Vulnerabilities of Unattended Face Verification Systems to Facial Components-based Presentation Attacks: An Empirical Study

As face presentation attacks (PAs) are realistic threats for unattended face verification systems, face presentation attack detection (PAD) has been intensively investigated in past years, and the recent advances in face PAD have significantly reduced the success rate of such attacks. In this article, an empirical study on a novel and effective face impostor PA is made. In the proposed PA, a facial artifact is created by using the most vulnerable facial components, which are optimally selected based on the vulnerability analysis of different facial components to impostor PAs. An attacker can launch a face PA by presenting a facial artifact on his or her own real face. With a collected PA database containing various types of artifacts and presentation attack instruments (PAIs), the experimental results and analysis show that the proposed PA poses a more serious threat to face verification and PAD systems compared with the print, replay, and mask PAs. Moreover, the generalization ability of the proposed PA and the vulnerability analysis with regard to commercial systems are also investigated by evaluating unknown face verification and real-world PAD systems. It provides a new paradigm for the study of face PAs.

Vulnerability Analysis against Natural and Technological Threats: A Comparative Assessment in Tehran Metropolis Gas Supply Network

Resilience as a counterpoint to vulnerability can reduce the vulnerability of various natural, man-made, and technological threats in complex technical systems. The present study was designed and conducted with the aim of comparative assessment of the vulnerability of a gas supply network to natural and technological threats. This descriptive-analytical and cross-sectional study was carried out in Tehran metropolis gas supply network including town board stations, gas supply, and distribution networks in 2019-2020. The study was based on the vulnerability analysis method including three factors of likelihood, severity of consequences, and the degree of preparedness for threats. Comparative vulnerability assessment in these three sections of the gas supply network was performed using IBM SPSS software v. 23.0. Out of eleven identified hazardous elements, the vulnerability index for three hazardous elements was estimated as a weak level threat; four hazardous elements as a medium level threat and the vulnerability index for four hazards were evaluated as a severe threat. The results of comparative vulnerability assessment based on three parts of gas supply network showed that the highest vulnerabilities related to the gas distribution network (133.66±24.63), gas supply network (115.0±35.35), and town board stations (79.49±68.51. In addition, the results of Kruskal-Wallis test showed that the vulnerability difference in these three sections was not significant (p>0.05). The findings of the comparative assessment of vulnerability between different parts of the gas supply network including town board stations (TBS), gas supply and distribution network indicated that the resilience of these parts is relatively low and requires special attention in order to reduce vulnerability in Tehran metropolis gas supply network.

Seismic Fragility Analysis of Low-Rise RC Buildings with Brick Infills in High Seismic Region with Alluvial Deposits

Most of the reinforced concrete buildings in Nepal are low-rise construction, as this type of construction is the most dominant structural form adopted to construct residential buildings in urban and semi-urban neighborhoods throughout the country. The low-rise residential constructions generally follow the guidelines recommended by the Nepal Building Code, especially the mandatory rules of thumb. Although low-rise buildings have brick infills and are randomly constructed, infill walls and soil–structure interaction effects are generally neglected in the design and assessment of such structures. To this end, bare frame models that are used to represent such structures are questionable, especially when seismic vulnerability analysis is concerned. To fulfil this gap, we performed seismic vulnerability analysis of low-rise residential RC buildings considering infill walls and soil–structure interaction effects. Considering four analysis cases, we outline comparative seismic vulnerability for various analysis cases in terms of fragility functions. The sum of observations highlights that the effects of infills, and soil–structure interaction are damage state sensitive for low-rise RC buildings. Meanwhile, the design considerations will be significantly affected since some performance parameters are more sensitive than the overall fragility. We also observed that the analytical fragility models fundamentally overestimate the actual seismic fragility in the case of low-rise RC buildings.

PERBANDINGAN SISTEM AUTENTIKASI WPA2 EAP-PSK PADA JARINGAN WIRELESS DENGAN METODE PENETRATION TESTING MENGGUNAKAN FLUXION TOOLS

aringan Nirkabel merupakan sekumpulan perangkat elektronik yang menghubungkan satu dengan yang lain memanfaatkan perangkat udara alias frekuensi jadi alur lintas data. Masa sekarang ini, ada banyak pengguna yang memanfaatkan WPA2-PSK ataupun WPA2-EAP menjadi security system jaringan nirkabel yang bertujuan untuk menghindari orang yang mengakses tanpa izin. Riset ini memakai teknik wireless penetration testing yang memakai fluxion tools dengan membandingkan dan menganalisis security system otentikasi WPA2 dengan EAP-PSK pada jaringan nirkabel yang bertujuan untuk mengetahui kerentanan sebuah sistem keamanan jaringan tersebut. Untuk melaksanakan penetration testing penulis mengacu terhadap “Wireless Network Penetration Testing Methodology.” Yang terdiri dari intelligence gathering, vulnerability analysis, threat modelling, password cracking, dan reporting. Dari penelitian ini akan menyimpulkan WPA2-PSK kurang aman untuk digunakan dikarenakan terlihat pada penetration testing tesrsebut WPA2-PSK berhasil dibobol dalam keadaan SSID unhide­, sedangkan WPA2-EAP berhasil dalam pembuatan Web Interface namun tidak berhasil dalam mendapatkan informasi seperti username dan passwor. Jika WPA2-PSK SSID dalam keadaan hide akan mengagalkan peretasan sehingga dari sistem keamanan kedua tersebut memiliki kelebihan dan kekurangan masing-masing tergantung kebutuhan pengguna.

Teleoperated Surgical Robot Security

Technology has greatly increased the availability of medical procedures in remote locations that are difficult to access, such as battlefields. Teleoperated surgical robots can be used to perform surgeries on patients over the internet in remote locations. A surgeon can remotely operate the robot to perform a procedure in another room or in a different continent. However, security technology has not yet caught up to these cyber-physical devices. There exist potential cybersecurity attacks on these medical devices that could expose a patient to danger in contrast to traditional surgery. Hence, the security of the system is very important. A malicious actor can gain control of the device and potentially threaten the life of a patient. In this chapter, the authors conduct a survey of potential attack vectors a malicious actor could exploit to deny service to the device, gain control of the device, and steal patient data. Furthermore, after the vulnerability analysis, the authors provide mitigation techniques to limit the risk of these attack vectors.

View VULMA: Data Set for Training a Machine-Learning Tool for a Fast Vulnerability Analysis of Existing Buildings

The paper presents View VULMA, a data set specifically designed for training machine-learning tools for elaborating fast vulnerability analysis of existing buildings. Such tools require supervised training via an extensive set of building imagery, for which several typological parameters should be defined, with a proper label assigned to each sample on a per-parameter basis. Thus, it is clear how defining an adequate training data set plays a key role, and several aspects should be considered, such as data availability, preprocessing, augmentation and balancing according to the selected labels. In this paper, we highlight all these issues, describing the pursued strategies to elaborate a reliable data set. In particular, a detailed description of both requirements (e.g., scale and resolution of images, evaluation parameters and data heterogeneity) and the steps followed to define View VULMA are provided, starting from the data assessment (which allowed to reduce the initial sample of about 20.000 images to a subset of about 3.000 pictures), to achieve the goal of training a transfer-learning-based automated tool for fast estimation of the vulnerability of existing buildings from single pictures.