An adaptive framework for combating advanced persistent threats

Advanced persistent threats (APTs) pose a significant risk to nearly every organization. Due to the sophistication of these attacks, they can bypass existing security systems and largely infiltrate the target network. The prevention and detection of APT are challenging because attackers constantly change and evolve their attacking techniques and methods to stay undetected. As a result, APT often successfully compromises companies, organizations, or public authorities. This paper developed an adaptive security framework that continuously investigates the behavior of users of a network to protect it against threats. The framework constitutes of three main sections namely; Intrusion prevention, Intrusion detection, and Response to intrusions. The design model comprises the front end, middleware, and back end. The front end is implemented using HTML and Cascading Style Sheet (CSS) in Netbeans Integrated Development Environment (IDE) version 8.0.2. The middleware is implemented using Java Web of NetBeans IDE while the back end is implemented using MySQL server. The results show that the runtime security of the system is adapted according to the behavior patterns exhibited by the user hence, our system can detect zero-day attacks which signature-based intrusion detection systems cannot detect, thus protecting against these attacks. The work is recommended as a countermeasure against emerging persistent attacks

INTRUSION PREDICTION SYSTEM FOR CLOUD COMPUTING AND NETWORK BASED SYSTEMS

Cloud computing offers cost effective computational and storage services with on-demand scalable capacities according to the customers’ needs. These properties encourage organisations and individuals to migrate from classical computing to cloud computing from different disciplines. Although cloud computing is a trendy technology that opens the horizons for many businesses, it is a new paradigm that exploits already existing computing technologies in new framework rather than being a novel technology. This means that cloud computing inherited classical computing problems that are still challenging. Cloud computing security is considered one of the major problems, which require strong security systems to protect the system, and the valuable data stored and processed in it. Intrusion detection systems are one of the important security components and defence layer that detect cyber-attacks and malicious activities in cloud and non-cloud environments. However, there are some limitations such as attacks were detected at the time that the damage of the attack was already done. In recent years, cyber-attacks have increased rapidly in volume and diversity. In 2013, for example, over 552 million customers’ identities and crucial information were revealed through data breaches worldwide [3]. These growing threats are further demonstrated in the 50,000 daily attacks on the London Stock Exchange [4]. It has been predicted that the economic impact of cyber-attacks will cost the global economy $3 trillion on aggregate by 2020 [5]. This thesis focused on proposing an Intrusion Prediction System that is capable of sensing an attack before it happens in cloud or non-cloud environments. The proposed solution is based on assessing the host system vulnerabilities and monitoring the network traffic for attacks preparations. It has three main modules. The monitoring module observes the network for any intrusion preparations. This thesis proposes a new dynamic-selective statistical algorithm for detecting scan activities, which is part of reconnaissance that represents an essential step in network attack preparation. The proposed method performs a statistical selective analysis for network traffic searching for an attack or intrusion indications. This is achieved by exploring and applying different statistical and probabilistic methods that deal with scan detection. The second module of the prediction system is vulnerabilities assessment that evaluates the weaknesses and faults of the system and measures the probability of the system to fall victim to cyber-attack. Finally, the third module is the prediction module that combines the output of the two modules and performs risk assessments of the system security from intrusions prediction. The results of the conducted experiments showed that the suggested system outperforms the analogous methods in regards to performance of network scan detection, which means accordingly a significant improvement to the security of the targeted system. The scanning detection algorithm has achieved high detection accuracy with 0% false negative and 50% false positive. In term of performance, the detection algorithm consumed only 23% of the data needed for analysis compared to the best performed rival detection method

Recent Trends in Communication Networks

In recent years there has been many developments in communication technology. This has greatly enhanced the computing power of small handheld resource-constrained mobile devices. Different generations of communication technology have evolved. This had led to new research for communication of large volumes of data in different transmission media and the design of different communication protocols. Another direction of research concerns the secure and error-free communication between the sender and receiver despite the risk of the presence of an eavesdropper. For the communication requirement of a huge amount of multimedia streaming data, a lot of research has been carried out in the design of proper overlay networks. The book addresses new research techniques that have evolved to handle these challenges

Foundations of Security Analysis and Design III, FOSAD 2004/2005- Tutorial Lectures

he increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of research groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. This book presents thoroughly revised versions of eight tutorial lectures given by leading researchers during two International Schools on Foundations of Security Analysis and Design, FOSAD 2004/2005, held in Bertinoro, Italy, in September 2004 and September 2005. The lectures are devoted to: Justifying a Dolev-Yao Model under Active Attacks, Model-based Security Engineering with UML, Physical Security and Side-Channel Attacks, Static Analysis of Authentication, Formal Methods for Smartcard Security, Privacy-Preserving Database Systems, Intrusion Detection, Security and Trust Requirements Engineering

World Water Development Report 4: Managing Water Under Uncertainty and Risk

Building on the comprehensive approach taken in World Water Development Reports (WWDRs) 1 and 2, and the holistic view taken in WWDR3, this fourth edition gives an account of the critical issues facing water's challenge areas and different regions and incorporates a deeper analysis of the external forces (i.e. drivers) linked to water. In doing so, the WWDR4 seeks to inform readers and raise awareness of the new threats arising from accelerated change and of the interconnected forces that create uncertainty and risk - ultimately emphasizing that these forces can be managed effectively and can even generate vital opportunities and benefits through innovative approaches to allocation, use and management of water

Few climate change adaptation strategies of rural women : a case study of Ndwedwe-Cibane, KwaZulu-Natal.

Master of Science in Environmental Science. University of KwaZulu-Natal. Westville, 2017.Climate change is documented to impact food, energy and water (FEW) resources. Rural women are vulnerable to climate change impacts due to their high dependence on natural resources. Despite numerous studies on climate change impacts, there has been insufficient examination of climate change adaptation with a focus on FEW resources using an intersectional lens. Focusing on women and using an intersectional lens, this study explores how marital status intersects with gender to influence FEW based climate change adaptation in Ndwedwe-Cibane. In addition, perceptions are explored, vulnerability is assessed and barriers and opportunities are determined. The sustainable livelihood and ecofeminist framework are used to explore the various concepts in this study. Data were collected using quantitative (meteorological data and climate projections) and qualitative Participatory Rural Appraisal-PRA research methods (three focus group discussions and two key informant interviews). First, women’s perceptions of past climate change were sought by matrix scoring and meteorological data was analyzed using mainly the MK test and climate projections downloaded from the CSAG CIP website. Second, women’s vulnerability was assessed using resource and hazard mapping and the vulnerability matrix. Third, climate change impacts were determined through trend diagramming. Fourth, adaptation strategies, barriers and opportunities for adaptation were explored during discussions. This study makes four contributions to climate literature. Firstly, perceptions of temperature change regardless of marital status are fairly congruent, though there are divergences in rainfall perception. Both single and married women were found to have high temperature perception and low rainfall perception evidenced by contradiction of woman’s perception of rainfall changes and meteorological data. Women’s perceptions and meteorological data provide evidence for climate change. Climate projections reveal a warmer and wetter climate, which will affect FEW resources. Secondly, vulnerability appears comparable between the two groups of women. However, strong conclusions pertaining to vulnerability cannot be drawn. Thirdly, the results show that climate change impacts on FEW resources are negative and include crop failure, livestock death, and reduced water supply among other impacts. There was concordance of perceived climate change impacts between both groups of women. Fourthly, to adapt both single and married women employed multiple strategies including income and crop diversification, irrigation, use of fertilizer, collection of wet firewood and rainwater harvesting among other strategies. Notable differences in adaptation strategies indicate that single women are more concerned about crop adaptation while married women are more concerned about livestock adaptation. Despite adopted adaptation strategies, barriers to climate change adaptation were established. Barriers were similar between single and married women, whereas divergences were in financial barriers which affect only the single women. The findings reveal that no support pertaining to climate change adaptation was given to women. Women in Ndwedwe-Cibane want to opportunistically use development projects for adaptation purposes. The findings suggest that designing policies, plans and programs that focus on women as a homogenous group will not adequately address issues underlying climate change adaptation, and an intersectional perspective should be used when developing and implementing adaptation strategies

The influence of climate change on the coastal Risk Landscape of the Catalan coast

Coastal areas concentrate very high socio-economic and natural values, which will be highly threatened by climate change, particularly by sea-level rise (SLR). Given the intrinsic characteristics of this zone, appropriate risk management requires a holistic analysis in which the multiple components of the coastal system are taken into account. This has been addressed by applying the concept of coastal risk landscape, which can be defined as the set of all the risks to which the coastal zone is exposed. In this work, the two most relevant SLR-driven hazards in terms of induced coastal impacts, erosion and inundation, have been analysed. The multiple functions provided by the coastal system open a wide spectrum of possible management options in general, and of adaptation strategies in particular, as a function of the policy target. This work focuses on the analysis of SLR-induced consequences (impact and adaptation) on recreational and natural functions of the coast due to their importance for the Mediterranean in general, and the Catalan coast in particular, and because they represent well the range of potential targets for coastal management, economy vs. environmental protection. From the recreational point-of-view, beaches are the main asset to be managed so that any variation in the carrying capacity will be translated into an impact on their recreational-tourist use. The expected shoreline-retreat, both due to current evolution rates and SLR-induced erosion, will imply a reduction in the optimal beach width to support the carrying capacity on beaches, an important factor for coastal tourism development, leading to an expected significant and growing economic impact in the next decades. Obtained results show that the Catalan coast is highly vulnerable to erosion and accelerated SLR exacerbates this adverse situation, although with significant spatial variation. Costa Barcelona is the most affected under current evolution rates finding here erosional hotspots such as the Mareme comarca (excluding the Ebro Delta). When SLR is considered, severely affected municipalities will appear within the Costa Brava whose future beach evolution will result in a significant decrease in the potential demand. In these areas, efficient adaptation measures will be required to maintain future carrying capacity within a certain range to sustain the economic contribution of coastal tourism activities. From the environmental perspective, the induced SLR-impact is analysed in terms of the potential damage on existing ecosystems. Flood-prone areas and potential damages are assessed taking into account the intrinsic resilience of some coastal habitats in the face of SLR. Obtained results show that Catalonia has a low sensitivity to SLR-inundation due to its coastal configuration except for low-lying areas (Gulf of Roses, Llobregat Delta and Ebro Delta), which in turn concentrate the highest natural values of the Catalan coast. In spite of their physical vulnerability, existing habitats have a natural adaptation capacity, which permits to maintain providing ecosystem functions although under a modified landscape. In these areas, adaptation strategies based on promoting the natural resilience of coastal habitats to SLR can allow for open up a whole range of adaptation strategies to shift the management perspective to environmental protection and conservation.Las zonas costeras concentran un elevado número de valores tanto socio-económicos como naturales, los cuales se verán fuertemente amenazados por el cambio climático, particularmente por la subida del nivel del mar. Dada las características intrínsecas de estas zonas, se requiere una gestión adecuada del riesgo desde una perspectiva global donde se tienen en cuenta sus múltiples componentes. Por ello, el análisis realizado se enfoca a través del uso del concepto paisaje del riesgo costero, siendo el conjunto de riesgos a los que se ve sometida la zona costera. En este trabajo, las dos amenazas más relevantes desde el punto de vista del impacto producido, erosión e inundación costera, han sido analizadas. Las múltiples funciones que ofrece el sistema costero abren un amplio espectro de posibles opciones de gestión en general, y de estrategias de adaptación en particular, en base a los criterios políticos establecidos. Este trabajo se centra en el análisis de las consecuencias inducidas por la subida del nivel del mar (impacto y adaptación) en las funciones recreativas y naturales de la costa debido a su importancia para el Mediterráneo en general, y para la costa catalana en particular, representando así un rango amplio de objetivos potenciales en la gestión costera, la economía frente a la protección del medio ambiente. Desde el punto de vista del uso recreativo del litoral, las playas son el principal recurso a gestionar por lo que cualquier variación en su capacidad de carga se verá traducida en un impacto en la actividad turístico-recreativa de estas. El retroceso esperado de la línea de costa, tanto por sus tasas actuales de evolución como por la erosión inducida por un incremento del nivel del mar, implicará una reducción en el ancho efectivo de las playas del litoral catalán para poder soportar su capacidad de carga, un factor clave para el desarrollo del turismo costero, causando un impacto económico significativo y creciente en las próximas décadas. Los resultados obtenidos indican que la costa catalana es altamente vulnerable a la erosión, la cual se verá incrementada por la subida del nivel del mar. Debido a que las mayores tasas de erosión se encuentran en el área de Costa de Barcelona (excepto el Delta del Ebro), sus playas serán las que se vean más afectadas en cuanto a retroceso costero. Por el contrario, considerando los valores de subida del nivel del mar, la evolución futura de las playas de la Costa Brava se verá fuertemente afectada, resultando en una reducción significativa de su demanda potencial. En estas zonas, se requerirán medidas eficientes de adaptación para mantener la futura capacidad de carga en un determinado rango para sostener la contribución económica de las actividades relacionadas con el turismo costero. Desde el punto de vista ambiental, el impacto inducido por un aumento del nivel del mar es analizado en términos de afectación potencial de los ecosistemas existentes. Para ello, se evalúa la superficie de hábitats afectados y el daño causado considerando la resiliencia de algunos hábitats costeros. Los resultados muestran que la costa catalana tiene una baja sensibilidad a la inundación costera dado su elevado frente de playa, exceptuando el Golfo de Rosas, el Delta del Llobregat y el Delta del Ebro, siendo estas las áreas con mayor valor ambiental. A pesar de su vulnerabilidad, los hábitats existentes tienen una capacidad natural que permite mantener la provisión de los servicios ecosistémicos a la sociedad, aunque el paisaje costero se vea modificado. En estas zonas, el diseño de estrategias de adaptación basadas en promover la resiliencia natural de los hábitats supondrá una oportunidad para cambiar el modelo de gestión hacia la protección y conservación medioambiental