Abstract: Nowadays, the abuse of keyloggers is one of the most widespread approaches to steal sensitive information. In this paper, we propose an On-Screen Prompts Approach to Keyloggers (OSPAK) and its analysis, which is installed in public computers. OSPAK utilizes a canvas to cue users when their keystrokes are going to be logged or ignored by OSPAK. This approach can protect computers against recoding sensitive inputs, which obfuscates keyloggers with letters inserted among users' keystrokes. It adds a canvas below each password field in a webpage and consists of three parts: two background areas, a hit area and a moving foreground object. Letters at different valid time intervals are combined in accordance with their time interval orders, and valid time intervals are interleaved with invalid time intervals. It utilizes animation to visualize valid time intervals and invalid time intervals, which can be integrated in a webpage as a browser extension. We have tested it against a series of known keyloggers and also performed a study with 95 users to evaluate how easily the tool is used. Experimental results made by volunteers show that OSPAK is a simple approach.
Abstract: The diversity and complexity of modern IT systems make it almost impossible for internal teams to find vulnerabilities in all software before the software is officially released. The emergence of threat intelligence and vulnerability reporting policy has greatly reduced the burden on software vendors and organizations to find vulnerabilities. However, to prove the existence of the reported vulnerability, it is necessary but difficult for security incident response team to build a deliberated vulnerable environment from the vulnerability report with limited and incomplete information. This paper presents a structured, standardized, machine-oriented vulnerability intelligence format, that can be used to automate the orchestration of Deliberated Vulnerable Environment (DVE). This paper highlights the important role of software configuration and proof of vulnerable specifications in vulnerability intelligence, and proposes a triad model, which is called DIR (Dependency Configuration, Installation Configuration, Runtime Configuration), to define software configuration. Finally, this paper has also implemented a prototype system to demonstrate that the orchestration of DVE can be automated with the intelligence.
Abstract: One of the leading problems in Cyber Security today
is the emergence of targeted attacks conducted by adversaries with
access to sophisticated tools. These attacks usually steal senior level
employee system privileges, in order to gain unauthorized access to
confidential knowledge and valuable intellectual property. Malware
used for initial compromise of the systems are sophisticated and
may target zero-day vulnerabilities. In this work we utilize common
behaviour of malware called ”beacon”, which implies that infected
hosts communicate to Command and Control servers at regular
intervals that have relatively small time variations. By analysing
such beacon activity through passive network monitoring, it is
possible to detect potential malware infections. So, we focus on
time gaps as indicators of possible C2 activity in targeted enterprise
networks. We represent DNS log files as a graph, whose vertices
are destination domains and edges are timestamps. Then by using
four periodicity detection algorithms for each pair of internal-external
communications, we check timestamp sequences to identify the
beacon activities. Finally, based on the graph structure, we infer the
existence of other infected hosts and malicious domains enrolled in
the attack activities.
Abstract: This investigation develops a revisable method for estimating the estimate value of equivalent 10 Hz voltage flicker (DV10) of a DC Electric Arc Furnace (EAF). This study also discusses three 161kV DC EAFs by field measurement, with those results indicating that the estimated DV10 value is significantly smaller than the survey value. The key point is that the conventional means of estimating DV10 is inappropriate. There is a main cause as the assumed Qmax is too small.
Although DC EAF is regularly operated in a constant MVA mode, the reactive power variation in the Main Transformer (MT) is more significant than that in the Furnace Transformer (FT). A substantial difference exists between estimated maximum reactive power fluctuation (DQmax) and the survey value from actual DC EAF operations. However, this study proposes a revisable method that can obtain a more accurate DV10 estimate than the conventional method.
Abstract: Time base maintenance (TBM) is conventionally applied by the power utilities to maintain circuit breakers (CBs), transformers, bus bars and cables, which may result in under maintenance or over maintenance. As information and communication technology (ICT) industry develops, the maintenance policies of many power utilities have gradually changed from TBM to condition base maintenance (CBM) to improve system operating efficiency, operation cost and power supply reliability. This paper discusses the feasibility of using intelligent electronic devices (IEDs) to construct a CB CBM management platform. CBs in power substations can be monitored using IEDs with additional logic configuration and wire connections. The CB monitoring data can be sent through intranet to a control center and be analyzed and integrated by the Elipse Power Studio software. Finally, a human-machine interface (HMI) of supervisory control and data acquisition (SCADA) system can be designed to construct a CBM management platform to provide maintenance decision information for the maintenance personnel, management personnel and CB manufacturers.
Abstract: Non-synchronous breakage or line failure in power
systems with light or no loads can lead to core saturation in
transformers or potential transformers. This can cause component and
capacitance matching resulting in the formation of resonant circuits,
which trigger ferroresonance. This study employed a wavelet
transform for the detection of ferroresonance. Simulation results
demonstrate the efficacy of the proposed method.
Abstract: Vortices can develop in intakes of turbojet and turbo
fan aero engines during high power operation in the vicinity of solid
surfaces. These vortices can cause catastrophic damage to the engine.
The factors determining the formation of the vortex include both
geometric dimensions as well as flow parameters. It was shown that
the threshold at which the vortex forms or disappears is also
dependent on the initial flow condition (i.e. whether a vortex forms
after stabilised non vortex flow or vice-versa). A computational fluid
dynamics study was conducted to determine the difference in
thresholds between the two conditions. This is the first reported
numerical investigation of the “memory effect". The numerical
results reproduce the phenomenon reported in previous experimental
studies and additional factors, which had not been previously studied,
were investigated. They are the rate at which ambient velocity
changes and the initial value of ambient velocity. The former was
found to cause a shift in the threshold but not the later. It was also
found that the varying condition thresholds are not symmetrical about
the neutral threshold. The vortex to no vortex threshold lie slightly
further away from the neutral threshold compared to the no vortex to
vortex threshold. The results suggests that experimental investigation
of vortex formation threshold performed either in vortex to no vortex
conditions, or vice versa, solely may introduce mis-predictions
greater than 10%.
Abstract: One of the most important power quality issues is voltage flicker. Nowadays this issue also impacts the power system all over the world. The fact of the matter is that the more and the larger capacity of wind generator has been installed. Under unstable wind power situation, the variation of output current and voltage have caused trouble to voltage flicker. Hence, the major purpose of this study is to analyze the impact of wind generator on voltage flicker of power system. First of all, digital simulation and analysis are carried out based on wind generator operating under various system short circuit capacity, impedance angle, loading, and power factor of load. The simulation results have been confirmed by field measurements.
Abstract: Frequently a group of people jointly decide and authorize
a specific person as a representative in some business/poitical
occasions, e.g., the board of a company authorizes the chief executive
officer to close a multi-billion acquisition deal. In this paper, an
integrated proxy multi-signature scheme that allows anonymously
vetoable delegation is proposed. This protocol integrates mechanisms
of private veto, distributed proxy key generation, secure transmission
of proxy key, and existentially unforgeable proxy multi-signature
scheme. First, a provably secure Guillou-Quisquater proxy signature
scheme is presented, then the “zero-sharing" protocol is extended
over a composite modulus multiplicative group, and finally the above
two are combined to realize the GQ proxy multi-signature with
anonymously vetoable delegation. As a proxy signature scheme, this
protocol protects both the original signers and the proxy signer.
The modular design allows simplified implementation with less
communication overheads and better computation performance than
a general secure multi-party protocol.
Abstract: The conventional GA combined with a local search
algorithm, such as the 2-OPT, forms a hybrid genetic algorithm(HGA)
for the traveling salesman problem (TSP). However, the geometric
properties which are problem specific knowledge can be used to
improve the search process of the HGA. Some tour segments (edges)
of TSPs are fine while some maybe too long to appear in a short tour.
This knowledge could constrain GAs to work out with fine tour
segments without considering long tour segments as often.
Consequently, a new algorithm is proposed, called intelligent-OPT
hybrid genetic algorithm (IOHGA), to improve the GA and the 2-OPT
algorithm in order to reduce the search time for the optimal solution.
Based on the geometric properties, all the tour segments are assigned
2-level priorities to distinguish between good and bad genes. A
simulation study was conducted to evaluate the performance of the
IOHGA. The experimental results indicate that in general the IOHGA
could obtain near-optimal solutions with less time and better accuracy
than the hybrid genetic algorithm with simulated annealing algorithm
(HGA(SA)).
Abstract: In order to achieve better road utilization and traffic
efficiency, there is an urgent need for a travel information delivery
mechanism to assist the drivers in making better decisions in the
emerging intelligent transportation system applications. In this paper,
we propose a relayed multicast scheme under heterogeneous networks
for this purpose. In the proposed system, travel information consisting
of summarized traffic conditions, important events, real-time traffic
videos, and local information service contents is formed into layers
and multicasted through an integration of WiMAX infrastructure and
Vehicular Ad hoc Networks (VANET). By the support of adaptive
modulation and coding in WiMAX, the radio resources can be
optimally allocated when performing multicast so as to dynamically
adjust the number of data layers received by the users. In addition to
multicast supported by WiMAX, a knowledge propagation and
information relay scheme by VANET is designed. The experimental
results validate the feasibility and effectiveness of the proposed
scheme.
Abstract: Since IEC61850 substation communication standard represents the trend to develop new generations of Substation Automation System (SAS), many IED manufacturers pursue this technique and apply for KEMA. In order to put on the market to meet customer demand as fast as possible, manufacturers often apply their products only for basic environment standard certification but claim to conform to IEC61850 certification. Since verification institutes generally perform verification tests only on specific IEDs of the manufacturers, the interoperability between all certified IEDs cannot be guaranteed. Therefore the interoperability between IEDs from different manufacturers needs to be tested. Based upon the above reasons, this study applies the definitions of the information models, communication service, GOOSE functionality and Substation Configuration Language (SCL) of the IEC61850 to build the concept of communication protocols, and build the test environment. The procedures of the test of the data collection and exchange of the P2P communication mode and Client / Server communication mode in IEC61850 are outlined as follows. First, test the IED GOOSE messages communication capability from different manufacturers. Second, collect IED data from each IED with SCADA system and use HMI to display the SCADA platform. Finally, problems generally encountered in the test procedure are summarized.
Abstract: In recent years, the development of e-learning is very
rapid. E-learning is an attractive and efficient way for computer
education. Student interaction and collaboration also plays an
important role in e-learning. In this paper, a collaborative web-based
e-learning environment is presented. A wide range of interactive and
collaborative methods are integrated into a web-based environment.
This e-learning environment is designed for information security
curriculum.
Abstract: In hypersonic environments, the aerothermal effect
makes it difficult for the optical side windows of optical guided
missiles to withstand high heat. This produces cracking or breaking,
resulting in an inability to function. This study used computational
fluid mechanics to investigate the external cooling jet conditions of
optical side windows. The turbulent models k-ε and k-ω were
simulated. To be in better accord with actual aerothermal
environments, a thermal radiation model was added to examine
suitable amounts of external coolants and the optical window
problems of aero-thermodynamics. The simulation results indicate that
when there are no external cooling jets, because airflow on the optical
window and the tail groove produce vortices, the temperatures in these
two locations reach a peak of approximately 1600 K. When the
external cooling jets worked at 0.15 kg/s, the surface temperature of
the optical windows dropped to approximately 280 K. When adding
thermal radiation conditions, because heat flux dissipation was faster,
the surface temperature of the optical windows fell from 280 K to
approximately 260 K. The difference in influence of the different
turbulence models k-ε and k-ω on optical window surface temperature
was not significant.
Abstract: Bovine viral diarrhea virus (BVDV) can cause lifelong
persistent infection. One reason for the phenomena is attributed to
BVDV infection to placenta tissue. However the mechanisms that
BVDV invades into placenta tissue remain unclear. To clarify the
molecular mechanisms, we investigated the possible means that
BVDV entered into bovine trophoblast cells (TPC). Yeast two-hybrid
system was used to identify proteins extracted from TPC, which
interact with BVDV envelope glycoprotein E2. A PGbkt7-E2 yeast
expression vector and TPC cDNA library were constructed. Through
two rounds of screening, three positive clones were identified.
Sequencing analysis indicated that all the three positive clones
encoded the same protein clathrin. Physical interaction between
clathrin and BVDV E2 protein was further confirmed by
coimmunoprecipitation experiments. This result suggested that the
clathrin might play a critical role in the process of BVDV entry into
placenta tissue and might be a novel antiviral target for preventing
BVDV infection.
Abstract: This paper presents the design and implementation of a fully integrated transimpedance amplifier (TIA) as the analog frontend receiver for Capacitive Micromachined Ultrasound Transducers (CMUTs) for ultrasound biomicroscope imaging application. The amplifier is designed to amplify the received signals from 17.5MHz to 52.5MHz with a center frequency of 35MHz. The TIA was fabricated in GF 0.18μm 1P6M 30V high voltage process. The measurement results show that the designed amplifier can reach a transimpedance gain of 61.08dBΩ and operating frequency from 17.5MHz to 100MHz with 1VP-P output voltage under 6V power supply.
Abstract: In this work, we examine fluid mixing in a full three-stream mixing channel with longitudinal vortex generators (LVGs) built on the channel bottom by numerical simulation and experiment. The effects of the asymmetrical arrangement and the attack angle of the LVGs on fluid mixing are investigated. The results show that the micromixer with LVGs at a small asymmetry index (defined by the ratio of the distance from the center plane of the gap between the winglets to the center plane of the main channel to the width of the main channel) is superior to the micromixer with symmetric LVGs and that with LVGs at a large asymmetry index. The micromixer using five mixing modules of the LVGs with an attack angle between 16.5 degrees and 22.5 degrees can achieve excellent mixing over a wide range of Reynolds numbers. Here, we call a section of channel with two pairs of staggered asymmetrical LVGs a mixing module. Besides, the micromixer with LVGs at a small attack angle is more efficient than that with a larger attack angle when pressure losses are taken into account.