scholarly journals Discovering Suspicious APT Behaviors by Analyzing DNS Activities

Sensors ◽  
2020 ◽  
Vol 20 (3) ◽  
pp. 731 ◽  
Author(s):  
Guanghua Yan ◽  
Qiang Li ◽  
Dong Guo ◽  
Xiangyu Meng
Keyword(s):  
Weak Link ◽  
Threat Assessment ◽  
Detection Methods ◽  
Domain Name ◽  
Advanced Persistent Threat ◽  
Security Issues ◽  
Request Message ◽  
Target Network ◽  
New Feature ◽  
The Relationship

As sensors become more prevalent in our lives, security issues have become a major concern. In the Advanced Persistent Threat (APT) attack, the sensor has also become an important role as a transmission medium. As a relatively weak link in the network transmission process, sensor networks often become the target of attackers. Due to the characteristics of low traffic, long attack time, diverse attack methods, and real-time evolution, existing detection methods have not been able to detect them comprehensively. Current research suggests that a suspicious domain name can be obtained by analyzing the domain name resolution (DNS) request to the target network in an APT attack. In past work based on DNS log analyses, most of the work would simply calculate the characteristics of the request message or the characteristics of the response message or the feature set of the request message plus the response message, and the relationship between the response message and the request message was not considered. This may leave out the detection of some APT attacks in which the DNS resolution process is incomplete. This paper proposes a new feature that represents the relationship between a DNS request and the response message, based on a deep learning method used to analyze the DNS request records. The algorithm performs threat assessment on the DNS behavior to be detected based on the calculated suspicious value. This paper uses the data of 4, 907, 147, 146 DNS request records (376, 605, 606 records after DNS Data Pre-processing) collected in a large campus network and uses simulation attack data to verify the validity and correctness of the system. The results of the experiments show that our method achieves an average accuracy of 97.6% in detecting suspicious DNS behavior, with the orange false positive (FP) at 2.3% and the recall at 96.8%. The proposed system can effectively detect the hidden and suspicious DNS behavior in APT.

Historical Foundations, Strategic Visions, and World Order

2018 ◽  
Author(s):  
Paul J. Bolt ◽  
Sharyl N. Cross
Keyword(s):  
World Order ◽  
International Order ◽  
Power Relationships ◽  
State Behavior ◽  
Political Situation ◽  
Security Issues ◽  
The World ◽  
History Of ◽  
The Relationship

Chapter 1 explores perspectives on world order, including power relationships and the rules that shape state behavior and perceptions of legitimacy. After outlining a brief history of the relationship between Russia and China that ranged from cooperation to military clashes, the chapter details Chinese and Russian perspectives on the contemporary international order as shaped by their histories and current political situation. Chinese and Russian views largely coincide on security issues, the desirability of a more multipolar order, and institutions that would enhance their standing in the world. While the Chinese–Russian partnership has accelerated considerably, particularly since the crisis in Ukraine in 2014, there are still some areas of competition that limit the extent of the relationship.

scholarly journals Recent advances in applications of multimodal ultrasound-guided photoacoustic imaging technology

2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Shanshan Wang ◽  
Yunfeng Zhao ◽  
Ye Xu
Keyword(s):  
Near Infrared ◽  
Photoacoustic Imaging ◽  
Imaging Techniques ◽  
Color Doppler ◽  
Power Doppler ◽  
Infrared Region ◽  
Detection Methods ◽  
Imaging Mode ◽  
Nonlinear Imaging ◽  
The Relationship

Abstract Photoacoustic imaging (PAI) is often performed simultaneously with ultrasound imaging and can provide functional and cellular information regarding the tissues in the anatomical markers of the imaging. This paper describes in detail the basic principles of photoacoustic/ultrasound (PA/US) imaging and its application in recent years. It includes near-infrared-region PA, photothermal, photodynamic, and multimode imaging techniques. Particular attention is given to the relationship between PAI and ultrasonic imaging; the latest high-frequency PA/US imaging of small animals, which involves not only B-mode, but also color Doppler mode, power Doppler mode, and nonlinear imaging mode; the ultrasonic model combined with PAI, including the formation of multimodal imaging; the preclinical imaging methods; and the most effective detection methods for clinical research for the future.

From ‘filth’ and ‘insanity’ to ‘peaceful moral watchdogs’: Police, news media, and the gang label

2016 ◽  
Vol 13 (3) ◽  
pp. 295-313 ◽  
Author(s):  
Travis Linnemann ◽  
Bill McClanahan
Keyword(s):  
Cultural Politics ◽  
News Media ◽  
Social Reality ◽  
Threat Assessment ◽  
Straight Edge ◽  
Police Power ◽  
The Social ◽  
The Media ◽  
The Relationship

This paper engages the cultural politics of criminal classifications by aiming at one of the state’s most powerful, yet ambiguous markers—the ‘gang.’ Focusing on the unique cases of ‘crews’ and collectives within the ‘straight edge’ and ‘Juggalo’ subcultures, this paper considers what leads members of the media and police to construct—or fail to construct—these street collectives as gangs in a seemingly haphazard and disparate fashion. Juxtaposing media, cultural, and police representations of straight edge ‘crews’ and Juggalo collectives with the FBI’s Gang Threat Assessment, we detail how cultural politics and ideology underpin the social reality of gangs and thus the application of the police power. This paper, furthermore, considers critical conceptualizations of the relationship between police and criminal gangs.

scholarly journals Non-denaturing bisulfite treatment and single-molecule real-time sequencing reveals d-loop footprints, their length, position and distribution

2020 ◽  
Author(s):  
Shanaya Shital Shah ◽  
Stella Hartono ◽  
Frédéric Chédin ◽  
Wolf-Dietrich Heyer
Keyword(s):  
Real Time ◽  
Single Molecule ◽  
Detection Methods ◽  
Loop Formation ◽  
Bisulfite Treatment ◽  
Loop Detection ◽  
D Loop ◽  
Donor Choice ◽  
The Relationship

ABSTRACTDisplacement loops (D-loops) are signature intermediates formed during homologous recombination. Numerous factors regulate D-loop formation and disruption, thereby influencing crucial aspects of DNA repair, including donor choice and the possibility of a crossover outcome. While D-loop detection methods exist, it is currently unfeasible to assess the relationship between D-loop editors and D-loop characteristics such as length and position. Here, we developed a novel in vitro assay to characterize the length and position of individual D-loop with base-pair resolution and deep coverage, while also revealing their distribution in a population. Non-denaturing bisulfite treatment modifies the cytosines on the displaced strand of the D-loop to uracil, leaving a permanent signature for the displaced strand. Subsequent single-molecule real-time sequencing uncovers the cytosine conversion patch as a D-loop footprint, revealing D-loop characteristics at unprecedented resolution. The D-loop Mapping Assay is widely applicable with different substrates and donor types and can be used to study factors that influence D-loop properties.

scholarly journals Ethics of Security

2021 ◽  
pp. 44-59
Author(s):  
Tommi Lehtonen
Keyword(s):  
Research Gaps ◽  
Ethical Problems ◽  
Security Issues ◽  
Deontological Ethics ◽  
Future Challenges ◽  
Security Concerns ◽  
New Perspective ◽  
The Relationship

This chapter aims to identify and analyse the ethical problems of security, particularly cyber and digital threats. The concepts of security and safety are defined based on existing literature. The chapter addresses the key results and research gaps in the field (i.e., security issues in different areas) and future challenges, both theoretical and empirical. Moreover, the discussion is linked to an analysis of the relationship between utilitarian ethics and deontological ethics, which brings a new perspective to the debate on security ethics in general and cybersecurity. Finally, comprehensive security and absolute safety ideas are discussed, which sheds new light on the complexity of security concerns.

MODELING, ANALYSIS AND COUNTERING SCENARIOS OF PREPARING COMPUTER ATTACKS REALIZED BY THE GROUP APT29 IN DISTRIBUTED COMPUTER SYSTEMS

2021 ◽  
pp. 83-92
Author(s):  
Алексей Леонидович Сердечный ◽  
Павел Сергеевич Краюшкин ◽  
Михаил Андреевич Тарелкин ◽  
Юрий Константинович Язов
Keyword(s):  
Petri Nets ◽  
Computer Systems ◽  
Network Models ◽  
Protection Measures ◽  
Markov Network ◽  
Advanced Persistent Threat ◽  
Modeling Analysis ◽  
Computer Attacks ◽  
The Relationship ◽  
Distributed Computer Systems

Статья посвящена моделированию компьютерных атак на распределённые корпоративные компьютерные системы, на примере действий группировки Advanced Persistent Threat 29 (APT29). В статье предлагается подход моделирования способов, реализуемых указанной группировкой, а также мер защиты от них. Подход основан на использовании аппарата сетей Петри, а также сведений о технических приёмах, предоставляемых в рамках проекта MITRE ATT&CK. Разработанные модели учитывают связи по условиям и последствиям действий, совершаемых группировкой APT29 в ходе атак на распределённые корпоративные системы. Также в статье продемонстрирована возможность наращивания модели за счёт включения в неё моделей мер защиты от рассмотренных способов реализации компьютерных атак. Предлагаемые модели могут быть дополнены за счёт моделирования новых способов реализации компьютерных атак, используемых другими кибергруппировками. Кроме того, модели могут быть расширены до моделей сети Петри-Маркова путём реализации частным методик расчёта вероятностно-временных характеристик для фрагментов предлагаемых моделей. The article is devoted to modeling computer attacks on distributed corporate computer systems, using the example of the actions of the Advanced Persistent Threat 29 (APT29) group. The article proposes an approach to modeling the methods implemented by this grouping, as well as measures to protect against them. The approach is based on Petri nets and information about the techniques (MITRE ATT&CK project). The developed models take into account the relationship between the conditions and consequences of actions committed by the APT29 group during attacks on distributed enterprise systems. The article also demonstrates the possibility of increasing the model by including models of protection measures against the considered methods of implementing computer attacks. The proposed models can be supplemented by modeling new ways of implementing computer attacks used by other cyber groups. In addition, the models can be extended to Petri-Markov network models by implementing special methods for calculating probabilistic-time characteristics for fragments of the proposed models.

Peace via social justice and/or security

2016 ◽  
Author(s):  
Roger Mac Ginty ◽  
Paula Banerjee
Keyword(s):  
Social Justice ◽  
The State ◽  
Social Aspects ◽  
Social Harmony ◽  
Security Issues ◽  
Social Provision ◽  
Global North ◽  
Peace Accords ◽  
The Relationship ◽  
International Interventions

This chapter examines the relationship between social justice, security and peace. The authors note significant internal heterogeneity in India and Europe, despite the statebuilding efforts in India and standardization processes in Europe. The authors give an overview of five sets of ideas which have linked social justice and peace. All five sets of ideas are showing that if social justice is taken seriously then social harmony will be preserved and at the same time tensions will be reduced, together with chances for conflict. However, they find that peace accords have a tendency to emphasize security rather than welfare. This is because international interventions are usually led by leading actors from the global north who are guided by neoliberal agenda. They usually underplay social aspects of the state and emphasise its security aspect. This is one of the reasons why priority is given to security over social justice, when sequencing of activities in the intervention. The authors give an example of reforms in Georgia which led to drastic undermining of state in terms of social provision. They conclude that international attempts which focus on social justice are much fewer in numbers than those which address security issues.

Threat Triage

2021 ◽  
pp. 507-521
Author(s):  
Sharon S. Smith ◽  
Michael D. Young
Keyword(s):  
Predictive Model ◽  
Predictive Factors ◽  
Threat Assessment ◽  
Strong Relationship ◽  
Initial Evaluation ◽  
Violence Risk ◽  
The Relationship

A significant minority of threateners stalk, approach, or become violent after threatening. Violence risk and threat assessment have traditionally relied on evaluating the threatener’s behavior, disposition, and membership in violent groups. However, the identity of the threatener is often unknown, and the assessor must make an initial evaluation using only the language in the threat. By combining predictive factors and their ratios to one another, our predictive model can assess linguistic characteristics of the threat without any information about the threatener, the target, or the relationship between the two. This model assesses predatory thinking, which has a strong relationship with eventual action. The language in both single threat cases and the first threats in cases with multiple threats can be used to promptly assess the likelihood that a threatener will act, enabling assessors to effectively manage cases and mitigate harm.

9. Natural resources, security, and conflicts

2020 ◽  
pp. 293-317
Author(s):  
Jean-Frédéric Morin ◽  
Amandine Orsini ◽  
Sikina Jinnah
Keyword(s):  
Natural Resources ◽  
Environmental Degradation ◽  
Environmental Security ◽  
Armed Conflicts ◽  
Security Threats ◽  
Environmental Resources ◽  
Security Issues ◽  
State Security ◽  
The Impact ◽  
The Relationship

This chapter discusses the relationship between the environment and security. The concept of ‘environmental security’ is omnipresent, but is nonetheless ambiguous and contested. What exactly needs to be secured, and what are the security threats? Is environmental security about state security, faced with the loss of natural resources? Or is it about protecting individuals and communities from environmental degradation and reduced access to key environmental resources? A first step in clarifying these questions is to disentangle two related but distinct causal arguments. In the relationship between environment and security, environmental degradation can be analysed either as a cause or as a consequence of security issues. A second step needed to clarify these debates is to adopt clear definitions. In the context of international relations, security has traditionally been understood in relation to the survival of the state, and the main threats to state security are armed conflicts. For the purpose of this chapter, conflicts are defined as any type of disagreement. The chapter also examines the impact of conflicts on the environment.

Feature weighting network for aircraft engine defect detection

2020 ◽  
Vol 18 (03) ◽  
pp. 2050012
Author(s):  
Liqiong Chen ◽  
Lian Zou ◽  
Cien Fan ◽  
Yifeng Liu
Keyword(s):  
Defect Detection ◽  
State Of The Art ◽  
Aircraft Engine ◽  
Air Transportation ◽  
Feature Weighting ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Practical Applications ◽  
Feature Pyramid ◽  
New Feature

Automatic aircraft engine defect detection is a challenging but important task in industry which can ensure safe air transportation and flight. In this paper, we propose a fast and accurate feature weighting network (FWNet) to solve the problem of defect scale variation and improve detection accuracy. The framework is designed based on recent popular convolutional neural networks and feature pyramid. To further boost the representation power of the network, a new feature weighting module (FWM) was proposed to recalibrate the channel-wise attention and increase the weights of valid features. The model was trained and tested on a self-built dataset, which consisted of 1916 images and contained three defect types: ablation, crack and coating missing. Extensive experimental results verify the effectiveness of the proposed FWM and show that the proposed method can accurately detect engine defects of different scales and different locations. Our method obtains 89.4% mAP and can run at 6FPS, which surpasses other state-of-the-art detection methods and can quickly provide diagnostic basis for aircraft maintenance inspectors in practical applications.

Sign in / Sign up

Export Citation Format

Share Document