies to Minimize the Effects of Information Security Threats on Business Performance

ERIC Educational Resources Information Center

Okoye, Stella Ifeyinwa

2017-01-01

Business leaders in Nigeria are concerned about the high rates of business failure and economic loss from security incidents and may not understand strategies for reducing the effects of information security threats on business performance. Guided by general systems theory and transformational leadership theory, the focus of this exploratory…

Recognition of partially occluded threat objects using the annealed Hopefield network

NASA Technical Reports Server (NTRS)

Kim, Jung H.; Yoon, Sung H.; Park, Eui H.; Ntuen, Celestine A.

1992-01-01

Recognition of partially occluded objects has been an important issue to airport security because occlusion causes significant problems in identifying and locating objects during baggage inspection. The neural network approach is suitable for the problems in the sense that the inherent parallelism of neural networks pursues many hypotheses in parallel resulting in high computation rates. Moreover, they provide a greater degree of robustness or fault tolerance than conventional computers. The annealed Hopfield network which is derived from the mean field annealing (MFA) has been developed to find global solutions of a nonlinear system. In the study, it has been proven that the system temperature of MFA is equivalent to the gain of the sigmoid function of a Hopfield network. In our early work, we developed the hybrid Hopfield network (HHN) for fast and reliable matching. However, HHN doesn't guarantee global solutions and yields false matching under heavily occluded conditions because HHN is dependent on initial states by its nature. In this paper, we present the annealed Hopfield network (AHN) for occluded object matching problems. In AHN, the mean field theory is applied to the hybird Hopfield network in order to improve computational complexity of the annealed Hopfield network and provide reliable matching under heavily occluded conditions. AHN is slower than HHN. However, AHN provides near global solutions without initial restrictions and provides less false matching than HHN. In conclusion, a new algorithm based upon a neural network approach was developed to demonstrate the feasibility of the automated inspection of threat objects from x-ray images. The robustness of the algorithm is proved by identifying occluded target objects with large tolerance of their features.

Spatial-temporal modeling of malware propagation in networks.

PubMed

Chen, Zesheng; Ji, Chuanyi

2005-09-01

Network security is an important task of network management. One threat to network security is malware (malicious software) propagation. One type of malware is called topological scanning that spreads based on topology information. The focus of this work is on modeling the spread of topological malwares, which is important for understanding their potential damages, and for developing countermeasures to protect the network infrastructure. Our model is motivated by probabilistic graphs, which have been widely investigated in machine learning. We first use a graphical representation to abstract the propagation of malwares that employ different scanning methods. We then use a spatial-temporal random process to describe the statistical dependence of malware propagation in arbitrary topologies. As the spatial dependence is particularly difficult to characterize, the problem becomes how to use simple (i.e., biased) models to approximate the spatially dependent process. In particular, we propose the independent model and the Markov model as simple approximations. We conduct both theoretical analysis and extensive simulations on large networks using both real measurements and synthesized topologies to test the performance of the proposed models. Our results show that the independent model can capture temporal dependence and detailed topology information and, thus, outperforms the previous models, whereas the Markov model incorporates a certain spatial dependence and, thus, achieves a greater accuracy in characterizing both transient and equilibrium behaviors of malware propagation.

Chemical Sniffing Instrumentation for Security Applications.

PubMed

Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

2016-07-27

Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

Three tenets for secure cyber-physical system design and assessment

NASA Astrophysics Data System (ADS)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

Strategic factors in the development of the National Technology Transfer Network

NASA Technical Reports Server (NTRS)

Root, Jonathan F.; Stone, Barbara A.

1993-01-01

Broad consensus among industry and government leaders has developed over the last decade on the importance of applying the U.S. leadership in research and development (R&D) to strengthen competitiveness in the global marketplace, and thus enhance national prosperity. This consensus has emerged against the backdrop of increasing economic competition, and the dramatic reduction of military threats to national security with the end of the Cold War. This paper reviews the key factors and considerations that shaped - and continue to influence - the development of the Regional Technoloty Transfer Centers (RTTC) and the National Technology Transfer Center (NTTC). Also, the future role of the national network in support of emerging technology policy initiatives will be explored.

Cyber Threat Assessment of Uplink and Commanding System for Mission Operation

NASA Technical Reports Server (NTRS)

Ko, Adans Y.; Tan, Kymie M. C.; Cilloniz-Bicchi, Ferner; Faris, Grant

2014-01-01

Most of today's Mission Operations Systems (MOS) rely on Ground Data System (GDS) segment to mitigate cyber security risks. Unfortunately, IT security design is done separately from the design of GDS' mission operational capabilities. This incoherent practice leaves many security vulnerabilities in the system without any notice. This paper describes a new way to system engineering MOS, to include cyber threat risk assessments throughout the MOS development cycle, without this, it is impossible to design a dependable and reliable MOS to meet today's rapid changing cyber threat environment.

Maritime Security in the Gulf of Guinea Subregion: Threats, Challenges and Solutions

DTIC Science & Technology

2011-03-16

the GoG maritime domain. These threats adversely impact the socio-economic and political fabrics of most countries within the region. Poaching ...geographical location as well as environmental and demographic factors. Poaching , piracy, transnational crime, boundary disputes and environmental...and demographic factors. Poaching , piracy, transnational crime, boundary disputes and environmental degradation are common threats to security of the

Organizational Security Threats Related to Portable Data Storage Devices: Qualitative Exploratory Inquiry

ERIC Educational Resources Information Center

Cooper, Paul K.

2017-01-01

There has been a significant growth of portable devices capable of storing both personal data as well as sensitive organizational data. This growth of these portable devices has led to an increased threat of cyber-criminal activity. The purpose of this study was to gain a better understanding of security threats to the data assets of organizations…

Gulf Cooperation Council: search for security in the Persian Gulf

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kechichian, J.A.

1985-01-01

This study purports to analyze the conservative Arab monarchies' search for regional security in the Persian Gulf. It speculates on the GCC's future prospects as a vehicle of cooperation in the field of security. Threats to the member states of the GCC stem from the policies pursued by revolutionary Iran, Israel, the Soviet Union and its proxies, and a regime in Iraq. The proposition is developed that these sources of threat present an overwhelming challenge to the security and stability of GCC states. Second, it examines the capabilities of the GCC member states for coping with threats. Conceived broadly, bothmore » military and non-military capabilities are examined. Security relations of the GCC states with external powers as a means of enhancing their abilities to cope more effectively with both internal and external threats are examined. Particular attention is devoted to the domestic consequences of these special relations. Third, it discusses the GCC's reactions to perceived regional threats. These include the Iran-Iraq War, the Arab-Israeli conflict, the Soviet threat, and potential political sources of dissidence in member states. It is argued that although GCC states have adopted a number of joint policies, they did not respond to or initiate action on either the Iranian Revolution, the Palestine conflict, the Soviet occupation of Afghanistan, the Gulf war or the recent Israeli invasion of Lebanon.« less

Behavior-based network management: a unique model-based approach to implementing cyber superiority

NASA Astrophysics Data System (ADS)

Seng, Jocelyn M.

2016-05-01

Behavior-Based Network Management (BBNM) is a technological and strategic approach to mastering the identification and assessment of network behavior, whether human-driven or machine-generated. Recognizing that all five U.S. Air Force (USAF) mission areas rely on the cyber domain to support, enhance and execute their tasks, BBNM is designed to elevate awareness and improve the ability to better understand the degree of reliance placed upon a digital capability and the operational risk.2 Thus, the objective of BBNM is to provide a holistic view of the digital battle space to better assess the effects of security, monitoring, provisioning, utilization management, allocation to support mission sustainment and change control. Leveraging advances in conceptual modeling made possible by a novel advancement in software design and implementation known as Vector Relational Data Modeling (VRDM™), the BBNM approach entails creating a network simulation in which meaning can be inferred and used to manage network behavior according to policy, such as quickly detecting and countering malicious behavior. Initial research configurations have yielded executable BBNM models as combinations of conceptualized behavior within a network management simulation that includes only concepts of threats and definitions of "good" behavior. A proof of concept assessment called "Lab Rat," was designed to demonstrate the simplicity of network modeling and the ability to perform adaptation. The model was tested on real world threat data and demonstrated adaptive and inferential learning behavior. Preliminary results indicate this is a viable approach towards achieving cyber superiority in today's volatile, uncertain, complex and ambiguous (VUCA) environment.

Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM) in advanced metering infrastructure of smart grid

PubMed Central

Li, Yuancheng; Jing, Sitong

2018-01-01

Advanced Metering Infrastructure (AMI) realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can’t satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM) is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy. PMID:29485990

Effect of security threats on primary care access in Logar province, Afghanistan.

PubMed

Morikawa, Masahiro J

2008-01-01

Security threats are a major concern for access to health care in many war-torn communities; however, there is little quantified data on actual access to care in rural communities during war. Kinderberg International e.V. provided primary care in rural Logar province, Afghanistan, for these three years in eight districts until they were integrated into the new health care structure led by the Ministry of Health in early 2005. We examined the number of patients visiting our clinic before and during the security threats related to the parliamentary election and subsequent national assembly in 2004. The number of patients declined in remote clinics while the number increased in central locations. This finding has an important practical implication: the monitoring of access to care should include remote clinics, otherwise it may potentially underestimate compromised access to health care due to security threats.

Information Security Trends and Issues in the Moodle E-Learning Platform: An Ethnographic Content Analysis

ERIC Educational Resources Information Center

Schultz, Christopher

2012-01-01

Empirical research on information security trends and practices in e-learning is scarce. Many articles that have been published apply basic information security concepts to e-learning and list potential threats or propose frameworks for classifying threats. The purpose of this research is to identify, categorize and understand trends and issues in…

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

MEMS and MOEMS for national security applications

NASA Astrophysics Data System (ADS)

Scott, Marion W.

2003-01-01

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

A Lightweight White-Box Symmetric Encryption Algorithm against Node Capture for WSNs †

PubMed Central

Shi, Yang; Wei, Wujing; He, Zongjian

2015-01-01

Wireless Sensor Networks (WSNs) are often deployed in hostile environments and, thus, nodes can be potentially captured by an adversary. This is a typical white-box attack context, i.e., the adversary may have total visibility of the implementation of the build-in cryptosystem and full control over its execution platform. Handling white-box attacks in a WSN scenario is a challenging task. Existing encryption algorithms for white-box attack contexts require large memory footprint and, hence, are not applicable for wireless sensor networks scenarios. As a countermeasure against the threat in this context, in this paper, we propose a class of lightweight secure implementations of the symmetric encryption algorithm SMS4. The basic idea of our approach is to merge several steps of the round function of SMS4 into table lookups, blended by randomly generated mixing bijections. Therefore, the size of the implementations are significantly reduced while keeping the same security efficiency. The security and efficiency of the proposed solutions are theoretically analyzed. Evaluation shows our solutions satisfy the requirement of sensor nodes in terms of limited memory size and low computational costs. PMID:26007737

Wireless sensors and sensor networks for homeland security applications.

PubMed

Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

2012-11-01

New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

Threats and risks to information security: a practical analysis of free access wireless networks

NASA Astrophysics Data System (ADS)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

New Secure E-mail System Based on Bio-Chaos Key Generation and Modified AES Algorithm

NASA Astrophysics Data System (ADS)

Hoomod, Haider K.; Radi, A. M.

2018-05-01

The E-mail messages exchanged between sender’s Mailbox and recipient’s Mailbox over the open systems and insecure Networks. These messages may be vulnerable to eavesdropping and itself poses a real threat to the privacy and data integrity from unauthorized persons. The E-mail Security includes the following properties (Confidentiality, Authentication, Message integrity). We need a safe encryption algorithm to encrypt Email messages such as the algorithm Advanced Encryption Standard (AES) or Data Encryption Standard DES, as well as biometric recognition and chaotic system. The proposed E-mail system security uses modified AES algorithm and uses secret key-bio-chaos that consist of biometric (Fingerprint) and chaotic system (Lu and Lorenz). This modification makes the proposed system more sensitive and random. The execution time for both encryption and decryption of the proposed system is much less from original AES, in addition to being compatible with all Mail Servers.

Distributed Maritime Capability: Optimized U.S. Navy-U.S. Coast Guard Interoperability, a Case in the South China Sea

DTIC Science & Technology

2017-12-01

poses a threat to regional security and economic stability—major U.S. national interests. Distributed maritime capability is demonstrated by applying...regional security, economic stability, fisheries enforcement 15. NUMBER OF PAGES 95 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT...a dominant aggressor in the South China Sea that poses a threat to regional security and economic stability—major U.S. national interests

Safe teleradiology: information assurance as project planning methodology.

PubMed

Collmann, Jeff; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2005-01-01

The Georgetown University Medical Center Department of Radiology used a tailored version of OCTAVE, a self-directed information security risk assessment method, to design a teleradiology system that complied with the regulation implementing the security provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The system addressed threats to and vulnerabilities in the privacy and security of protected health information. By using OCTAVE, Georgetown identified the teleradiology program's critical assets, described threats to the assurance of those assets, developed and ran vulnerability scans of a system pilot, evaluated the consequences of security breaches, and developed a risk management plan to mitigate threats to program assets, thereby implementing good information assurance practices. This case study illustrates the basic point that prospective, comprehensive planning to protect the privacy and security of an information system strategically benefits program management as well as system security.

A Distributed Data Acquisition System for the Sensor Network of the TAWARA_RTM Project

NASA Astrophysics Data System (ADS)

Fontana, Cristiano Lino; Donati, Massimiliano; Cester, Davide; Fanucci, Luca; Iovene, Alessandro; Swiderski, Lukasz; Moretto, Sandra; Moszynski, Marek; Olejnik, Anna; Ruiu, Alessio; Stevanato, Luca; Batsch, Tadeusz; Tintori, Carlo; Lunardon, Marcello

This paper describes a distributed Data Acquisition System (DAQ) developed for the TAWARA_RTM project (TAp WAter RAdioactivity Real Time Monitor). The aim is detecting the presence of radioactive contaminants in drinking water; in order to prevent deliberate or accidental threats. Employing a set of detectors, it is possible to detect alpha, beta and gamma radiations, from emitters dissolved in water. The Sensor Network (SN) consists of several heterogeneous nodes controlled by a centralized server. The SN cyber-security is guaranteed in order to protect it from external intrusions and malicious acts. The nodes were installed in different locations, along the water treatment processes, in the waterworks plant supplying the aqueduct of Warsaw, Poland. Embedded computers control the simpler nodes, and are directly connected to the SN. Local-PCs (LPCs) control the more complex nodes that consist signal digitizers acquiring data from several detectors. The DAQ in the LPC is split in several processes communicating with sockets in a local sub-network. Each process is dedicated to a very simple task (e.g. data acquisition, data analysis, hydraulics management) in order to have a flexible and fault-tolerant system. The main SN and the local DAQ networks are separated by data routers to ensure the cyber-security.

Characterization of potential security threats in modern automobiles: a composite modeling approach

DOT National Transportation Integrated Search

2014-10-01

The primary objective of the work detailed in this report is to describe a composite modeling approach for potential cybersecurity threats in modern vehicles. Threat models, threat descriptions, and examples of various types of conceivable threats to...

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods

PubMed Central

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users’ security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users’ behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals’ awareness of the consequences of security threats. By comparing participants’ behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users’ security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones. PMID:28297719

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods.

PubMed

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users' security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users' behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals' awareness of the consequences of security threats. By comparing participants' behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users' security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones.

A Graph Analytic Metric for Mitigating Advanced Persistent Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Johnson, John R.; Hogan, Emilie A.

2013-06-04

This paper introduces a novel graph analytic metric that can be used to measure the potential vulnerability of a cyber network to specific types of attacks that use lateral movement and privilege escalation such as the well known Pass The Hash, (PTH). The metric is computed from an oriented subgraph of the underlying cyber network induced by selecting only those edges for which a given property holds between the two vertices of the edge. The metric with respect to a select node on the subgraph is defined as the likelihood that the select node is reachable from another arbitrary nodemore » in the graph. This metric can be calculated dynamically from the authorization and auditing layers during the network security authorization phase and will potentially enable predictive deterrence against attacks such as PTH.« less

Domestic Security Cooperation: A Unified Approach to Homeland Security and Defense

DTIC Science & Technology

2012-09-01

counter the threats to homeland security that included the Espionage Act of 1917 and the Sedition Act of 1918. National Defense Act of 1916...the threats to homeland security that included the Espionage Act of 1917 and the Sedition Act of 1918. The Espionage Act of 1917 outlawed interfering...years or both.”12 The Sedition Act of 1918 broadened this law by including the U.S. government and prohibited uttering, printing, writing, or

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

2015-01-01

NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector

DTIC Science & Technology

2005-06-01

as a computer fraud case investigated by the Secret Service. Each case was analyzed from a behavioral and a technical perspective to identify...insider threat and address the issue from an approach that draws on human resources, corporate security, and information security perspectives. The ... Secret Service National Threat Assessment Center and the CERT Coordination Center of Carnegie Mellon University’s Software Engineering Institute joined

The National Guard State Partnership Program and Regional Security in the Western Balkans

DTIC Science & Technology

2014-12-12

expand at the expense of its neighbors, or threaten regional peace and security. Today’s threats in the Western Balkans conceptually resemble the...general threats to the majority of governments in the EU, such as terrorism, arms and human trafficking, international criminal activities, and other...arms and human trafficking, international criminal activities, and other transnational threats . For stakeholders within the region as well as for

Coping with terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kerr, D.M.

1985-01-01

Terrorism has emerged as a tool of low-intensity conflict used to undermine Western and moderate governments. There is evidence that the US faces a new threshold of terrorist threat both at home and abroad because the tools are available, media attention is global and often undisciplined, and the motives for terrorist attack span a wide spectrum. The US has no internal consensus of how to respond to acts of terrorism. The goal of the terrorists is to erode faith in the government and the democratic system. The author analyzes the threat and examines opportunities for an adequate response. Among hismore » recommendations are to make infrastructure networks more robust and less vulnerable, the use of new technologies that enhance security, clear guidelines for intelligence gathering and analysis, specially trained response forces, and political moderation and cooperation.« less

Security Information and Event Management Tools and Insider Threat Detection

DTIC Science & Technology

2013-09-01

Orebaugh, A., Scholl , M., & Stine, K. (2011, September). Information security continuous monitoring (ISCM) for federal information systems and...E., Conway, T., Keverline, S., Williams , M., Capelli, D., Willke, B., & Moore, A. (2008, January). Insider threat study: illicit cyber activity in

Threat driven modeling framework using petri nets for e-learning system.

PubMed

Khamparia, Aditya; Pandey, Babita

2016-01-01

Vulnerabilities at various levels are main cause of security risks in e-learning system. This paper presents a modified threat driven modeling framework, to identify the threats after risk assessment which requires mitigation and how to mitigate those threats. To model those threat mitigations aspects oriented stochastic petri nets are used. This paper included security metrics based on vulnerabilities present in e-learning system. The Common Vulnerability Scoring System designed to provide a normalized method for rating vulnerabilities which will be used as basis in metric definitions and calculations. A case study has been also proposed which shows the need and feasibility of using aspect oriented stochastic petri net models for threat modeling which improves reliability, consistency and robustness of the e-learning system.

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks

PubMed Central

Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research. PMID:28135288

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks.

PubMed

Liu, Xin; Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks.

PubMed

Tang, Jiawei; Liu, Anfeng; Zhang, Jian; Xiong, Neal N; Zeng, Zhiwen; Wang, Tian

2018-03-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks

PubMed Central

Tang, Jiawei; Zhang, Jian; Zeng, Zhiwen; Wang, Tian

2018-01-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%. PMID:29494561

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education.

PubMed

Henriksen, Eva; Burkow, Tatjana M; Johnsen, Elin; Vognild, Lars K

2013-08-09

Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient's TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO's standard for information security risk management. A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy.

An Analysis of Automated Solutions for the Certification and Accreditation of Navy Medicine Information Assets

DTIC Science & Technology

2005-09-01

discovery of network security threats and vulnerabilities will be done by doing penetration testing during the C&A process. This can be done on a...2.1.1; Appendix E, J COBR -1 Protection of Backup and Restoration Assets Availability 1.3.1; 2.1.3; 2.1.7; 3.1; 4.3; Appendix J, M CODB-2 Data... discovery , inventory, scanning and loading of C&A information in its central database, (2) automatic generation of the SRTM , (3) automatic generation

Behavioral analysis of malicious code through network traffic and system call monitoring

NASA Astrophysics Data System (ADS)

Grégio, André R. A.; Fernandes Filho, Dario S.; Afonso, Vitor M.; Santos, Rafael D. C.; Jino, Mario; de Geus, Paulo L.

2011-06-01

Malicious code (malware) that spreads through the Internet-such as viruses, worms and trojans-is a major threat to information security nowadays and a profitable business for criminals. There are several approaches to analyze malware by monitoring its actions while it is running in a controlled environment, which helps to identify malicious behaviors. In this article we propose a tool to analyze malware behavior in a non-intrusive and effective way, extending the analysis possibilities to cover malware samples that bypass current approaches and also fixes some issues with these approaches.

After Globalization Future Security in a Technology Rich World

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gilmartin,T J

2001-08-17

Over the course of the year 2000, five workshops were conducted by the Center for Global Security Research at the Lawrence Livermore National Laboratory on threats to international security in the 2015 to 2020 timeframe due to the global availability of advanced technology. These workshops focused on threats that are enabled by nuclear, missile, and space technology; military technology; information technology; bio technology; and geo systems technology. The participants included US national leaders and experts from the Department of Energy National Laboratories; the Department of Defense: Army, Navy, Air Force, Office of the Secretary of Defense, Defense Threat Reduction Agency,more » and Defense Advanced Research Projects Agency; the Department of State, NASA, Congressional technical staff, the intelligence community, universities and university study centers, think tanks, consultants on security issues, and private industry. For each workshop the process of analysis involved identification and prioritization of the participants' perceived most severe threat scenarios (worst nightmares), discussion of the technologies which enabled those threats, and ranking of the technologies' threat potentials. The threats ranged from local/regional to global, from intentional to unintended to natural, from merely economic to massively destructive, and from individual and group to state actions. We were not concerned in this exercise with defining responses to the threats, although our assessment of each threat's severity included consideration of the ease or difficulty with which it might be executed or countered. At the concluding review, we brought the various workshops' participants together, added senior participant/reviewers with broad experience and national responsibility, and discussed the workshop findings to determine what is most certain or uncertain, and what might be needed to resolve our uncertainties. This paper summarizes the consenses and important variations of both the reviewers and the participants.« less

49 CFR 1544.303 - Bomb or air piracy threats.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Bomb or air piracy threats. 1544.303 Section 1544... AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.303 Bomb or air piracy threats. (a) Flight.... (d) Notification. Upon receipt of any bomb threat against the security of a flight or facility, or...

49 CFR 1544.303 - Bomb or air piracy threats.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 9 2012-10-01 2012-10-01 false Bomb or air piracy threats. 1544.303 Section 1544... AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.303 Bomb or air piracy threats. (a) Flight.... (d) Notification. Upon receipt of any bomb threat against the security of a flight or facility, or...

49 CFR 1544.303 - Bomb or air piracy threats.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 9 2011-10-01 2011-10-01 false Bomb or air piracy threats. 1544.303 Section 1544... AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.303 Bomb or air piracy threats. (a) Flight.... (d) Notification. Upon receipt of any bomb threat against the security of a flight or facility, or...

49 CFR 1544.303 - Bomb or air piracy threats.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Bomb or air piracy threats. 1544.303 Section 1544... AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.303 Bomb or air piracy threats. (a) Flight.... (d) Notification. Upon receipt of any bomb threat against the security of a flight or facility, or...

49 CFR 1544.303 - Bomb or air piracy threats.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 9 2013-10-01 2013-10-01 false Bomb or air piracy threats. 1544.303 Section 1544... AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.303 Bomb or air piracy threats. (a) Flight.... (d) Notification. Upon receipt of any bomb threat against the security of a flight or facility, or...

The MAGTF’s Reliance on the Global Positioning System: A Critical Vulnerability

DTIC Science & Technology

2013-05-02

Reference&ItemId=+++1 499015&Pubabbrev=JC4IJ 45 “AURA Mobile Communications GPS/ WiFi Jammer”, Jane’s Police and Homeland Security Equipment, last...securityaffairs.co/wordpress/2845/ hacking /gps-spoofing- old-threat-and-new-problems.html 52“GPS Spoofing, Old Threat and New Problems”, Pierluigi...Paganini, Security Affairs, last modified February 23, 2012, http://securityaffairs.co/wordpress/2845/ hacking /gps-spoofing- old-threat-and-new

Failure Impact Analysis of Key Management in AMI Using Cybernomic Situational Assessment (CSA)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Hauser, Katie R

2013-01-01

In earlier work, we presented a computational framework for quantifying the security of a system in terms of the average loss a stakeholder stands to sustain as a result of threats to the system. We named this system, the Cyberspace Security Econometrics System (CSES). In this paper, we refine the framework and apply it to cryptographic key management within the Advanced Metering Infrastructure (AMI) as an example. The stakeholders, requirements, components, and threats are determined. We then populate the matrices with justified values by addressing the AMI at a higher level, rather than trying to consider every piece of hardwaremore » and software involved. We accomplish this task by leveraging the recently established NISTR 7628 guideline for smart grid security. This allowed us to choose the stakeholders, requirements, components, and threats realistically. We reviewed the literature and selected an industry technical working group to select three representative threats from a collection of 29 threats. From this subset, we populate the stakes, dependency, and impact matrices, and the threat vector with realistic numbers. Each Stakeholder s Mean Failure Cost is then computed.« less

EMP Threats to US National Security: Congressional Responses

NASA Astrophysics Data System (ADS)

Huessy, Peter

2011-04-01

The US Congress is considering how best to respond to concerns that EMP is a real and present danger to US security. The threats come from a variety of areas: solar storms, non-nuclear EMP from man-made machines and devices; and nuclear EMP from a nuclear device exploded above CONUS or other critical areas important to the United States and its allies. Responses have to date included passage in the House of legislation to protect the electrical grid in the United States from such threats and hearings before the Homeland Security Committee. Additional efforts include examining missile defense responses, protection of the maritime domain, and hardening of US military and related civilian infrastructure. The House of Representatives has also examined what Europe, the European Union and NATO, both government and private industry, have done in these areas. Complicating matters are related issues of cyber-security and overall homeland security priorities.

Overcoming the challenges of secure mobile applications for network-centric, data-sensitive applications

NASA Astrophysics Data System (ADS)

Farroha, Bassam; Farroha, Deborah

2012-05-01

Gaining the competitive advantage in today's aggressive environment requires our corporate leaders and Warfighters alike to be armed with up-to-date knowledge related to friendly and opposing forces. This knowledge has to be delivered in real-time between the core enterprise and tactical/mobile units at the edge. The type and sensitivity of data delivered will vary depending on users, threat level and current rules of dissemination. This paper will describe the mobile security management that basis access rights on positive identification of user, authenticating the user and the edge device. Next, Access Management is granted on a fine grain basis where each data element is tagged with meta-data that is crypto-bound to the data itself to ensure authenticity of contents and observance of data sensitivity.

Seven layers of security to help protect biomedical research facilities.

PubMed

Mortell, Norman

2010-04-01

In addition to risks such as theft and fire that can confront any type of business, the biomedical research community often faces additional concerns over animal rights extremists, infiltrations, data security and intellectual property rights. Given these concerns, it is not surprising that the industry gives a high priority to security. This article identifies security threats faced by biomedical research companies and shows how these threats are ranked in importance by industry stakeholders. The author then goes on to discuss seven key 'layers' of security, from the external environment to the research facility itself, and how these layers all contribute to the creation of a successfully secured facility.

Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme.

PubMed

Zhu, Hui; Gao, Lijuan; Li, Hui

2016-02-01

With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users' personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users' query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC) for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users' queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs.

Secure and Privacy-Preserving Body Sensor Data Collection and Query Scheme

PubMed Central

Zhu, Hui; Gao, Lijuan; Li, Hui

2016-01-01

With the development of body sensor networks and the pervasiveness of smart phones, different types of personal data can be collected in real time by body sensors, and the potential value of massive personal data has attracted considerable interest recently. However, the privacy issues of sensitive personal data are still challenging today. Aiming at these challenges, in this paper, we focus on the threats from telemetry interface and present a secure and privacy-preserving body sensor data collection and query scheme, named SPCQ, for outsourced computing. In the proposed SPCQ scheme, users’ personal information is collected by body sensors in different types and converted into multi-dimension data, and each dimension is converted into the form of a number and uploaded to the cloud server, which provides a secure, efficient and accurate data query service, while the privacy of sensitive personal information and users’ query data is guaranteed. Specifically, based on an improved homomorphic encryption technology over composite order group, we propose a special weighted Euclidean distance contrast algorithm (WEDC) for multi-dimension vectors over encrypted data. With the SPCQ scheme, the confidentiality of sensitive personal data, the privacy of data users’ queries and accurate query service can be achieved in the cloud server. Detailed analysis shows that SPCQ can resist various security threats from telemetry interface. In addition, we also implement SPCQ on an embedded device, smart phone and laptop with a real medical database, and extensive simulation results demonstrate that our proposed SPCQ scheme is highly efficient in terms of computation and communication costs. PMID:26840319

Insider Threat and Information Security Management

NASA Astrophysics Data System (ADS)

Coles-Kemp, Lizzie; Theoharidou, Marianthi

The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

Technologies to counter aviation security threats

NASA Astrophysics Data System (ADS)

Karoly, Steve

2017-11-01

The Aviation and Transportation Security Act (ATSA) makes TSA responsible for security in all modes of transportation, and requires that TSA assess threats to transportation, enforce security-related regulations and requirements, and ensure the adequacy of security measures at airports and other transportation facilities. Today, TSA faces a significant challenge and must address a wide range of commercial, military grade, and homemade explosives and these can be presented in an infinite number of configurations and from multiple vectors. TSA screens 2 million passengers and crew, and screens almost 5 million carry-on items and 1.2 million checked bags daily. As TSA explores new technologies for improving efficiency and security, those on the forefront of research and development can help identify unique and advanced methods to combat terrorism. Research and Development (R&D) drives the development of future technology investments that can address an evolving adversary and aviation threat. The goal is to rethink the aviation security regime in its entirety, and rather than focusing security at particular points in the enterprise, distribute security from the time a reservation is made to the time a passenger boards the aircraft. The ultimate objective is to reengineer aviation security from top to bottom with a continued focus on increasing security throughout the system.

THREAT ANTICIPATION AND DECEPTIVE REASONING USING BAYESIAN BELIEF NETWORKS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Allgood, Glenn O; Olama, Mohammed M; Lake, Joe E

Recent events highlight the need for tools to anticipate threats posed by terrorists. Assessing these threats requires combining information from disparate data sources such as analytic models, simulations, historical data, sensor networks, and user judgments. These disparate data can be combined in a coherent, analytically defensible, and understandable manner using a Bayesian belief network (BBN). In this paper, we develop a BBN threat anticipatory model based on a deceptive reasoning algorithm using a network engineering process that treats the probability distributions of the BBN nodes within the broader context of the system development process.

Interfacing a biosurveillance portal and an international network of institutional analysts to detect biological threats.

PubMed

Riccardo, Flavia; Shigematsu, Mika; Chow, Catherine; McKnight, C Jason; Linge, Jens; Doherty, Brian; Dente, Maria Grazia; Declich, Silvia; Barker, Mike; Barboza, Philippe; Vaillant, Laetitia; Donachie, Alastair; Mawudeku, Abla; Blench, Michael; Arthur, Ray

2014-01-01

The Early Alerting and Reporting (EAR) project, launched in 2008, is aimed at improving global early alerting and risk assessment and evaluating the feasibility and opportunity of integrating the analysis of biological, chemical, radionuclear (CBRN), and pandemic influenza threats. At a time when no international collaborations existed in the field of event-based surveillance, EAR's innovative approach involved both epidemic intelligence experts and internet-based biosurveillance system providers in the framework of an international collaboration called the Global Health Security Initiative, which involved the ministries of health of the G7 countries and Mexico, the World Health Organization, and the European Commission. The EAR project pooled data from 7 major internet-based biosurveillance systems onto a common portal that was progressively optimized for biological threat detection under the guidance of epidemic intelligence experts from public health institutions in Canada, the European Centre for Disease Prevention and Control, France, Germany, Italy, Japan, the United Kingdom, and the United States. The group became the first end users of the EAR portal, constituting a network of analysts working with a common standard operating procedure and risk assessment tools on a rotation basis to constantly screen and assess public information on the web for events that could suggest an intentional release of biological agents. Following the first 2-year pilot phase, the EAR project was tested in its capacity to monitor biological threats, proving that its working model was feasible and demonstrating the high commitment of the countries and international institutions involved. During the testing period, analysts using the EAR platform did not miss intentional events of a biological nature and did not issue false alarms. Through the findings of this initial assessment, this article provides insights into how the field of epidemic intelligence can advance through an international network and, more specifically, how it was further developed in the EAR project.

Interfacing a Biosurveillance Portal and an International Network of Institutional Analysts to Detect Biological Threats

PubMed Central

Shigematsu, Mika; Chow, Catherine; McKnight, C. Jason; Linge, Jens; Doherty, Brian; Dente, Maria Grazia; Declich, Silvia; Barker, Mike; Barboza, Philippe; Vaillant, Laetitia; Donachie, Alastair; Mawudeku, Abla; Blench, Michael; Arthur, Ray

2014-01-01

The Early Alerting and Reporting (EAR) project, launched in 2008, is aimed at improving global early alerting and risk assessment and evaluating the feasibility and opportunity of integrating the analysis of biological, chemical, radionuclear (CBRN), and pandemic influenza threats. At a time when no international collaborations existed in the field of event-based surveillance, EAR's innovative approach involved both epidemic intelligence experts and internet-based biosurveillance system providers in the framework of an international collaboration called the Global Health Security Initiative, which involved the ministries of health of the G7 countries and Mexico, the World Health Organization, and the European Commission. The EAR project pooled data from 7 major internet-based biosurveillance systems onto a common portal that was progressively optimized for biological threat detection under the guidance of epidemic intelligence experts from public health institutions in Canada, the European Centre for Disease Prevention and Control, France, Germany, Italy, Japan, the United Kingdom, and the United States. The group became the first end users of the EAR portal, constituting a network of analysts working with a common standard operating procedure and risk assessment tools on a rotation basis to constantly screen and assess public information on the web for events that could suggest an intentional release of biological agents. Following the first 2-year pilot phase, the EAR project was tested in its capacity to monitor biological threats, proving that its working model was feasible and demonstrating the high commitment of the countries and international institutions involved. During the testing period, analysts using the EAR platform did not miss intentional events of a biological nature and did not issue false alarms. Through the findings of this initial assessment, this article provides insights into how the field of epidemic intelligence can advance through an international network and, more specifically, how it was further developed in the EAR project. PMID:25470464

Spot Rare Occurrences More Frequently by Lessening Inattentional Blindness

DTIC Science & Technology

2013-04-29

with weapon slip through airport security , not hearing a siren when driving conditions are complicated by fog, or not seeing explosives on a truck...awareness of potential actual threats has been implemented in airport security for several years. The effectiveness of this Threat Image Projection

8 CFR 212.1 - Documentary requirements for nonimmigrants.

Code of Federal Regulations, 2010 CFR

2010-01-01

... special humanitarian concern; and (iv) Poses no threat to the welfare, safety or security of the United States, its territories, or commonwealths. Any potential threats to the welfare, safety, or security of...) of this section: Australia, Brunei, Indonesia, Japan, Malaysia, Nauru, New Zealand, Papua New Guinea...

Autonomous bio-chemical decontaminator (ABCD) against weapons of mass destruction

NASA Astrophysics Data System (ADS)

Hyacinthe, Berg P.

2006-05-01

The proliferation of weapons of mass destruction (WMD) and the use of such elements pose an eminent asymmetric threat with disastrous consequences to the national security of any nation. In particular, the use of biochemical warfare agents against civilians and unprotected troops in international conflicts or by terrorists against civilians is considered as a very peculiar threat. Accordingly, taking a quarantine-before-inhalation approach to biochemical warfare, the author introduces the notion of autonomous biochemical decontamination against WMD. In the unfortunate event of a biochemical attack, the apparatus proposed herein is intended to automatically detect, identify, and more importantly neutralize a biochemical threat. Along with warnings concerning a cyber-WMD nexus, various sections cover discussions on human senses and computer sensors, corroborating evidence related to detection and neutralization of chemical toxins, and cyber-assisted olfaction in stand alone, peer-to-peer, and network settings. In essence, the apparatus can be used in aviation and mass transit security to initiate mass decontamination by dispersing a decontaminant aerosol or to protect the public water supply against a potential bioterrorist attack. Future effort may involve a system-on-chip (SoC) embodiment of this apparatus that allows a safer environment for the emerging phenomenon of cyber-assisted olfaction and morph cell phones into ubiquitous sensors/decontaminators. Although this paper covers mechanisms and protocols to avail a neutralizing substance, further research will need to explore the substance's various pharmacological profiles and potential side effects.

Public views on multiple dimensions of security : nuclear waepons, terrorism, energy, and the environment : 2007.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Herron, Kerry Gale; Jenkins-Smith, Hank C.

2008-01-01

We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support formore » domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.« less

An overview of computer viruses in a research environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1991-01-01

The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically threats aimed at subverting computer security. Here, computer viruses are examined as a malicious logic in a research and development environment. A relation is drawn between the viruses and various models of security and integrity. Current research techniques aimed at controlling the threats posed to computer systems by threatening viruses in particular and malicious logic in general are examined. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

Risk analysis of information security in a mobile instant messaging and presence system for healthcare.

PubMed

Bønes, Erlend; Hasvold, Per; Henriksen, Eva; Strandenaes, Thomas

2007-09-01

Instant messaging (IM) is suited for immediate communication because messages are delivered almost in real time. Results from studies of IM use in enterprise work settings make us believe that IM based services may prove useful also within the healthcare sector. However, today's public instant messaging services do not have the level of information security required for adoption of IM in healthcare. We proposed MedIMob, our own architecture for a secure enterprise IM service for use in healthcare. MedIMob supports IM clients on mobile devices in addition to desktop based clients. Security threats were identified in a risk analysis of the MedIMob architecture. The risk analysis process consists of context identification, threat identification, analysis of consequences and likelihood, risk evaluation, and proposals for risk treatment. The risk analysis revealed a number of potential threats to the information security of a service like this. Many of the identified threats are general when dealing with mobile devices and sensitive data; others are threats which are more specific to our service and architecture. Individual threats identified in the risks analysis are discussed and possible counter measures presented. The risk analysis showed that most of the proposed risk treatment measures must be implemented to obtain an acceptable risk level; among others blocking much of the additional functionality of the smartphone. To conclude on the usefulness of this IM service, it will be evaluated in a trial study of the human-computer interaction. Further work also includes an improved design of the proposed MedIMob architecture. 2006 Elsevier Ireland Ltd

SPCC- Software Elements for Security Partition Communication Controller

NASA Astrophysics Data System (ADS)

Herpel, H. J.; Willig, G.; Montano, G.; Tverdyshev, S.; Eckstein, K.; Schoen, M.

2016-08-01

Future satellite missions like Earth Observation, Telecommunication or any other kind are likely to be exposed to various threats aiming at exploiting vulnerabilities of the involved systems and communications. Moreover, the growing complexity of systems coupled with more ambitious types of operational scenarios imply increased security vulnerabilities in the future. In the paper we will describe an architecture and software elements to ensure high level of security on-board a spacecraft. First the threats to the Security Partition Communication Controller (SPCC) will be addressed including the identification of specific vulnerabilities to the SPCC. Furthermore, appropriate security objectives and security requirements are identified to be counter the identified threats. The security evaluation of the SPCC will be done in accordance to the Common Criteria (CC). The Software Elements for SPCC has been implemented on flight representative hardware which consists of two major elements: the I/O board and the SPCC board. The SPCC board provides the interfaces with ground while the I/O board interfaces with typical spacecraft equipment busses. Both boards are physically interconnected by a high speed spacewire (SpW) link.

Technical solutions for mitigating security threats caused by health professionals in clinical settings.

PubMed

Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

2015-08-01

The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

Analysis of CSIRT/SOC Incidents and Continuous Monitoring of Threats

NASA Technical Reports Server (NTRS)

Wang, John; Ishisoko, Katsutoshi C.

2012-01-01

Security Operations Centers (SOC) contain a wealth of data which, if properly classified and tagged upfront, can yield a wealth of real-time information about your organizations IT Security posture, risks, and threats. These include answers to relevant and actionable questions such as: What are our biggest threats? Who is attacking us and what do they want? What controls are working or not working? How effective was the new technology we just implemented? What is our ROI?

EVALUATION OF WATER MONITORING INSTRUMENTATION AT EPA'S WATER AWARENESS TECHNOLOGY EVALUATION RESEARCH SECURITY CENTER

EPA Science Inventory

The safety and security of distribution systems has come under reassessment in the past year. Several chemical and biological agents have been identified that might constitute a credible threat against water supply systems. There have also been a few reported threats against wate...

49 CFR 1572.9 - Applicant information required for HME security threat assessment.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... (13) Passport number. This information is voluntary and may expedite the adjudication process for... information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born... adjudication process for applicants who have completed a TSA security threat assessment. (16) Whether the...

28 CFR 540.15 - Restricted general correspondence.

Code of Federal Regulations, 2010 CFR

2010-07-01

... proposed correspondent would be a threat to the security or good order of the institution, or that the... without paying for the subscription; (3) Being a security risk; (4) Threatening a government official; or... the correspondent is involved in any violation of correspondence regulations, or would be a threat to...

Securing Real-Time Sessions in an IMS-Based Architecture

NASA Astrophysics Data System (ADS)

Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

Counter-Intelligence as a Chaotic Phenomenon and Its Importance in National Security

NASA Astrophysics Data System (ADS)

Kuloğlu, Gökhan; Gül, Zakir; Erçetin, Şefika Şule

In today's rapidly changing globalized world, remarkably fast and important developments have been faced in the area of national security as in almost all other areas. Advancements in communication and transportation technologies have removed physical boundaries almost completely. National security institutions now have to fight against new and complicated security threats that go beyond the boundaries such as organized crimes and terror crimes. These ever-changing threats and dangerous environment which become more and more complex every single day force nations to review their current security structures and to take new and effective measures in the required areas in order to ensure their national security. As a matter of fact, counter-intelligence, which was quite important due to the frequency of spying acts during the Cold War but lost its importance after the Cold War had ended, has been one of these measures. Today, counterintelligence has once again become one of the most important functions in the fight against national security threats with changing dimensions. It is only possible for a nation to ensure its national security fully by having not only a defensive and passive approach but also offensive counter-intelligence.

Mobile Device Security: Perspectives of Future Healthcare Workers

PubMed Central

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients’ protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students’ perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants’ perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority. PMID:28566992

Mobile Device Security: Perspectives of Future Healthcare Workers.

PubMed

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients' protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students' perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants' perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority.

Managing the Aviation Insider Threat

DTIC Science & Technology

2010-12-01

World Airport NSAS National Strategy for Aviation Security OIS Office of Intelligence SIDA Security Identification Display Area STA Security...Security of the secured area”, 1542.205, “Security of the security identification display area ( SIDA )”, and 1542.209, “Fingerprint-based criminal

The Dissemination of Terrorist Threat Information: Who Should Be Warned

DTIC Science & Technology

1990-05-01

within the Government that should be receiving more attention. ENDNOTES 1. U.S., Cong., House, Committee on Foreign Affairs, Foreign Airport Security , Hearing...A16. 3. U.S., Cong., House, Committee on Foreign Affairs, Foreign Airport Security , 55. For additional information on the threat and other related...Journal, 30 January 1989: A14. 8. U.S., Cong., House, Committee on Foreign Affairs, Foreign Airport Security , 55. 9. U.S., Cong., Senate, Committee on

Data Hemorrhages in the Health-Care Sector

NASA Astrophysics Data System (ADS)

Johnson, M. Eric

Confidential data hemorrhaging from health-care providers pose financial risks to firms and medical risks to patients. We examine the consequences of data hemorrhages including privacy violations, medical fraud, financial identity theft, and medical identity theft. We also examine the types and sources of data hemorrhages, focusing on inadvertent disclosures. Through an analysis of leaked files, we examine data hemorrhages stemming from inadvertent disclosures on internet-based file sharing networks. We characterize the security risk for a group of health-care organizations using a direct analysis of leaked files. These files contained highly sensitive medical and personal information that could be maliciously exploited by criminals seeking to commit medical and financial identity theft. We also present evidence of the threat by examining user-issued searches. Our analysis demonstrates both the substantial threat and vulnerability for the health-care sector and the unique complexity exhibited by the US health-care system.

Cyber-security Considerations for Real-Time Physiological Status Monitoring: Threats, Goals, and Use Cases

DTIC Science & Technology

2016-11-01

low- power RF transmissions used by the OBAN system. B. Threat Analysis Methodology To analyze the risk presented by a particular threat we use a... power efficiency5 and in the absolute worst case a compromise of the wireless channel could result in death. Fitness trackers on the other hand are...analysis is intended to inform the development of secure RT-PSM architectures. I. INTRODUCTION The development of very low- power computing devices and

Dogs That Haven't Barked: Towards an Understanding of the Absence of Expected Technological Threats Workshop Bibliography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roseman, Mallory; Zikry, Fareeda

Lawrence Livermore National Laboratory’s Center for Global Security Research hosted a workshop to investigate why some consistently predicted threats from science and technology (S&T) have not manifested with the impacts to international security as forecasted. During the workshop, “Dogs That Haven’t Barked: Towards an Understanding of the Absence of Expected Technological Threats,” participants used two specific cases to focus the discussion: biotechnology and man-portable air defense systems (MANPADS).

A comprehensive approach to managing threats of violence on a university or college campus.

PubMed

Regehr, Cheryl; Glancy, Graham D; Carter, Andrea; Ramshaw, Lisa

Horrifying, high profile acts of violence on campuses remain relatively rare, nevertheless, academic administrators are required to manage threats of violence on campus on an increasingly regular basis. These threats take two primary forms, those in which the perpetrator and the intended victim(s) are clearly identified, often involving repeated threats and threatening behaviour towards an individual; and those involving anonymous threats to commit acts of larger scale violence. Complicating factors in managing these threats include: fear contagion; mass media and social media attention; responsibilities to all members of the university community sometimes including individuals issuing the threat and the intended victims; demands for safety and security measures that are often at odds with professional advice; and permeable campus boundaries that cause security challenges. This paper considers the changing landscape of threat assessment and risk assessment on university and college campuses and suggests opportunities for partnerships between forensic mental health professionals and academic administrators. Copyright © 2017 Elsevier Ltd. All rights reserved.

Characterization of computer network events through simultaneous feature selection and clustering of intrusion alerts

NASA Astrophysics Data System (ADS)

Chen, Siyue; Leung, Henry; Dondo, Maxwell

2014-05-01

As computer network security threats increase, many organizations implement multiple Network Intrusion Detection Systems (NIDS) to maximize the likelihood of intrusion detection and provide a comprehensive understanding of intrusion activities. However, NIDS trigger a massive number of alerts on a daily basis. This can be overwhelming for computer network security analysts since it is a slow and tedious process to manually analyse each alert produced. Thus, automated and intelligent clustering of alerts is important to reveal the structural correlation of events by grouping alerts with common features. As the nature of computer network attacks, and therefore alerts, is not known in advance, unsupervised alert clustering is a promising approach to achieve this goal. We propose a joint optimization technique for feature selection and clustering to aggregate similar alerts and to reduce the number of alerts that analysts have to handle individually. More precisely, each identified feature is assigned a binary value, which reflects the feature's saliency. This value is treated as a hidden variable and incorporated into a likelihood function for clustering. Since computing the optimal solution of the likelihood function directly is analytically intractable, we use the Expectation-Maximisation (EM) algorithm to iteratively update the hidden variable and use it to maximize the expected likelihood. Our empirical results, using a labelled Defense Advanced Research Projects Agency (DARPA) 2000 reference dataset, show that the proposed method gives better results than the EM clustering without feature selection in terms of the clustering accuracy.

Nuclear and radiological Security: Introduction.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miller, James Christopher

Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of themore » various entities involved in nuclear security.« less

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education

PubMed Central

2013-01-01

Background Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient’s TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Methods Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO’s standard for information security risk management. Results A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Conclusions Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy. PMID:23937965

Emergency Management Standards for NCAA Division I-A Football Stadia

ERIC Educational Resources Information Center

Hoogstra, Joshua R.

2012-01-01

In the best of times, emergency managers of athletic event venues struggle with the responsibilities of venue security. The possibility of terrorist threats exacerbates the situation, especially when security threats can involve a critical mass of spectators at an event. Emergency managers at the National Collegiate Athletic Association (NCAA)…

Relationship between Trustworthiness, Transparency, and Security in Cloud Computing Environments: A Regression Analysis

ERIC Educational Resources Information Center

Ibrahim, Sara

2017-01-01

The insider security threat causes new and dangerous dimensions in cloud computing. Those internal threats are originated from contractors or the business partners' input that have access to the systems. A study of trustworthiness and transparency might assist the organizations to monitor employees' activity more cautiously on cloud technologies…

Piracy and Maritime Terrorism; A Seamless Transition

DTIC Science & Technology

2004-05-18

1/.html>. [24 April 2004]. Cropley , Ed. “Asia eyes sea security after threats, US warning.” Reuters. 22 Apr 2004. <http://www.marketnewzealand.com...stm>. ii Ed Cropley , “Asia eyes sea security after threats, US warning,” Reuters, 22 Apr 2004. <http://www.marketnewzealand.com/mnz/News/Story.aspx

An evaluation of security measures implemented to address physical threats to water infrastructure in the state of Mississippi.

PubMed

Barrett, Jason R; French, P Edward

2013-01-01

The events of September 11, 2001, increased and intensified domestic preparedness efforts in the United States against terrorism and other threats. The heightened focus on protecting this nation's critical infrastructure included legislation requiring implementation of extensive new security measures to better defend water supply systems against physical, chemical/biological, and cyber attacks. In response, municipal officials have implemented numerous safeguards to reduce the vulnerability of these systems to purposeful intrusions including ongoing vulnerability assessments, extensive personnel training, and highly detailed emergency response and communication plans. This study evaluates fiscal year 2010 annual compliance assessments of public water systems with security measures that were implemented by Mississippi's Department of Health as a response to federal requirements to address these potential terrorist threats to water distribution systems. The results show that 20 percent of the water systems in this state had at least one security violation on their 2010 Capacity Development Assessment, and continued perseverance from local governments is needed to enhance the resiliency and robustness of these systems against physical threats.

Information Security Risk Assessment in Hospitals.

PubMed

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies.

Providing integrity, authenticity, and confidentiality for header and pixel data of DICOM images.

PubMed

Al-Haj, Ali

2015-04-01

Exchange of medical images over public networks is subjected to different types of security threats. This has triggered persisting demands for secured telemedicine implementations that will provide confidentiality, authenticity, and integrity for the transmitted images. The medical image exchange standard (DICOM) offers mechanisms to provide confidentiality for the header data of the image but not for the pixel data. On the other hand, it offers mechanisms to achieve authenticity and integrity for the pixel data but not for the header data. In this paper, we propose a crypto-based algorithm that provides confidentially, authenticity, and integrity for the pixel data, as well as for the header data. This is achieved by applying strong cryptographic primitives utilizing internally generated security data, such as encryption keys, hashing codes, and digital signatures. The security data are generated internally from the header and the pixel data, thus a strong bond is established between the DICOM data and the corresponding security data. The proposed algorithm has been evaluated extensively using DICOM images of different modalities. Simulation experiments show that confidentiality, authenticity, and integrity have been achieved as reflected by the results we obtained for normalized correlation, entropy, PSNR, histogram analysis, and robustness.

Bridging the health security divide: department of defense support for the global health security agenda.

PubMed

Moudy, Robin M; Ingerson-Mahar, Michael; Kanter, Jordan; Grant, Ashley M; Fisher, Dara R; Jones, Franca R

2014-01-01

In 2011, President Obama addressed the United Nations General Assembly and urged the global community to come together to prevent, detect, and fight every kind of biological danger, whether a pandemic, terrorist threat, or treatable disease. Over the past decade, the United States and key international partners have addressed these dangers through a variety of programs and strategies aimed at developing and enhancing countries' capacity to rapidly detect, assess, report, and respond to acute biological threats. Despite our collective efforts, however, an increasingly interconnected world presents heightened opportunities for human, animal, and zoonotic diseases to emerge and spread globally. Further, the technical capabilities required to develop biological agents into a weapon are relatively low. The launch of the Global Health Security Agenda (GHSA) provides an opportunity for the international community to enhance the linkages between the health and security sectors, accelerating global efforts to prevent avoidable epidemics and bioterrorism, detect threats early, and respond rapidly and effectively to biological threats. The US Department of Defense (DoD) plays a key role in achieving GHSA objectives through its force health protection, threat reduction, and biodefense efforts at home and abroad. This article focuses on GHSA activities conducted in the DoD Office of the Assistant Secretary of Defense for Nuclear, Chemical, and Biological Defense.

78 FR 57800 - Medicare Program; Obtaining Final Medicare Secondary Payer Conditional Payment Amounts via Web...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-20

... of facilities or network(s); terror threats; strikes and similar labor actions; civil unrest... network(s). (3) Terror threats; strikes and similar labor actions. (4) Civil unrest, uprising or riot. (5...

33 CFR 105.255 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and facilities; (4) Granting access to only those responding to the security incident or threat... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.255 Security...

Security Analysis of Selected AMI Failure Scenarios Using Agent Based Game Theoretic Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T

Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the Advanced Metering Infrastructure (AMI) functional domain which the National Electric Sector Cyber security Organization Resource (NESCOR) working group has currently documented 29 failure scenarios. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain. From thesemore » five selected scenarios, we characterize them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrates how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Stand Up and Be Counted: The Continuing Challenge of Building the Iraqi Security Forces

DTIC Science & Technology

2007-01-01

forces in conjunction with neutralizing Iraq’s insurgency and developing Iraqi forces capable of securing the country . From the fall of 2003...effort to develop the Iraqi Security Forces (ISF), we cannot assess the operational capability of these forces. We are actually left with more...First we trained the army for threats from outside the country . But we realized the true threats were inside the country …. It’s the Iraqis

Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

PubMed

Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

2013-06-01

To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

Securing internet by eliminating DDOS attacks

NASA Astrophysics Data System (ADS)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Securitizing the Arctic indigenous peoples: A community security perspective with special reference to the Sámi of the European high north

NASA Astrophysics Data System (ADS)

Hossain, Kamrul

2016-09-01

The theory of securitization-the so-called Copenhagen school-centers the concept of security on various identified threats. Security based on the collective identity by which a society preserves its essential characteristics has been defined as community security, or societal security. The underlying principle of the Copenhagen school is that state-based, sovereignty-oriented security is ineffective unless the other components of security threats are addressed. The concept of human security, developed nearly simultaneously to that of securitization, identifies threat components at the sub-state level which are not traditionally understood as security concerns. Both schools of security thought are similar as they offer nontraditional approaches to understanding the concept of security. In this article, I explore securitization theory and the concept of human security to elaborate community perspectives in the understanding of security. In a case study, I investigate the security concerns of the indigenous peoples of the Arctic. The transformation of the Arctic by climate change and its impacts has resulted in new challenges and opportunities, so I explore how indigenous peoples in general and the Sámi in particular understand security which promotes their societal security. Although I show that this group of people deserves recognition and the ability to exercise greater authority, I conclude that diverse concepts of security do not by any means undermine the core traditional concept of security. These aspects of security remain subject to scrutiny by states and exist in a vertical structure. The Sámi, therefore, rely on affirmative actions by states to enjoy greater rights to maintain their community security.

Bigdata Driven Cloud Security: A Survey

NASA Astrophysics Data System (ADS)

Raja, K.; Hanifa, Sabibullah Mohamed

2017-08-01

Cloud Computing (CC) is a fast-growing technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Recently, it has been observed that massive growth in the scale of data or big data generated through cloud computing. CC consists of a front-end, includes the users’ computers and software required to access the cloud network, and back-end consists of various computers, servers and database systems that create the cloud. In SaaS (Software as-a-Service - end users to utilize outsourced software), PaaS (Platform as-a-Service-platform is provided) and IaaS (Infrastructure as-a-Service-physical environment is outsourced), and DaaS (Database as-a-Service-data can be housed within a cloud), where leading / traditional cloud ecosystem delivers the cloud services become a powerful and popular architecture. Many challenges and issues are in security or threats, most vital barrier for cloud computing environment. The main barrier to the adoption of CC in health care relates to Data security. When placing and transmitting data using public networks, cyber attacks in any form are anticipated in CC. Hence, cloud service users need to understand the risk of data breaches and adoption of service delivery model during deployment. This survey deeply covers the CC security issues (covering Data Security in Health care) so as to researchers can develop the robust security application models using Big Data (BD) on CC (can be created / deployed easily). Since, BD evaluation is driven by fast-growing cloud-based applications developed using virtualized technologies. In this purview, MapReduce [12] is a good example of big data processing in a cloud environment, and a model for Cloud providers.

SDN-based path hopping communication against eavesdropping attack

NASA Astrophysics Data System (ADS)

Zhang, Chuanhao; Bu, Youjun; Zhao, Zheng

2016-10-01

Network eavesdropping is one of the most popular means used by cyber attackers, which has been a severe threat to network communication security. Adversaries could capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as username and password etc. Traditional network usually uses static network configuration, and existing defense methods, including firewall, IDS, IPS etc., cannot prevent eavesdropping, which has no distinguishing characteristic. Network eavesdropping become silent during most of the time of the attacking process, which is why it is difficult to discover and to defend. But A successful eavesdropping attack also has its' precondition, which is the target path should be relatively stable and has enough time of duration. So, In order to resolve this problem, it has to work on the network architecture. In this paper, a path hopping communication(PHC) mechanism based on Software Define Network (SDN) was proposed to solve this problem. In PHC, Ends in communication packets as well as the routing paths were changed dynamically. Therefore, the traffic would be distributed to multiple flows and transmitted along different paths. so that Network eavesdropping attack could be prevented effectively. It was concluded that PHC was able to increase the overhead of Network eavesdropping, as well as the difficulty of communication data recovery.

Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

NASA Astrophysics Data System (ADS)

Johnson, C. W.; Atencia Yepez, A.

2012-01-01

Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

Secure VM for Monitoring Industrial Process Controllers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dasgupta, Dipankar; Ali, Mohammad Hassan; Abercrombie, Robert K

2011-01-01

In this paper, we examine the biological immune system as an autonomic system for self-protection, which has evolved over millions of years probably through extensive redesigning, testing, tuning and optimization process. The powerful information processing capabilities of the immune system, such as feature extraction, pattern recognition, learning, memory, and its distributive nature provide rich metaphors for its artificial counterpart. Our study focuses on building an autonomic defense system, using some immunological metaphors for information gathering, analyzing, decision making and launching threat and attack responses. In order to detection Stuxnet like malware, we propose to include a secure VM (or dedicatedmore » host) to the SCADA Network to monitor behavior and all software updates. This on-going research effort is not to mimic the nature but to explore and learn valuable lessons useful for self-adaptive cyber defense systems.« less

Day-Ahead Anticipation of Complex Network Vulnerability

NASA Astrophysics Data System (ADS)

Stefanov, S. Z.; Wang, Paul P.

2017-11-01

In this paper, a day-ahead anticipation of complex network vulnerability for an intentional threat of an attack or a shock is carried out. An ecological observer is introduced for that reason, which is a watch in the intentional multiverse, tiled by cells; dynamics of the intentional threat for a day-ahead is characterized by a space-time cell; spreading of the intentional threat is derived from its energy; duration of the intentional threat is found by the self-assembling of a space-time cell; the lower bound of probability is assessed to anticipate for a day-ahead the intentional threat; it is indicated that this vulnerability anticipation for a day-ahead is right when the intentional threat leads to dimension doubling of the complex network.

Process Security in Chemical Engineering Education

ERIC Educational Resources Information Center

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Visualization techniques for malware behavior analysis

NASA Astrophysics Data System (ADS)

Grégio, André R. A.; Santos, Rafael D. C.

2011-06-01

Malware spread via Internet is a great security threat, so studying their behavior is important to identify and classify them. Using SSDT hooking we can obtain malware behavior by running it in a controlled environment and capturing interactions with the target operating system regarding file, process, registry, network and mutex activities. This generates a chain of events that can be used to compare them with other known malware. In this paper we present a simple approach to convert malware behavior into activity graphs and show some visualization techniques that can be used to analyze malware behavior, individually or grouped.

Not All Threats Are Equal

ERIC Educational Resources Information Center

Surface, Jeanne L.

2011-01-01

School leaders must be fully prepared to respond to all types of threats that occur. In order to respond to threats most appropriately, the school needs to have a systematic approach that combines education, prevention, intervention, discipline, security, and crisis preparedness measures. All threats must be assessed carefully and swiftly,…

Mitigation Policy Scenario of Space Debris Threat Related with National Security

NASA Astrophysics Data System (ADS)

Herdiansyah, Herdis; Frimawaty, Evy; Munir, Ahmad

2016-02-01

The development of air space recently entered a new phase, when the space issues correlated with the future of a country. In past time, the space authorization was related with advancing technology by many space mission and various satellite launchings, or it could be said that who ruled technology will rule the space. Therefore, the numerous satellites in the space could be a threat for the countries which are mainly located in the path of the satellite, especially in the equatorial region including Indonesia. This study aims to create a policy scenario in mitigating the threat of space debris. The results showed that although space debris was not threatened national security for now, but the potential and its impact on the future potentially harmful. The threats of orbit circulation for some experts considered as a threat for national security, because its danger potential which caused by space debris could significantly damage the affected areas. However, until now Indonesia has no comprehensive mitigation strategy for space matters although it has been ratified by the United Nations Convention.

XRIndex: a brief screening tool for individual differences in security threat detection in x-ray images

PubMed Central

Rusconi, Elena; Ferri, Francesca; Viding, Essi; Mitchener-Nissen, Timothy

2015-01-01

X-ray imaging is a cost-effective technique at security checkpoints that typically require the presence of human operators. We have previously shown that self-reported attention to detail can predict threat detection performance with small-vehicle x-ray images (Rusconi et al., 2012). Here, we provide evidence for the generality of such a link by having a large sample of naïve participants screen more typical dual-energy x-ray images of hand luggage. The results show that the Attention to Detail score from the autism-spectrum quotient (AQ) questionnaire (Baron-Cohen et al., 2001) is a linear predictor of threat detection accuracy. We then develop and fine-tune a novel self-report scale for security screening: the XRIndex, which improves on the Attention to Detail scale for predictive power and opacity to interpretation. The XRIndex is not redundant with any of the Big Five personality traits. We validate the XRIndex against security x-ray images with an independent sample of untrained participants and suggest that the XRIndex may be a useful aid for the identification of suitable candidates for professional security training with a focus on x-ray threat detection. Further studies are needed to determine whether this can also apply to trained professionals. PMID:26321935

When trust defies common security sense.

PubMed

Williams, Patricia A H

2008-09-01

Primary care medical practices fail to recognize the seriousness of security threats to their patient and practice information. This can be attributed to a lack of understanding of security concepts, underestimation of potential threats and the difficulty in configuration of security technology countermeasures. To appreciate the factors contributing to such problems, research into general practitioner security practice and perceptions of security was undertaken. The investigation focused on demographics, actual practice, issues and barriers, and practitioner perception. Poor implementation, lack of relevant knowledge and inconsistencies between principles and practice were identified as key themes. Also the results revealed an overwhelming reliance on trust in staff and in computer information systems. This clearly identified that both cultural and technical attributes contribute to the deficiencies in information security practice. The aim of this research is to understand user needs and problems when dealing with information security practice.

Human Reliability Program Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Landers, John; Rogers, Erin; Gerke, Gretchen

A Human Reliability Program (HRP) is designed to protect national security as well as worker and public safety by continuously evaluating the reliability of those who have access to sensitive materials, facilities, and programs. Some elements of a site HRP include systematic (1) supervisory reviews, (2) medical and psychological assessments, (3) management evaluations, (4) personnel security reviews, and (4) training of HRP staff and critical positions. Over the years of implementing an HRP, the Department of Energy (DOE) has faced various challenges and overcome obstacles. During this 4-day activity, participants will examine programs that mitigate threats to nuclear security andmore » the insider threat to include HRP, Nuclear Security Culture (NSC) Enhancement, and Employee Assistance Programs. The focus will be to develop an understanding of the need for a systematic HRP and to discuss challenges and best practices associated with mitigating the insider threat.« less

Water Security - National and Global Issues

NASA Astrophysics Data System (ADS)

Tindall, J. A.; Campbell, A. A.; Moran, E. H.

2010-12-01

Water is fundamental to human life. Disruption of water supplies by the Water Threats and Hazards Triad (WTHT) — man-made, natural, and technological hazards — could threaten the delivery of vital human services, endanger public health and the environment, potentially cause mass casualties, and threaten population sustainability, social stability, and homeland security. Water distribution systems extend over vast areas and are therefore vulnerable to a wide spectrum of threats — from natural hazards such as large forest fires that result in runoff and debris flow that clog reservoirs, and reduce, disrupt, or contaminate water supply and quality to threats from natural, man-made, or political extremist attacks. Our research demonstrates how devising concepts and counter measures to protect water supplies will assist the public, policy makers, and planners at local, Tribal, State, and Federal levels to develop solutions for national and international water-security and sustainability issues. Water security is an issue in which the entire global community is stakeholders.

The International Test Commission Guidelines on the Security of Tests, Examinations, and Other Assessments

ERIC Educational Resources Information Center

International Journal of Testing, 2016

2016-01-01

The amount and severity of security threats have increased considerably over the past two decades, calling into question the validity of assessments administered around the world. These threats have increased for a number of reasons, including the popular use of computerized and online technologies for test administration and the use of almost…

From the Weakest Link to the Best Defense: Exploring the Factors That Affect Employee Intention to Comply with Information Security Policies

ERIC Educational Resources Information Center

Aurigemma, Salvatore

2013-01-01

Information and information systems have become embedded in the fabric of contemporary organizations throughout the world. As the reliance on information technology has increased, so too have the threats and costs associated with protecting organizational information resources. To combat potential information security threats, organizations rely…

DHS S&T First Responders Group and NATO Counter UAS Proposal Interest Response.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Salton, Jonathan R.

The capability, speed, size, and widespread availability of small unmanned aerial systems (sUAS) makes them a serious security concern. The enabling technologies for sUAS are rapidly evolving and so too are the threats they pose to national security. Potential threat vehicles have a small cross-section, and are difficult to reliably detect using purely ground-based systems (e.g. radar or electro-optical) and challenging to target using conventional anti-aircraft defenses. Ground-based sensors are static and suffer from interference with the earth, vegetation and other man-made structures which obscure objects at low altitudes. Because of these challenges, sUAS pose a unique and rapidly evolvingmore » threat to national security.« less

Virtual terrain: a security-based representation of a computer network

NASA Astrophysics Data System (ADS)

Holsopple, Jared; Yang, Shanchieh; Argauer, Brian

2008-03-01

Much research has been put forth towards detection, correlating, and prediction of cyber attacks in recent years. As this set of research progresses, there is an increasing need for contextual information of a computer network to provide an accurate situational assessment. Typical approaches adopt contextual information as needed; yet such ad hoc effort may lead to unnecessary or even conflicting features. The concept of virtual terrain is, therefore, developed and investigated in this work. Virtual terrain is a common representation of crucial information about network vulnerabilities, accessibilities, and criticalities. A virtual terrain model encompasses operating systems, firewall rules, running services, missions, user accounts, and network connectivity. It is defined as connected graphs with arc attributes defining dynamic relationships among vertices modeling network entities, such as services, users, and machines. The virtual terrain representation is designed to allow feasible development and maintenance of the model, as well as efficacy in terms of the use of the model. This paper will describe the considerations in developing the virtual terrain schema, exemplary virtual terrain models, and algorithms utilizing the virtual terrain model for situation and threat assessment.

Designing the Army’s Future Active Duty Weapons of Mass Destruction Response: Is the Defense Chemical, Biological, Radiological, Nuclear and High-Yield Explosives Response Force (DCRF) the Right Force at the Right Time?

DTIC Science & Technology

2013-06-14

ever-evolving contemporary nature of external and internal threats to the safety and security of the American homeland, it becomes increasingly...Major Justin P. Hurt, 146 pages. With the ever-evolving contemporary nature of external and internal threats to the safety and security of the American...HAZMAT Hazardous Materials HRF Homeland Response Force HSPD Homeland Security Presidential Directive JFHQ Joint Force

Quantum technology and cryptology for information security

NASA Astrophysics Data System (ADS)

Naqvi, Syed; Riguidel, Michel

2007-04-01

Cryptology and information security are set to play a more prominent role in the near future. In this regard, quantum communication and cryptography offer new opportunities to tackle ICT security. Quantum Information Processing and Communication (QIPC) is a scientific field where new conceptual foundations and techniques are being developed. They promise to play an important role in the future of information Security. It is therefore essential to have a cross-fertilizing development between quantum technology and cryptology in order to address the security challenges of the emerging quantum era. In this article, we discuss the impact of quantum technology on the current as well as future crypto-techniques. We then analyse the assumptions on which quantum computers may operate. Then we present our vision for the distribution of security attributes using a novel form of trust based on Heisenberg's uncertainty; and, building highly secure quantum networks based on the clear transmission of single photons and/or bundles of photons able to withstand unauthorized reading as a result of secure protocols based on the observations of quantum mechanics. We argue how quantum cryptographic systems need to be developed that can take advantage of the laws of physics to provide long-term security based on solid assumptions. This requires a structured integration effort to deploy quantum technologies within the existing security infrastructure. Finally, we conclude that classical cryptographic techniques need to be redesigned and upgraded in view of the growing threat of cryptanalytic attacks posed by quantum information processing devices leading to the development of post-quantum cryptography.

Develop a solution for protecting and securing enterprise networks from malicious attacks

NASA Astrophysics Data System (ADS)

Kamuru, Harshitha; Nijim, Mais

2014-05-01

In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.

Security in Logistics

NASA Astrophysics Data System (ADS)

Cempírek, Václav; Nachtigall, Petr; Široký, Jaromír

2016-12-01

This paper deals with security of logistic chains according to incorrect declaration of transported goods, fraudulent transport and forwarding companies and possible threats caused by political influences. The main goal of this paper is to highlight possible logistic costs increase due to these fraudulent threats. An analysis of technological processes will beis provided, and an increase of these transport times considering the possible threatswhich will beis evaluated economic costs-wise. In the conclusion, possible threat of companies'` efficiency in logistics due to the costs`, means of transport and increase in human resources` increase will beare pointed out.

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2011 CFR

2011-07-01

... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral patterns of persons who are likely to threaten security; (10) Techniques used to circumvent security...

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2010 CFR

2010-07-01

... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral patterns of persons who are likely to threaten security; (10) Techniques used to circumvent security...

Depletion-of-Battery Attack: Specificity, Modelling and Analysis.

PubMed

Shakhov, Vladimir; Koo, Insoo

2018-06-06

The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Harmonization of European laboratory response networks by implementing CWA 15793: use of a gap analysis and an "insider" exercise as tools.

PubMed

Sundqvist, Bo; Bengtsson, Ulrika Allard; Wisselink, Henk J; Peeters, Ben P H; van Rotterdam, Bart; Kampert, Evelien; Bereczky, Sándor; Johan Olsson, N G; Szekely Björndal, Asa; Zini, Sylvie; Allix, Sébastien; Knutsson, Rickard

2013-09-01

Laboratory response networks (LRNs) have been established for security reasons in several countries including the Netherlands, France, and Sweden. LRNs function in these countries as a preparedness measure for a coordinated diagnostic response capability in case of a bioterrorism incident or other biocrimes. Generally, these LRNs are organized on a national level. The EU project AniBioThreat has identified the need for an integrated European LRN to strengthen preparedness against animal bioterrorism. One task of the AniBioThreat project is to suggest a plan to implement laboratory biorisk management CWA 15793:2011 (CWA 15793), a management system built on the principle of continual improvement through the Plan-Do-Check-Act (PDCA) cycle. The implementation of CWA 15793 can facilitate trust and credibility in a future European LRN and is an assurance that the work done at the laboratories is performed in a structured way with continuous improvements. As a first step, a gap analysis was performed to establish the current compliance status of biosafety and laboratory biosecurity management with CWA 15793 in 5 AniBioThreat partner institutes in France (ANSES), the Netherlands (CVI and RIVM), and Sweden (SMI and SVA). All 5 partners are national and/or international laboratory reference institutes in the field of public or animal health and possess high-containment laboratories and animal facilities. The gap analysis showed that the participating institutes already have robust biorisk management programs in place, but several gaps were identified that need to be addressed. Despite differences between the participating institutes in their compliance status, these variations are not significant. Biorisk management exercises also have been identified as a useful tool to control compliance status and thereby implementation of CWA 15793. An exercise concerning an insider threat and loss of a biological agent was performed at SVA in the AniBioThreat project to evaluate implementation of the contingency plans and as an activity in the implementation process of CWA 15793. The outcome of the exercise was perceived as very useful, and improvements to enhance biorisk preparedness were identified. Gap analyses and exercises are important, useful activities to facilitate implementation of CWA 15793. The PDCA cycle will enforce a structured way to work, with continual improvements concerning biorisk management activities. Based on the activities in the AniBioThreat project, the following requirements are suggested to promote implementation: support from the top management of the organizations, knowledge about CWA 15793, a compliance audit checklist and gap analysis, training and exercises, networking in LRNs and other networks, and interinstitutional audits. Implementation of CWA 15793 at each institute would strengthen the European animal bioterrorism response capabilities by establishing a well-prepared LRN.

Intrinsic Connectivity Networks in post-traumatic stress disorder during sub- and supraliminal processing of threat-related stimuli.

PubMed

Rabellino, D; Tursich, M; Frewen, P A; Daniels, J K; Densmore, M; Théberge, J; Lanius, R A

2015-11-01

To investigate the functional connectivity of large-scale intrinsic connectivity networks (ICNs) in post-traumatic stress disorder (PTSD) during subliminal and supraliminal presentation of threat-related stimuli. Group independent component analysis was utilized to study functional connectivity within the ICNs most correlated with the Default-mode Network (DMN), Salience Network (SN), and Central Executive Network (CEN) in PTSD participants (n = 26) as compared to healthy controls (n = 20) during sub- and supraliminal processing of threat-related stimuli. Comparing patients with PTSD with healthy participants, prefrontal and anterior cingulate cortex involved in top-down regulation showed increased integration during subliminal threat processing within the CEN and SN and during supraliminal threat processing within the DMN. The right amygdala showed increased connectivity with the DMN during subliminal processing in PTSD as compared to controls. Brain regions associated with self-awareness and consciousness exhibited decreased connectivity during subliminal threat processing in PTSD as compared to controls: the claustrum within the SN and the precuneus within the DMN. Key nodes of the ICNs showed altered functional connectivity in PTSD as compared to controls, and differential results characterized sub- and supraliminal processing of threat-related stimuli. These findings enhance our understanding of ICNs underlying PTSD at different levels of conscious threat perception. © 2015 John Wiley & Sons A/S. Published by John Wiley & Sons Ltd.

Information Security Risk Assessment in Hospitals

PubMed Central

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

Background: To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective: The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. Method: This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). Results: The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). Conclusion: The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies. PMID:29204226

Building a Secure Library System.

ERIC Educational Resources Information Center

Benson, Allen C.

1998-01-01

Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

49 CFR 1522.5 - TSA inspection authority.

Code of Federal Regulations, 2010 CFR

2010-10-01

... threats to transportation; (ii) Enforce security-related regulations, directives, and requirements: (iii... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION TSA-APPROVED VALIDATION FIRMS...

A Survey on Cyber Security awareness among college students in Tamil Nadu

NASA Astrophysics Data System (ADS)

Senthilkumar, K.; Easwaramoorthy, Sathishkumar

2017-11-01

The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

3 CFR - Continuation of the National Emergency With Respect to the Actions of the Government of Syria

Code of Federal Regulations, 2013 CFR

2013-01-01

... extraordinary threat to the national security, foreign policy, and economy of the United States. As a result... of May 1, 2012. The President took these actions to deal with the unusual and extraordinary threat to the national security, foreign policy, and economy of the United States constituted by the actions of...

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

2015-01-01

NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

Towards a privacy preserving cohort discovery framework for clinical research networks.

PubMed

Yuan, Jiawei; Malin, Bradley; Modave, François; Guo, Yi; Hogan, William R; Shenkman, Elizabeth; Bian, Jiang

2017-02-01

The last few years have witnessed an increasing number of clinical research networks (CRNs) focused on building large collections of data from electronic health records (EHRs), claims, and patient-reported outcomes (PROs). Many of these CRNs provide a service for the discovery of research cohorts with various health conditions, which is especially useful for rare diseases. Supporting patient privacy can enhance the scalability and efficiency of such processes; however, current practice mainly relies on policy, such as guidelines defined in the Health Insurance Portability and Accountability Act (HIPAA), which are insufficient for CRNs (e.g., HIPAA does not require encryption of data - which can mitigate insider threats). By combining policy with privacy enhancing technologies we can enhance the trustworthiness of CRNs. The goal of this research is to determine if searchable encryption can instill privacy in CRNs without sacrificing their usability. We developed a technique, implemented in working software to enable privacy-preserving cohort discovery (PPCD) services in large distributed CRNs based on elliptic curve cryptography (ECC). This technique also incorporates a block indexing strategy to improve the performance (in terms of computational running time) of PPCD. We evaluated the PPCD service with three real cohort definitions: (1) elderly cervical cancer patients who underwent radical hysterectomy, (2) oropharyngeal and tongue cancer patients who underwent robotic transoral surgery, and (3) female breast cancer patients who underwent mastectomy) with varied query complexity. These definitions were tested in an encrypted database of 7.1 million records derived from the publically available Healthcare Cost and Utilization Project (HCUP) Nationwide Inpatient Sample (NIS). We assessed the performance of the PPCD service in terms of (1) accuracy in cohort discovery, (2) computational running time, and (3) privacy afforded to the underlying records during PPCD. The empirical results indicate that the proposed PPCD can execute cohort discovery queries in a reasonable amount of time, with query runtime in the range of 165-262s for the 3 use cases, with zero compromise in accuracy. We further show that the search performance is practical because it supports a highly parallelized design for secure evaluation over encrypted records. Additionally, our security analysis shows that the proposed construction is resilient to standard adversaries. PPCD services can be designed for clinical research networks. The security construction presented in this work specifically achieves high privacy guarantees by preventing both threats originating from within and beyond the network. Copyright © 2016 Elsevier Inc. All rights reserved.

Attachment, self-esteem, worldviews, and terror management: evidence for a tripartite security system.

PubMed

Hart, Joshua; Shaver, Phillip R; Goldenberg, Jamie L

2005-06-01

On the basis of prior work integrating attachment theory and terror management theory, the authors propose a model of a tripartite security system consisting of dynamically interrelated attachment, self-esteem, and worldview processes. Four studies are presented that, combined with existing evidence, support the prediction derived from the model that threats to one component of the security system result in compensatory defensive activation of other components. Further, the authors predicted and found that individual differences in attachment style moderate the defenses. In Studies 1 and 2, attachment threats motivated worldview defense among anxiously attached participants and motivated self-enhancement (especially among avoidant participants), effects similar to those caused by mortality salience. In Studies 3 and 4, a worldview threat and a self-esteem threat caused attachment-related proximity seeking among fearful participants and avoidance of proximity among dismissing participants. The authors' model provides an overarching framework within which to study attachment, self-esteem, and worldviews.

Medicare privatization and the erosion of retirement security.

PubMed

Polivka, Larry; Kwak, Jung

2008-01-01

This paper describes initiatives to privatize the Medicare program over the last 10 years and the implications of these initiatives for the future of retirement security. Our analysis focuses on the privatization provisions of the Medicare Modernization Act, which is largely designed to benefit the corporate health care sector without containing costs or significantly reducing the threat of rising health care costs to the economic security of current and future retirees. In fact, as designed, the Medicare Modernization Act is likely to increase the threat to retirement security in the years ahead. We conclude with a series of policy alternatives to the neoliberal agenda for the privatization of Medicare.

Open-area concealed-weapon detection system

NASA Astrophysics Data System (ADS)

Pati, P.; Mather, P.

2011-06-01

Concealed Weapon Detection (CWD) has become a significant challenge to present day security needs; individuals carrying weapons into airplanes, schools, and secured establishments are threat to public security. Although controlled screening, of people for concealed weapons, has been employed in many establishments, procedures and equipment are designed to work in restricted environments like airport passport control, military checkpoints, hospitals, school and university entrance. Furthermore, screening systems do not effectively decipher between threat and non-threat metal objects, thus leading to high rate of false alarms which can become a liability to daily operational needs of establishments. Therefore, the design and development of a new CWD system to operate in a large open area environment with large numbers of people reduced incidences of false alarms and increased location accuracy is essential.

Information Systems, Security, and Privacy.

ERIC Educational Resources Information Center

Ware, Willis H.

1984-01-01

Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2013 CFR

2013-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2014 CFR

2014-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2012 CFR

2012-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

Ultra Wideband (UWB) communication vulnerability for security applications.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cooley, H. Timothy

2010-07-01

RF toxicity and Information Warfare (IW) are becoming omnipresent posing threats to the protection of nuclear assets, and within theatres of hostility or combat where tactical operation of wireless communication without detection and interception is important and sometimes critical for survival. As a result, a requirement for deployment of many security systems is a highly secure wireless technology manifesting stealth or covert operation suitable for either permanent or tactical deployment where operation without detection or interruption is important The possible use of ultra wideband (UWB) spectrum technology as an alternative physical medium for wireless network communication offers many advantages overmore » conventional narrowband and spread spectrum wireless communication. UWB also known as fast-frequency chirp is nonsinusoidal and sends information directly by transmitting sub-nanosecond pulses without the use of mixing baseband information upon a sinusoidal carrier. Thus UWB sends information using radar-like impulses by spreading its energy thinly over a vast spectrum and can operate at extremely low-power transmission within the noise floor where other forms of RF find it difficult or impossible to operate. As a result UWB offers low probability of detection (LPD), low probability of interception (LPI) as well as anti-jamming (AJ) properties in signal space. This paper analyzes and compares the vulnerability of UWB to narrowband and spread spectrum wireless network communication.« less

Cybersecurity: Utilizing Fusion Centers to Protect State, Local, Tribal, and Territorial Entities Against Cyber Threats

DTIC Science & Technology

2016-09-01

PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Naval Postgraduate School Monterey, CA 93943-5000 8. PERFORMING ORGANIZATION REPORT NUMBER 9...state- and local-level computer networks fertile ground for the cyber adversary. This research focuses on the threat to SLTT computer networks and how...institutions, and banking systems. The array of responsibilities and the cybersecurity threat landscape make state- and local-level computer networks fertile

Safe: a status update on information security and the hospital community.

PubMed

Fundner, Rita

2003-01-01

IT Security and Privacy are becoming increasingly visible "hot topics" across the full spectrum of industry and service sectors. Legislation and global "best practices" are working hard to defend organizations and individuals against escalating, rapidly evolving cyber-threats. Predictably, the threat landscape is having an impact on all levels to varying degrees: governmental, organizational and individual. This article introduces the basic context for information security and offers insight into how a number of hospitals are addressing the situation, what barriers they currently face and what opportunities they see unfolding.

Analyzing the threat of unmanned aerial vehicles (UAV) to nuclear facilities

DOE PAGES

Solodov, Alexander; Williams, Adam; Al Hanaei, Sara; ...

2017-04-18

Unmanned aerial vehicles (UAV) are among the major growing technologies that have many beneficial applications, yet they can also pose a significant threat. Recently, several incidents occurred with UAVs violating privacy of the public and security of sensitive facilities, including several nuclear power plants in France. The threat of UAVs to the security of nuclear facilities is of great importance and is the focus of this work. This paper presents an overview of UAV technology and classification, as well as its applications and potential threats. We show several examples of recent security incidents involving UAVs in France, USA, and Unitedmore » Arab Emirates. Further, the potential threats to nuclear facilities and measures to prevent them are evaluated. The importance of measures for detection, delay, and response (neutralization) of UAVs at nuclear facilities are discussed. An overview of existing technologies along with their strength and weaknesses are shown. Finally, the results of a gap analysis in existing approaches and technologies is presented in the form of potential technological and procedural areas for research and development. Furthermore based on this analysis, directions for future work in the field can be devised and prioritized.« less

Shape-based human detection for threat assessment

NASA Astrophysics Data System (ADS)

Lee, Dah-Jye; Zhan, Pengcheng; Thomas, Aaron; Schoenberger, Robert B.

2004-07-01

Detection of intrusions for early threat assessment requires the capability of distinguishing whether the intrusion is a human, an animal, or other objects. Most low-cost security systems use simple electronic motion detection sensors to monitor motion or the location of objects within the perimeter. Although cost effective, these systems suffer from high rates of false alarm, especially when monitoring open environments. Any moving objects including animals can falsely trigger the security system. Other security systems that utilize video equipment require human interpretation of the scene in order to make real-time threat assessment. Shape-based human detection technique has been developed for accurate early threat assessments for open and remote environment. Potential threats are isolated from the static background scene using differential motion analysis and contours of the intruding objects are extracted for shape analysis. Contour points are simplified by removing redundant points connecting short and straight line segments and preserving only those with shape significance. Contours are represented in tangent space for comparison with shapes stored in database. Power cepstrum technique has been developed to search for the best matched contour in database and to distinguish a human from other objects from different viewing angles and distances.

Towards Reducing the Data Exfiltration Surface for the Insider Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schlicher, Bob G; MacIntyre, Lawrence Paul; Abercrombie, Robert K

Unauthorized data exfiltrations from both insiders and outsiders are costly and damaging. Network communication resources can be used for transporting data illicitly out of the enterprise or cloud. Combined with built-in malware copying utilities, we define this as comprising the Data Exfiltration Surface (DXS). For securing valuable data, it is desirable to reduce the DXS and maintain controls on the egress points. Our approach is to host the data in a protected enclave that includes novel software Data Diode (SDD) installed on a secured, border gateway. The SDD allows copying data into the enclave systems but denies data from beingmore » copied out. Simultaneously, it permits remote access with remote desktop and console applications. Our tests demonstrate that we are able to effectively reduce the DXS and we are able to protect data from being exfiltrated through the use of the SDD.« less

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

School Security and Crisis Preparedness: Make It Your Business.

ERIC Educational Resources Information Center

Trump, Kenneth S.

1999-01-01

The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related…

Illicit Drug Trade-Impact on United States National Health Care

DTIC Science & Technology

2013-03-01

pobreza en Mexico sube a 52 milliones,” CNN Expansion, July 29, 2011, http://www.cnnexpansion.com/ economia /2011/07/29/pobreza- mexico -2010 (accessed...Unlimited. 13. SUPPLEMENTARY NOTES Word Count: 5,569 14. ABSTRACT The United States and Mexico face a myriad of threats to national security...Policy Classification: Unclassified The United States and Mexico face a myriad of threats to national security

Sandia National Laboratories: National Security Missions: International

Science.gov Websites

Transportation Energy Energy Research Global Security WMD Counterterrorism & Response Global Threat Reduction Homeland Defense & Force Protection Homeland Security Cyber & Infrastructure Security Global Business Procurement Technical Assistance Program (PTAP) Current Suppliers iSupplier Account Accounts

49 CFR 1580.107 - Chain of custody and control requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... businesses, housing, schools, and hospitals. (4) Any information regarding threats to the facility. (5) Other...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY RAIL TRANSPORTATION SECURITY Freight Rail Including Freight Railroad Carriers, Rail Hazardous Materials...

Implementing the global health security agenda: lessons from global health and security programs.

PubMed

Paranjape, Suman M; Franz, David R

2015-01-01

The Global Health Security Agenda (GHSA) describes a vision for a world that is safe and secure from infectious disease threats; it underscores the importance of developing the international capacity to prevent, detect, and respond to pandemic agents. In February 2014, the United States committed to support the GHSA by expanding and intensifying ongoing efforts across the US government. Implementing these goals will require interagency coordination and harmonization of diverse health security elements. Lessons learned from the Global Health Initiative (GHI), the President's Emergency Program for AIDS Relief (PEPFAR), and the Cooperative Threat Reduction (CTR) program underscore that centralized political, technical, and fiscal authority will be key to developing robust, sustainable, and integrated global health security efforts across the US government. In this article, we review the strengths and challenges of GHI, PEPFAR, and CTR and develop recommendations for implementing a unified US global health security program.

Surveillance data management system

NASA Astrophysics Data System (ADS)

Teague, Ralph

2002-10-01

On October 8, 2001, an Executive Order was signed creating the White House Office of Homeland Security. With its formaiton comes focused attention in setting goals and priorities for homeland security. Analysis, preparation, and implementation of strategies will hinge not only on how information is collected and analyzed, but more important, on how it is coordinated and shared. Military installations/facilities, Public safety agencies, airports, federal and local offices, public utilities, harbors, transportation and others critical areas must work either independently or as a team to ensure the safety of our citizens and visitor. In this new era of increased security, the key to interoperation is continuous information exchanged-events must be rapidly identified, reported and responded to by the appropriate agencies. For instance when a threat has been detected the security officers must be immediately alerted and must have access to the type of threat, location, movement, heading, threat size, etc to respond accordingly and the type of support required. This requires instant communications and teamwork with reliable and flexible technology.

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Djouadi, Seddik M; Melin, Alexander M; Ferragut, Erik M

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signalsmore » are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.« less

Sleep Deprivation Attack Detection in Wireless Sensor Network

NASA Astrophysics Data System (ADS)

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-02-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Combating terrorism : linking threats to strategies and resources testimony

DOT National Transportation Integrated Search

2000-07-26

This is the statement of Norman J. Rabkin, Director, National Security Preparedness Issues, National Security and International Affairs division before the Subcommittee on National Security, Veterans Affairs, and International Relations, Committee on...

Performance of an optical identification and interrogation system

NASA Astrophysics Data System (ADS)

Venugopalan, A.; Ghosh, A. K.; Verma, P.; Cheng, S.

2008-04-01

A free space optics based identification and interrogation system has been designed. The applications of the proposed system lie primarily in areas which require a secure means of mutual identification and information exchange between optical readers and tags. Conventional RFIDs raise issues regarding security threats, electromagnetic interference and health safety. The security of RF-ID chips is low due to the wide spatial spread of radio waves. Malicious nodes can read data being transmitted on the network, if they are in the receiving range. The proposed system provides an alternative which utilizes the narrow paraxial beams of lasers and an RSA-based authentication scheme. These provide enhanced security to communication between a tag and the base station or reader. The optical reader can also perform remote identification and the tag can be read from a far off distance, given line of sight. The free space optical identification and interrogation system can be used for inventory management, security systems at airports, port security, communication with high security systems, etc. to name a few. The proposed system was implemented with low-cost, off-the-shelf components and its performance in terms of throughput and bit error rate has been measured and analyzed. The range of operation with a bit-error-rate lower than 10-9 was measured to be about 4.5 m. The security of the system is based on the strengths of the RSA encryption scheme implemented using more than 1024 bits.

Methods of Organizational Information Security

NASA Astrophysics Data System (ADS)

Martins, José; Dos Santos, Henrique

The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

Quantum key based burst confidentiality in optical burst switched networks.

PubMed

Balamurugan, A M; Sivasubramanian, A

2014-01-01

The optical burst switching (OBS) is an emergent result to the technology concern that could achieve a feasible network in future. They are endowed with the ability to meet the bandwidth requirement of those applications that require intensive bandwidth. There are more domains opening up in the OBS that evidently shows their advantages and their capability to face the future network traffic. However, the concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution, and quality of service (QoS). This paper deals with employing RC4 (stream cipher) to encrypt and decrypt bursts thereby ensuring the confidentiality of the burst. Although the use of AES algorithm has already been proposed for the same issue, by contrasting the two algorithms under the parameters of burst encryption and decryption time, end-to-end delay, it was found that RC4 provided better results. This paper looks to provide a better solution for the confidentiality of the burst in OBS networks.

Quantum Key Based Burst Confidentiality in Optical Burst Switched Networks

PubMed Central

Balamurugan, A. M.; Sivasubramanian, A.

2014-01-01

The optical burst switching (OBS) is an emergent result to the technology concern that could achieve a feasible network in future. They are endowed with the ability to meet the bandwidth requirement of those applications that require intensive bandwidth. There are more domains opening up in the OBS that evidently shows their advantages and their capability to face the future network traffic. However, the concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution, and quality of service (QoS). This paper deals with employing RC4 (stream cipher) to encrypt and decrypt bursts thereby ensuring the confidentiality of the burst. Although the use of AES algorithm has already been proposed for the same issue, by contrasting the two algorithms under the parameters of burst encryption and decryption time, end-to-end delay, it was found that RC4 provided better results. This paper looks to provide a better solution for the confidentiality of the burst in OBS networks. PMID:24578663

Malfunctions in radioactivity sensors' networks

NASA Astrophysics Data System (ADS)

Khalipova, Veronika; Damart, Guillaume; Beauzamy, Bernard; Bruna, Giovanni

2018-01-01

The capacity to promptly and efficiently detect any source of contamination of the environment (a radioactive cloud) at a local and a country scale is mandatory to a safe and secure exploitation of civil nuclear energy. It must rely upon a robust network of measurement devices, to be optimized vs. several parameters, including the overall reliability, the investment, the operation and maintenance costs. We show that a network can be arranged in different ways, but many of them are inadequate. Through simulations, we test the efficiency of several configurations of sensors, in the same domain. The denser arrangement turns out to be the more efficient, but the efficiency is increased when sensors are non-uniformly distributed over the country, with accumulation at the borders. In the case of France, as radioactive threats are most likely to come from the East, the best solution is densifying the sensors close to the eastern border. Our approach differs from previous work because it is "failure oriented": we determine the laws of probability for all types of failures and deduce in this respect the best organization of the network.

Overview of Privacy in Social Networking Sites (SNS)

NASA Astrophysics Data System (ADS)

Powale, Pallavi I.; Bhutkar, Ganesh D.

2013-07-01

Social Networking Sites (SNS) have become an integral part of communication and life style of people in today's world. Because of the wide range of services offered by SNSs mostly for free of cost, these sites are attracting the attention of all possible Internet users. Most importantly, users from all age groups have become members of SNSs. Since many of the users are not aware of the data thefts associated with information sharing, they freely share their personal information with SNSs. Therefore, SNSs may be used for investigating users' character and social habits by familiar or even unknown persons and agencies. Such commercial and social scenario, has led to number of privacy and security threats. Though, all major issues in SNSs need to be addressed, by SNS providers, privacy of SNS users is the most crucial. And therefore, in this paper, we have focused our discussion on "privacy in SNSs". We have discussed different ways of Personally Identifiable Information (PII) leakages from SNSs, information revelation to third-party domains without user consent and privacy related threats associated with such information sharing. We expect that this comprehensive overview on privacy in SNSs will definitely help in raising user awareness about sharing data and managing their privacy with SNSs. It will also help SNS providers to rethink about their privacy policies.

Threat, security and attitude formation among the young

NASA Astrophysics Data System (ADS)

Radin, Furio

1985-12-01

The perception of threat to security on the part of young people reflects a central aspect of the societal phenomenon of attitude formation, whose primary function is, ideally, to meet the need for security. In all modern societies, however, the process of socialization — which by its very nature is educational in that it prepares individuals to function as members of society — operates on the principle of systematically frustrating this need by employing a system of reward and punishment based on competition. This system creates a fundamental insecurity and a corresponding attitude (de)formation in the individual, which is exploited by the state in order to consolidate the power of the dominant groups. Due to this fundamental insecurity, the individual is incapable of coping rationally with threat and seeks pseudo-security, e.g., in conformity. Threat — particularly global threat — is perceived as an external factor over which the individual has no control, i.e., it is perceived as falling exclusively within the province of those in power, whose control is further strengthened by this perception. Since the essential damage to the individual's attitude system has been done by the time he leaves school, this undesirable condition of modern societies can only be rectified by a socialization process in general — and an educational process in particular — which cultivates in the individual the development of critical judgment, free self-realization and the spirit of co-operation instead of competition.

Towards Accurate Node-Based Detection of P2P Botnets

PubMed Central

2014-01-01

Botnets are a serious security threat to the current Internet infrastructure. In this paper, we propose a novel direction for P2P botnet detection called node-based detection. This approach focuses on the network characteristics of individual nodes. Based on our model, we examine node's flows and extract the useful features over a given time period. We have tested our approach on real-life data sets and achieved detection rates of 99-100% and low false positives rates of 0–2%. Comparison with other similar approaches on the same data sets shows that our approach outperforms the existing approaches. PMID:25089287

Layered virus protection for the operations and administrative messaging system

NASA Technical Reports Server (NTRS)

Cortez, R. H.

2002-01-01

NASA's Deep Space Network (DSN) is critical in supporting the wide variety of operating and plannedunmanned flight projects. For day-to-day operations it relies on email communication between the three Deep Space Communication Complexes (Canberra, Goldstone, Madrid) and NASA's Jet Propulsion Laboratory. The Operations & Administrative Messaging system, based on the Microsoft Windows NTand Exchange platform, provides the infrastructure that is required for reliable, mission-critical messaging. The reliability of this system, however, is threatened by the proliferation of email viruses that continue to spread at alarming rates. A layered approach to email security has been implemented across the DSN to protect against this threat.

Optimizing the Performance of Radionuclide Identification Software in the Hunt for Nuclear Security Threats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fotion, Katherine A.

2016-08-18

The Radionuclide Analysis Kit (RNAK), my team’s most recent nuclide identification software, is entering the testing phase. A question arises: will removing rare nuclides from the software’s library improve its overall performance? An affirmative response indicates fundamental errors in the software’s framework, while a negative response confirms the effectiveness of the software’s key machine learning algorithms. After thorough testing, I found that the performance of RNAK cannot be improved with the library choice effect, thus verifying the effectiveness of RNAK’s algorithms—multiple linear regression, Bayesian network using the Viterbi algorithm, and branch and bound search.

ATAC Process Proof of Concept Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston; Sarah Freeman

Researchers at INL with funding from the Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) evaluated a novel approach for near real-time consumption of threat intelligence. Demonstration testing in an industry environment supported the development of this new process to assist the electric sector in securing their critical networks. This report provides the reader with an understanding of the methods used during this proof of concept project. The processes and templates were further advanced with an industry partner during an onsite assessment. This report concludes with lessons learned and a roadmap for final development of these materialsmore » for use by industry.« less

The epidemic threshold theorem with social and contact heterogeneity

NASA Astrophysics Data System (ADS)

Hincapié Palacio, Doracelly; Ospina Giraldo, Juan; Gómez Arias, Rubén Darío

2008-03-01

The threshold theorem of an epidemic SIR model was compared when infectious and susceptible individuals have homogeneous mixing and heterogeneous social status and when individuals of random networks have contact heterogeneity. Particularly the effect of vaccination in such models is considered when: individuals or nodes are exposed to impoverished, vaccination and loss of immunity. An equilibrium analysis and local stability of small perturbations about the equilibrium values were implemented using computer algebra. Numerical simulations were executed in order to describe the dynamic of transmission of diseases and changes of the basic reproductive rate. The implications of these results are examined around the threats to the global public health security.

Solutions Network Formulation Report. The Potential Contribution of the Ocean Surface Topography Mission to the General NOAA Oil Monitoring Environment

NASA Technical Reports Server (NTRS)

Hilbert, Kent; Anderson, Daniel; Lewis, David

2007-01-01

Data collected by the OSTM could be used to provide a solution for the GNOME DST. GNOME, developed by NOAA?s Office of Response and Restoration Hazardous Materials Response Division, geospatially models oil spill trajectories using wind, current, river flow, and tidal data. Data collected by the OSTM would supply information about ocean currents and wind speeds. This Candidate Solution is in alignment with the Coastal Management, Water Management, Disaster Management, Public Health, Ecological Forecasting, and Homeland Security National Applications and will benefit society by improving the capabilities of emergency responders who evaluate an oil spill?s probable threat.

Development of communication networks and water quality early warning detection systems at drinking water utilities in the Ohio River Valley Basin.

PubMed

Schulte, J G; Vicory, A H

2005-01-01

Source water quality is of major concern to all drinking water utilities. The accidental introduction of contaminants to their source water is a constant threat to utilities withdrawing water from navigable or industrialized rivers. The events of 11 September, 2001 in the United States have heightened concern for drinking water utility security as their source water and finished water may be targets for terrorist acts. Efforts are underway in several parts of the United States to strengthen early warning capabilities. This paper will focus on those efforts in the Ohio River Valley Basin.

33 CFR 105.210 - Facility personnel with security duties.

Code of Federal Regulations, 2013 CFR

2013-07-01

... must have knowledge, through training or equivalent job experience, in the following, as appropriate: (a) Knowledge of current security threats and patterns; (b) Recognition and detection of dangerous... to threaten security; (d) Techniques used to circumvent security measures; (e) Crowd management and...