Time development of local scour at a bridge pier fitted with a collar

Alabi, Patrick Dare

23 August 2006

A series of relatively recent bridge failures due to pier scour, as reported in literature, has rekindled interest in furthering our understanding of the scour process and for developing improved ways of protecting bridges against scour. Moreover, increased attention is being given to the state of Canadas infrastructure, a major aspect of which is the transportation network. In part, there is concern about both the impact of a failure on the handling of traffic flow while the failure is being remedied and on the cost of replacing the failed system component. As such, attention is being given to the scour design of new bridges and to the inspection, maintenance and management of existing bridge structures. The two major countermeasure techniques employed for preventing or minimising local scour at bridge piers are increased scour resistance and flow alteration. In the former case, the objective is to combat the erosive action of the scour-inducing mechanisms using hard engineering materials or physical barriers such as rock riprap. In the latter case, the objective is to either inhibit the formation of the scour-inducing mechanisms or to cause the scour to be shifted away from the immediate vicinity of the pier. This research focuses on a particular application of the latter technique. <p> In this study, the use of collars for reducing the effects of local scour at a bridge pier is presented together with the time aspect of the scour development. The adoption of a collar is based on the concept that its existence will sufficiently inhibit and/or deflect the local scour mechanisms so as to reduce the local scour immediately adjacent to the pier. The overall objective of the research is to study the temporal development of the scour for a pier fitted with a collar and a pier without a collar. More specifically, the objectives are: i) to evaluate the effectiveness of a pier collar for mitigating the depth of scour that would otherwise occur at a bridge pier; and ii) to assess the occurrence of an equilibrium scour condition, if achieved, or of the implications of not achieving such a condition in respect of interpreting the results obtained from a physical hydraulic model study. <p>The study was conducted using a physical hydraulic model operated under clear-water conditions in cohesionless bed material. Tests were conducted using two different pier diameters so as to determine the effect of pier diameter on the temporal development of scour for a plain pier. Also investigated was the effect of collar size on the time development of scour and its efficacy at preventing scour at a bridge pier. The time development of the scour hole around the model pier with and without a collar installed was compared with similar studies on bridge piers. Several equations for the temporal development of scour depth and those for the prediction of the equilibrium scour depth were tested as part of this study. <p>The results of the model study indicated that the maximum depth of scour is highly dependent on the experimental duration. The depth of the scour hole increases as the duration of the increased flow that initiates the scour increases. The extent of scour observed at the pier also increases as the duration of the tests increases. It was found that the temporal development of the scour hole at the pier was dependent on whether or not the pier was fitted with a collar placed at the bed level. The pathway to an equilibrium scour depth is different depending on whether the pier is fitted with a collar or not. With a collar in place, the development of the scour hole is considerably delayed. A truly equilibrium scour condition is not readily attainable and was not achieved in the work reported herein. It was demonstrated that wrong conclusions may be reached if a test is stopped short of an equilibrium state. As regards the temporal development of scour depth and for the tests in which no collar was fitted to the pier, it was noted that the form of equation that fits the experimental data well was the one given by Franzetti et al. (1982). Furthermore, it is possible to reach a variety of conclusions about the efficacy of using collars as a pier scour countermeasure technique, depending on which definition of time to equilibrium scour is adopted.

Time development of scour

Bridge pier

Local scour

Collar

Scour countermeasure

Equilibrium scour condition

Flume tests

Model study

Initiation of motion

Clear-water scour

Cohesionless soil

Increasing the Robustness of Point Operations in Co-Z Arithmetic against Side-Channel Attacks

Almohaimeed, Ziyad Mohammed

08 August 2013

Elliptic curve cryptography (ECC) has played a significant role on secure devices since it was introduced by Koblitz and Miller more than three decades ago. The great demand for ECC is created by its shorter key length while it provides an equivalent security level in comparison to previously introduced public-key cryptosystems (e.g.RSA). From an implementation point of view a shorter key length means a higher processing speed, smaller power consumption, and silicon area requirement. Scalar multiplication is the main operation in Elliptic Curve Diffie-Hellman (ECDH), which is a key-agreement protocol using ECC. As shown in the prior literature, this operation is both vulnerable to Power Analysis attack and requires a large amount of time. Therefore, a lot of research has focused on enhancing the performance and security of scalar multiplication. In this work, we describe three schemes to counter power analysis cryptographic attacks. The first scheme provides improved security at the expense of a very small cost of additional hardware overhead; its basic idea is to randomize independent field operations in order to have multiple power consumption traces for each point operation. In the second scheme, we introduce an atomic block that consists of addition, multiplication and addition [A-M-A]. This technique provides a very good scalar multiplication protection but with increased computation cost. The third scheme provides both security and speed by adopting the second tech- nique and enhancing the instruction-level parallelism at the atomic level. As a result, the last scheme also provides a reduction in computing time. With these schemes the users can optimize the trade-off between speed, cost, and security level according to their needs and resources. / Graduate / 0544 / 0984 / z.mohaimeed@gmail.com

elliptic curve cryptography

power analysis

Elliptic curve Diffie-Hellman

ECDH

ECC

atomic block

Side-Channel Attack Aware Implementation

[en] AN ASSESSMENT OF PRESENTATION ATTACK DETECTION METHODS FOR FACE RECOGNITION SYSTEMS / [pt] AVALIAÇÃO DE MÉTODOS DE DETECÇÃO DE FRAUDE EM SISTEMAS DE RECONHECIMIENTO FACIAL

GUILLERMO ESTRADA DOMECH

07 November 2018

[pt] As vulnerabilidades dos Sistemas de Reconhecimento Facial (FRS) aos Ataques de Apresentação (PA) foram recentemente reconhecidas pela comunidade biométrica, mas ainda existe a falta de técnicas faciais de Detecção de Ataque de Apresentação (PAD) baseadas em software que apresentam desempenho robusto em cenários de autenticação realistas. O objetivo principal desta dissertação é analisar, avaliar e comparar alguns dos métodos baseados em atributos do estado-da-arte para PAD facial em uma variedade de condições, considerando três dos bancos de dados de fraude facial publicamente disponíveis 3DMAD, REPLAY-MOBILE e OULU-NPU. No presente trabalho, os métodos de PAD baseados em descritores de texturas LBP-RGB, BSIF-RGB e IQM foram investigados. Ademais, um Autoencoder Convolucional (CAE), um descritor de atributos aprendidos, também foi implementado e avaliado. Também, abordagens de classificação de uma e duas classes foram implementadas e avaliadas. Os experimentos realizados neste trabalho foram concebidos para medir o desempenho de diferentes esquemas de PAD em duas condições: (i) intra-banco de dados e (ii) inter-banco de dados. Os resultados revelaram que a eficácia dos atributos aprendidos pelo CAE em esquemas de PAD baseados na abordagem de classificação de duas classes fornece, em geral, o melhor desempenho em protocolos de avaliação intra-banco de dados. Os resultados também indicam que os esquemas de PAD baseados na abordagem de classificação de uma classe não são inferiores em comparação às suas contrapartes de duas classes nas avaliações inter-banco de dados. / [en] The vulnerabilities of Face Recognition Systems (FRS) to Presentation Attacks (PA) have been recently recognized by the biometric community, but there is still a lack of generalized software-based facial Presentation Attack Detection (PAD) techniques that perform robustly in realistic authentication scenarios. The main objective of this dissertation is to analyze, evaluate and compare some of the most relevant, state-of-the-art feature-based methods for facial PAD in a variety of conditions, considering three of the facial spoofing databases publicly available 3DMAD, REPLAYMOBILE and OULU-NPU. In the current work, PAD methods based on LBP-RGB, BSIF-RGB and IQM hand-crafted texture descriptors were investigated. Additionally, a Convolutional Autoencoder (CAE), a learned feature descriptor, was also implemented and evaluated. Furthermore, oneclass and two-class classification approaches were implemented and evaluated. The experiments conducted in this work were designed to measure the performance of different PAD schemes in two conditions, namely: (i) intradatabase and (ii) inter-database (or cross-database). The results revealed the effectiveness of the features learned by CAE in two-class classification PAD schemes provide, in general, the best performance in intra-database evaluation protocols. The results also indicate that PAD schemes based on one-class classification approach are not inferior as compared to their twoclass counterpart in the inter-database evaluations.

[pt] DETECCAO DE FRAUDE

[en] PRESENTATION ATTACK DETECTION

[pt] CONTRAMEDIDA

[en] COUNTERMEASURE

[pt] SISTEMA ANTI-FRAUDE

[en] ANTISPOOFING SYSTEM

[pt] SISTEMA DE RECONHECIMENTO FACIAL

[en] FACE RECOGNITION SYSTEM

Software-based countermeasures to 2D facial spoofing attacks

Komulainen, J. (Jukka)

11 August 2015

Abstract Because of its natural and non-intrusive interaction, identity verification and recognition using facial information is among the most active areas in computer vision research. Unfortunately, it has been shown that conventional 2D face recognition techniques are vulnerable to spoofing attacks, where a person tries to masquerade as another one by falsifying biometric data and thereby gaining an illegitimate advantage. This thesis explores different directions for software-based face anti-spoofing. The proposed approaches are divided into two categories: first, low-level feature descriptors are applied for describing the static and dynamic characteristic differences between genuine faces and fake ones in general, and second, complementary attack-specific countermeasures are investigated in order to overcome the limitations of generic spoof detection schemes. The static face representation is based on a set of well-known feature descriptors, including local binary patterns, Gabor wavelet features and histogram of oriented gradients. The key idea is to capture the differences in quality, light reflection and shading by analysing the texture and gradient structure of the input face images. The approach is then extended to the spatiotemporal domain when both facial appearance and dynamics are exploited for spoof detection using local binary patterns from three orthogonal planes. It is reasonable to assume that no generic spoof detection scheme is able to detect all known, let alone unseen, attacks scenarios. In order to find out well-generalizing countermeasures, the problem of anti-spoofing is broken into two attack-specific sub-problems based on whether the spoofing medium can be detected in the provided view or not. The spoofing medium detection is performed by describing the discontinuities in the gradient structures around the detected face. If the display medium is concealed outside the view, a combination of face and background motion correlation measurement and texture analysis is applied. Furthermore, an open-source anti-spoofing fusion framework is introduced and its system-level performance is investigated more closely in order to gain insight on how to combine different anti-spoofing modules. The proposed spoof detection schemes are evaluated on the latest benchmark datasets. The main findings of the experiments are discussed in the thesis. / Tiivistelmä Kasvokuvaan perustuvan henkilöllisyyden tunnistamisen etuja ovat luonnollinen vuorovaikutus ja etätunnistus, minkä takia aihe on ollut erittäin aktiivinen tutkimusalue konenäön tutkimuksessa. Valitettavasti tavanomaiset kasvontunnistustekniikat ovat osoittautuneet haavoittuvaisiksi hyökkäyksille, joissa kameralle esitetään jäljennös kohdehenkilön kasvoista positiivisen tunnistuksen toivossa. Tässä väitöskirjassa tutkitaan erilaisia ohjelmistopohjaisia ratkaisuja keinotekoisten kasvojen ilmaisuun petkuttamisen estämiseksi. Työn ensimmäisessä osassa käytetään erilaisia matalan tason piirteitä kuvaamaan aitojen ja keinotekoisten kasvojen luontaisia staattisia ja dynaamisia eroavaisuuksia. Työn toisessa osassa esitetään toisiaan täydentäviä hyökkäystyyppikohtaisia vastakeinoja, jotta yleispätevien menetelmien puutteet voitaisiin ratkaista ongelmaa rajaamalla. Kasvojen staattisten ominaisuuksien esitys perustuu yleisesti tunnettuihin matalan tason piirteisiin, kuten paikallisiin binäärikuvioihin, Gabor-tekstuureihin ja suunnattujen gradienttien histogrammeihin. Pääajatuksena on kuvata aitojen ja keinotekoisten kasvojen laadun, heijastumisen ja varjostumisen eroavaisuuksia tekstuuria ja gradienttirakenteita analysoimalla. Lähestymistapaa laajennetaan myös tila-aika-avaruuteen, jolloin hyödynnetään samanaikaisesti sekä kasvojen ulkonäköä ja dynamiikkaa irroittamalla paikallisia binäärikuvioita tila-aika-avaruuden kolmelta ortogonaaliselta tasolta. Voidaan olettaa, ettei ole olemassa yksittäistä yleispätevää vastakeinoa, joka kykenee ilmaisemaan jokaisen tunnetun hyökkäystyypin, saati tuntemattoman. Näin ollen työssä keskitytään tarkemmin kahteen hyökkäystilanteeseen. Ensimmäisessä tapauksessa huijausapuvälineen reunoja ilmaistaan analysoimalla gradienttirakenteiden epäjatkuvuuksia havaittujen kasvojen ympäristössä. Jos apuvälineen reunat on piilotettu kameran näkymän ulkopuolelle, petkuttamisen ilmaisu toteutetaan yhdistämällä kasvojen ja taustan liikkeen korrelaation mittausta ja kasvojen tekstuurianalyysiä. Lisäksi työssä esitellään vastakeinojen yhdistämiseen avoimen lähdekoodin ohjelmisto, jonka avulla tutkitaan lähemmin menetelmien fuusion vaikutuksia. Tutkimuksessa esitetyt menetelmät on kokeellisesti vahvistettu alan viimeisimmillä julkisesti saatavilla olevilla tietokannoilla. Tässä väitöskirjassa käydään läpi kokeiden päähavainnot.

anti-spoofing

biometrics

computer vision

countermeasure

face recognition

liveness detection

presentation attack

spoofing

biometriikka

eloisuuden ilmaisu

huijaamisen esto

hyökkäys

kasvontunnistus

konenäkö

petkuttaminen

vastakeino

Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost / Design of security countermeasures implementation in accordance with ISMS for business company

Dočekal, Petr

January 2018

The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.

Řízení bezpečnosti inteligentní domácnosti / Smart Home Security Management

Valičková, Monika

January 2018

This diploma thesis is focused on increasing Smart Home Control System security in terms of information, network and physical security. It is based on a risk analysis of the current state of applied security management and the needs of the house owner. Both security countermeasure and cost analysis are thoroughly discussed, and the thesis also contains methodology, which describes the management of smart home security and improvement of end-user security awareness.

Management informační bezpečnosti v podniku / The Information Security Management in Company

Kalabis, Petr

January 2016

This master thesis is focused on the design of implementation the information security management system in the company according to standards ISO/IEC 27000. First of all, it was described the theory of information security management system and it was explained the relevant terms and other requirements in the context of this issue. This assignment involves analysis of the current situation of the company and suggestions that lead to reducing discovered risks and bring improvement of the general information security.

SEKUNDÄR TRAUMATISERING HOS NYEXAMINERADE SOCIONOMER : EN UNDERSÖKNING OM UPPLEVELSER, STRATEGIER OCH RISKER / SECONDARY TRAUMATIZATION IN RECENTLY GRADUATED SOCIOLOGISTS : AN INVESTIGATION INTO EXPERIENCES, STRATEGIES AND RISK FACTORS

Hellström, Lovisa, Karlsson Limani, Robin

January 2024

Att jobba med socialt arbete idag innebär att man i sitt dagliga arbete möter personer på individ-, grupp- och samhällsnivå som befinner sig i någon form av kris. Något som beroende på situationen kan leda till uppkomsten av negativa effekter, exempelvis sekundär traumatisering. Syftet med detta examensarbete var därför att undersöka i vilken utsträckning nyexaminerade socionomer upplever detta fenomen i arbetslivet. Utifrån syfte och frågeställningar sammanställdes fyra teman som undersöktes med hjälp av en kvantitativ ansats där datainsamlingsmetoden bestod av en frågeenkät som besvarades av totalt 126 deltagare. Utifrån resultaten av dessa teman framkom det att majoriteten av deltagarna inte har diskuterat fenomenet under studietiden och att de någon gång har upplevt sekundär traumatisering både i och utanför arbetslivet. Resultatet av den insamlade datan tolkades sedan med hjälp av två teoretiska begrepp: förebyggande och resiliens. Studiens resultat visar vidare på vikten av att informera socionomstudenter om de eventuella riskerna med socialt arbete samt hur dessa kan förebyggas och motverkas. / Working within the social work arena today means that you in your daily work meet people at individual, group and community level who are in some form of crisis. Something that, depending on the situation, can lead to the emergence of negative effects, such as secondary traumatization. The purpose of this thesis was therefore to examine if and to what extent newly graduated sociologists have experienced or are experiencing this phenomenon in their work. Based on the purpose and questions, four themes were compiled that were investigated using a quantitative approach where the data collection method consisted of a questionnaire that was answered by a total of 126 participants. Based on the results of these themes, it appears that the majority of the participants did not discuss the phenomenon during the study period and that they have at some point experienced secondary traumatization outside of and in their work life. The result of the collected data was then interpreted using prevention and resilience as a theoretical outset. These results show the importance of informing sociology students about the possible risks of social work and how these can be prevented and countered.

experiences

newly graduated sociologists

prevention and countermeasure strategies

risks

secondary traumatization

social work

förebyggande och motverkande strategier

nyexaminerade socionomer

sekundär traumatisering

socialt arbete

upplevelser

Social Work

Socialt arbete

A framework for the protection of mobile agents against malicious hosts

Biermann, Elmarie

30 September 2004

The mobility attribute of a mobile agent implies deployment thereof in untrustworthy environments, which introduces malicious host threats. The research question deals with how a security framework could be constructed to address the mentioned threats without introducing high costs or restraining the mobile agent's autonomy or performance. Available literature have been studied, analysed and discussed. The salient characteristics as well as the drawbacks of current solutions were isolated. Through this knowledge a dynamic mobile agent security framework was defined. The framework is based on the definition of multiple security levels, depending on type of deployment environment and type of application. A prototype was constructed and tested and it was found to be lightweight and efficient, giving developers insight into possible security threats as well as tools for maximum protection against malicious hosts. The framework outperformed other frameworks / models as it provides dynamic solutions without burdening a system with unnecessary security gadgets and hence paying for it in system cost and performance / Computing / D.Phil.

Computer security

Communication networks

Countermeasure classification

Mobile agent security framework

Security framework requirements

Threats classification

Malicious hosts

Mobile agent security

005.8

Mobile agents (Computer software)

Computer security

Computer networks -- Security measures

Optimization of cost-based threat response for Security Information and Event Management (SIEM) systems

Gonzalez Granadillo, Gustavo Daniel

12 December 2013

Current Security Information and Event Management systems (SIEMs) constitute the central platform of modern security operating centers. They gather events from various sensors (intrusion detection systems, anti-virus, firewalls, etc.), correlate these events, and deliver synthetic views for threat handling and security reporting. Research in SIEM technologies has traditionally focused on providing a comprehensive interpretation of threats, in particular to evaluate their importance and prioritize responses accordingly. However, in many cases, threat responses still require humans to carry out the analysis and decision tasks e.g., understanding the threats, defining the appropriate countermeasures and deploying them. This is a slow and costly process, requiring a high level of expertise, and remaining error-prone nonetheless. Thus, recent research in SIEM technology has focused on the ability to automate the process of selecting and deploying countermeasures. Several authors have proposed automatic response mechanisms, such as the adaptation of security policies, to overcome the limitations of static or manual response. Although these approaches improve the reaction process (making it faster and/or more efficient), they remain limited since these solutions do not analyze the impact of the countermeasures selected to mitigate the attacks. In this thesis, we propose a novel and systematic process to select the optimal countermeasure from a pool of candidates, by ranking them based on a trade-off between their efficiency in stopping the attack and their ability to preserve, at the same time, the best service to normal users. In addition, we propose a model to represent graphically attacks and countermeasures, so as to determine the volume of each element in a scenario of multiple attacks. The coordinates of each element are derived from a URI. This latter is mainly composed of three axes: user, channel, and resource. We use the CARVER methodology to give an appropriate weight to each element composing the axes in our coordinate system. This approach allows us to connect the volumes with the risks (i.e. big volumes are equivalent to high risk, whereas small volumes are equivalent to low risk). Two concepts are considered while comparing two or more risk volumes: Residual risk, which results when the risk volume is higher than the countermeasure volume; and Collateral damage, which results when the countermeasure volume is higher than the risk volume. As a result, we are able to evaluate countermeasures for single and multiple attack scenarios, making it possible to select the countermeasure or group of countermeasures that provides the highest benefit to the organization

[INFO:INFO_OH] Computer Science/Other

[INFO:INFO_OH] Informatique/Autre

Countermeasure selection

Multiple attacks

Return on response investment (RORI)

Attack volume

Combined selection of countermeasures