Containment of fast scanning computer network worms

This paper presents a mechanism for detecting and containing fast scanning computer network worms. The countermeasure mechanism, termed NEDAC, uses a behavioural detection technique that observes the absence of DNS resolution in newly initiated outgoing connections. Upon detection of abnormal behaviour by a host, based on the absence of DNS resolution, the detection system then invokes a data link containment system to block traffic from the host. The concept has been demonstrated using a developed prototype and tested in a virtualised network environment. An empirical analysis of network worm propagation has been conducted based on the characteristics of reported contemporary vulnerabilities to test the capabilities of the countermeasure mechanism. The results show that the developed mechanism is sensitive in detecting and blocking fast scanning worm infection at an early stage

Adatbiztonság és adatvédelem a mindent átható számítógépes technológia világában = Security and Privacy Issues in Pervasive Computing

(1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útvonalválasztó protokollok biztonágának analízise, új bizonyíthatóan biztonságos protokollok tervezése (enairA, Secure tinyLUNAR). Új támadás-ellenálló adataggregációs algoritmusok tervezése (RANBAR, CORA) és analízise. Spontán kooperáció kialakulása feltételeinek vizsgálata ad hoc és szenzorhálózatokban, kooperáció ösztönzése késleltetéstűrő ad hoc hálózatokban (Barter). (2) Személyes biztonsági tokenek: A nem-megbízható terminál probléma vizsgálata, feltételes aláírásra épülő megoldás tervezése és analízise. (3) RFID biztonsági és adatvédelmi kérdések: Kulcsfa alapú azonosító-rejtő hitelesítés analízise, a privacy szintjének meghatározása. Optimális kulcsfa tervezése. Új azonosító-rejtő hitelesítő protokoll tervezése és összehasonlítása a kulcsfa alapú módszerrel. (4) Formális biztonsági modellek: Szimulációs paradigmára épülő biztonsági modell útvonalválasztó protokollok analízisére. Támadó-modellek és analízis módszer támadás-ellenálló adataggregáció vizsgálatára. Formális modell kidolgozása a korlátozott számítási képességekkel rendelkező humán felhasználó leírására. Privacy metrika kidolgozása azonosító-rejtő hitekesítő protokollok számára. Játékelméleti modellek a spontán koopráció vizsgálatára ad hoc és szenzor hálózatokban, valamint spam és DoS elleni védelmi mechanizmusok analízisére. | (1) Security of multi-hop wireless networks: Security analysis of routing protocols proposed for mobile ad hoc and sensor networks, development of novel routing protocols with provable security (enairA, Secure tinyLUNAR). Development of novel resilient aggregation algorithms for sensor networks (RANBAR, CORA). Analysis of conditions for the emergence of spontaneous cooperation in ad hoc and sensor networks, novel algorithm to foster cooperation in opportunistic ad hoc networks (Barter). (2) Security tokens: Analysis of the untrusted terminal problem, mitigation by using conditional signature based protocols. (3) RFID security and privacy: Analysis of key-tree based private authentication, novel metrics to measure the level of privacy. Design of optimal key-trees, novel private authentication protocols based on group keys. (4) Formal models: Modeling framework for routing protocols based on the simulation paradigm, proof techniques for analyzing the security of routing. Attacker models and analysis techniques for resilient aggregation in sensor networks. Formal model for representing the limited computing capacity of humans. Metrics for determining the level of privacy provided by private authentication protocols. Game theoretic models for studying cooperation in ad hoc and sensor networks, and for analysisng the performance of spam and DoS protection mechanisms

Software Defined Networking Opportunities for Intelligent Security Enhancement of Industrial Control Systems

In the last years, cyber security of Industrial Control Systems (ICSs) has become an important issue due to the discovery of sophisticated malware that by attacking Critical Infrastructures, could cause catastrophic safety results. Researches have been developing countermeasures to enhance cyber security for pre-Internet era systems, which are extremely vulnerable to threats. This paper presents the potential opportunities that Software Defined Networking (SDN) provides for the security enhancement of Industrial Control Networks. SDN permits a high level of configuration of a network by the separation of control and data planes. In this work, we describe the affinities between SDN and ICSs and we discuss about implementation strategies

Histidine Decarboxylase Expression in Human Melanoma

SummaryHistamine has been implicated as one of the mediators involved in regulation of proliferation in both normal and neoplastic tissues. Histidine decarboxylase, the only enzyme that catalyzes the formation of histamine from L-histidine, is an essential regulator of histamine levels. In this study, we investigated the gene and protein expression of histidine decarboxylase in melanoma. Reverse transcriptase polymerase chain reaction and in situ hybridization studies of WM-35, WM-983/B, HT-168, and M1 human melanoma cell lines both resulted in positive signals for histidine decarboxylase messenger RNA. A polyclonal chicken antibody was developed against human histidine decarboxylase and protein expression was confirmed by western blot analysis of the cell lysates, revealing a predominant immunoreactive band at approximately 54 kDa corresponding to monomeric histidine decarboxylase. Protein expression of histidine decarboxylase was also shown by flow cytometric analysis and strong punctate cytoplasmic staining of melanoma cell lines. Moreover, both primary and metastatic human melanoma tissues were brightly stained for histidine decarboxylase. When compared with the very weak or no reactions on cultivated human melanocytes both western blot and immunohistochemical studies showed much stronger histidine decarboxylase expression in melanoma cells. These findings suggest that expression of histidine decarboxylase is elevated in human melanoma

The intelligent industry of the future: A survey on emerging trends, research challenges and opportunities in Industry 4.0

Strongly rooted in the Internet of Things and Cyber-Physical Systems-enabled manufacturing, disruptive paradigms like the Factory of the Future and Industry 4.0 envision knowledge-intensive industrial intelligent environments where smart personalized products are created through smart processes and procedures. The 4th industrial revolution will be based on Cyber-Physical Systems that will monitor, analyze and automate business processes, transforming production and logistic processes into smart factory environments where big data capabilities, cloud services and smart predictive decision support tools are used to increase productivity and efficiency. This survey provides insights into the latest developments in these domains, and identifies relevant research challenges and opportunities to shape the future of intelligent manufacturing environments.status: publishe

Disguised Executable Files in Spear-Phishing Emails: Detecting the Point of Entry in Advanced Persistent Threat

In recent years, cyber attacks have caused substantial financial losses and been able to stop fundamental public services. Among the serious attacks, Advanced Persistent Threat (APT) has emerged as a big challenge to the cyber security hitting selected companies and organisations. The main objectives of APT are data exfiltration and intelligence appropriation. As part of the APT life cycle, an attacker creates a Point of Entry (PoE) to the target network. This is usually achieved by installing malware on the targeted machine to leave a back-door open for future access. A common technique employed to breach into the network, which involves the use of social engineering, is the spear phishing email. These phishing emails may contain disguised executable fi les. This paper presents the disguised executable le detection (DeFD) module, which aims at detecting disguised exe files transferred over the network connections. The detection is based on a comparison between the MIME type of the transferred fi le and the fi le name extension. This module was experimentally evaluated and the results show a successful detection of disguised executable files