A population-based study of transient neurological attacks : incidence, clinical characteristics, investigation, aetiology and prognosis

da Assuncao Gouveia Tuna, Maria

January 2014

Stroke is the second most common cause of death worldwide and the commonest cause of dependency, creates a huge societal burden and is responsible for billions of pounds in health and social care costs. About 30% of strokes occur in individuals with a previous transient ischaemic attack (TIA) or minor stroke. Effective prevention would minimise the consequences. However, the diagnosis of TIA is difficult, particularly by non-experts. About 50% of patients with a suspected TIA or minor stroke have atypical TIAs or a non-vascular diagnosis (TIA/minor stroke mimics). Although there is some evidence that non-specific Transient Neurological Attacks (TNAs) have an increased risk of acute vascular events, the evidence is still both thin and controversial. The aim of my thesis has been to evaluate the burden of TIA/minor stroke mimics, TNAs and all acute cerebrovascular events among all referrals from the general population to a TIA clinic; to determine the reliability of clinical diagnosis of TIA and non-specific TNA; to improve the classification of non-specific TNAs; and to predict the risk of stroke and other major vascular events after a non-specific TNA and TNA syndromes. I have collected and analysed data from a population-based study, the Oxford Vascular Study (OXVASC). OXVASC is an ongoing prospective, population-based incidence study of all vascular diseases in all territories in Oxfordshire, UK, which started in 2002. The study population comprises approximately 92,728 individuals registered with nine GP practices and uses multiple overlapping methods of "hot" and "cold" pursuit to identify patients with acute vascular events. The research described in this thesis has several clinically relevant findings which can contribute to improving the diagnosis and treatment of patients with suspected TIAs. First, I highlighted that TIA/minor stroke mimics (mimics) were responsible for one quarter of all suspected TIAs, had similar short- and long-term risk of acute cardiac events as did TIAs, and that the majority (70%) of mimics were complex neurological conditions. Second, I showed that TIA/minor ischaemic strokes are each more common than major ischaemic strokes and that TIA/minor ischaemic stroke patients together had two-thirds of all recurrent strokes and two-thirds of all myocardial infarctions and sudden cardiac deaths. Moreover, the 10 years' cumulative risk of stroke in patients with TIA, minor stroke and major stroke was very high and the risk of death among all cerebrovascular events was greater than 50%. Third, I found that the crude incidence rate of TNAs per 1000 people in OXVASC was slightly higher than the crude incidence rate of TIAs (0.73 versus 0.67) and increased with age. In addition, I reported that among TNA syndromes, transient isolated vertigo, unilateral sensory symptoms, migraine-aura like events and transient confusion had high incidence rates, whereas transient total paralysis and transient speech arrest had low incidence rates. Fourth, I showed that about one-third of TIAs seen in the first 10 years of OXVASC did not fulfil the classical criteria (NINDS-negative TIA) and had the same short- and long-term risk of stroke as NINDS-positive TIAs. Fifth, although the 90 days stroke risk after a TNA was lower than after a NINDS-positive TIA, in the post 90 days up to 10 years period the risk of recurrent stroke was not significantly different between the two groups. Sixth, the risks of stroke were higher than expected in the background population in all TNA categories (focal-TNA, non-focal TNA and focal plus non-focal TNA) and all TNA syndromes (isolated brainstem syndrome, migraine-like syndrome, isolated sensory syndromes, isolated visual disturbance, isolated speech disturbance, transient confusion and transient unresponsiveness) except transient amnesia. Moreover, non-focal TNAs and focal plus non-focal TNAs had a six times higher risk of stroke than expected and a similar risk to NINDS-positive TIAs. Finally, transient confusion and transient unresponsiveness had a relative risk of stroke nine times higher than expected and twice the risk of NINDS-positive TIAs.

616.8

Micro-architectural Threats to Modern Computing Systems

Inci, Mehmet Sinan

17 April 2019

With the abundance of cheap computing power and high-speed internet, cloud and mobile computing replaced traditional computers. As computing models evolved, newer CPUs were fitted with additional cores and larger caches to accommodate run multiple processes concurrently. In direct relation to these changes, shared hardware resources emerged and became a source of side-channel leakage. Although side-channel attacks have been known for a long time, these changes made them practical on shared hardware systems. In addition to side-channels, concurrent execution also opened the door to practical quality of service attacks (QoS). The goal of this dissertation is to identify side-channel leakages and architectural bottlenecks on modern computing systems and introduce exploits. To that end, we introduce side-channel attacks on cloud systems to recover sensitive information such as code execution, software identity as well as cryptographic secrets. Moreover, we introduce a hard to detect QoS attack that can cause over 90+\% slowdown. We demonstrate our attack by designing an Android app that causes degradation via memory bus locking. While practical and quite powerful, mounting side-channel attacks is akin to listening on a private conversation in a crowded train station. Significant manual labor is required to de-noise and synchronizes the leakage trace and extract features. With this motivation, we apply machine learning (ML) to automate and scale the data analysis. We show that classical machine learning methods, as well as more complicated convolutional neural networks (CNN), can be trained to extract useful information from side-channel leakage trace. Finally, we propose the DeepCloak framework as a countermeasure against side-channel attacks. We argue that by exploiting adversarial learning (AL), an inherent weakness of ML, as a defensive tool against side-channel attacks, we can cloak side-channel trace of a process. With DeepCloak, we show that it is possible to trick highly accurate (99+\% accuracy) CNN classifiers. Moreover, we investigate defenses against AL to determine if an attacker can protect itself from DeepCloak by applying adversarial re-training and defensive distillation. We show that even in the presence of an intelligent adversary that employs such techniques, DeepCloak still succeeds.

cloud security

DoS attacks

machine learning

mobile security

side-channel attacks

Error Detection Techniques Against Strong Adversaries

Akdemir, Kahraman D.

01 December 2010

"Side channel attacks (SCA) pose a serious threat on many cryptographic devices and are shown to be effective on many existing security algorithms which are in the black box model considered to be secure. These attacks are based on the key idea of recovering secret information using implementation specific side-channels. Especially active fault injection attacks are very effective in terms of breaking otherwise impervious cryptographic schemes. Various countermeasures have been proposed to provide security against these attacks. Double-Data-Rate (DDR) computation, dual-rail encoding, and simple concurrent error detection (CED) are the most popular of these solutions. Even though these security schemes provide sufficient security against weak adversaries, they can be broken relatively easily by a more advanced attacker. In this dissertation, we propose various error detection techniques that target strong adversaries with advanced fault injection capabilities. We first describe the advanced attacker in detail and provide its characteristics. As part of this definition, we provide a generic metric to measure the strength of an adversary. Next, we discuss various techniques for protecting finite state machines (FSMs) of cryptographic devices against active fault attacks. These techniques mainly depend on nonlinear robust codes and physically unclonable functions (PUFs). We show that due to the nonuniform behavior of FSM variables, securing FSMs using nonlinear codes is an important and difficult problem. As a solution to this problem, we propose error detection techniques based on nonlinear codes with different randomization methods. We also show how PUFs can be utilized to protect a class of FSMs. This solution provides security on the physical level as well as the logical level. In addition, for each technique, we provide possible hardware realizations and discuss area/security performance. Furthermore, we provide an error detection technique for protecting elliptic curve point addition and doubling operations against active fault attacks. This technique is based on nonlinear robust codes and provides nearly perfect error detection capability (except with exponentially small probability). We also conduct a comprehensive analysis in which we apply our technique to different elliptic curves (i.e. Weierstrass and Edwards) over different coordinate systems (i.e. affine and projective). "

Error Detection

Robust Codes

Advanced Attacker

Side Channel Attacks

Fault Attacks

Tamper-Resistant Arithmetic for Public-Key Cryptography

Gaubatz, Gunnar

01 March 2007

Cryptographic hardware has found many uses in many ubiquitous and pervasive security devices with a small form factor, e.g. SIM cards, smart cards, electronic security tokens, and soon even RFIDs. With applications in banking, telecommunication, healthcare, e-commerce and entertainment, these devices use cryptography to provide security services like authentication, identification and confidentiality to the user. However, the widespread adoption of these devices into the mass market, and the lack of a physical security perimeter have increased the risk of theft, reverse engineering, and cloning. Despite the use of strong cryptographic algorithms, these devices often succumb to powerful side-channel attacks. These attacks provide a motivated third party with access to the inner workings of the device and therefore the opportunity to circumvent the protection of the cryptographic envelope. Apart from passive side-channel analysis, which has been the subject of intense research for over a decade, active tampering attacks like fault analysis have recently gained increased attention from the academic and industrial research community. In this dissertation we address the question of how to protect cryptographic devices against this kind of attacks. More specifically, we focus our attention on public key algorithms like elliptic curve cryptography and their underlying arithmetic structure. In our research we address challenges such as the cost of implementation, the level of protection, and the error model in an adversarial situation. The approaches that we investigated all apply concepts from coding theory, in particular the theory of cyclic codes. This seems intuitive, since both public key cryptography and cyclic codes share finite field arithmetic as a common foundation. The major contributions of our research are (a) a generalization of cyclic codes that allow embedding of finite fields into redundant rings under a ring homomorphism, (b) a new family of non-linear arithmetic residue codes with very high error detection probability, (c) a set of new low-cost arithmetic primitives for optimal extension field arithmetic based on robust codes, and (d) design techniques for tamper resilient finite state machines.

Side Channel Attacks

Fault Attacks

Public-Key Cryptography

Error Detection

Error Detecting Codes

Cryptography

Pojištění proti počítačové kriminalitě / The Insurance against Computer Attacks

Burešová, Nina

January 2011

The subject of this thesis is the growing problem of computer crime and especially the possibility of its reduction and elimination of consequences associated with it. In the introductory chapter is broken down as the development of computer crime in the world as in the Czech Republic. The second chapter compares the possibility of insurance against computer attacks, while the insurance is offered only in foreign countries. The third chapter deals with cyberinsurance economic model and the final chapter outlines possible future development in this area.

CredProxy: A Password Manager for Online Authentication Environments

Golrang, Mohammad Saleh

20 December 2012

Internet users are increasingly required to sign up for online services and establish accounts before receiving service from websites. On the one hand, generation of strong usernames and passwords is a difficult task for the user. On the other hand, memorization of strong passwords is by far more problematic for the average user. Thus, the average user has a tendency to use weak passwords, and also reuse his passwords for more than one website, which makes several attacks feasible. Under the aforementioned circumstances, the use of password managers is beneficial, since they unburden the user from the task of memorizing user credentials. However, password managers have a number of weaknesses. This thesis is mainly aimed at alleviating some of the intrinsic weaknesses of password managers. We propose three cryptographic protocols which can improve the security of password managers while enhancing user convenience. We also present the design of a phishing and Man-in-the-Browser resistant password manger which best fits into our scheme. Furthermore, we present our novel virtual on-screen keyboard and keypad which are designed to provide strong protection mechanisms against threats such as keylogging and shoulder surfing.

Dictionary Attacks

Password Managers

Password Security

Website User Authentication

Virtual Keyboards

MITB Attacks

Ανάλυση και υλοποίηση τεχνικών υδατογράφησης ψηφιακών εικόνων με ανθεκτικότητα σε γεωμετρικές επιθέσεις

Μητσάκος, Ιωάννης

17 September 2007

Σκοπός της συγκεκριμένης εργασίας είναι η παρουσίαση των σημαντικότερων τεχνικών υδατογράφησης (watermarking techniques) ψηφιακών εικόνων με ανθεκτικότητα σε γεωμετρικούς μετασχηματισμούς και η περιγραφή και υλοποίηση ενός τέτοιου συστήματος. Οι γεωμετρικοί μετασχηματισμοί, στους οποίους δόθηκε περισσότερη έμφαση κατά την υλοποίηση του συστήματος υδατογράφησης ψηφιακών εικόνων που θα παρουσιαστεί παρακάτω, έχουν να κάνουν με την κλιμάκωση (scaling), την περιστροφή (rotation) και τον μετασχηματισμό συντεταγμένων (translation) μιας εικόνας καθώς επίσης και με συνδυασμούς αυτών. Παρόλα αυτά όμως το σύστημα που περιγράφεται αντιμετωπίζει σε ικανοποιητικό βαθμό και άλλες γεωμετρικές επιθέσεις (όπως shearing,aspect ratio change, projective, template remove κ.α.).Η ανθεκτικότητα ενός συστήματος υδατογράφησης σε αυτούς τους μετασχηματισμούς έχει να κάνει με την διατήρηση του υδατογραφήματος και την ικανοποιητική ανίχνευση του σε εικόνες που έχουν υποστεί τέτοιου είδους μετασχηματισμούς. Στην εργασία, αρχικά γίνεται μια εκτενής αναφορά στην τεχνική της υδατογράφησης και τις εφαρμογές της και έπειτα τονίζονται τα σημαντικότερα χαρακτηριστικά των συστημάτων υδατογράφησης ψηφιακού υλικού. Στη συνέχεια, ορίζονται οι γεωμετρικές επιθέσεις σε εικόνες και παρουσιάζονται οι σημαντικότερες μέθοδοι υδατογράφησης ψηφιακών εικόνων, που υπάρχουν στην βιβλιογραφία, με ανθεκτικότητα στις επιθέσεις αυτές. Στην εργασία αυτή υλοποιήθηκε μία από αυτές τις μεθόδους και έγινε προσπάθεια για επέκταση και βελτίωση της σε ορισμένα σημεία που υστερούσε. Η αρχική και βελτιωμένη μέθοδος περιγράφονται αναλυτικά. Στο τέλος ένας αριθμός πειραματικών αποτελεσμάτων αποδεικνύουν την ανθεκτικότητα του νέου βελτιωμένου συστήματος που υλοποιήθηκε σε ένα μεγάλο πλήθος γεωμετρικών επιθέσεων. / The aim of this work is the presentation of the most important watermarking techniques for digital images with robustness to geometric transformations and the description and implementation of such a system. The geometric transformations, to which was given more emphasis at the implementation of the digital images watermarking system, that will be presented below, are the scaling, the rotation and the transformation of coordinates (translation) of an image as well as the combinations of these. Nevertheless, the system that is described faces in satisfactory degree and the other geometric attacks (as the shearing, the aspect ratio change, the projective, the template remove etc.). The robustness of a watermarking system to these transformations it is simply translated as the maintenance of the watermark and its satisfactory detection in images that have existed such type of transformations. In this work, it initially becomes a extensive report to the watermark technique and to its applications and then the more important characteristics of digital material watermarking systems are highlighted. Afterwards, the geometric attacks of digit images are determined and the most important watermarking methods of digital images with robustness to these attacks, that exist in the bibliography, are presented. In this work, one of these methods was implemented and it became some effort for its extension and its improvement in certain points that disadvantages. The initial and improved methods are analytically described. At the end, a number of experimental results are presented, that they prove the robustness of the new improved system to a large number of geometric attacks.

Υδατογράφηση εικόνων

Ανθεκτικότητα

005.82

Image watermarking

Geometric attacks

Robustness

RTS attacks

CredProxy: A Password Manager for Online Authentication Environments

Golrang, Mohammad Saleh

20 December 2012

Internet users are increasingly required to sign up for online services and establish accounts before receiving service from websites. On the one hand, generation of strong usernames and passwords is a difficult task for the user. On the other hand, memorization of strong passwords is by far more problematic for the average user. Thus, the average user has a tendency to use weak passwords, and also reuse his passwords for more than one website, which makes several attacks feasible. Under the aforementioned circumstances, the use of password managers is beneficial, since they unburden the user from the task of memorizing user credentials. However, password managers have a number of weaknesses. This thesis is mainly aimed at alleviating some of the intrinsic weaknesses of password managers. We propose three cryptographic protocols which can improve the security of password managers while enhancing user convenience. We also present the design of a phishing and Man-in-the-Browser resistant password manger which best fits into our scheme. Furthermore, we present our novel virtual on-screen keyboard and keypad which are designed to provide strong protection mechanisms against threats such as keylogging and shoulder surfing.

Dictionary Attacks

Password Managers

Password Security

Website User Authentication

Virtual Keyboards

MITB Attacks

Predator-prey interactions in the spinifex grasslands of central Australia

Paltridge, Rachel M.

January 2005

Thesis (Ph.D.)--University of Wollongong, 2005. / Typescript. Includes bibliographical references.

A study of the impact of 9/11 on content in travel magazines /

Curry, Jennifer,

January 2004

Thesis (M.A.)--University of Missouri-Columbia, 2004. / Typescript. Vita. Includes bibliographical references (leaves 107-111). Also available on the Internet.