Into the Long War

Rogers, Paul F.

January 2006

No / This book provides a contemporary month-by-month analysis of events in Iraq since May 2005 and assesses how they impact on other countries including Afghanistan, Iran and the wider Middle East. The book charts a tumultuous period in the conflict, including a wider international perspective on the terrorist attacks in London and Sharm al Sheik, and an assessment of how US public opinion has changed as the war drags on. It brings together Paul Rogers' international security monthly briefings as published on the Oxford Research Group website between May 2005 - April 2006, and concludes with a commentary on the significance of the year's events, and an analysis of the current situation. This is the third ORG International Security Report. We have also published reports in 2004 and 2005.

Global security

War on terror

Iraq

Terrorist attacks

A reliabilty and validity study of panic attack symptoms and cognitions questionnaires

Broyles, Susan Elizabeth

January 1987

Anxiety may be experienced in a variety of response modes. There is evidence to suggest that panic disordered individuals differ from individuals with other anxiety diagnoses in that they experience a greater increase in somatic symptoms and catastrophic cognitions. Further it has been suggested that panic disordered individuals, as compared to other anxiety disordered individuals, experience greater global anxiety and depression. The present study compared the total scores of 93 disordered subjects on the Symptom Assessment Questionnaire and the Cognitions Assessment Questionnaire and found that both questionnaires discriminated panic disordered subjects from non-panic disordered subjects. The two questionnaires also discriminated subjects with panic attacks from subjects without panic attacks. Item analyses were conducted on both questionnaires in order to identify specific items which differentiated panic disordered subjects from non-panic disordered subjects and subjects with panic attacks from subjects without panic attacks. Factor analyses were conducted on both questionnaires, resulting in the identification of somatic and cognitive factors salient to the phenomenon of panic. In general, the identified factors supported and expanded upon the panic symptoms listed in DSM-III. Finally, two widely used measures of anxiety and depression were administered to subjects. Panickers scored higher than Non-panickers on measures of state-anxiety, trait-anxiety, and depression. The Panic Disordered Group scored higher than the Non-Panic Disordered Group on the depression scale. However, the Panic Disordered Group scored no differently from the NonPanic Disordered on the state-anxiety and trait-anxiety inventories, suggesting that the presence of panic attacks in all anxiety diagnostic groups weakened the ability of the tradition anxiety measures to distinguish between the comparison groups. / M.S.

LD5655.V855 1987.B769

Anxiety

Panic attacks

Robustifying Machine Learning based Security Applications

Jan, Steve T. K.

27 August 2020

In recent years, machine learning (ML) has been explored and employed in many fields. However, there are growing concerns about the robustness of machine learning models. These concerns are further amplified in security-critical applications — attackers can manipulate the inputs (i.e., adversarial examples) to cause machine learning models to make a mistake, and it's very challenging to obtain a large amount of attackers' data. These make applying machine learning in security-critical applications difficult. In this dissertation, we present several approaches to robustifying three machine learning based security applications. First, we start from adversarial examples in image recognition. We develop a method to generate robust adversarial examples that remain effective in the physical domain. Our core idea is to use an image-to-image translation network to simulate the digital-to-physical transformation process for generating robust adversarial examples. We further show these robust adversarial examples can improve the robustness of machine learning models by adversarial retraining. The second application is bot detection. We show that the performance of existing machine learning models is not effective if we only have the limit attackers' data. We develop a data synthesis method to address this problem. The key novelty is that our method is distribution aware synthesis, using two different generators in a Generative Adversarial Network to synthesize data for the clustered regions and the outlier regions in the feature space. We show the detection performance using 1% of attackers' data is close to existing methods trained with 100% of the attackers' data. The third component of this dissertation is phishing detection. By designing a novel measurement system, we search and detect phishing websites that adopt evasion techniques not only at the page content level but also at the web domain level. The key novelty is that our system is built on the observation of the evasive behaviors of phishing pages in practice. We also study how existing browsers defenses against phishing websites that impersonate trusted entities at the web domain. Our results show existing browsers are not yet effective to detect them. / Doctor of Philosophy / Machine learning (ML) is computer algorithms that aim to identify hidden patterns from the data. In recent years, machine learning has been widely used in many fields. The range of them is broad, from natural language to autonomous driving. However, there are growing concerns about the robustness of machine learning models. And these concerns are further amplified in security-critical applications — Attackers can manipulate their inputs (i.e., adversarial examples) to cause machine learning models to predict wrong, and it's highly expensive and difficult to obtain a huge amount of attackers' data because attackers are rare compared to the normal users. These make applying machine learning in security-critical applications concerning. In this dissertation, we seek to build better defenses in three types of machine learning based security applications. The first one is image recognition, by developing a method to generate realistic adversarial examples, the machine learning models are more robust for defending against adversarial examples by adversarial retraining. The second one is bot detection, we develop a data synthesis method to detect malicious bots when we only have the limit malicious bots data. For phishing websites, we implement a tool to detect domain name impersonation and detect phishing pages using dynamic and static analysis.

Machine learning

Security

Bot Detection

Phishing Attacks

A population-based study of transient neurological attacks : incidence, clinical characteristics, investigation, aetiology and prognosis

da Assuncao Gouveia Tuna, Maria

January 2014

Stroke is the second most common cause of death worldwide and the commonest cause of dependency, creates a huge societal burden and is responsible for billions of pounds in health and social care costs. About 30% of strokes occur in individuals with a previous transient ischaemic attack (TIA) or minor stroke. Effective prevention would minimise the consequences. However, the diagnosis of TIA is difficult, particularly by non-experts. About 50% of patients with a suspected TIA or minor stroke have atypical TIAs or a non-vascular diagnosis (TIA/minor stroke mimics). Although there is some evidence that non-specific Transient Neurological Attacks (TNAs) have an increased risk of acute vascular events, the evidence is still both thin and controversial. The aim of my thesis has been to evaluate the burden of TIA/minor stroke mimics, TNAs and all acute cerebrovascular events among all referrals from the general population to a TIA clinic; to determine the reliability of clinical diagnosis of TIA and non-specific TNA; to improve the classification of non-specific TNAs; and to predict the risk of stroke and other major vascular events after a non-specific TNA and TNA syndromes. I have collected and analysed data from a population-based study, the Oxford Vascular Study (OXVASC). OXVASC is an ongoing prospective, population-based incidence study of all vascular diseases in all territories in Oxfordshire, UK, which started in 2002. The study population comprises approximately 92,728 individuals registered with nine GP practices and uses multiple overlapping methods of "hot" and "cold" pursuit to identify patients with acute vascular events. The research described in this thesis has several clinically relevant findings which can contribute to improving the diagnosis and treatment of patients with suspected TIAs. First, I highlighted that TIA/minor stroke mimics (mimics) were responsible for one quarter of all suspected TIAs, had similar short- and long-term risk of acute cardiac events as did TIAs, and that the majority (70%) of mimics were complex neurological conditions. Second, I showed that TIA/minor ischaemic strokes are each more common than major ischaemic strokes and that TIA/minor ischaemic stroke patients together had two-thirds of all recurrent strokes and two-thirds of all myocardial infarctions and sudden cardiac deaths. Moreover, the 10 years' cumulative risk of stroke in patients with TIA, minor stroke and major stroke was very high and the risk of death among all cerebrovascular events was greater than 50%. Third, I found that the crude incidence rate of TNAs per 1000 people in OXVASC was slightly higher than the crude incidence rate of TIAs (0.73 versus 0.67) and increased with age. In addition, I reported that among TNA syndromes, transient isolated vertigo, unilateral sensory symptoms, migraine-aura like events and transient confusion had high incidence rates, whereas transient total paralysis and transient speech arrest had low incidence rates. Fourth, I showed that about one-third of TIAs seen in the first 10 years of OXVASC did not fulfil the classical criteria (NINDS-negative TIA) and had the same short- and long-term risk of stroke as NINDS-positive TIAs. Fifth, although the 90 days stroke risk after a TNA was lower than after a NINDS-positive TIA, in the post 90 days up to 10 years period the risk of recurrent stroke was not significantly different between the two groups. Sixth, the risks of stroke were higher than expected in the background population in all TNA categories (focal-TNA, non-focal TNA and focal plus non-focal TNA) and all TNA syndromes (isolated brainstem syndrome, migraine-like syndrome, isolated sensory syndromes, isolated visual disturbance, isolated speech disturbance, transient confusion and transient unresponsiveness) except transient amnesia. Moreover, non-focal TNAs and focal plus non-focal TNAs had a six times higher risk of stroke than expected and a similar risk to NINDS-positive TIAs. Finally, transient confusion and transient unresponsiveness had a relative risk of stroke nine times higher than expected and twice the risk of NINDS-positive TIAs.

616.8

Micro-architectural Threats to Modern Computing Systems

Inci, Mehmet Sinan

17 April 2019

With the abundance of cheap computing power and high-speed internet, cloud and mobile computing replaced traditional computers. As computing models evolved, newer CPUs were fitted with additional cores and larger caches to accommodate run multiple processes concurrently. In direct relation to these changes, shared hardware resources emerged and became a source of side-channel leakage. Although side-channel attacks have been known for a long time, these changes made them practical on shared hardware systems. In addition to side-channels, concurrent execution also opened the door to practical quality of service attacks (QoS). The goal of this dissertation is to identify side-channel leakages and architectural bottlenecks on modern computing systems and introduce exploits. To that end, we introduce side-channel attacks on cloud systems to recover sensitive information such as code execution, software identity as well as cryptographic secrets. Moreover, we introduce a hard to detect QoS attack that can cause over 90+\% slowdown. We demonstrate our attack by designing an Android app that causes degradation via memory bus locking. While practical and quite powerful, mounting side-channel attacks is akin to listening on a private conversation in a crowded train station. Significant manual labor is required to de-noise and synchronizes the leakage trace and extract features. With this motivation, we apply machine learning (ML) to automate and scale the data analysis. We show that classical machine learning methods, as well as more complicated convolutional neural networks (CNN), can be trained to extract useful information from side-channel leakage trace. Finally, we propose the DeepCloak framework as a countermeasure against side-channel attacks. We argue that by exploiting adversarial learning (AL), an inherent weakness of ML, as a defensive tool against side-channel attacks, we can cloak side-channel trace of a process. With DeepCloak, we show that it is possible to trick highly accurate (99+\% accuracy) CNN classifiers. Moreover, we investigate defenses against AL to determine if an attacker can protect itself from DeepCloak by applying adversarial re-training and defensive distillation. We show that even in the presence of an intelligent adversary that employs such techniques, DeepCloak still succeeds.

cloud security

DoS attacks

machine learning

mobile security

side-channel attacks

Error Detection Techniques Against Strong Adversaries

Akdemir, Kahraman D.

01 December 2010

"Side channel attacks (SCA) pose a serious threat on many cryptographic devices and are shown to be effective on many existing security algorithms which are in the black box model considered to be secure. These attacks are based on the key idea of recovering secret information using implementation specific side-channels. Especially active fault injection attacks are very effective in terms of breaking otherwise impervious cryptographic schemes. Various countermeasures have been proposed to provide security against these attacks. Double-Data-Rate (DDR) computation, dual-rail encoding, and simple concurrent error detection (CED) are the most popular of these solutions. Even though these security schemes provide sufficient security against weak adversaries, they can be broken relatively easily by a more advanced attacker. In this dissertation, we propose various error detection techniques that target strong adversaries with advanced fault injection capabilities. We first describe the advanced attacker in detail and provide its characteristics. As part of this definition, we provide a generic metric to measure the strength of an adversary. Next, we discuss various techniques for protecting finite state machines (FSMs) of cryptographic devices against active fault attacks. These techniques mainly depend on nonlinear robust codes and physically unclonable functions (PUFs). We show that due to the nonuniform behavior of FSM variables, securing FSMs using nonlinear codes is an important and difficult problem. As a solution to this problem, we propose error detection techniques based on nonlinear codes with different randomization methods. We also show how PUFs can be utilized to protect a class of FSMs. This solution provides security on the physical level as well as the logical level. In addition, for each technique, we provide possible hardware realizations and discuss area/security performance. Furthermore, we provide an error detection technique for protecting elliptic curve point addition and doubling operations against active fault attacks. This technique is based on nonlinear robust codes and provides nearly perfect error detection capability (except with exponentially small probability). We also conduct a comprehensive analysis in which we apply our technique to different elliptic curves (i.e. Weierstrass and Edwards) over different coordinate systems (i.e. affine and projective). "

Error Detection

Robust Codes

Advanced Attacker

Side Channel Attacks

Fault Attacks

Tamper-Resistant Arithmetic for Public-Key Cryptography

Gaubatz, Gunnar

01 March 2007

Cryptographic hardware has found many uses in many ubiquitous and pervasive security devices with a small form factor, e.g. SIM cards, smart cards, electronic security tokens, and soon even RFIDs. With applications in banking, telecommunication, healthcare, e-commerce and entertainment, these devices use cryptography to provide security services like authentication, identification and confidentiality to the user. However, the widespread adoption of these devices into the mass market, and the lack of a physical security perimeter have increased the risk of theft, reverse engineering, and cloning. Despite the use of strong cryptographic algorithms, these devices often succumb to powerful side-channel attacks. These attacks provide a motivated third party with access to the inner workings of the device and therefore the opportunity to circumvent the protection of the cryptographic envelope. Apart from passive side-channel analysis, which has been the subject of intense research for over a decade, active tampering attacks like fault analysis have recently gained increased attention from the academic and industrial research community. In this dissertation we address the question of how to protect cryptographic devices against this kind of attacks. More specifically, we focus our attention on public key algorithms like elliptic curve cryptography and their underlying arithmetic structure. In our research we address challenges such as the cost of implementation, the level of protection, and the error model in an adversarial situation. The approaches that we investigated all apply concepts from coding theory, in particular the theory of cyclic codes. This seems intuitive, since both public key cryptography and cyclic codes share finite field arithmetic as a common foundation. The major contributions of our research are (a) a generalization of cyclic codes that allow embedding of finite fields into redundant rings under a ring homomorphism, (b) a new family of non-linear arithmetic residue codes with very high error detection probability, (c) a set of new low-cost arithmetic primitives for optimal extension field arithmetic based on robust codes, and (d) design techniques for tamper resilient finite state machines.

Side Channel Attacks

Fault Attacks

Public-Key Cryptography

Error Detection

Error Detecting Codes

Cryptography

Pojištění proti počítačové kriminalitě / The Insurance against Computer Attacks

Burešová, Nina

January 2011

The subject of this thesis is the growing problem of computer crime and especially the possibility of its reduction and elimination of consequences associated with it. In the introductory chapter is broken down as the development of computer crime in the world as in the Czech Republic. The second chapter compares the possibility of insurance against computer attacks, while the insurance is offered only in foreign countries. The third chapter deals with cyberinsurance economic model and the final chapter outlines possible future development in this area.

CredProxy: A Password Manager for Online Authentication Environments

Golrang, Mohammad Saleh

20 December 2012

Internet users are increasingly required to sign up for online services and establish accounts before receiving service from websites. On the one hand, generation of strong usernames and passwords is a difficult task for the user. On the other hand, memorization of strong passwords is by far more problematic for the average user. Thus, the average user has a tendency to use weak passwords, and also reuse his passwords for more than one website, which makes several attacks feasible. Under the aforementioned circumstances, the use of password managers is beneficial, since they unburden the user from the task of memorizing user credentials. However, password managers have a number of weaknesses. This thesis is mainly aimed at alleviating some of the intrinsic weaknesses of password managers. We propose three cryptographic protocols which can improve the security of password managers while enhancing user convenience. We also present the design of a phishing and Man-in-the-Browser resistant password manger which best fits into our scheme. Furthermore, we present our novel virtual on-screen keyboard and keypad which are designed to provide strong protection mechanisms against threats such as keylogging and shoulder surfing.

Dictionary Attacks

Password Managers

Password Security

Website User Authentication

Virtual Keyboards

MITB Attacks

Ανάλυση και υλοποίηση τεχνικών υδατογράφησης ψηφιακών εικόνων με ανθεκτικότητα σε γεωμετρικές επιθέσεις

Μητσάκος, Ιωάννης

17 September 2007

Σκοπός της συγκεκριμένης εργασίας είναι η παρουσίαση των σημαντικότερων τεχνικών υδατογράφησης (watermarking techniques) ψηφιακών εικόνων με ανθεκτικότητα σε γεωμετρικούς μετασχηματισμούς και η περιγραφή και υλοποίηση ενός τέτοιου συστήματος. Οι γεωμετρικοί μετασχηματισμοί, στους οποίους δόθηκε περισσότερη έμφαση κατά την υλοποίηση του συστήματος υδατογράφησης ψηφιακών εικόνων που θα παρουσιαστεί παρακάτω, έχουν να κάνουν με την κλιμάκωση (scaling), την περιστροφή (rotation) και τον μετασχηματισμό συντεταγμένων (translation) μιας εικόνας καθώς επίσης και με συνδυασμούς αυτών. Παρόλα αυτά όμως το σύστημα που περιγράφεται αντιμετωπίζει σε ικανοποιητικό βαθμό και άλλες γεωμετρικές επιθέσεις (όπως shearing,aspect ratio change, projective, template remove κ.α.).Η ανθεκτικότητα ενός συστήματος υδατογράφησης σε αυτούς τους μετασχηματισμούς έχει να κάνει με την διατήρηση του υδατογραφήματος και την ικανοποιητική ανίχνευση του σε εικόνες που έχουν υποστεί τέτοιου είδους μετασχηματισμούς. Στην εργασία, αρχικά γίνεται μια εκτενής αναφορά στην τεχνική της υδατογράφησης και τις εφαρμογές της και έπειτα τονίζονται τα σημαντικότερα χαρακτηριστικά των συστημάτων υδατογράφησης ψηφιακού υλικού. Στη συνέχεια, ορίζονται οι γεωμετρικές επιθέσεις σε εικόνες και παρουσιάζονται οι σημαντικότερες μέθοδοι υδατογράφησης ψηφιακών εικόνων, που υπάρχουν στην βιβλιογραφία, με ανθεκτικότητα στις επιθέσεις αυτές. Στην εργασία αυτή υλοποιήθηκε μία από αυτές τις μεθόδους και έγινε προσπάθεια για επέκταση και βελτίωση της σε ορισμένα σημεία που υστερούσε. Η αρχική και βελτιωμένη μέθοδος περιγράφονται αναλυτικά. Στο τέλος ένας αριθμός πειραματικών αποτελεσμάτων αποδεικνύουν την ανθεκτικότητα του νέου βελτιωμένου συστήματος που υλοποιήθηκε σε ένα μεγάλο πλήθος γεωμετρικών επιθέσεων. / The aim of this work is the presentation of the most important watermarking techniques for digital images with robustness to geometric transformations and the description and implementation of such a system. The geometric transformations, to which was given more emphasis at the implementation of the digital images watermarking system, that will be presented below, are the scaling, the rotation and the transformation of coordinates (translation) of an image as well as the combinations of these. Nevertheless, the system that is described faces in satisfactory degree and the other geometric attacks (as the shearing, the aspect ratio change, the projective, the template remove etc.). The robustness of a watermarking system to these transformations it is simply translated as the maintenance of the watermark and its satisfactory detection in images that have existed such type of transformations. In this work, it initially becomes a extensive report to the watermark technique and to its applications and then the more important characteristics of digital material watermarking systems are highlighted. Afterwards, the geometric attacks of digit images are determined and the most important watermarking methods of digital images with robustness to these attacks, that exist in the bibliography, are presented. In this work, one of these methods was implemented and it became some effort for its extension and its improvement in certain points that disadvantages. The initial and improved methods are analytically described. At the end, a number of experimental results are presented, that they prove the robustness of the new improved system to a large number of geometric attacks.

Υδατογράφηση εικόνων

Ανθεκτικότητα

005.82

Image watermarking

Geometric attacks

Robustness

RTS attacks