Innovation in prediction planning for anterior open bite correction

This study applies recent advances in 3D virtual imaging for application in the prediction planning of dentofacial deformities. Stereo-photogrammetry has been used to create virtual and physical models, which are creatively combined in planning the surgical correction of anterior open bite. The application of these novel methods is demonstrated through the surgical correction of a case

Network Denial of Service Defense System (nDos)

Denial of Service attack is widely spread within virtual world as a malicious act that could give a huge impact in terms of the system performance and financial aspect. Network Denial of Service Defense System is an extension of intrusion detection system which incorporated with detection and prevention ~.<apabilitie&; The ar~<hite~.<ture of nDos is based on NIPS where it is place inline on the network statefully analyzing packet content and block certain packets that match a signature and alert on others. A NIPS protection is based on the content of packets. The system loads a large array of signatures. These signatures take the form of a string of data characteristic of some particular type of attack. When a data packet enters the network, the IDS!IPS examines that data against its database of signatures. If the data match, then the IDS/IPS takes appropriate action. In the case of an IDS, the intrusion attempt will be logged, whereas, in the case of an IPS, the system can drop the data packet, or even sever the offending machine's connection. Ndos provide web interface for data retrieval and manipulation. The front;end of the system is based on PHP/MySQL hence it could provide statistical analysis for managerial point of view. The back-end of nDos is using snort_inline as detection engine and iptables firewall for traffic prevention mechanism. Once an attack being launch nDos will logged the incident based on rules and configuration and iptables or generic firewall need to determine the traffic state whether to accept or drop the connection. Predefined thresholds value is important for DoS attack where a lot of connections of traffic generated hence when exceed the value the detection engine could identify Stich an attack. nDos is targeted for educational purpose and small-medium size enterprise because of there is only commercial IPS solution available in the market. Portability and compatibility is an issue where for future recommendation Live CD features could be implemented to provide high compatibility without concern of the OS

Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use

A challenge is to develop cyber-physical system scenarios that reflect the diversity and complexity of real-life cyber-physical systems in the research questions that they address. Time-bounded collaborative events, such as hackathons, jams and sprints, are increasingly used as a means of bringing groups of individuals together, in order to explore challenges and develop solutions. This paper describes our experiences, using a science hackathon to bring individual researchers together, in order to develop a common use-case implemented on a shared CPS testbed platform that embodies the diversity in their own security research questions. A qualitative study of the event was conducted, in order to evaluate the success of the process, with a view to improving future similar events

A Framework for Rapid Development and Portable Execution of Packet-Handling Applications

This paper presents a framework that enables the execution of packet-handling applications (such as sniffers, firewalls, intrusion detectors, etc.) on different hardware platforms. This framework is centered on the NetVM - a novel, portable, and efficient virtual processor targeted for packet-based processing - and the NetPDL - a language dissociating applications from protocol specifications. In addition, a high-level programming language that enables rapid development of packet-based applications is presented

MiniCPS: A toolkit for security research on CPS Networks

In recent years, tremendous effort has been spent to modernizing communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial Control Systems (ICS) and related Supervisory Control and Data Acquisition (SCADA) systems. While a great amount of research has been conducted on network security of office and home networks, recently the security of CPS and related systems has gained a lot of attention. Unfortunately, real-world CPS are often not open to security researchers, and as a result very few reference systems and topologies are available. In this work, we present MiniCPS, a CPS simulation toolbox intended to alleviate this problem. The goal of MiniCPS is to create an extensible, reproducible research environment targeted to communications and physical-layer interactions in CPS. MiniCPS builds on Mininet to provide lightweight real-time network emulation, and extends Mininet with tools to simulate typical CPS components such as programmable logic controllers, which use industrial protocols (Ethernet/IP, Modbus/TCP). In addition, MiniCPS defines a simple API to enable physical-layer interaction simulation. In this work, we demonstrate applications of MiniCPS in two example scenarios, and show how MiniCPS can be used to develop attacks and defenses that are directly applicable to real systems.Comment: 8 pages, 6 figures, 1 code listin

Аппаратное распознавание строк в интеллектуальных системах защиты информации

При создании интеллектуальных систем противодействия таким угрозам информационной безопасности, как сетевые вторжения, вирусы и спам, необходимо анализировать интенсивный поток данных на наличие одновременно нескольких тысяч эталонных последовательностей символов. Для достижения требуемой производительности часто используют аппаратные решения на базе программируемых интегральных схем. В настоящей работе исследован зарубежный опыт подобных разработок, предложено применение унифицированных изделий.При створенні інтелектуальних систем протидії таким загрозам інформаційній безпеці, як мережні вторгнення, віруси та спам, необхідно аналізувати інтенсивний потік даних на наявність одночасно декількох тисяч еталонних послідовностей символів. Для досягнення необхідної продуктивності часто використовують апаратні рішення на базі програмованих інтегральних схем. У даній роботі досліджений зарубіжний досвід подібних розробок, запропоновано застосування уніфікованих виробів.In order to protect information systems from security threats such as intrusion, virus and spam it is necessary to match all occurrences of a predefined set of string-based patterns containing several thousands of strings. To provide required throughput, the hardware solutions based on programmable logic are widely used. In this paper, the world experiences of such works are investigated and unified solution is proposed