Insider Threat Mitigation Models Based on Thresholds and Dependencies

Insider threat causes great damage to data in any organization and is considered a serious issue. In spite of the presence of threat prevention mechanisms, sophisticated insiders still continue to attack a database with new techniques. One such technique which remains an advantage for insiders to attack databases is the dependency relationship among data items. This thesis investigates the ways by which an authorized insider detects dependencies in order to perform malicious write operations. The goal is to monitor malicious write operations performed by an insider by taking advantage of dependencies. A term called `threshold\u27 is associated with every data item, which defines the limit and constraints to which changes could be made to a data item by a write operation. Having threshold as the key factor, the thesis proposes two different attack prevention systems which involve log and dependency graphs that aid in monitoring malicious activities and ultimately secure the data items in a database. The proposed systems continuously monitors all the data items to prevent malicious operations, but the priority is to secure the most sensitive data items first, since any damage to them can hinder the functions of critical applications that use the database. By prioritizing the data items, delay in the transaction execution time is reduced in addition to mitigating insider threats arising from write operations. The developed algorithms have been implemented on a simulated database and the results show that the models mitigate insider threats arising from write operations effectively

Vineyard Gap Detection by Convolutional Neural Networks Fed by Multi-Spectral Images

Funding Information: This research was partially funded by Fundação para a Ciência e a Tecnologia under Projects UIDB/00066/2020, UIDB/04111/2020, foRESTER PCIF/SSI/0102/2017, and IF/00325/2015; Instituto Lusófono de Investigação e Desenvolvimento (ILIND) under Project COFAC/ILIND/COPELABS/1/2020; Project “(Link4S)ustainability—A new generation connectivity system for creation and integration of networks of objects for new sustainability paradigms [POCI-01-0247-FEDER-046122 | LISBOA-01-0247-FEDER-046122]” is financed by the Operational Competitiveness and Internationalization Programmes COMPETE 2020 and LISBOA 2020, under the PORTUGAL 2020 Partnership Agreement, and through the European Structural and Investment Funds in the FEDER component; and also IEoT: Intelligent Edge of Things under under Project LISBOA-01-0247-FEDER-069537. Publisher Copyright: © 2022 by the authors.This paper focuses on the gaps that occur inside plantations; these gaps, although not having anything growing in them, still happen to be watered. This action ends up wasting tons of liters of water every year, which translates into financial and environmental losses. To avoid these losses, we suggest early detection. To this end, we analyzed the different available neural networks available with multispectral images. This entailed training each regional and regression-based network five times with five different datasets. Networks based on two possible solutions were chosen: unmanned aerial vehicle (UAV) depletion or post-processing with external software. The results show that the best network for UAV depletion is the Tiny-YOLO (You Only Look Once) version 4-type network, and the best starting weights for Mask-RCNN were from the Tiny-YOLO network version. Although no mean average precision (mAP) of over 70% was achieved, the final trained networks managed to detect mostly gaps, including low-vegetation areas and very small gaps, which had a tendency to be overlooked during the labeling stage.publishersversionpublishe

SoK: Cryptographically Protected Database Search

Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly; systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. To address these challenges, we provide the following contributions: 1) An identification of the important primitive operations across database paradigms. We find there are a small number of base operations that can be used and combined to support a large number of database paradigms. 2) An evaluation of the current state of protected search systems in implementing these base operations. This evaluation describes the main approaches and tradeoffs for each base operation. Furthermore, it puts protected search in the context of unprotected search, identifying key gaps in functionality. 3) An analysis of attacks against protected search for different base queries. 4) A roadmap and tools for transforming a protected search system into a protected database, including an open-source performance evaluation platform and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac

The intelligent number plate system : protection or violation of motorists' privacy?

A number of ethical issues have come under the spotlight with the proposed implementation of an Intelligent Transport System (ITS), known as the Intelligent Number Plate System (INPS), to be used in the Open Road Tolling (ORT) system designated for certain Gauteng roads in 2011. The project was fi rst initiated in 2006, with full-scale implementation scheduled for 1 January 2008. It was, however, postponed to January 2009 and later to April 2010. When this deadline could not be met, it was postponed to October 2010 and subsequently to October 2011.This research investigated some of the ethical issues related to the surveillance that motorists will experience each time they utilise the impacted roads. This surveillance will be made possible via technologies that include closed-circuit television and radio frequency identifi cation tags. When considering the possible vulnerability of such technologies, it is important to make motorists aware of the authorities’ responsibility to protect any identifying information, as well as the potential effect these systems may have on motorists’ right to privacy. These rights will be illustrated through an analysis of South African legislation and its relation to the INPS. International examples of ITSs were investigated to determine the possible benefits and challenges related to the implementation of the INPS. In order to supplement the literature research findings, a pilot study was conducted to assess the public perception of the privacy challenges associated with the INPS. The research findings indicated that there was cause for concern related to the ethical issues involved in the implementation of such a system in a South African context.http://www.journals.co.za/ej/ejour_mousaion.htmlhttp://www.unisa.ac.za/default.asp?Cmd=ViewContent&ContentID=20129am201

Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme

Telecare Medicine Information Systems (TMIS) provides flexible and convenient e-health care. However the medical records transmitted in TMIS are exposed to unsecured public networks, so TMIS are more vulnerable to various types of security threats and attacks. To provide privacy protection for TMIS, a secure and efficient authenticated key agreement scheme is urgently needed to protect the sensitive medical data. Recently, Mishra et al. proposed a biometrics-based authenticated key agreement scheme for TMIS by using hash function and nonce, they claimed that their scheme could eliminate the security weaknesses of Yan et al.’s scheme and provide dynamic identity protection and user anonymity. In this paper, however, we demonstrate that Mishra et al.’s scheme suffers from replay attacks, man-in-the-middle attacks and fails to provide perfect forward secrecy. To overcome the weaknesses of Mishra et al.’s scheme, we then propose a three-factor authenticated key agreement scheme to enable the patient enjoy the remote healthcare services via TMIS with privacy protection. The chaotic map-based cryptography is employed in the proposed scheme to achieve a delicate balance of security and performance. Security analysis demonstrates that the proposed scheme resists various attacks and provides several attractive security properties. Performance evaluation shows that the proposed scheme increases efficiency in comparison with other related schemes

Rising Power and Changing People

Beginning in 1943–44, Australia's relationship with India is its oldest continuous formal diplomatic relationship with any Asian country. The early diplomatic exchanges between Australia and India have teased for their suggestions of potential unrealised, for opportunities missed, especially when compared with the very recent excitement about the future of Australia–India relations. How did Australia’s representatives and their staff in New Delhi negotiate the many dimensions of Australia–India relations? This book brings together expert analyses of the work of the Australian High Commission, its key people and the challenges they faced in New Delhi. The important India Economic Strategy to 2035 report handed to the Australian Government in mid-2018 begins with the comment: 'Timing has always been a challenge in Australia’s relationship with India.’ As the Australian Government works to implement some of the ambitious recommendations in the report, this book adds to our understanding of why timing has been a challenge, and how those at the coalface of the relationship have grappled with it

Cryptography for Big Data Security

As big data collection and analysis becomes prevalent in today’s computing environments there is a growing need for techniques to ensure security of the collected data. To make matters worse, due to its large volume and velocity, big data is commonly stored on distributed or shared computing resources not fully controlled by the data owner. Thus, tools are needed to ensure both the confidentiality of the stored data and the integrity of the analytics results even in untrusted environments. In this chapter, we present several cryptographic approaches for securing big data and discuss the appropriate use scenarios for each. We begin with the problem of securing big data storage. We first address the problem of secure block storage for big data allowing data owners to store and retrieve their data from an untrusted server. We present techniques that allow a data owner to both control access to their data and ensure that none of their data is modified or lost while in storage. However, in most big data applications, it is not sufficient to simply store and retrieve one’s data and a search functionality is necessary to allow one to select only the relevant data. Thus, we present several techniques for searchable encryption allowing database- style queries over encrypted data. We review the performance, functionality, and security provided by each of these schemes and describe appropriate use-cases. However, the volume of big data often makes it infeasible for an analyst to retrieve all relevant data. Instead, it is desirable to be able to perform analytics directly on the stored data without compromising the confidentiality of the data or the integrity of the computation results. We describe several recent cryptographic breakthroughs that make such processing possible for varying classes of analytics. We review the performance and security characteristics of each of these schemes and summarize how they can be used to protect big data analytics especially when deployed in a cloud setting. We hope that the exposition in this chapter will raise awareness of the latest types of tools and protections available for securing big data. We believe better understanding and closer collaboration between the data science and cryptography communities will be critical to enabling the future of big data processing

HUMAN SECURITY AND DEVELOPMENT: THE CASE OF CAMBODIA

Human security was promoted in 1994 by the UNDP as a concept embracing not only freedom from war and violence (or personal security), but also embracing individual�s basic needs for (and rights to) economic security, food security, health security, environmental security, community security and political security. Following this formulation, the concept has been subject to considerable scrutiny particularly in the context of state centric security studies. Extending the concept of security beyond the state to the individual appeared problematic, especially as the mechanisms designed to maintain and restore world peace are state based. However, the post-cold war environment has required a renewed interest in conflict resolution and in this context, human security as personal security has achieved political and analytical acceptance, particularly in the UN sponsored Human Security Report. What then of the second dimension of human security as freedom from want expressed by the UNDP in terms of basic needs and rights? Debate on this aspect of the UNDP definition foundered on several fronts. As well as being outside the traditional security framework, many argued that it was too broad to be analytically useful; others that it added nothing to human rights and human development which appeared to address precisely the same issues. Thus, while the concept of human security has found acceptance by those advocating with humanitarian approaches to conflict resolution and prevention, few have addressed the actual relationship, if any, between human security and development at the local level where people are most vulnerable to insecurity and where human security or its absence is most felt. This thesis addresses this gap through a study of human security in Cambodia, where people have experienced, at different times, the full range of human insecurities detailed by the UNDP. It shows that the human insecurity of Cambodians has been in large part a consequence of the security policies and military engagements of external powers. Human security and international relations are inextricably linked