scispace - formally typeset
Search or ask a question

Showing papers on "Vulnerability (computing) published in 2002"



Book ChapterDOI
13 Aug 2002
TL;DR: A technology to block a new class of attacks on secure microcontrollers and smartcards whereby a logical 1 or 0 is not encoded by a high or low voltage on a single line, but by (HL or (LH) on a pair of lines.
Abstract: We describe a new class of attacks on secure microcontrollers and smartcards. Illumination of a target transistor causes it to conduct, thereby inducing a transient fault. Such attacks are practical; they do not even require expensive laser equipment. We have carried them out using a flashgun bought second-hand from a camera store for $30 and with an $8 laser pointer. As an illustration of the power of this attack, we developed techniques to set or reset any individual bit of SRAM in a microcontroller. Unless suitable countermeasures are taken, optical probing may also be used to induce errors in cryptographic computations or protocols, and to disrupt the processor's control flow. It thus provides a powerful extension of existing glitching and fault analysis techniques. This vulnerability may pose a big problem for the industry, similar to those resulting from probing attacks in the mid-1990s and power analysis attacks in the late 1990s.We have therefore developed a technology to block these attacks. We use self-timed dual-rail circuit design techniques whereby a logical 1 or 0 is not encoded by a high or low voltage on a single line, but by (HL) or (LH) on a pair of lines. The combination (HH) signals an alarm, which will typically reset the processor. Circuits can be designed so that single-transistor failures do not lead to security failure. This technology may also make power analysis attacks very much harder too.

828 citations


Book ChapterDOI
14 Apr 2002
TL;DR: In this paper, the authors present a traffic analysis based vulnerability in SafeWeb, an encrypting web proxy, which allows someone monitoring the traffic of a SafeWeb user to determine if the user is visiting certain websites.
Abstract: I present a traffic analysis based vulnerability in SafeWeb, an encrypting web proxy. This vulnerability allows someone monitoring the traffic of a SafeWeb user to determine if the user is visiting certain websites. I also describe a successful implementation of the attack. Finally, I discuss methods for improving the attack and for defending against the attack.

320 citations


Journal ArticleDOI
TL;DR: The authors argue that tension between those embracing the politics of development and those supporting the human security paradigm has intensified because the transnational dimensions embodied within the latter approach have been under-assessed.
Abstract: `Human security' is a promising but still underdeveloped paradigmatic approach to understanding contemporary security politics. We argue that tension between those embracing the politics of development and those supporting the human security paradigm has intensified because the transnational dimensions embodied within the latter approach have been under-assessed. The idea of `threat' also needs to be identified with more precision for the human security concept to accrue analytical credibility. We focus on how transnational behaviour addresses the central human security problems of vulnerability and immediacy. Human security's utility for confronting crisis is also evaluated via the application of two case studies of humanitarian intervention: the 1994 multinational operation in Haiti and the 1999 intervention in East Timor. We conclude that, while general security politics includes both domestic and international issues, human security allows us to transcend sovereign prerogatives and to address emerging...

188 citations


Patent
10 Jan 2002
TL;DR: In this article, a preferred embodiment provides real-time network security vulnerability assessment tests, possibly complete with recommended security solutions, in a safe way and enables study of a network for security openings, thereby gaining a true view of risk level without affecting customer operations.
Abstract: To answer the security needs of the market, a preferred embodiment was developed. A preferred embodiment provides real-time network security vulnerability assessment tests, possibly complete with recommended security solutions. External vulnerability assessment tests can emulate hacker methodology in a safe way and enable study of a network for security openings, thereby gaining a true view of risk level without affecting customer operations. Because this assessment can be performed over the Internet, both domestic and worldwide corporations benefit. A preferred embodiment's physical subsystems combine to form a scalable holistic system that can be able to conduct tests for thousands of customers any place in the world. The security skills of experts can be embedded into a preferred embodiment systems and automated the test process to enable the security vulnerability test to be conducted on a continuous basis for multiple customers at the same time. A preferred embodiment can reduce the work time required for security practices of companies from three weeks to less than a day, as well as significantly increase their capacity. Component subsystems typically include a Database, Command Engine, Gateway, multiple Testers, Report Generator, and an RMCT.

169 citations


Patent
04 Oct 2002
TL;DR: In this article, the authors present methods and systems that can be used to manage at least one asset and at least a user associated with the asset, where the methods include associating the at least single asset with at least user, and providing the user with a task list that includes at least two tasks associated with a vulnerability of the asset.
Abstract: The disclosed methods and systems can be used to manage at least one asset, where the methods and systems include associating the at least one asset with at least one user, and providing the at least one user with at least one task list that includes at least one task associated with a vulnerability of the asset and at least one task associated with a configuration standard associated with the asset.

152 citations


Journal ArticleDOI
TL;DR: This paper investigates the use of a new variation of particle swarm optimization to identify points on the security border of the power system, thereby identifying a vulnerability margin metric for the operating point.
Abstract: The ongoing deregulation of the energy market increases the need to operate modern power systems close to the security border. This requires enhanced methods for the vulnerability border tracking. The high-dimensional nature of power systems' operating space makes this difficult. However, new multiagent search techniques such as particle swarm optimization have shown great promise in handling high-dimensional nonlinear problems. This paper investigates the use of a new variation of particle swarm optimization to identify points on the security border of the power system, thereby identifying a vulnerability margin metric for the operating point.

103 citations


Journal ArticleDOI
TL;DR: This article surveys the up-to-date secure routing schemes.
Abstract: The unprecedented growth of the Internet over the last years, and the expectation of an even faster increase in the numbers of users and networked systems, resulted in the Internet assuming its position as a mass communication medium At the same time, the emergence of an increasingly large number of application areas and the evolution of the networking technology suggest that in the near future the Internet may become the single integrated communication infrastructure However, as the dependence on the networking infrastructure grows, its security becomes a major concern, in light of the increased attempt to compromise the infrastructure In particular, the routing operation is a highly visible target that must be shielded against a wide range of attacks The injection of false routing information can easily degrade network performance, or even cause denial of service for a large number of hosts and networks over a long period of time Different approaches have been proposed to secure the routing protocols, with a variety of countermeasures, which, nonetheless, have not eradicated the vulnerability of the routing infrastructure In this article, we survey the up-to-date secure routing schemes that appeared over the last few years Our critical point of view and thorough review of the literature are an attempt to identify directions for future research on an indeed difficult and still largely open problem

84 citations


Patent
17 Dec 2002
TL;DR: In this paper, the authors present a system in which a networked device automatically evaluates hacker attack notification information and, based thereon, selects and executes responses to the attack, such as notification of network administration, shutdown of the device or services running on the device, updating and activation of anti-virus software, and selective handling of data sent from the address of the suspect network device.
Abstract: A system in which a networked device automatically evaluates hacker attack notification information and, based thereon, selects and executes responses to the attack. The notification may include information such as the address of the infected system, identification of the specific worm, and a list of vulnerable applications and operating systems. The evaluation is based on factors including criticality and vulnerability of applications running on the system and connectivity of the device. A variety of automatic responses can be selected, including notification of network administration, shutdown of the device or services running on the device, updating and activation of anti-virus software, and selective handling of data sent from the address of the suspect network device. The selection of responses can occur automatically based on rules input during setup or by intervention of network administration.

47 citations


Proceedings ArticleDOI
04 Aug 2002
TL;DR: This paper describes one such scanner, referred to as NetGlean, which is extendable and upgradable to facilitate use by a broad spectrum of users and platforms; such flexibility allows users to keep up with current hacker technology.
Abstract: The increasing volume of attacks on the Internet has increased the demand for sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The creation of network scanners is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. Scanners must be able to function on a variety of networks: Internet (IP), SS7, wireless, and converged networks. Scanners should be extendable and upgradable to facilitate use by a broad spectrum of users and platforms; such flexibility allows users to keep up with current hacker technology. This paper describes one such scanner, referred to as NetGlean.

45 citations


ReportDOI
01 Sep 2002
TL;DR: This document provides guidelines for federal organizations' acquisition and use of security-related information technology products and services in the context of larger recommendations regarding security assurance.
Abstract: : This document provides guidelines for federal organizations' acquisition and use of security-related information technology (IT) products and services. NIST's advice is provided in the context of larger recommendations regarding security assurance.

01 Jan 2002
TL;DR: It is argued that there is significant benefit in providing multiple progressively stronger layers of security for hosts connecting to the Internet, and that this multi-layered approach allows early discard of packets associated with attacks, which reduces server vulnerability to computational denial of service attacks via heavyweight cryptography calculations.
Abstract: This paper argues that there is significant benefit in providing multiple progressively stronger layers of security for hosts connecting to the Internet. It claims that this multi-layered approach allows early discard of packets associated with attacks. This reduces server vulnerability to computational denial-of-service attacks via heavyweight cryptography calculations. To this end, it presents three techniques that allow TCP/IP services to be concealed from non-authorized users of said services, while still allowing access to the services for authorized users. These techniques can be entirely implemented at the edges of the network and require no changes to the interior of the network. They work alongside, and augment, existing protocols making deployment practical.

01 Jan 2002
TL;DR: A definition of network denial of service is proposed, and a simple network model is demonstrated that can be used to construct a taxonomy ofNetwork denial-of-service attacks, providing a means of categorizing existing attacks and demonstrating how future attacks might be constructed.
Abstract: Recent network denial-of-service attacks have brought about awareness of the vulnerability of increasingly important network services. While denial of service is not a new problem, and some of the network aspects of denial of service have been addressed, there is currently no unifying definition of what constitutes network denial of service. The goal of this paper is to propose a definition of network denial of service, and to demonstrate a simple network model that can be used to construct a taxonomy of network denial-of-service attacks. This taxonomy provides a means of categorizing existing attacks and demonstrating how future attacks might be constructed, as well as providing a simple a precise way of describing attacks.

Proceedings Article
01 Jan 2002
TL;DR: This paper presents an agent based network vulnerability analysis framework and shows how this framework can be used to analyze and quantify the system vulnerability under a Distributed Denial of Service (DDOS) attack scenario.
Abstract: With increasing faults and attacks on the Internet infrastructure, there is an urgent need to develop techniques to analyze network and service vulnerability under organized fault attacks. Network vulnerability refers to the impact of attacks and faults on network and system behaviors. An accurate vulnerability analysis requires a deep understanding of failure modes and effects on each of the network components and the knowledge of how these components are inter-related at each point in time to various applications in a networked system. In this paper we present an agent based network vulnerability analysis framework and show how our framework can be used to analyze and quantify the system vulnerability under a Distributed Denial of Service (DDOS) attack scenario. Our approach can be described in terms of three steps: 1) Vulnerability Metrics – In this step we identify the metrics to be used to analyze the network vulnerability; 2) System State Characterization – In this step we define the thresholds to be used to characterize the node/system state to be in one of three states: Normal State, Uncertain State, and Vulnerable State and 3) Vulnerability Index Evaluation – In this step we evaluate the vulnerability of the network or application with respect to the vulnerability metrics defined in the first step. The vulnerability index can also be used as an indicator to trigger proactive and survivable methodologies to aid fast recovery at the earliest possible stages.

Patent
14 Feb 2002
TL;DR: In this paper, a system and method for quantitatively assessing the vulnerability of a computer network, comprised of elementary network elements each having at least one host, to external attack is presented.
Abstract: A system and method for quantitatively assessing the vulnerability of a computer network, comprised of elementary network elements each having at least one host, to external attack. The method produces a quantitative assessment that is repeatable and can be compared to a quantitative assessment of a separate network to determine the relative vulnerability of the network. The quantitative assessment is a function of the quantitative assessment of each elementary network unit, which is derived by classifying each port on each host and subsequently determining a quantitative vulnerability rating for the elementary network unit in accordance with the classification of each port on each host.

Patent
21 Jun 2002
TL;DR: In this article, a methodology of evaluating computer security vulnerabilities in computer products for domain-specific characteristics, statistical trends, and innovative mitigation strategies is presented, which can be programmed into a computer system.
Abstract: A methodology of evaluating computer security vulnerabilities in computer products for domain-specific characteristics, statistical trends, and innovative mitigation strategies is presented. The methodology can be programmed into a computer system. Raw security vulnerability data pertaining to a computer product to be analyzed is culled from a pool of trusted resources. Redundant data is combined into separate mutually exclusive records and parsed using a hierarchical taxonomy of security characteristics and security analysis terms. The taxonomy serves to harmonize disparate terminology through the use of canonical terms that equate multiple synonymous terms with the canonical term. The taxonomy also serves to categorize the vulnerability according to a hierarchy of categories and sub-categories so that it may be logically processed and presented to an analyst. Data pertaining to a computer product can be analyzed independently, in composite classes of products, or compared against data that has been similarly obtained and processed for peer products.

Journal ArticleDOI
TL;DR: Cadets from three military institutions built networks and defended them against a week of attacks led by the National Security Agency in 2001, and are preparing future network designers and administrators to think more strategically.
Abstract: In 2001, cadets from three military institutions built networks and defended them against a week of attacks led by the National Security Agency. The trial-by-fire exercise; which repeats in 2002, is a step toward preparing future network designers and administrators to think more strategically.

Patent
04 Oct 2002
TL;DR: In this paper, a method and system can be used to manage at least one asset in an enterprise, where the methods and systems include providing a first server, the first server configured to include at least 1 asset profile associated with the at least single asset, and receiving at the firstserver, in response to a request to a distinct second server (the second server is outside the control of the Enterprise).
Abstract: The disclosed method and system can be used to manage at least one asset (104) in an Enterprise (106), where the methods and systems include providing a first server, the first server configured to include at least one asset profile associated with the at least one asset (104), the first server controlled by the Enterprise, and receiving at the first server, in response to a request to a distinct second server (102), data associated with at least one vulnerability associated with the at least one asset (104), where the second server (102) is outside the control of the Enterprise (106).

Proceedings ArticleDOI
29 May 2002
TL;DR: The design and implementation of the Intrusion Blocker based on Active Networks (IBAN) is described, a vulnerability scanner and intrusion blocker that can provide interim protection against a limited and changing set of high-likelihood or high-priority threats.
Abstract: As attackers use automated methods to inflict widespread damage on vulnerable systems connected to the Internet, it has become painfully clear that traditional manual methods of protection do not suffice. This paper discusses an intrusion prevention approach, including its prototype, based on active networks that helps to provide rapid response to vulnerability advisories. We describe the design and implementation of the Intrusion Blocker based on Active Networks (IBAN), a vulnerability scanner and intrusion blocker that can provide interim protection against a limited and changing set of high-likelihood or high-priority threats. It is expected that this mechanism would be easily and adaptively configured and deployed to keep pace with the ever-evolving threats on the Internet.

01 Jan 2002
TL;DR: This paper introduces a new paradigm for transportation risk management and recommends actions that will enable security considerations to become an integral part of Transportation risk management.
Abstract: Over the past decade, risk management has been evolving into a core business practice in government and industry. In the transportation sector, the overarching risk management objective has been to reduce accident likelihood and severity. Where hazardous materials shipments are involved, this extends to spill prevention and mitigating the consequences when a release occurs. Until recently, the approach to transportation risk management assumed that when manmade disasters occurred, they were accidental in nature and not due to malicious intent. Terrorist activities, culminating with the tragic events of September 11, 2001, have dramatically changed this landscape. In particular, we have learned that assessment of transportation risk must be performed with a more expanded scope to accommodate terrorism scenarios that heretofore would have been considered so unlikely that they did not warrant risk management attention. Similarly, emergency responders must be able to handle impacts far beyond what was previously imaginable in terms of number of victims, deployment of response resources and agency coordination. Given these circumstances, it is apparent that decision-makers need to employ a new paradigm for transportation risk management. In particular, this paradigm must: 1) more explicitly consider security threat and vulnerability, and 2) integrate security considerations into the overall framework for addressing natural and man-made disasters, be they accidental or planned. This paper introduces this paradigm and recommends actions that will enable security considerations to become an integral part of transportation risk management.

Proceedings ArticleDOI
06 Nov 2002
TL;DR: This work shows a more serious general vulnerability in that packets can be crafted to match attack signatures such that alarms can be selectively triggered allowing a target IDS to be externally controlled by a malicious attacker.
Abstract: We introduce a new class of attack against a network signature-based intrusion detection system (IDS) which we have tested using SNORT and we call "squealing". This vulnerability has significant implications since it can be generalized to any IDS. While signature-based IDSs have implementation problems with high false positive rates that require tuning, we show a more serious general vulnerability in that packets can be crafted to match attack signatures such that alarms can be selectively triggered allowing a target IDS to be externally controlled by a malicious attacker.

Proceedings ArticleDOI
G. Perkins1, P. Bhattacharya1
07 Nov 2002
TL;DR: The idea of hiding secret keys in the heuristic solutions of NP-hard problems and some other well known methods are introduced to help heighten the level of security of this system.
Abstract: We introduce the notion of a k-time license for digital content and a method for ensuring its security via a k-time encryption scheme. A k-times license is an agreement that legally allows the purchaser to use the licensed material at most k times. The digital content is only accessible through a provided application that decrypts and re-encrypts the content according to our k-time encryption scheme. The application must use secret keys during this process, a vulnerability since the application resides on the user's PC or electronic device. To help heighten the level of security of our system, we also introduce the idea of hiding secret keys in the heuristic solutions of NP-hard problems and then further extend the security with some other well known methods.

01 Mar 2002
TL;DR: It is demonstrated that it is reasonably easy to subvert an information system by inserting software artifices that would enable a knowledgeable attacker to obtain total and virtually undetectable control of the system.
Abstract: : This thesis demonstrates that it is reasonably easy to subvert an information system by inserting software artifices that would enable a knowledgeable attacker to obtain total and virtually undetectable control of the system. Recent security incidents are used to show that means motive and opportunity exist for an attack of this nature. Subversion is the most attractive option to the professional attacker willing to invest significant time and money to avoid detection and obtain a significant payoff. The objective here is to raise awareness of the risk posed by subversion so that the decision makers responsible for the security of information systems can make informed decisions. To this end this work provides a complete demonstration of a subverted system. It is shown how a few lines of code can result in a very significant vulnerability. The responsibility to defend information systems cannot adequately be met without considering this threat. Addressing this threat gets to the very nature of the security problem which requires proving the absence of something namely a malicious artifice. Several techniques for demonstrating security are shown to be inadequate in the face of this threat. Finally a solution is presented with a proposal for future work.

Book
10 Jul 2002
TL;DR: This book discusses the structure and vulnerability of the Internet, and the taxonomies of Internet Security, in part I and part II, as well as the use of the Dictionary and its applications.
Abstract: Preface.- Using the Dictionary.- Acknowledgments.- Part I: Structure and Vulnerability of the Internet.- Part II: Taxonomies of Internet Security. Dictionary.- Part III: Abbreviations and Organizations.- Appendices.

01 Jan 2002
TL;DR: An automated diagnosis system designed to focus investigation on the evidence most likely to reveal a hacker’s method is described.
Abstract: Upon discovery, security administrators must determine how computer system intrusions were accomplished to prevent their reoccurrence. This paper describes an automated diagnosis system designed to focus investigation on the evidence most likely to reveal a hacker’s method. The system takes as input victim configuration and vulnerability information and a description of the unauthorized access gained by the attacker. With this information and templates describing hacker exploits and computer actions the system generates possible attack sequences. Because it is impossible to know everything the attacker might be aware of or have done, attack hypotheses can include assumptions where there is no apparent action to accomplish part of an attack. The hypothetical attacks are next simulated on a model of the victim network. Successful simulation indicates a feasible means of accomplishing the unauthorized access. The simulation generates representative log entries that a pattern matching subsystem compares to system records. Close matches are indicators that the associated hypothesis was the means of attack.

01 Feb 2002
TL;DR: The concept of maritime domain awareness (MDA) as mentioned in this paper was proposed to detect potential threats in or to transportation can be significantly improved through effective use of information that, to a great extent, is already available.
Abstract: Overview Much has been written in the aftermath of September 11 on the porosity of America's borders and the failure of various agencies to share, fuse, analyze, and exploit available information to stop foreign threats before they enter the country. The resources and methods available to U.S. border control agencies appear to be no match for the myriad threats that could arrive from outside the country. Nowhere is the gap between vulnerability and capability greater than along the Nation's sea borders. Asymmetrical military and terrorist threats have a natural gateway into America via the marine transportation system. In the uncertainty following the September attacks, the immediate response of security services around the country--the Coast Guard included--was to shut down the systems under their control until measures were taken to ensure that additional attacks were not already in progress. These system stoppages were generally short-lived because the economic impacts were intolerable, not only in dollar costs but also in potential loss of access to the essentials of daily American life. The United States is a trading nation, both domestically and globally, and relatively unimpeded movement of goods and people is necessary for its economy to function. Transportation is our social and economic cardiovascular system, and ensuring its continuation is vital. The post-attack shutdowns were a tourniquet to control bleeding but had to be released quickly to preserve the patient. Given the importance of international goods and materials to the American economy, closing our borders for more than a short period is infeasible. Furthermore, with our growing reliance on just-in-time delivery of foreign goods, even slowing the flow long enough to inspect either all or a statistically significant random selection of imports would be economically intolerable. However, the transportation system, especially the maritime component, remains highly vulnerable to attack or other exploitation by terrorists. Thus, a major challenge facing the responsible agencies in the post-September 11 "new normalcy" is to develop border controls and transportation security measures that reduce the threat of the national transportation system's being used either as a weapon or as an essential logistic link in some other kind of attack. (1) Moreover, we must develop ways to better protect the Nation without sacrificing economic vitality or overwhelming the Federal, state, local, and corporate budgets. Information is the key. Our national ability to detect potential threats in or to transportation can be significantly improved through effective use of information that, to a great extent, is already available. With sufficient advance information on inbound ships, cargoes, crews, and passengers, the various border control agencies will be better able to separate the good from the bad and intercept the bad before it becomes a problem for the country. This notion--exploiting available information to discern threats and concentrate resources to stop them--is at the heart of the maritime domain awareness (MDA) concept. Maritime domain awareness is the effective knowledge of all activities and elements in the maritime domain that could represent threats to the safety, security, or environment of the United States or its citizens. The objective is timely delivery of actionable information, drawn from all available sources, to the appropriate law enforcement agency or military command. A properly conceived system could be built so that it actually expedites cargoes carried by participating responsible shippers, thus facilitating commerce rather than impeding it. In an earlier paper, we offered a more comprehensive view of the homeland security challenge facing the Nation and suggested that a truly national strategy should be both broad and based on risk management principles. (2) We also suggested that--in addition to using the traditional national security tools of military power, diplomatic influence, and economic power--the Nation will have to use civil authority at the Federal, state, and local levels in ways not seen before in this country. …

01 Jan 2002
TL;DR: Fourie et al. as mentioned in this paper used human security as the conceptual looking glass through which to ascertain the causes and effects of the unfolding disaster of HIV/AIDS in Southern Africa, focusing specifically on the implications for demographic, food, political and macroeconomic security.
Abstract: The altered conception of “security” and the introduction of its “human” angle specifically in the post-Cold War context implies cogent reassessments of issues pertaining to sustainable development and international politics. HIV/AIDS is one such an issue that has and will continue to have a significant impact on the dynamics of “who gets what, where, when and how” in Southern Africa. This article addresses the socio-political impact of this disease in the region, using “human security” as the conceptual looking glass through which to ascertain the causes and effects of the unfolding disaster. This is achieved by focusing specifically on the implications for demographic, food, political and macro-economic security, and the effect this has on governments’ ability to provide essential services. The article concludes by enjoining specifically political and other social scientists to redouble their intellectual efforts at analysing and addressing the origin, prevalence and social consequences of HIV/AIDS. HUMAN SECURITY AND HIV/AIDS Traditionally, the concept of ‘security’ has been interpreted in militaristic terms as the military defence of the state, involving ‘structured violence manifest in state warfare’ (MacLean, 1998:2; see also Bedelsky, 1999:1). Since the end of the Cold War this narrow definition of security has become less relevant (Hadingham, 2000:113). The term ‘human security’ was first officially used in the 1994 Human Development Report of the United Nations (UN) Development Programme. According to the report, the intention of human security is ‘... to capture the post-Cold War peace dividend and redirect those resources towards the development agenda’ (Axworthy, 1999:2). Hubert (1999) expands this conceptualisation, stating that ....in essence, human security means safety for people from both violent and non-violent threats. It is a condition of state of being characterised by freedom from pervasive threats to people’s rights, their safety or even their lives... It is an alternative way of seeing the world, taking people as its point of reference, rather than focusing exclusively on the security or territory of governments. Like other security concepts – national security, economic security, food security – it is about protection. Human security entails taking preventative measures to reduce vulnerability and minimise risk, and taking remedial action where prevention fails. HIV/AIDS does not fit into the traditional definition of security. However, as Hadingham (2000:120) argues, in terms of the post-Cold War human security regime, HIV/AIDS poses a ‘pervasive and non-violent threat to the existence of individuals, as the virus significantly shortens life expectancy, undermined quality of 1 Pieter Fourie (pf@lw.rau.ac.za) lectures Politics at the Rand Afrikaans University in Johannesburg, and Martin Schonteich (martin.s@iss.co.za) is a Senior Researcher with the Institute for Security Studies in Pretoria, South Africa.

Proceedings ArticleDOI
09 Dec 2002
TL;DR: Techniques for remote identification of web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.
Abstract: Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of finger-printing and their application to the identification of Web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.

Journal Article
TL;DR: Vulnerability evaluation of various biometric systems should be conducted and its results should be available to potential users.
Abstract: Vulnerability evaluation of various biometric systems should be conducted and its results should be available to potential users.

Journal ArticleDOI
TL;DR: This paper proposes an innovative way to counteract distributed protocols attacks such as distributed denial of service (DDoS) attacks using intelligent fuzzy agents.
Abstract: In today’s society, information and communications technology (ICT) is the force that drives prosperity and provides a higher standard of living. All other e‐services and infrastructures tend to play a major role in our daily life and global economy. The growing dependence on such systems, however, has increased their vulnerability to cyber attacks. Any failure to these systems typically would lead to a huge impact, not only on businesses, but also human life, that depends on such interconnected systems. The growing potential for telecommunications network infrastructures problems stems from their nature of openness. A successful attempt for a network attack to a particular organization’s network could have devastating effects on the security of the organisation. In this paper we propose an innovative way to counteract distributed protocols attacks such as distributed denial of service (DDoS) attacks using intelligent fuzzy agents.