Performance Evaluation Study of Intrusion Detection Systems.

Alhomoud, Adeeb M., Munir, Rashid, Pagna Disso, Jules F., Al-Dhelaan, A., Awan, Irfan U.

2011 August 1917

With the thriving technology and the great increase in the usage of computer networks, the risk of having these network to be under attacks have been increased. Number of techniques have been created and designed to help in detecting and/or preventing such attacks. One common technique is the use of Network Intrusion Detection / Prevention Systems NIDS. Today, number of open sources and commercial Intrusion Detection Systems are available to match enterprises requirements but the performance of these Intrusion Detection Systems is still the main concern. In this paper, we have tested and analyzed the performance of the well know IDS system Snort and the new coming IDS system Suricata. Both Snort and Suricata were implemented on three different platforms (ESXi virtual server, Linux 2.6 and FreeBSD) to simulate a real environment. Finally, in our results and analysis a comparison of the performance of the two IDS systems is provided along with some recommendations as to what and when will be the ideal environment for Snort and Suricata.

Attacks

; Intrusion Detection Systems (IDS)

; Traffic

; Performance evaluation

; Packet drops

; Suricata

; Snort

; Alerts

; Network security

Recommendation based trust model with an effective defence scheme for MANETs

Shabut, Antesar R.M., Dahal, Keshav P., Bista, Sanat K., Awan, Irfan U.

January 2015

Yes / The reliability of delivering packets through multi-hop intermediate nodes is a significant issue in the mobile ad hoc networks (MANETs). The distributed mobile nodes establish connections to form the MANET, which may include selfish and misbehaving nodes. Recommendation based trust management has been proposed in the literature as a mechanism to filter out the misbehaving nodes while searching for a packet delivery route. However, building a trust model that relies on the recommendations from other nodes in the network is vulnerable to the possible dishonest behaviour, such as bad-mouthing, ballot-stuffing, and collusion, of the recommending nodes. . This paper investigates the problems of attacks posed by misbehaving nodes while propagating recommendations in the existing trust models. We propose a recommendation based trust model with a defence scheme that utilises clustering technique to dynamically filter attacks related to dishonest recommendations within certain time based on number of interactions, compatibility of information and node closeness. The model is empirically tested in several mobile and disconnected topologies in which nodes experience changes in their neighbourhoods and consequently face frequent route changes. The empirical analysis demonstrates robustness and accuracy of the trust model in a dynamic MANET environment.

Detection of advanced persistent threat using machine-learning correlation analysis

Ghafir, Ibrahim, Hammoudeh, M., Prenosil, V., Han, L., Hegarty, R., Rabie, K., Aparicio-Navarro, F.J.

24 January 2020

Yes / As one of the most serious types of cyber attack, Advanced Persistent Threats (APT) have caused major concerns on a global scale. APT refers to a persistent, multi-stage attack with the intention to compromise the system and gain information from the targeted system, which has the potential to cause significant damage and substantial financial loss. The accurate detection and prediction of APT is an ongoing challenge. This work proposes a novel machine learning-based system entitled MLAPT, which can accurately and rapidly detect and predict APT attacks in a systematic way. The MLAPT runs through three main phases: (1) Threat detection, in which eight methods have been developed to detect different techniques used during the various APT steps. The implementation and validation of these methods with real traffic is a significant contribution to the current body of research; (2) Alert correlation, in which a correlation framework is designed to link the outputs of the detection methods, aims to identify alerts that could be related and belong to a single APT scenario; and (3) Attack prediction, in which a machine learning-based prediction module is proposed based on the correlation framework output, to be used by the network security team to determine the probability of the early alerts to develop a complete APT attack. MLAPT is experimentally evaluated and the presented system is able to predict APT in its early steps with a prediction accuracy of 84.8%.

Cyber attacks

Advanced persistent threat

Malware

Intrusion detection system

Alert correlation

Machine learning

BotDet: a system for real time Botnet command and control traffic detection

Ghafir, Ibrahim, Prenosil, V., Hammoudeh, M., Baker, T., Jabbar, S., Khalid, S., Jaf, S.

24 January 2020

Yes / Over the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed system: 1) we have developed four detection modules to detect different possible techniques used in botnet C&C communications and 2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6%, respectively. Furthermore, it proves BotDet capability of real time detection.

Critical infrastructure security

Healthcare cyber attacks

Malware

Botnet

Command and control server

Intrusion detection system

Alert correlation

Lost cause: consequences and implications of the war on terror

Rogers, Paul F.

January 2013

By 2001, the al-Qaida movement had evolved into a transnational revolutionary movement with an eschatological dimension, facilitating the 9/11 attacks to gain religious support and incite a strong reaction. The Bush administration was particularly tough in its response, terminating the Taliban regime and then declaring the right of pre-emption against a wider axis of evil, which led on to regime termination in Iraq and the intended constraining of Iran. In the event, regime termination in Iraq and Afghanistan resulted in protracted wars that were intensely costly in human and resource terms, and Iranian influence actually increased. The al-Qaida movement was dispersed while being transformed into a potent idea with little in the way of an organised structure, yet was effective in catalysing movements from South Asia through the Middle East to sub-Saharan Africa. Analyses of events in Iraq and Afghanistan point to deep misconceptions over the potential for the use of military force and of imposed state building. After more than a decade after 9/11, there has been a re-orientation away from large-scale occupations towards more remote means of maintaining control, with an emphasis on armed drones, special forces and privatised military companies. This approach appears initially appropriate and attractive but may be as counterproductive as the previous approach.

Anomaly Detection for Control Centers

Gyamfi, Cliff Oduro

06 1900

The control center is a critical location in the power system infrastructure. Decisions regarding the power system’s operation and control are often made from the control center. These control actions are made possible through SCADA communication. This capability however makes the power system vulnerable to cyber attacks. Most of the decisions taken by the control center dwell on the measurement data received from substations. These measurements estimate the state of the power grid. Measurement-based cyber attacks have been well studied to be a major threat to control center operations. Stealthy false data injection attacks are known to evade bad data detection. Due to the limitations with bad data detection at the control center, a lot of approaches have been explored especially in the cyber layer to detect measurement-based attacks. Though helpful, these approaches do not look at the physical layer. This study proposes an anomaly detection system for the control center that operates on the laws of physics. The system also identifies the specific falsified measurement and proposes its estimated measurement value. / United States Department of Energy (DOE) National Renewable Energy Laboratory (NREL) / Master of Science / Electricity is an essential need for human life. The power grid is one of the most important human inventions that fueled other technological innovations in the industrial revolution. Changing demands in usage have added to its operational complexity. Several modifications have been made to the power grid since its invention to make it robust and operationally safe. Integration of ICT has significantly improved the monitoring and operability of the power grid. Improvements through ICT have also exposed the power grid to cyber vulnerabilities. Since the power system is a critical infrastructure, there is a growing need to keep it secure and operable for the long run. The control center of the power system serves mainly as the decision-making hub of the grid. It operates through a communication link with the various dispersed devices and substations on the grid. This interconnection makes remote control and monitoring decisions possible from the control center. Data from the substations through the control center are also used in electricity markets and economic dispatch. The control center is however susceptible to cyber-attacks, particularly measurement-based attacks. When attackers launch measurement attacks, their goal is to force control actions from the control center that can make the system unstable. They make use of the vulnerabilities in the cyber layer to launch these attacks. They can inject falsified data packets through this link to usurp correct ones upon arrival at the control center. This study looks at an anomaly detection system that can detect falsified measurements at the control center. It will also indicate the specific falsified measurements and provide an estimated value for further analysis.

Measurement-Based Cyber Attacks

State Estimation

Anomaly Detection

Energy Management System

Control Center

Energy Efficient Deep Spiking Recurrent Neural Networks: A Reservoir Computing-Based Approach

Hamedani, Kian

18 June 2020

Recurrent neural networks (RNNs) have been widely used for supervised pattern recognition and exploring the underlying spatio-temporal correlation. However, due to the vanishing/exploding gradient problem, training a fully connected RNN in many cases is very difficult or even impossible. The difficulties of training traditional RNNs, led us to reservoir computing (RC) which recently attracted a lot of attention due to its simple training methods and fixed weights at its recurrent layer. There are three different categories of RC systems, namely, echo state networks (ESNs), liquid state machines (LSMs), and delayed feedback reservoirs (DFRs). In this dissertation a novel structure of RNNs which is inspired by dynamic delayed feedback loops is introduced. In the reservoir (recurrent) layer of DFR, only one neuron is required which makes DFRs extremely suitable for hardware implementations. The main motivation of this dissertation is to introduce an energy efficient, and easy to train RNN while this model achieves high performances in different tasks compared to the state-of-the-art. To improve the energy efficiency of our model, we propose to adopt spiking neurons as the information processing unit of DFR. Spiking neural networks (SNNs) are the most biologically plausible and energy efficient class of artificial neural networks (ANNs). The traditional analog ANNs have marginal similarity with the brain-like information processing. It is clear that the biological neurons communicate together through spikes. Therefore, artificial SNNs have been introduced to mimic the biological neurons. On the other hand, the hardware implementation of SNNs have shown to be extremely energy efficient. Towards achieving this overarching goal, this dissertation presents a spiking DFR (SDFR) with novel encoding schemes, and defense mechanisms against adversarial attacks. To verify the effectiveness and performance of the SDFR, it is adopted in three different applications where there exists a significant Spatio-temporal correlations. These three applications are attack detection in smart grids, spectrum sensing of multi-input-multi-output(MIMO)-orthogonal frequency division multiplexing (OFDM) Dynamic Spectrum Sharing (DSS) systems, and video-based face recognition. In this dissertation, the performance of SDFR is first verified in cyber attack detection in Smart grids. Smart grids are a new generation of power grids which guarantee a more reliable and efficient transmission and delivery of power to the costumers. A more reliable and efficient power generation and distribution can be realized through the integration of internet, telecommunication, and energy technologies. The convergence of different technologies, brings up opportunities, but the challenges are also inevitable. One of the major challenges that pose threat to the smart grids is cyber-attacks. A novel method is developed to detect false data injection (FDI) attacks in smart grids. The second novel application of SDFR is the spectrum sensing of MIMO-OFDM DSS systems. DSS is being implemented in the fifth generation of wireless communication systems (5G) to improve the spectrum efficiency. In a MIMO-OFDM system, not all the subcarriers are utilized simultaneously by the primary user (PU). Therefore, it is essential to sense the idle frequency bands and assign them to the secondary user (SU). The effectiveness of SDFR in capturing the spatio-temporal correlation of MIMO-OFDM time-series and predicting the availability of frequency bands in the future time slots is studied as well. In the third application, the SDFR is modified to be adopted in video-based face recognition. In this task, the SDFR is leveraged to recognize the identities of different subjects while they rotate their heads in different angles. Another contribution of this dissertation is to propose a novel encoding scheme of spiking neurons which is inspired by the cognitive studies of rats. For the first time, the multiplexing of multiple neural codes is introduced and it is shown that the robustness and resilience of the spiking neurons is increased against noisy data, and adversarial attacks, respectively. Adversarial attacks are small and imperceptible perturbations of the input data, which have shown to be able to fool deep learning (DL) models. So far, many adversarial attack and defense mechanisms have been introduced for DL models. Compromising the security and reliability of artificial intelligence (AI) systems is a major concern of government, industry and cyber-security researchers, in that insufficient protections can compromise the security and privacy of everyone in society. Finally, a defense mechanism to protect spiking neurons against adversarial attacks is introduced for the first time. In a nutshell, this dissertation presents a novel energy efficient deep spiking recurrent neural network which is inspired by delayed dynamic loops. The effectiveness of the introduced model is verified in several different applications. At the end, novel encoding and defense mechanisms are introduced which improve the robustness of the model against noise and adversarial attacks. / Doctor of Philosophy / The ultimate goal of artificial intelligence (AI) is to mimic the human brain. Artificial neural networks (ANN) are an attempt to realize that goal. However, traditional ANNs are very far from mimicking biological neurons. It is well-known that biological neurons communicate with one another through signals in the format of spikes. Therefore, artificial spiking neural networks (SNNs) have been introduced which behave more similarly to biological neurons. Moreover, SNNs are very energy efficient which makes them a suitable choice for hardware implementation of ANNs (neuromporphic computing). Despite the many benefits that are brought about by SNNs, they are still behind traditional ANNs in terms of performance. Therefore, in this dissertation, a new structure of SNNs is introduced which outperforms the traditional ANNs in three different applications. This new structure is inspired by delayed dynamic loops which exist in biological brains. The main objective of this novel structure is to capture the spatio-temporal correlation which exists in time-series while the training overhead and power consumption is reduced. Another contribution of this dissertation is to introduce novel encoding schemes for spiking neurons. It is clear that biological neurons leverage spikes, but the language that they use to communicate is not clear. Hence, the spikes require to be encoded in a certain language which is called neural spike encoding scheme. Inspired by the cognitive studies of rats, a novel encoding scheme is presented. Lastly, it is shown that the introduced encoding scheme increases the robustness of SNNs against noisy data and adversarial attacks. AI models including SNNs have shown to be vulnerable to adversarial attacks. Adversarial attacks are minor perturbations of the input data that can cause the AI model to misscalassify the data. For the first time, a defense mechanism is introduced which can protect SNNs against such attacks.

Recurrent Neural Network

Reservoir Computing

Spiking Neural Networks

Smart Grids

Spectrum Sensing

Adversarial Attacks.

Towards Comprehensive Side-channel Resistant Embedded Systems

Yao, Yuan

17 August 2021

Embedded devices almost involve every part of our lives, such as health condition monitoring, communicating with other people, traveling, financial transactions, etc. Within the embedded devices, our private information is utilized, collected and stored. Cryptography is the security mechanism within the embedded devices for protecting this secret information. However, cryptography algorithms can still be analyzed and attacked by malicious adversaries to steal secret data. There are different categories of attacks towards embedded devices, and the side-channel attack is one of the powerful attacks. Unlike analyzing the vulnerabilities within the cryptography algorithm itself in traditional attacks, the side-channel attack observes the physical effect signals while the cryptography algorithm runs on the device. These physical effects include the power consumption of the devices, timing, electromagnetic radiations, etc., and we call these physical effects that carry secret information side-channel leakage. By statistically analyzing these side-channel leakages, an attacker can reconstruct the secret information. The manifestation of side-channel leakage happens at the hardware level. Therefore, the designer has to ensure that the hardware design of the embedded system is secure against side-channel attacks. However, it is very arduous work. An embedded systems design including a large number of electronic components makes it very difficult to comprehensively capture every side-channel vulnerability, locate the root cause of the side-channel leakage, and efficiently fix the vulnerabilities. In this dissertation, we developed methodologies that can help designers detect and fix side-channel vulnerabilities within the embedded system design at low cost and early design stage. / Doctor of Philosophy / Side-channel leakage, which reveals the secret information from the physical effects of computing secret variables, has become a serious vulnerability in secure hardware and software implementations. In side-channel attacks, adversaries passively exploit variations such as power consumption, timing, and electromagnetic emission during the computation with secret variables to retrieve sensitive information. The side-channel attack poses a practical threat to embedded devices, an embedded device's cryptosystem without adequate protection against side-channel leakage can be easily broken by the side-channel attack. In this dissertation, we investigate methodologies to build up comprehensive side-channel resistant embedded systems. However, this is challenging because of the complexity of the embedded system. First, an embedded system integrates a large number of components. Even if the designer can make sure that each component is protected within the system, the integration of the components will possibly introduce new vulnerabilities. Second, the existing side-channel leakage evaluation of embedded system design happens post-silicon and utilizes the measurement on the prototype of the taped-out chip. This is too late for mitigating the vulnerability in the design. Third, due to the complexity of the embedded system, even though the side-channel leakage is detected, it is very hard to precisely locate the root cause within the design. Existing side-channel attack countermeasures are very costly in terms of design overhead. Without a method that can precisely identify the side-channel leakage source within the design, huge overhead will be introduced by blindly add the side-channel countermeasure to the whole design. To make the challenge even harder, the Power Distribution Network (PDN) where the hardware design locates is also vulnerable to side-channel attacks. It has been continuously demonstrated by researchers that attackers can place malicious circuits on a shared PDN with victim design and open the opportunities for the attackers to inject faults or monitoring power changes of the victim circuit. In this dissertation, we address the challenges mentioned above in designing a side-channel-resistant embedded system. We categorize our contributions into three major aspects—first, we investigating the effects of integration of security components and developing corresponding countermeasures. We analyze the vulnerability in a widely used countermeasure - masking, and identify that the random number transfer procedure is a weak link in the integration which can be bypassed by the attacker. We further propose a lightweight protection scheme to protect function calls from instruction skip fault attacks. Second, we developed a novel analysis methodology for pre-silicon side-channel leakage evaluation and root cause analysis. The methodology we developed enables the designer to detect the side-channel leakage at the early pre-silicon design stage, locate the leakage source in the design precisely to the individual gate and apply highly targeted countermeasure with low overhead. Third, we developed a multipurpose on-chip side-channel and fault monitoring extension - Programmable Ring Oscillator (PRO), to further guarantee the security of PDN. PRO can provide on-chip side-channel resistance, power monitoring, and fault detection capabilities to the secure design. We show that PRO as application-independent integrated primitives can provide side-channel and fault countermeasure to the design at a low cost.

Side-Channel Attacks

Pre-silicon

Side-channel Leakage Source

Countermeasures

Simulation

Root Cause Analysis

Leakage Evaluation

Electromagnetic Interference Attacks on Cyber-Physical Systems: Theory, Demonstration, and Defense

Dayanikli, Gokcen Yilmaz

27 August 2021

A cyber-physical system (CPS) is a complex integration of hardware and software components to perform well-defined tasks. Up to this point, many software-based attacks targeting the network and computation layers have been reported by the researchers. However, the physical layer attacks that utilize natural phenomena (e.g., electromagnetic waves) to manipulate safety-critic signals such as analog sensor outputs, digital data, and actuation signals have recently taken the attention. The purpose of this dissertation is to detect the weaknesses of cyber-physical systems against low-power Intentional Electromagnetic Interference (IEMI) attacks and provide hardware-level countermeasures. Actuators are irreplaceable components of electronic systems that control the physically moving sections, e.g., servo motors that control robot arms. In Chapter 2, the potential effects of IEMI attacks on actuation control are presented. Pulse Width Modulation (PWM) signal, which is the industry–standard for actuation control, is observed to be vulnerable to IEMI with specific frequency and modulated–waveforms. Additionally, an advanced attacker with limited information about the victim can prevent the actuation, e.g., stop the rotation of a DC or servo motor. For some specific actuator models, the attacker can even take the control of the actuators and consequently the motion of the CPS, e.g., the flight trajectory of a UAV. The attacks are demonstrated on a fixed-wing unmanned aerial vehicle (UAV) during varying flight scenarios, and it is observed that the attacker can block or take control of the flight surfaces (e.g., aileron) which results in a crash of the UAV or a controllable change in its trajectory, respectively. Serial communication protocols such as UART or SPI are widely employed in electronic systems to establish communication between peripherals (e.g., sensors) and controllers. It is observed that an adversary with the reported three-phase attack mechanism can replace the original victim data with the 'desired' false data. In the detection phase, the attacker listens to the EM leakage of the victim system. In the signal processing phase, the exact timing of the victim data is determined from the victim EM leakage, and in the transmission phase, the radiated attack waveform replaces the original data with the 'desired' false data. The attack waveform is a narrowband signal at the victim baud rate, and in a proof–of–concept demonstration, the attacks are observed to be over 98% effective at inducing a desired bit sequence into pseudorandom UART frames. Countermeasures such as twisted cables are discussed and experimentally validated in high-IEMI scenarios. In Chapter 4, a state-of-art electrical vehicle (EV) charger is assessed in IEMI attack scenarios, and it is observed that an attacker can use low–cost RF components to inject false current or voltage sensor readings into the system. The manipulated sensor data results in a drastic increase in the current supplied to the EV which can easily result in physical damage due to thermal runaway of the batteries. The current switches, which control the output current of the EV charger, can be controlled (i.e., turned on) by relatively high–power IEMI, which gives the attacker direct control of the current supplied to the EV. The attacks on UAVs, communication systems, and EV chargers show that additional hardware countermeasures should be added to the state-of-art system design to alleviate the effect of IEMI attacks. The fiber-optic transmission and low-frequency magnetic field shielding can be used to transmit 'significant signals' or PCB-level countermeasures can be utilized which are reported in Chapter 5. / Doctor of Philosophy / The secure operation of an electronic system depends on the integrity of the signals transmitted from/to components like sensors, actuators, and controllers. Adversaries frequently aim to block or manipulate the information carried in sensor and actuation signals to disrupt the operation of the victim system with physical phenomena, e.g., infrared light or acoustic waves. In this dissertation, it is shown that low-power electromagnetic (EM) waves, with specific frequency and form devised for the victim system, can be utilized as an attack tool to disrupt, and, in some scenarios, control the operation of the system; moreover, it is shown that these attacks can be mitigated with hardware-level countermeasures. In Chapter 2, the attacks are applied to electric motors on an unmanned aerial vehicle (UAV), and it is observed that an attacker can block (i.e., crash of the UAV) or control the UAV motion with EM waves. In Chapter 3, it is shown that digital communication systems are not resilient against intentional electromagnetic interference (IEMI), either. Low–power EM waves can be utilized by attackers to replace the data in serial communication systems with a success rate %98 or more. In Chapter 4, the attacks are applied to the sensors and actuators of electric vehicle chargers with low–cost over–the–shelf amplifiers and antennas, and it is shown that EM interference attacks can manipulate the sensor data and boosts the current supplied to the EV, which can result in overheating and fire. To ensure secure electronic system operation, hardware–level defense mechanisms are discussed and validated with analytical solutions, simulations, and experiments.

Cyber-Physical System Security

Electromagnetic Attacks

Signal Integrity

An investigation of the differential effectiveness of bibliotherapy and self-regulatory treatments in individuals with panic attacks

Febbraro, Gregorio A. R.

05 October 2007

Several studies targeting individuals with panic disorder have demonstrated that Cognitive-behavioral treatment (CST) is the psychological treatment of choice. CST interventions that include exposure to panic symptoms, along with cognitive restructuring. breathing retraining, and relaxation training are more effective than any of these components administered alone. Past studies have demonstrated the efficacy of imparting the above CBT components in the form of bibliotherapy (BT) in the treatment of panic disorder. The present study examined the differential effectiveness of BT and self-regulatory treatments in the treatment of individuals with panic attacks. The present study examined a much purer version of a self-help bibliotherapy intervention by reducing therapist contact much more than prior studies had done. In addition, the present study examined the additive effectiveness of self-regulatory components-self-monitoring (SM) and feedback (FB)--to BT. Sixty-three participants who experienced a DSM-IV full-blown or limited symptom attack in the two weeks prior to beginning the Self-help Project were assigned via stratified randomization to 1 of 4 experimental conditions: 1) BT alone (N = 17); 2) ST plus DML (daily self-monitoring plus feedback; (N = 15); 3) DML (N = 13); or 4) WL (N = 18). The present study utilized a pre - post treatment assessment design with pre-treatment assessment occurring two weeks prior to treatment and post-treatment assessment occurring approximately two weeks after the end of treatment. Treatment was 8 weeks in duration. Participants were sent pre-treatment assessment and treatment materials via mail in order to minimize therapist contact. At post-treatment assessment, participants were assessed either in-person or via mail/phone depending upon their geographic location. It was expected that participants in all treatment conditions would experience less full-blown panic attacks, limited-symptom attacks, avoidance, fear of having a panic attack, panic cognitions. panic symptoms, state anxiety and depressive symptoms and increases in coping strategies and coping self-efficacy than participants in the WL condition. Furthermore, it was expected that participants in the BT plus DML condition would experience more change on the above dependent variables than participants in the BT alone and DML alone conditions from pre- to post-treatment assessment. A 4 X 2 repeated measures MANOVA revealep no Condition by Time interaction or Condition effect. However, a main effect for time across conditions emerged. Univariate tests revealed significant reductions from pre- to post-treatment assessment for full blown panic attacks, avoidance. fear of having a panic attack. panic cognitions, panic symptoms, depressive symptoms, and state anxiety. In addition, an exploratory 4 X 2 repeated measures ANOVA revealed a Condition by Time interaction with partiCipants in the BT and BT plus DML conditions increasing in coping self-efficacy from pre- to post-treatment. Partial correlations revealed that change in coping self-efficacy was related to lower scores on the Panic Attack Symptoms Questionnaire (PASQ) at post-treatment assessment for participants in the BT and BT plus DML conditions. The results of this study are discussed in terms of motivational issues and the effectiveness of such "pure" self-help interventions with individuals experiencing panic attacks. / Ph. D.

panic disorders

bibliotherapy

self-regulation

panic attacks

self-help

LD5655.V856 1997.F433