3,498 research outputs found
Innovation in prediction planning for anterior open bite correction
This study applies recent advances in 3D virtual imaging for application in the prediction planning of dentofacial
deformities. Stereo-photogrammetry has been used to create virtual and physical models, which are creatively combined in
planning the surgical correction of anterior open bite. The application of these novel methods is demonstrated through the surgical
correction of a case
Network Denial of Service Defense System (nDos)
Denial of Service attack is widely spread within virtual world as a malicious act that
could give a huge impact in terms of the system performance and financial aspect.
Network Denial of Service Defense System is an extension of intrusion detection system
which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos
is based on NIPS where it is place inline on the network statefully analyzing packet
content and block certain packets that match a signature and alert on others. A NIPS
protection is based on the content of packets. The system loads a large array of
signatures. These signatures take the form of a string of data characteristic of some
particular type of attack. When a data packet enters the network, the IDS!IPS examines
that data against its database of signatures. If the data match, then the IDS/IPS takes
appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in
the case of an IPS, the system can drop the data packet, or even sever the offending
machine's connection. Ndos provide web interface for data retrieval and manipulation.
The front;end of the system is based on PHP/MySQL hence it could provide statistical
analysis for managerial point of view. The back-end of nDos is using snort_inline as
detection engine and iptables firewall for traffic prevention mechanism. Once an attack
being launch nDos will logged the incident based on rules and configuration and iptables
or generic firewall need to determine the traffic state whether to accept or drop the
connection. Predefined thresholds value is important for DoS attack where a lot of
connections of traffic generated hence when exceed the value the detection engine could
identify Stich an attack. nDos is targeted for educational purpose and small-medium size
enterprise because of there is only commercial IPS solution available in the market.
Portability and compatibility is an issue where for future recommendation Live CD
features could be implemented to provide high compatibility without concern of the OS
Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use
A challenge is to develop cyber-physical system scenarios that reflect the
diversity and complexity of real-life cyber-physical systems in the research
questions that they address. Time-bounded collaborative events, such as
hackathons, jams and sprints, are increasingly used as a means of bringing
groups of individuals together, in order to explore challenges and develop
solutions. This paper describes our experiences, using a science hackathon to
bring individual researchers together, in order to develop a common use-case
implemented on a shared CPS testbed platform that embodies the diversity in
their own security research questions. A qualitative study of the event was
conducted, in order to evaluate the success of the process, with a view to
improving future similar events
A Framework for Rapid Development and Portable Execution of Packet-Handling Applications
This paper presents a framework that enables the execution of packet-handling applications (such as sniffers, firewalls, intrusion detectors, etc.) on different hardware platforms. This framework is centered on the NetVM - a novel, portable, and efficient virtual processor targeted for packet-based processing - and the NetPDL - a language dissociating applications from protocol specifications. In addition, a high-level programming language that enables rapid development of packet-based applications is presented
MiniCPS: A toolkit for security research on CPS Networks
In recent years, tremendous effort has been spent to modernizing
communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial
Control Systems (ICS) and related Supervisory Control and Data Acquisition
(SCADA) systems. While a great amount of research has been conducted on network
security of office and home networks, recently the security of CPS and related
systems has gained a lot of attention. Unfortunately, real-world CPS are often
not open to security researchers, and as a result very few reference systems
and topologies are available. In this work, we present MiniCPS, a CPS
simulation toolbox intended to alleviate this problem. The goal of MiniCPS is
to create an extensible, reproducible research environment targeted to
communications and physical-layer interactions in CPS. MiniCPS builds on
Mininet to provide lightweight real-time network emulation, and extends Mininet
with tools to simulate typical CPS components such as programmable logic
controllers, which use industrial protocols (Ethernet/IP, Modbus/TCP). In
addition, MiniCPS defines a simple API to enable physical-layer interaction
simulation. In this work, we demonstrate applications of MiniCPS in two example
scenarios, and show how MiniCPS can be used to develop attacks and defenses
that are directly applicable to real systems.Comment: 8 pages, 6 figures, 1 code listin
Аппаратное распознавание строк в интеллектуальных системах защиты информации
При создании интеллектуальных систем противодействия таким угрозам информационной безопасности, как сетевые вторжения, вирусы и спам, необходимо анализировать интенсивный поток данных на наличие одновременно нескольких тысяч эталонных последовательностей символов. Для достижения требуемой производительности часто используют аппаратные решения на базе программируемых интегральных схем. В настоящей работе исследован зарубежный опыт подобных разработок, предложено применение унифицированных изделий.При створенні інтелектуальних систем протидії таким загрозам інформаційній безпеці, як мережні вторгнення, віруси та спам, необхідно аналізувати інтенсивний потік даних на наявність одночасно декількох тисяч еталонних послідовностей символів. Для досягнення необхідної продуктивності часто використовують апаратні рішення на базі програмованих інтегральних схем. У даній роботі досліджений зарубіжний досвід подібних розробок, запропоновано застосування уніфікованих виробів.In order to protect information systems from security threats such as intrusion, virus and spam it is necessary to match all occurrences of a predefined set of string-based patterns containing several thousands of strings. To provide required throughput, the hardware solutions based on programmable logic are widely used. In this paper, the world experiences of such works are investigated and unified solution is proposed
Recommended from our members
Evaluating the resilience and security of boundaryless, evolving socio-technical Systems of Systems
- …