178,453 research outputs found

    Security integrity of EKG signal monitoring under different network attack conditions

    Get PDF
    This thesis focuses on issues related with monitoring of EKG signals under different network attack traffic conditions. It is becoming common for modern hospitals to monitor real time EKG signals of patients on computers that are usually connected to networks. If the network suffers with attack conditions, it can affect connected computers and alter EKG signals monitoring, hence raising false alarms. Denial of Service attacks may silently affect the real time monitoring of EKG signals. Altering of EKG signals may result in loss of integrity and it can violate CIA triad of security. In this thesis, different attack conditions were simulated for various operating systems under different loads of attack traffic to observe how the EKG signals were affected

    Defending Against Denial of Service

    Get PDF
    Civil Society currently faces significant cyber threats. At the top of the list of those threats are Denial of Service (DoS) attacks. The websites of many organizations and individuals have already come under such attacks, and the frequency of those attacks are on the rise. Civil Society frequently does not have the kinds of resources or technical know-how that is available to commercial enterprise and government websites, and often have to exist in adverse political environments where every avenue available, both legal and illegal, is used against them. Therefore, the threat of DoS attacks is unlikely to go away any time soon.A Denial of Service (DoS) attack is any attack that overwhelms a website, causing the content normally provided by that website to no longer be available to regular visitors of the website. Distributed Denial of Service (DDoS) attacks are traffic volumebased attacks originating from a large number of computers, which are usually compromised workstations. These workstations, known as 'zombies', form a widely distributed attack network called a 'botnet'. While many modern Denial of Service attacks are Distributed Denial of Service attacks, this is certainly not true for all denials of service experienced by websites. Therefore, when users first start experiencing difficulty in getting to the website content, it should not be assumed that the site is under a DDoS attack. Many forms of DoS are far easier to implement than DDoS, and so these attacks are still used by parties with malicious intent. Many such DoS attacks are easier to defend against once the mechanism used to cause the denial of service is known. Therefore, it is paramount to do proper analysis of attack traffic when a site becomes unable to perform its normal function. There are two parts to this guide. The first part outlines preparatory steps that can be taken by Civil Society organizations to improve their website's resilience, should it come under attack. However, we do understand that most Civil Society organizations' first introduction to DoS attacks comes when they suddenly find themselves the victim of an attack. The second part of this guide provides a step-by-step process to assist the staff of NGOs to efficiently deal with that stressful situation

    The failure tolerance of mechatronic software systems to random and targeted attacks

    Full text link
    This paper describes a complex networks approach to study the failure tolerance of mechatronic software systems under various types of hardware and/or software failures. We produce synthetic system architectures based on evidence of modular and hierarchical modular product architectures and known motifs for the interconnection of physical components to software. The system architectures are then subject to various forms of attack. The attacks simulate failure of critical hardware or software. Four types of attack are investigated: degree centrality, betweenness centrality, closeness centrality and random attack. Failure tolerance of the system is measured by a 'robustness coefficient', a topological 'size' metric of the connectedness of the attacked network. We find that the betweenness centrality attack results in the most significant reduction in the robustness coefficient, confirming betweenness centrality, rather than the number of connections (i.e. degree), as the most conservative metric of component importance. A counter-intuitive finding is that "designed" system architectures, including a bus, ring, and star architecture, are not significantly more failure-tolerant than interconnections with no prescribed architecture, that is, a random architecture. Our research provides a data-driven approach to engineer the architecture of mechatronic software systems for failure tolerance.Comment: Proceedings of the 2013 ASME International Design Engineering Technical Conferences & Computers and Information in Engineering Conference IDETC/CIE 2013 August 4-7, 2013, Portland, Oregon, USA (In Print

    Lattice-Based proof of a shuffle

    Get PDF
    In this paper we present the first fully post-quantum proof of a shuffle for RLWE encryption schemes. Shuffles are commonly used to construct mixing networks (mix-nets), a key element to ensure anonymity in many applications such as electronic voting systems. They should preserve anonymity even against an attack using quantum computers in order to guarantee long-term privacy. The proof presented in this paper is built over RLWE commitments which are perfectly binding and computationally hiding under the RLWE assumption, thus achieving security in a post-quantum scenario. Furthermore we provide a new definition for a secure mixing node (mix-node) and prove that our construction satisfies this definition.Peer ReviewedPostprint (author's final draft

    Quantum Algorithms for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems

    Get PDF
    Decision of whether a Boolean equation system has a solution is an NPC problem and finding a solution is NP hard. In this paper, we present a quantum algorithm to decide whether a Boolean equation system FS has a solution and compute one if FS does have solutions with any given success probability. The runtime complexity of the algorithm is polynomial in the size of FS and the condition number of FS. As a consequence, we give a polynomial-time quantum algorithm for solving Boolean equation systems if their condition numbers are small, say polynomial in the size of FS. We apply our quantum algorithm for solving Boolean equations to the cryptanalysis of several important cryptosystems: the stream cipher Trivum, the block cipher AES, the hash function SHA-3/Keccak, and the multivariate public key cryptosystems, and show that they are secure under quantum algebraic attack only if the condition numbers of the corresponding equation systems are large. This leads to a new criterion for designing cryptosystems that can against the attack of quantum computers: their corresponding equation systems must have large condition numbers

    Presentation attack detection for face recognition on smartphones: a comprehensive review

    Get PDF
    Even though the field of Face Presentation Attack Detection (PAD) has been around for quite a long time, but still it is quite a new field to be implemented on smartphones. Implementation on smartphones is different because the limited computing power of the smartphones when compared to computers. Presentation Attack for a face recognition system may happen in various ways, using photograph, video or mask of an authentic user’s face. The Presentation Attack Detection system is vital to counter those kinds of intrusion. Face presentation attack countermeasures are categorized as sensor level or feature level. Face Presentation Attack Detection through the sensor level technique involved in using additional hardware or sensor to protect recognition system from spoofing while feature level techniques are purely software-based algorithms and analysis. Under the feature level techniques, it may be divided into liveness detection; motion analysis; face appearance properties (texture analysis, reflectance); image quality analysis (image distortion); contextual information; challenge response. There are a few types of research have been done for face PAD on smartphones. They also have released the database they used for their testing and performance benchmarking

    Software Protection

    Get PDF
    A computer system's security can be compromised in many ways a denial-of-service attack can make a server inoperable, a worm can destroy a user's private data, or an eavesdrop per can reap financial rewards by inserting himself in the communication link between a customer and her bank through a man-in-the-middle (MITM) attack. What all these scenarios have in common is that the adversary is an untrusted entity that attacks a system from the outside-we assume that the computers under attack are operated by benign and trusted users. But if we remove this assumption, if we allow anyone operating a computer system- from system administrators down to ordinary users-to compromise that system's security, we find ourselves in a scenario that has received comparatively little attention. Methods for protecting against MATE attacks are variously known as anti-tamper techniques, digital asset protection, or, more
    • …
    corecore