Powered by Deep Web Technologies
Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

On the Feasibility of Launching the Man-In-The-Middle Attacks on VoIP from Remote Attackers  

E-Print Network (OSTI)

the vulnerabilities of DNS and SIP message handling in the Vonage phone, stealthily become the remote MITM and launch flaw in handling a malformed INVITE message, which allows the remote attacker to remotely crashOn the Feasibility of Launching the Man-In-The-Middle Attacks on VoIP from Remote Attackers Ruishan

Wang, Xinyuan "Frank"

2

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack1  

E-Print Network (OSTI)

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack Acquisition (SCADA) systems that allows us to calculate device vulnerability and help power substation vulnerable to cyber attack. We use graph theory to model electric power control and protection devices

Krings, Axel W.

3

T-554: Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code  

Energy.gov (U.S. Department of Energy (DOE))

Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio.

4

T-569: Adobe Flash SWF File Processing Memory Corruption Remote Code  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Adobe Flash SWF File Processing Memory Corruption Remote 9: Adobe Flash SWF File Processing Memory Corruption Remote Code Execution Vulnerability T-569: Adobe Flash SWF File Processing Memory Corruption Remote Code Execution Vulnerability March 3, 2011 - 3:05pm Addthis PROBLEM: Adobe Flash Player contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. PLATFORM: Adobe Flash Player versions 10.1.102.64 and prior ABSTRACT: Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. reference LINKS: Cisco IntelliShield ID:22576 Adobe Security Update: APSB11-02

5

T-569: Adobe Flash SWF File Processing Memory Corruption Remote Code  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Adobe Flash SWF File Processing Memory Corruption Remote 9: Adobe Flash SWF File Processing Memory Corruption Remote Code Execution Vulnerability T-569: Adobe Flash SWF File Processing Memory Corruption Remote Code Execution Vulnerability March 3, 2011 - 3:05pm Addthis PROBLEM: Adobe Flash Player contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. PLATFORM: Adobe Flash Player versions 10.1.102.64 and prior ABSTRACT: Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. reference LINKS: Cisco IntelliShield ID:22576 Adobe Security Update: APSB11-02

6

V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users  

NLE Websites -- All DOE Office Websites (Extended Search)

5: Cisco Mobility Services Engine Configuration Error Lets 5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously September 5, 2013 - 12:33am Addthis PROBLEM: A vulnerability was reported in Cisco Mobility Services Engine. A remote user can login anonymously. PLATFORM: Cisco Mobility Services Engine ABSTRACT: A vulnerability in Cisco Mobility Services Engine could allow an unauthenticated, remote attacker to connect to a database replication port anonymously via Secure Sockets Layer (SSL). REFERENCE LINKS: SecurityTracker Alert ID: 1028972 CVE-2013-3469 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is due to the misconfiguration of the Oracle SSL service. An attacker could exploit this vulnerability by connecting to an

7

T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Cisco AnyConnect Secure Mobility Client Lets Remote Users 5: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges June 2, 2011 - 4:38pm Addthis PROBLEM: The Cisco AnyConnect Secure Mobility Client is the Cisco next-generation VPN client, which provides remote users with secure IPsec (IKEv2) or SSL Virtual Private Network (VPN) connections to Cisco 5500 Series Adaptive Security Appliances (ASA) and devices that are running Cisco IOS Software. PLATFORM: Cisco AnyConnect Secure Mobility Client Platform & Affected Versions ABSTRACT: Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a

8

T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Cisco Content Services Gateway ICMP Processing Flaw Lets 3: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service July 7, 2011 - 12:41pm Addthis PROBLEM: A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device. PLATFORM: Second Generation only Cisco IOS 12.4(24)MDA3,Cisco IOS 12.4(24)MDA3,Cisco

9

T-710: Apache HTTP Server Overlapping Ranges Denial of Service...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

requirement decreases the likelihood of a successful exploit. Impact: An unauthenticated, remote attacker could exploit this vulnerability to terminate the affected software...

10

U-016: Cisco IOS Software HTTP Service Loading Denial of Service...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device. The...

11

V-201: Cisco Intrusion Prevention System SSP Fragmented Traffic...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

of the code that processes fragmented traffic could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive or cause the...

12

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

13

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

14

V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Samba smbd CPU Processing Loop Lets Remote Users Deny 2: Samba smbd CPU Processing Loop Lets Remote Users Deny Service V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service August 6, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Samba PLATFORM: Samba 3.0.x - 4.0.7 ABSTRACT: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection REFERENCE LINKS: Secunia Advisory SA54436 Samba Security Release CVE-2013-4124 IMPACT ASSESSMENT: Medium DISCUSSION: A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This

15

Remote Denial of Service Attacks and Countermeasures  

E-Print Network (OSTI)

this paper shall be assumed to be 4. The Hlen field specifies the length of the header in 32-bit words. ToS, or type of service, indicates how packets 2 should be treated based on application needs (how they should be queued, etc.). Since the Length field, which specifies the length of the entire datagram in bytes, is 16 bits, the maximum length of an IP packet is 2 --1 bytes [19]. The Identifier field, the Offset field, and one of the flags are used for handling fragmentation and reassembly. Different networks have different MTU's (maximum transmission units), meaning that maximum allowable packet sizes differ from network to network. Thus, a large packet from a network with a large MTU may need to be broken into fragments as it enters a network with a smaller MTU. The end host is responsible for reassembling the fragments. Fragments that will be reassembled into a single packet are given the same identifier. The first fragment has an offset of zero, and for the following fragments, the Offset field contains the offset in bytes from the first fragment. A flag is set in a packet to indicate that more fragments will follow [19]. Time to live (TTL) provides a way to prevent packets from floating around indefinitely in transit to their destinations. At each hop, this field is typically decremented, and the packet is discarded if the TTL field reaches zero. Since several protocols such as TCP and UDP ride on top of IP, the Protocol field is used to specify the higher level protocol to which the IP packet belongs. A checksum is performed to provide a means for determining whether or not the header has been corrupted. The source address and destination address of the packet are specified following the checksum. Options, which are not frequently used, are included at the end...

David Karig And; David Karig; Ruby Lee

2001-01-01T23:59:59.000Z

16

V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks June 24, 2013 -...

17

Attacks on Local Searching Tools  

E-Print Network (OSTI)

The Google Desktop Search is an indexing tool, currently in beta testing, designed to allow users fast, intuitive, searching for local files. The principle interface is provided through a local web server which supports an interface similar to Google.com's normal web page. Indexing of local files occurs when the system is idle, and understands a number of common file types. A optional feature is that Google Desktop can integrate a short summary of a local search results with Google.com web searches. This summary includes 30-40 character snippets of local files. We have uncovered a vulnerability that would release private local data to an unauthorized remote entity. Using two different attacks, we expose the small snippets of private local data to a remote third party.

Nielson, Seth James; Wallach, Dan S

2011-01-01T23:59:59.000Z

18

Probabilistic algebraic attacks  

Science Conference Proceedings (OSTI)

This paper investigates a probabilistic algebraic attack on LFSR-based stream ciphers. We consider two scenarios (S3a and S3b) proposed by Meier et al. at Eurocrypt 2004. In order to derive the probability in this new algebraic attack, we quantify the ... Keywords: algebraic attack, algebraic immunity, annihilator, combination and filter generator, walsh spectrum

An Braeken; Bart Preneel

2005-12-01T23:59:59.000Z

19

Seven Deadliest Network Attacks  

Science Conference Proceedings (OSTI)

Do you need to keep up with the latest hacks, attacks, and exploits effecting networks? Then you need "Seven Deadliest Network Attacks". This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Denial of Service; War Dialing; Penetration 'Testing'; Protocol Tunneling; Spanning Tree Attacks; Man-in-the-Middle; and, Password Replay. Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally. Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how. Institute countermeasures, don't be caught defenseless again, learn techniques to make your computer and network impenetrable.

Prowell, Stacy J [ORNL; Borkin, Michael [None; Kraus, Robert [Solutionary, Inc.

2010-05-01T23:59:59.000Z

20

JC3 Bulletin Archive | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3, 2011 3, 2011 T-636: Wireshark Multiple Flaws Let Remote Users Deny Service Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. June 2, 2011 T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists due to improper validation of program executables downloaded by the Cisco AnyConnect Secure Mobility Client. An unauthenticated, remote attacker could exploit the vulnerability by convincing the targeted user to view a malicious website. If successful, the attacker could execute arbitrary code on the system with the privileges

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

T-557: Microsoft Office Excel Office Art Object Parsing Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability. PLATFORM: Microsoft Office Excel ABSTRACT: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office...

22

U-254: Webmin Flaws Let Remote Authenticated Users Execute Arbitrary...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

System Multiple Vulnerabilities U-255: Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks V-104: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code...

23

Attacking the Kad network  

Science Conference Proceedings (OSTI)

The Kad network, an implementation of the Kademlia DHT protocol, supports the popular eDonkey peer-to-peer file sharing network and has over 1 million concurrent nodes. We describe several attacks that exploit critical design weaknesses in Kad to allow ... Keywords: Kad, P2P, attack, security

Peng Wang; James Tyra; Eric Chan-Tin; Tyson Malchow; Denis Foo Kune; Nicholas Hopper; Yongdae Kim

2008-09-01T23:59:59.000Z

24

Introduction to side channel attacks and non invasive attacks  

Science Conference Proceedings (OSTI)

... FIPS conference side channel attacks and perturbation attacks 7 Pow er analysis Pow er leakage usec m A Instruction fetch Instruction processing ...

2007-09-21T23:59:59.000Z

25

Extending the resynchronization attack  

Science Conference Proceedings (OSTI)

Synchronous stream ciphers need perfect synchronization between sender and receiver. In practice, this is ensured by a resync mechanism. Daemen et al. [10] first described attacks on ciphers using such a resync mechanism. In this paper, we extend their ...

Frederik Armknecht; Joseph Lano; Bart Preneel

2004-08-01T23:59:59.000Z

26

Beware of BGP attacks  

Science Conference Proceedings (OSTI)

This note attempts to raise awareness within the network research community about the security of the interdomain routing infrastructure. We identify several attack objectives and mechanisms, assuming that one or more BGP routers have been compromised. ...

Ola Nordström; Constantinos Dovrolis

2004-04-01T23:59:59.000Z

27

JC3 High Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2, 2011 2, 2011 T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists due to improper validation of program executables downloaded by the Cisco AnyConnect Secure Mobility Client. An unauthenticated, remote attacker could exploit the vulnerability by convincing the targeted user to view a malicious website. If successful, the attacker could execute arbitrary code on the system with the privileges of the user. Cisco confirmed the vulnerability in a security advisory and released software updates. May 31, 2011

28

Metrics for Assessment of Smart Grid Data Integrity Attacks  

Science Conference Proceedings (OSTI)

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01T23:59:59.000Z

29

T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

704: RSA enVision Lets Remote Users View Files and Remote 704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password August 29, 2011 - 3:45am Addthis PROBLEM: Allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox. PLATFORM: RSA enVision Version(s): 3.x, 4.x ABSTRACT: RSA enVision lets remote users view files and remote authenticated users obtain password. reference LINKS: SecurityTracker Alert ID: 1025979 CVE-2011-2736 CVE-2011-2737 RSA enVision Product Security IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA enVision. A remote user can view files on the target system. A remote authenticated user can obtain

30

T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: RSA enVision Lets Remote Users View Files and Remote 4: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password August 29, 2011 - 3:45am Addthis PROBLEM: Allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox. PLATFORM: RSA enVision Version(s): 3.x, 4.x ABSTRACT: RSA enVision lets remote users view files and remote authenticated users obtain password. reference LINKS: SecurityTracker Alert ID: 1025979 CVE-2011-2736 CVE-2011-2737 RSA enVision Product Security IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA enVision. A remote user can view files on the target system. A remote authenticated user can obtain

31

GPS software attacks  

Science Conference Proceedings (OSTI)

Since its creation, the Global Positioning System (GPS) has grown from a limited purpose positioning system to a ubiquitous trusted source for positioning, navigation, and timing data. To date, researchers have essentially taken a signal processing approach ... Keywords: gps, rf attacks, security

Tyler Nighswander; Brent Ledvina; Jonathan Diamond; Robert Brumley; David Brumley

2012-10-01T23:59:59.000Z

32

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...

33

Beware of BGP Attacks  

E-Print Network (OSTI)

This note attempts to raise awareness within the network research community about the security of the interdomain routing infrastructure. We identify several attack objectives and mechanisms, assuming that one or more BGP routers have been compromised. Then, we review the existing and proposed countermeasures, showing that they are either generally ineffective (route filtering), or probably too heavyweight to deploy (S-BGP). We also review several recent proposals, and conclude by arguing that a significant research effort is urgently needed in the area of routing security.

Ola Nordström; Constantinos Dovrolis

2004-01-01T23:59:59.000Z

34

U-016: Cisco IOS Software HTTP Service Loading Denial of Service  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

16: Cisco IOS Software HTTP Service Loading Denial of Service 16: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability U-016: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability October 21, 2011 - 9:00am Addthis PROBLEM: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability . PLATFORM: Cisco IOS Software ABSTRACT: An unauthenticated, remote attacker could exploit this vulnerability to cause a targeted device to stop responding, resulting in a DoS condition. reference LINKS: CISCO Security Intelligence Operations IntelliShield ID: 24436 CVE-2011-2586 IMPACT ASSESSMENT: Medium Discussion: Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device. The vulnerability is due to improper

35

JC3 Medium Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

January 27, 2011 January 27, 2011 T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these vulnerabilities. January 27, 2011 T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker

36

T-710: Apache HTTP Server Overlapping Ranges Denial of Service  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

10: Apache HTTP Server Overlapping Ranges Denial of Service 10: Apache HTTP Server Overlapping Ranges Denial of Service Vulnerability T-710: Apache HTTP Server Overlapping Ranges Denial of Service Vulnerability September 6, 2011 - 3:09am Addthis PROBLEM: Apache HTTP Server contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. PLATFORM: Apache HTTP Server versions 2.2.19 and prior ABSTRACT: Apache HTTP Server Overlapping Ranges Denial of Service Vulnerability. reference LINKS: FreeBSD VuXML Document Advisory ID: cisco-sa-20110830-apache IBM Alert: swg21512087 Red Hat Advisory: RHSA-2011:1245-1 CVE-2011-3192 CVE-2011-3192 (Update2) IMPACT ASSESSMENT: High Discussion: The vulnerability is due to improper processing of certain user-supplied requests by the affected software. An unauthenticated, remote attacker

37

The cyber-physical attacker  

Science Conference Proceedings (OSTI)

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker ... Keywords: attacker model, cyber-physical systems, cyber-physical threats, security protocol verification

Roberto Vigo

2012-09-01T23:59:59.000Z

38

Control systems under attack?  

E-Print Network (OSTI)

The enormous growth of the Internet during the last decade offers new means to share and distribute both information and data. In Industry, this results in a rapprochement of the production facilities, i.e. their Process Control and Automation Systems, and the data warehouses. At CERN, the Internet opens the possibility to monitor and even control (parts of) the LHC and its four experiments remotely from anywhere in the world. However, the adoption of standard IT technologies to Distributed Process Control and Automation Systems exposes inherent vulnerabilities to the world. The Teststand On Control System Security at CERN (TOCSSiC) is dedicated to explore the vulnerabilities of arbitrary Commercial-Of-The-Shelf hardware devices connected to standard Ethernet. As such, TOCSSiC should discover their vulnerabilities, point out areas of lack of security, and address areas of improvement which can then be confidentially communicated to manufacturers. This paper points out risks of accessing the Control and Automa...

Lüders, Stefan

2005-01-01T23:59:59.000Z

39

T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code,  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Apple Safari Multiple Flaws Let Remote Users Execute 3: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks July 21, 2011 - 1:27am Addthis PROBLEM: Multiple vulnerabilities were reported in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can obtain potentially sensitive information. A remote user can bypass a certificate validation control. PLATFORM: Safari 5.1 and Safari 5.0.6 Products Affected: Safari 5 (Mac OS X 10.6), Safari 5 (Mac OS X 10.5), Product Security, Safari 5.1 (OS X Lion) ABSTRACT: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code,

40

U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Red Hat Certificate System Bugs Let Remote Users Conduct 7: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks July 20, 2012 - 7:00am Addthis PROBLEM: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks PLATFORM: Red Hat Certificate System v8 ABSTRACT: Two vulnerabilities were reported in Red Hat Certificate System. A remote user can conduct cross-site scripting attacks. A remote authenticated user can revoke the CA certificate. reference LINKS: Advisory: RHSA-2012:1103-1 SecurityTracker Alert ID: 1027284 CVE-2012-2662 CVE-2012-3367 IMPACT ASSESSMENT: Medium Discussion: The Agent and End Entity pages do not properly filter HTML code from

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

T-616: PHP Stream Component Remote Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: PHP Stream Component Remote Denial of Service Vulnerability 6: PHP Stream Component Remote Denial of Service Vulnerability T-616: PHP Stream Component Remote Denial of Service Vulnerability May 5, 2011 - 12:59am Addthis PROBLEM: PHP Stream Component Remote Denial of Service Vulnerability PLATFORM: Ubuntu Linux PHP MandrakeSoft Corporate Server MandrakeSoft Enterprise Server MandrakeSoft Linux Mandrake ABSTRACT: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to PHP 5.3.6 are vulnerable. reference LINKS: SecurityFocus IMPACT ASSESSMENT: Medium Discussion: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this

42

V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Flash Plug-in Lets Remote Users Conduct 4: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks June 24, 2013 - 12:56am Addthis PROBLEM: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks PLATFORM: Google Chrome prior to 27.0.1453.116 ABSTRACT: A vulnerability was reported in Google Chrome. REFERENCE LINKS: Stable Channel Update SecurityTracker Alert ID: 1028694 CVE-2013-2866 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted Flash content that, when loaded by the target user, will display the Flash settings in a transparent manner, which may allow the remote user to cause the target user to modify their Flash settings. This may allow the remote user to obtain potentially

43

T-702: Apache web servers that allows a DOS attack | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apache web servers that allows a DOS attack 2: Apache web servers that allows a DOS attack T-702: Apache web servers that allows a DOS attack August 25, 2011 - 8:00pm Addthis PROBLEM: A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by apache PLATFORM: Apache 1.3 all versions, Apache 2 all versions ABSTRACT: Apache web servers that allows a DOS attack. reference LINKS: Apache Advisory Apache Archives CVE-2011-3192 IMPACT ASSESSMENT: High Discussion: Vulnerability commonly manifests itself when static content is made available with compression on the fly through mod_deflate - but other modules which buffer and/or generate content in-memory are likely to be affected as well. Impact: The attack can be done remotely and with a modest number of requests leads

44

Remote medicine  

Science Conference Proceedings (OSTI)

The international oil industry, catalyzed by a surge in exploration and production projects in remote regions, is giving health care for its travelers and expatriates a high priority. L.R. Aalund, the Journal`s Managing Editor--Technology, reports on why and how this is happening now. He covers this in articles on: health care in Russia, air ambulance evacuations, and the deployment of remote paramedics. Aalund gathered the information during trips to Finland and Russia and interviews with oil industry personnel, physicians, and other medical professionals in North America, Europe, and Siberia. Titles of the four topics presented in this special section on remote medicine are as follows: Oil companies focus on emergency care for expats in Russia; Air ambulance plan can be critical; Remote paramedics have high level of training; and Other facets of remote medicine.

NONE

1996-04-29T23:59:59.000Z

45

Coordinated Variable Structure Switching Attacks for Smart Grid  

E-Print Network (OSTI)

The effective modeling and analysis of large-scale power system disturbances especially those stemming from intentional attack represents an open engineering and research problem. Challenges stem from the need to develop intelligent models of cyber-physical attacks that produce salient disruptions and appropriately describe meaningful cyber-physical interdependencies such that they balance precision, scale and complexity. In our research, we present a foundation for the development of a class of intelligent cyber-physical attacks termed coordinated variable structure switching attacks whereby opponents aim to destabilize the power grid through con- trolled switching sequence. Such switching is facilitated by cyber-attack and corruption of communication channels and control signals of the associated switch(es). We provide methods and theorems to construct such attack models and demonstrate their utility in the simulation of extensive system disturbances. Our proposed class of cyber-physical switching attacks for smart grid systems has the potential to disrupt large-scale power system operation within a short interval of time. Through successful cyber intrusion, an opponent can remotely apply a state- dependent coordinated switching sequence on one or more relays and circuit breakers of a power system to disrupt operation. Existence of this switching vulnerability is dependent on the local structure of the power grid. Variable structure systems theory is employed to effectively model the cyber-physical aspects of a smart grid and determine the existence of the vulnerability and construct the destabilizing switching attack sequence. We illustrate the utility of the attack approach assess its impact on the different power system test cases including the single machine infinite bus power system model and the Western Electricity Coordinating Council (WECC) 3-machine 9-bus system through MATLAB/Simulink and PSCAD simulation environment. The results demonstrate the potential of our approach for practical attack. Moreover, we build on our work in several ways. First, we extend the research to demonstrate an approach to mitigation within the variable structure system frame- work. We demonstrate via small signal analysis how through persistent switching a stable sliding mode can be used to disrupt a dynamical system that seems stable. We also design an approach to vulnerability analysis to assess the feasibility of co-ordinated variable structure switching attacks. Moreover, we study the performance of our attack construction approach when the opponent has imperfect knowledge of the local system dynamics and partial knowledge of the generator state. Based on the system with modeling errors, we study the performance of coordinated variable structure switching attacks in the presence of state estimation. Finally, we illustrate the concepts of attack model within the multiple switching framework, the cascading failure analysis is employed in the New-England 10-machine, 39-bus power system using MATLAB/Simulink and DSATools simulation environment. Our results demonstrate the potential for coordinated variable structure switching attacks to enable large-scale power system disturbances.

Liu, Shan

2013-05-01T23:59:59.000Z

46

Remote Sensing  

E-Print Network (OSTI)

Evaluating ecological patterns and processes is crucial for the conservation of ecosystems [1]. In this view, remote sensing is a powerful tool for monitoring their status and change. This involves several tasks like biodiversity estimate, landscape ecology, and species distribution modeling, to name a few [2]. Due to the difficulties associated with field-based data collection [3], the use of remote sensing for estimating ecological status and change is promising since it provides a synoptic view of an area with a high temporal resolution [4]. Of course in some cases remote sensing should be viewed as a help to plan a field survey rather than a replacement of it. Further, its improper use may lead to pitfalls and misleading results. This special issue “Ecological Status and Change by Remote Sensing ” is devoted to provide an almost complete overview of robust methods applied to ecological status and change estimate by remote sensing. The contributions published in this special issue cover most of the ecological fields of research involving remote sensing, in particular: (i) mapping vegetation, species distribution modeling and land use status and change; (ii) estimating environmental processes; (iii) developing landscape ecology metrics; (iv) assessing community biodiversity; and (v) estimating climatic parameters. The authors submitting their manuscript to this special issue of Remote Sensing are amongst the

Duccio Rocchini

2010-01-01T23:59:59.000Z

47

Mobile Malware Attacks and Defense  

Science Conference Proceedings (OSTI)

Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian ... Keywords: Applied, Computer Science, Computers, Handheld Computing, Macintosh, Security, Viruses

Ken Dunham

2008-10-01T23:59:59.000Z

48

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems  

E-Print Network (OSTI)

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems This paper studies the security requirements for remote authentication and communication in smart grid to smart grid systems. For example, in order to unlock the credentials stored in tamper

Wang, Yongge

49

T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

613: Microsoft Excel Axis Properties Remote Code Execution 613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability May 2, 2011 - 7:42am Addthis PROBLEM: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fail to sufficiently validate user-supplied input. PLATFORM: Microsoft Excel (2002-2010) ABSTRACT: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails to sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service

50

T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code 526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability January 3, 2011 - 2:38pm Addthis PROBLEM: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability PLATFORM: Microsoft Internet Explorer 8.0.7600.16385 ABSTRACT: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8.0.7600.16385 is vulnerable; other versions may also be affected. reference LINKS: SecurityFocus - Microsoft Internet Explorer

51

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

42: HP Onboard Administrator Bugs Let Remote Users Gain Access, 42: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

52

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: HP Onboard Administrator Bugs Let Remote Users Gain Access, 2: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

53

V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct 5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks May 14, 2013 - 12:08am Addthis PROBLEM: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks PLATFORM: Tomcat 6.0.21 to 6.0.36, 7.0.0 to 7.0.32 ABSTRACT: A vulnerability was reported in Apache Tomcat. REFERENCE LINKS: Apache Tomcat SecurityTracker Alert ID: 1028534 CVE-2013-2067 IMPACT ASSESSMENT: High DISCUSSION: A remote user can repeatedly send a specially crafted request for a resource requiring authentication while the target user is completing the login form to cause the FORM authentication process to execute the remote user's request with the privileges of the target user.

54

Attacking Automatic Wireless Network Selection  

E-Print Network (OSTI)

Wireless 802.11 networking is becoming so prevalent that many users have become accustomed to having available wireless networks in their workplace, home, and many public places such as airports and coffee shops. Modern client operating systems implement automatic wireless network discovery and known network identification to facilitate wireless networking for the end-user. In order to implement known network discovery, client operating systems remember past wireless networks that have been joined and automatically look for these networks (referred to as Preferred or Trusted Networks) whenever the wireless network adapter is enabled. By examining these implementations in detail, we have discovered previously undisclosed vulnerabilities in the implementation of these algorithms under the two most prevalent client operating systems, Windows XP and MacOS X. With custom base station software, an attacker may cause clients within wireless radio range to associate to the attacker’s wireless network without user interaction or notification. This will occur even if the user has never connected to a wireless network before or they have an empty Preferred/Trusted Networks List. We describe these vulnerabilities as well as their implementation and impact. 1

Dino A. Dai Zovi; Shane A. Macaulay

2005-01-01T23:59:59.000Z

55

T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information,  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain 3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code September 22, 2011 - 8:00am Addthis PROBLEM: Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code. PLATFORM: Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris. Adobe Flash Player 10.3.186.6 and earlier versions for Android. ABSTRACT: An attacker can exploit this issue by enticing an unsuspecting victim into visiting a malicious website. reference LINKS: Adobe Security Bulletin

56

Serial model for attack tree computations  

Science Conference Proceedings (OSTI)

In this paper we extend the standard attack tree model by introducing temporal order to the attacker's decision making process. This will allow us to model the attacker's behaviour more accurately, since this way it is possible to study his actions related ...

Aivo Jürgenson; Jan Willemson

2009-12-01T23:59:59.000Z

57

Sensor network configuration under physical attacks  

Science Conference Proceedings (OSTI)

Sensor networks will typically operate in hostile environments, where they are susceptible to physical attacks resulting in physical node destructions. In this paper, we study impacts of physical attacks on network configuration w.r.t. lifetime. While ... Keywords: deployment, network configuration, network lifetime, physical attacks, physical node destruction, sensor networks

Xun Wang; Wenjun Gu; Kurt Schosek; Sriram Chellappan; Dong Xuan

2009-04-01T23:59:59.000Z

58

CRT RSA algorithm protected against fault attacks  

Science Conference Proceedings (OSTI)

Embedded devices performing RSA signatures are subject to Fault Attacks, particularly when the Chinese Remainder Theorem is used. In most cases, the modular exponentiation and the Garner recombination algorithms are targeted. To thwart Fault Attacks, ... Keywords: RSA, chinese remainder theorem, fault attacks, modular exponentiation, simple power analysis, smart card

Arnaud Boscher; Robert Naciri; Emmanuel Prouff

2007-05-01T23:59:59.000Z

59

REMOTE SENSING GEOLOGICAL SURVEY  

E-Print Network (OSTI)

REMOTE SENSING IN GEOLOGICAL SURVEY OF BRAZIL August/2010 MĂ´nica Mazzini Perrotta Remote Sensing Division Head #12;SUMMARY The Geological Survey of Brazil mission The Remote Sensing Division Main remote, Paleontology, Remote Sensing Director of Hydrology and Land Management But Remote Sensing Division gives

60

JC3 High Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

April 9, 2012 April 9, 2012 U-143: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. April 6, 2012 U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks A remote user can obtain potentially sensitive information. April 2, 2012 U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability The IKEv1 feature of Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected device. March 30, 2012 U-137: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

JC3 Bulletin Archive | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7, 2011 7, 2011 U-006:Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information An unauthenticated attacker could exploit this vulnerability to access sensitive information, including password files and system logs, that could be leveraged to launch subsequent attacks. October 6, 2011 U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers A remote user can access internal servers. October 5, 2011 U-004:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system. October 4, 2011 U-003:RPM Package Manager security update RPM Package Manager Header Validation Flaws Let Remote Users Execute

62

V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks June 5, 2013 - 1:05am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Apple Safari prior to 6.0.5 ABSTRACT: Several vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple Article: HT5785 SecurityTracker Alert ID: 1028627 CVE-2013-0926 CVE-2013-1009 CVE-2013-1012 CVE-2013-1013 CVE-2013-1023 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary

63

U-093: Mozilla Firefox Multiple Flaws Permit Remote Code Execution,  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, 3: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting Attacks U-093: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting Attacks February 1, 2012 - 5:51am Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Firefox. PLATFORM: Linux (Any), UNIX (Any), Windows (Any) Version(s): prior to 3.2.26; prior to 10.0 ABSTRACT: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting. reference LINKS: SecurityTracker Alert ID: 1026605 CVE-2011-3659, CVE-2012-0442 CVE-2012-0443, CVE-2012-0444 CVE-2012-0445, CVE-2012-0446 CVE-2012-0447, CVE-2012-0449 CVE-2012-0450 Vendor Site IMPACT ASSESSMENT:

64

A collusion attack optimization strategy for digital fingerprinting  

Science Conference Proceedings (OSTI)

Collusion attack is a cost-efficient attack for digital fingerprinting. In this article, we propose a novel collusion attack strategy, Iterative Optimization Collusion Attack (IOCA), which is based upon the gradient attack and the principle of ... Keywords: Multimedia security, collusion attack, digital fingerprinting, optimization

Hui Feng; Hefei Ling; Fuhao Zou; Weiqi Yan; Zhengding Lu

2012-09-01T23:59:59.000Z

65

V-085: Cisco Unity Express Input Validation Hole Permits Cross-Site Request  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Cisco Unity Express Input Validation Hole Permits Cross-Site 5: Cisco Unity Express Input Validation Hole Permits Cross-Site Request Forgery Attacks V-085: Cisco Unity Express Input Validation Hole Permits Cross-Site Request Forgery Attacks February 6, 2013 - 1:06am Addthis PROBLEM: Cisco Unity Express Input Validation Hole Permits Cross-Site Request Forgery Attacks PLATFORM: Cisco Unity Express prior to 8.0 ABSTRACT: A vulnerability was reported in Cisco Unity Express. REFERENCE LINKS: Cisco Security Notice SecurityTracker Alert ID: 1028075 CVE-2013-1120 IMPACT ASSESSMENT: Medium DISCUSSION: Cisco Unity Express software prior to version 8.0 contains vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross site request forgery attacks. The vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by

66

JC3 Bulletin Archive | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

21, 2011 21, 2011 U-016: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability An unauthenticated, remote attacker could exploit this vulnerability to cause a targeted device to stop responding, resulting in a DoS condition October 20, 2011 U-015: CiscoWorks Common Services Home Page Input Validation Flaw Lets Remote Users Execute Arbitrary Commands Successful exploitation of this vulnerability may allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator. October 19, 2011 U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or execute

67

Cybersecurity - Foiling attackers | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

changing the Internet addresses of protected servers, Oak Ridge National Laboratory's Craig Shue has created a technology that thwarts attacks with just minor changes in...

68

Non-Invasive Attack Testing Workshop  

Science Conference Proceedings (OSTI)

Non-Invasive Attack Testing Workshop. Purpose: To encourage development of test methods, metrics and tools for evaluating the effectiveness of ...

2013-05-14T23:59:59.000Z

69

Heat-ray: combating identity snowball attacks using machinelearning, combinatorial optimization and attack graphs  

Science Conference Proceedings (OSTI)

As computers have become ever more interconnected, the complexity of security configuration has exploded. Management tools have not kept pace, and we show that this has made identity snowball attacks into a critical danger. Identity snowball attacks ... Keywords: access control, attack graph, authentication, combinatorial optimization, identity snowball, machine learning, sparsest cut, support vector machine

John Dunagan; Alice X. Zheng; Daniel R. Simon

2009-10-01T23:59:59.000Z

70

V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning 8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks January 28, 2013 - 12:32am Addthis PROBLEM: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks PLATFORM: WordPress all versions are affected prior to 3.5.1 ABSTRACT: WordPress 3.5.1 Maintenance and Security Release REFERENCE LINKS: WordPress News SecurityTracker Alert ID: 1028045 Secunia Advisory SA51967 IMPACT ASSESSMENT: Medium DISCUSSION: Several scripts do not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the WordPress software and will run in the security

71

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting 6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions November 16, 2012 - 6:00am Addthis PROBLEM: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions. PLATFORM: RSA Data Protection Manager Appliance versions 2.7.x and 3.x ABSTRACT: Two vulnerabilities were reported in RSA Data Protection Manager. REFERENCE LINKS: SecurityTracker Alert ID: 1027781 EMC Identifier: ESA-2012-055 RSA Worldwide Customer Support CVE-2012-4612 CVE-2012-4613 IMPACT ASSESSMENT: Medium DISCUSSION: Two vulnerabilities were reported in RSA Data Protection Manager. A remote

72

Page not found | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

691 - 27700 of 31,917 results. 691 - 27700 of 31,917 results. Article T-590: HP Diagnostics Input Validation Hole Permits Cross-Site Scripting Attacks A potential security vulnerability has been identified in HP Diagnostics. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). http://energy.gov/cio/articles/t-590-hp-diagnostics-input-validation-hole-permits-cross-site-scripting-attacks Article T-539: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user. If the user holds elevated privileges, the attacker could execute arbitrary code that results in complete system compromise. http://energy.gov/cio/articles/t-539-adobe-acrobat-reader-and-flash-player-arbitrary-code-execution-vulnerability

73

Higher Order Differential Attack of Camellia (II)  

Science Conference Proceedings (OSTI)

Camellia is a 128-bit block cipher, proposed by NTT and Mitsubishi in 2000. It has been shown that 10 round variant without FL function under a 256-bit secret key is attackable by Higher Order Differential Attack and even if FL function is included, ...

Yasuo Hatano; Hiroki Sekine; Toshinobu Kaneko

2002-08-01T23:59:59.000Z

74

Layered security architecture for masquerade attack detection  

Science Conference Proceedings (OSTI)

Masquerade attack refers to an attack that uses a fake identity, to gain unauthorized access to personal computer information through legitimate access identification. Automatic discovery of masqueraders is sometimes undertaken by detecting significant ... Keywords: anomaly detection, intrusion detection system, masquerade detection, user profiling

Hamed Saljooghinejad; Wilson Naik Bhukya

2012-07-01T23:59:59.000Z

75

On scalable attack detection in the network  

Science Conference Proceedings (OSTI)

Current intrusion detection and prevention systems seek to detect a wide class of network intrusions (e.g., DoS attacks, worms, port scans) at network vantage points. Unfortunately, even today, many IDS systems we know of keep per-connection or per-flow ... Keywords: data structures, denial of service, network attacks, routers, scanning, streaming algorithms, syn flooding

Ramana Rao Kompella; Sumeet Singh; George Varghese

2007-02-01T23:59:59.000Z

76

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

77

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

78

U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, 21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information March 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Apple iOS Version(s): prior to 5.1 ABSTRACT: Multiple vulnerabilities were reported in Apple iOS. reference LINKS: SecurityTracker Alert ID: 1026774 Apple Security Updates About the security content of iOS 5.1 Software Update CVE-2012-0641, CVE-2012-0642, CVE-2012-0643, CVE-2011-3453, CVE-2012-0644,

79

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

80

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site 68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code March 2, 2011 - 3:05pm Addthis PROBLEM: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code. PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code. reference LINKS:

82

Smart Grid Integrity Attacks: Characterizations and Countermeasures  

Science Conference Proceedings (OSTI)

Real power injections at loads and generators, and real power flows on selected lines in a transmission network are monitored, transmitted over a SCADA network to the system operator, and used in state estimation algorithms to make dispatch, re-balance and other energy management system [EMS] decisions. Coordinated cyber attacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm. These unobservable attacks present a serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of power meters on lines is presented. This requires O(n2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known secure phase measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyber attacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyber attacks.

Annarita Giani; Eilyan Bitar; Miles McQueen; Pramod Khargonekar; Kameshwar Poolla

2011-10-01T23:59:59.000Z

83

JC3 High Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

28, 2011 28, 2011 T-566: Citrix Secure Gateway Unspecified Vulnerability A vulnerability has been reported in Citrix Secure Gateway, which can be exploited by malicious people to compromise a vulnerable system. February 18, 2011 T-560: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability The Management Center for Cisco Security Agent is affected by a vulnerability that may allow an unauthenticated attacker to perform remote code execution on the affected device. February 17, 2011 T-559: Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution attackers to execute arbitrary code via

84

JC3 Bulletin Archive | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

27, 2011 27, 2011 T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions. September 26, 2011 T-726:Linux-2.6 privilege escalation/denial of service/information leak Vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. September 23, 2011 T-725: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. September 22, 2011 T-724: Microsoft Security Advisory: Fraudulent digital certificates could

85

U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny 6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service February 6, 2012 - 7:00am Addthis PROBLEM: Vulnerability in AIX TCP stack PLATFORM: Version(s): 5.3, 6.1, 7.1 ABSTRACT: A remote user can send a series of specially crafted TCP packets to trigger a kernel panic on the target system. reference LINKS: SecurityTracker Alert ID: 1026640 IBM Security Advisory CVE-2012-0194 IMPACT ASSESSMENT: Medium Discussion: AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially-crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic.

86

A Scalable Framework for Cyber Attack Discovery and Situational...  

NLE Websites -- All DOE Office Websites (Extended Search)

Scalable Framework for Cyber Attack Discovery and Situational Understanding (SITU) May 15, 2013 Problem Statement: Cyber attacks cost commercial and governmental organizations vast...

87

Cyber Security Audit and Attack Detection Toolkit: Bandolier...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This...

88

Cyber Security Audit and Attack Detection Toolkit  

Science Conference Proceedings (OSTI)

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Peterson, Dale

2012-05-31T23:59:59.000Z

89

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code June 6, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Firefox. PLATFORM: Version(s): prior to 13.0 ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can obtain potentially sensitive information. Reference Links: Security Tracker ID 1027120 CVE-2012-0441,CVE-2012-1937 Vendor URL IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2012-1937 , CVE-2012-1938, CVE-2012-1939 ].

90

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code September 1, 2011 - 12:00pm Addthis PROBLEM: gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message. PLATFORM: Pidgin before 2.10.0 on Windows ABSTRACT: Pidgin bugs let remote users deny service and potentially execute arbitrary code. reference LINKS: CVE-2011-3185 CVE-2011-2943 CVE-2011-3184 SecurityTracker Alert ID: 1025961 Pidgin Security Advisories IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Pidgin. A remote user can cause denial of service conditions. A remote user can cause arbitrary code to be

91

Discovering collaborative cyber attack patterns using social network analysis  

Science Conference Proceedings (OSTI)

This paper investigates collaborative cyber attacks based on social network analysis. An Attack Social Graph (ASG) is defined to represent cyber attacks on the Internet. Features are extracted from ASGs to analyze collaborative patterns. We use principle ... Keywords: collaborative attacks, degree centrality, hierarchical clustering, network security

Haitao Du; Shanchieh Jay Yang

2011-03-01T23:59:59.000Z

92

NIST Quantifies Low Levels of 'Heart Attack Risk' Protein  

Science Conference Proceedings (OSTI)

NIST Quantifies Low Levels of 'Heart Attack Risk' Protein. For Immediate Release: November 3, 2009. ...

2012-10-02T23:59:59.000Z

93

T-559: Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution  

Energy.gov (U.S. Department of Energy (DOE))

Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement

94

U-006:Cisco Network Admission Control Manager Directory Traversal Flaw Lets  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6:Cisco Network Admission Control Manager Directory Traversal 6:Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information U-006:Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information October 7, 2011 - 8:45am Addthis PROBLEM: Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information PLATFORM: Cisco NAC Manager software versions 4.8.X Cisco NAC Manager software versions 4.7.X and earlier are not affected ABSTRACT: An unauthenticated attacker could exploit this vulnerability to access sensitive information, including password files and system logs, that could be leveraged to launch subsequent attacks. reference LINKS: Cisco Security Advisory Document ID: 113189

95

Chinese Attack Tools: Chinese cyber-attack tools continue to evolve  

Science Conference Proceedings (OSTI)

Cyber-attacks from China are on the rise. In September 2008, SecureWorks, a leading security services provider, published a report citing the locations of the computers from which the greatest number of cyber attacks were attempted against its clients. ...

Dennis Dwyer

2009-04-01T23:59:59.000Z

96

T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

41: Citrix Provisioning Services Unspecified Flaw Let's Remote 41: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code January 24, 2011 - 5:34pm Addthis PROBLEM: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code PLATFORM: * Provisioning Services 5.1 * Provisioning Services 5.6 ABSTRACT: A vulnerability has been identified in Citrix Provisioning Services that could result in arbitrary code execution. This vulnerability can be triggered by an attacker sending a specially crafted packet to the Provisioning Services server. This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6. reference LINKS:

97

T-711: Fraudulent Google Digital Certificates Could Allow Man-in-the-Middle  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

711: Fraudulent Google Digital Certificates Could Allow 711: Fraudulent Google Digital Certificates Could Allow Man-in-the-Middle Attacks T-711: Fraudulent Google Digital Certificates Could Allow Man-in-the-Middle Attacks September 7, 2011 - 9:30am Addthis PROBLEM: A fraudulent Google.com digital certificate was issued by a certificate authority. This certificate could allow an unauthenticated, remote attacker to access sensitive user data via a man-in-the-middle attack. PLATFORM: Most Microsoft Windows operating systems, DigiNotar is a CA in the Trusted Root Certification Authorities certificate store. Multiple browsers, including Microsoft Internet Explorer, Google Chrome, and Mozilla Firefox could also be configured with the compromised CA as one of their trusted issuers. ABSTRACT: Fraudulent Google Digital Certificates Could Allow Man-in-the-Middle

98

ENGO 435 Remote Sensing LAB 1: INTRODUCTION TO REMOTE SENSING  

E-Print Network (OSTI)

ENGO 435 ­ Remote Sensing Fall 2003 LAB 1: INTRODUCTION TO REMOTE SENSING Due: By 4:30 pm on September 30th Objectives: To familiarize you with: Remote sensing resources on the Internet. Some remote (Metadata). Part A: Remote Sensing Resources There is a wealth of remote sensing information and data

Habib, Ayman

99

Vacuum Vessel Remote Handling  

E-Print Network (OSTI)

FIRE Vacuum Vessel and Remote Handling Overview B. Nelson, T. Burgess, T. Brown, H-M Fan, G. Jones #12;13 July 2002 Snowmass Review: FIRE Vacuum Vessel and Remote Handling 2 Presentation Outline · Remote Handling - Maintenance Approach & Component Classification - In-Vessel Transporter - Component

100

When Utility Bills Attack! | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

When Utility Bills Attack! When Utility Bills Attack! When Utility Bills Attack! March 1, 2010 - 11:05am Addthis Amy Foster Parish It may come as a shock to my college math professor, but where my family's finances are concerned, I'm a budgeter. Just before a new month begins, I take some time to plan for the month's regular bills as well as any special events or holidays that might require setting some extra money aside. I even have a special notebook to track all this financial data (and shopping for a new notebook every year is half the fun of fiscal responsibility). But as proactive as I am with my monthly budgeting, I tend to be reactive when it comes to my monthly utility bills. I take a guess at what my bill will be at the beginning of the month, and then I'm either excited when the

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: PHP File Upload Bug May Let Remote Users Overwrite Files on 7: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System June 15, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in PHP. A remote user may be able to overwrite files on the target system. PLATFORM: PHP prior to 5.3.7 ABSTRACT: PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks. PHP 5.3.6 is vulnerable; other versions may also be affected. reference LINKS: PHP Security Notice PHP CVE-2011-2202 SecurityTracker Alert ID: 1025659 Secunia Advisory: SA44874 CVE-2011-2202 IMPACT ASSESSMENT: High Discussion: The vulnerability lies in the 'SAPI_POST_HANDLER_FUNC()' function in

102

Method for detecting sophisticated cyber attacks  

DOE Patents (OSTI)

A method of analyzing computer intrusion detection information that looks beyond known attacks and abnormal access patterns to the critical information that an intruder may want to access. Unique target identifiers and type of work performed by the networked targets is added to audit log records. Analysis using vector space modeling, dissimilarity matrix comparison, and clustering of the event records is then performed.

Potok, Thomas E. (Oak Ridge, TN)

2008-11-18T23:59:59.000Z

103

Foundations of attack-defense trees  

Science Conference Proceedings (OSTI)

We introduce and give formal definitions of attack-defense trees. We argue that these trees are a simple, yet powerful tool to analyze complex security and privacy problems. Our formalization is generic in the sense that it supports different semantical ...

Barbara Kordy; Sjouke Mauw; Saša Radomirovi?; Patrick Schweitzer

2010-09-01T23:59:59.000Z

104

Extending gibson's attacks on the GPT cryptosystem  

Science Conference Proceedings (OSTI)

In this paper we look at the Gabidulin version of the McEliece cryptosystem (GPT). In order to avoid Gibson's attacks on GPT, several variants have been proposed. We cryptanalyze the variant with column scrambler and the one using reducible rank ...

Raphael Overbeck

2005-03-01T23:59:59.000Z

105

T-725: Cisco Unified Service Monitor and Cisco Unified Operations Manager  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-725: Cisco Unified Service Monitor and Cisco Unified Operations T-725: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code T-725: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code September 23, 2011 - 9:00am Addthis PROBLEM: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code. PLATFORM: Cisco Unified Service Monitor prior to version 8.6 Cisco Unified Operations Manager prior to version 8.6 CiscoWorks LAN Management Solution software releases 3.1, 3.2, and 4.0. ABSTRACT: Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. reference LINKS: Cisco Security Advisory 113173

106

T-560: Cisco Security Advisory: Management Center for Cisco Security Agent  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Cisco Security Advisory: Management Center for Cisco 0: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability T-560: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability February 18, 2011 - 7:00am Addthis PROBLEM: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability. PLATFORM: Cisco Security Agent software releases 5.1, 5.2, and 6.0 are affected by this vulnerability. Note: Only the Management Center for Cisco Security Agent is affected by this vulnerability. Cisco Security Agent installations on end-point workstations or servers are not affected by this vulnerability. ABSTRACT: The Management Center for Cisco Security Agent is affected by a vulnerability that may allow an unauthenticated attacker to perform remote

107

Remote Sensing ENGO 435 Introduction to Remote Sensing  

E-Print Network (OSTI)

1 Remote Sensing ENGO 435 Introduction to Remote Sensing Fall 2003 #12;2 Remote Sensing ENGO 435://www.geomatics.ucalgar.ca/~habib/courses.html #12;3 Remote Sensing ENGO 435 Grading Scheme · Lab Assignments (5 labs): (25% of Total Grade will be reduced by 10% per day for each day overdue. #12;4 Remote Sensing ENGO 435 Programming & Software

Habib, Ayman

108

Remote reset circuit  

SciTech Connect

A remote reset circuit acts as a stand-alone monitor and controller by clocking in each character sent by a terminal to a computer and comparing it to a given reference character. When a match occurs, the remote reset circuit activates the system's hardware reset line. The remote reset circuit is hardware based centered around monostable multivibrators and is unaffected by system crashes, partial serial transmissions, or power supply transients.

Gritzo, Russell E. (West Melbourne, FL)

1987-01-01T23:59:59.000Z

109

Remote reset circuit  

DOE Patents (OSTI)

A remote reset circuit acts as a stand-along monitor and controller by clocking in each character sent by a terminal to a computer and comparing it to a given reference character. When a match occurs, the remote reset circuit activates the system's hardware reset line. The remote reset circuit is hardware based centered around monostable multivibrators and is unaffected by system crashes, partial serial transmissions, or power supply transients. 4 figs.

Gritzo, R.E.

1985-09-12T23:59:59.000Z

110

Remote Sensing News  

Science Conference Proceedings (OSTI)

... Remote Sensing News. (showing 1 - 6 of 6). Photonic Thermometers Release Date: 11/28/2012 Click here for animation more. ...

2010-10-21T23:59:59.000Z

111

Remote Systems Design & Deployment  

Science Conference Proceedings (OSTI)

The Pacific Northwest National Laboratory (PNNL) was tasked by Washington River Protection Solutions, LLC (WRPS) to provide information and lessons learned relating to the design, development and deployment of remote systems, particularly remote arm/manipulator systems. This report reflects PNNL’s experience with remote systems and lays out the most important activities that need to be completed to successfully design, build, deploy and operate remote systems in radioactive and chemically contaminated environments. It also contains lessons learned from PNNL’s work experiences, and the work of others in the national laboratory complex.

Bailey, Sharon A.; Baker, Carl P.; Valdez, Patrick LJ

2009-08-28T23:59:59.000Z

112

Defending against side-channel attacks : DynamoREA  

E-Print Network (OSTI)

Modern computer architectures are prone to leak information about their applications through side-channels caused by micro-architectural side-effects. Through these side-channels, attackers can launch timing attacks by ...

Wen, David, M. Eng. (David Y.). Massachusetts Institute of Technology

2011-01-01T23:59:59.000Z

113

Transparent run-time defense against stack smashing attacks  

Science Conference Proceedings (OSTI)

The exploitation of buffer overflow vulnerabilities in process stacks constitutes a significant portion of security attacks. We present two new methods to detect and handle such attacks. In contrast to previous work, the new methods work with any existing ...

Arash Baratloo; Navjot Singh; Timothy Tsai

2000-06-01T23:59:59.000Z

114

REMOTE SENSING ACTIVITIES Caiti Steele  

E-Print Network (OSTI)

REMOTE SENSING ACTIVITIES Caiti Steele #12;REMOTE SENSING ACTIVITIES Remote sensing of biomass al., 2010) Remote sensing for mapping Ecological States: Spatially-Explicit Representation of State and Steele, in preparation) #12;REMOTE SENSING OF BIOMASS Can reflectance indices derived from Landsat

115

T-713: Blue Coat Reporter Directory Traversal Flaw | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Blue Coat Reporter Directory Traversal Flaw 3: Blue Coat Reporter Directory Traversal Flaw T-713: Blue Coat Reporter Directory Traversal Flaw September 9, 2011 - 10:47am Addthis PROBLEM: A vulnerability was reported in Blue Coat Reporter. A remote user can view files on the target system and gain full control of the target application. PLATFORM: All pre-9.3 versions of Reporter installed on a Windows server are vulnerable. ABSTRACT: Blue Coat Reporter Directory Traversal Flaw Lets Remote Users Gain Full Control. reference LINKS: Blue Coat Security Advisory ID: SA60 SecurityTracker Alert ID: 1026023 About Path Traversal IMPACT ASSESSMENT: High Discussion: Reporter installed on a Windows server is vulnerable to an HTTP directory traversal attack. An unauthenticated user can browse the file system and read any file. Data from these files can be used by an attacker to gain

116

JC3 High Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

May 16, 2011 May 16, 2011 T-623: HP Business Availability Center Input Validation Hole Permits Cross-Site Scripting Attacks The software does not properly filter HTML code from user-supplied input before displaying the input. May 13, 2011 T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability The vulnerability is due to an unspecified error in the affected software when it processes .pdf files. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious .pdf file. When viewed, the file could trigger a memory corruption error that could allow the attacker to execute arbitrary code on the system with the privileges of the user. May 10, 2011 T-620: Microsoft Security Bulletin Advance Notification for May 2011

117

Review: TCP/IP security threats and attack methods  

Science Conference Proceedings (OSTI)

The TCP/IP protocol suite is vulnerable to a variety of attacks ranging from password sniffing to denial of service. Software to carry out most of these attacks is freely available on the Internet. These vulnerabilities-unless carefully controlled-can ... Keywords: IP spoofing, Ping O' Death, SYN flooding, TCP sequence number attack, TCP session hijacking, TCP/IP service threats

B. Harris; R. Hunt

1999-06-01T23:59:59.000Z

118

Countering DoS attacks with stateless multipath overlays  

Science Conference Proceedings (OSTI)

Indirection-based overlay networks (IONs) are a promising approach for countering distributed denial of service (DDoS) attacks. Such mechanisms are based on the assumption that attackers will attack a fixed and bounded set of overlay nodes causing service ... Keywords: key agreement, spread-spectrum communications

Angelos Stavrou; Angelos D. Keromytis

2005-11-01T23:59:59.000Z

119

Intrusion detection of sinkhole attacks in wireless sensor networks  

Science Conference Proceedings (OSTI)

In this paper, we present an Intrusion Detection System designed for wireless sensor networks and show how it can be configured to detect Sinkhole attacks. A Sinkhole attack forms a serious threat to sensor networks. We study in depth this attack by ...

Ioannis Krontiris; Tassos Dimitriou; Thanassis Giannetsos; Marios Mpasoukos

2007-07-01T23:59:59.000Z

120

T-557: Microsoft Office Excel Office Art Object Parsing Remote Code  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Microsoft Office Excel Office Art Object Parsing Remote Code 7: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability T-557: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability February 15, 2011 - 7:00am Addthis PROBLEM: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability. PLATFORM: Microsoft Office Excel ABSTRACT: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. reference LINKS: ZDI-11-041 ZDI Public Disclosure: Microsoft CVE-2011-0979 IMPACT ASSESSMENT: High Discussion: The flaw occurs when parsing a document with a malformed Excel document.

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

91: cURL Lets Remote Users Decrypt SSL/TLS Traffic 91: cURL Lets Remote Users Decrypt SSL/TLS Traffic U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic January 30, 2012 - 6:45am Addthis PROBLEM: A vulnerability was reported in cURL. PLATFORM: Linux (Any), UNIX (Any), Windows (Any) : Version(s): 7.10.6 through 7.23.1 ABSTRACT: A remote user can decrypt SSL/TLS sessions in certain cases. reference LINKS: CVE-2011-3389 SecurityTracker Alert ID: 1026587 Vendor Advisory IMPACT ASSESSMENT: Moderate Discussion: A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions. The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows

122

V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

177: VMware vCenter Chargeback Manager File Upload Handling 177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability June 13, 2013 - 6:00am Addthis PROBLEM: vCenter Chargeback Manager Remote Code Execution PLATFORM: VMware vCenter Chargeback Manager 2.x ABSTRACT: The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution REFERENCE LINKS: Secunia Advisory SA53798 VMWare Security Advisory VMSA-2013-0008 CVE-2013-3520 IMPACT ASSESSMENT: Medium DISCUSSION: The vCenter Chargeback Manager (CBM) contains a flaw in its handling of file uploads. Exploitation of this issue may allow an unauthenticated attacker to execute code remotely. IMPACT: System Access SOLUTION: Vendor recommends updating to version 2.5.1

123

Understanding multistage attacks by attack-track based visualization of heterogeneous event streams  

Science Conference Proceedings (OSTI)

In this paper, we present a method of handling the visualization of hetereogeneous event traffic that is generated by intrusion detection sensors, log files and other event sources on a computer network from the point of view of detecting multistage ... Keywords: attack tracks, intrusion detection, visualization

S. Mathew; R. Giomundo; S. Upadhyaya; M. Sudit; A. Stotz

2006-11-01T23:59:59.000Z

124

Remote electrochemical sensor  

DOE Patents (OSTI)

An electrochemical sensor for remote detection, particularly useful for metal contaminants and organic or other compounds. The sensor circumvents technical difficulties that previously prevented in-situ remote operations. The microelectrode, connected to a long communications cable, allows convenient measurements of the element or compound at timed and frequent intervals and instrument/sample distances of ten feet to more than 100 feet. The sensor is useful for both downhole groundwater monitoring and in-situ water (e.g., shipboard seawater) analysis.

Wang, Joseph (Las Cruces, NM); Olsen, Khris (Richland, WA); Larson, David (Las Cruces, NM)

1997-01-01T23:59:59.000Z

125

T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

73: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute...

126

Analysis of Automated Model against DDoS Attacks  

E-Print Network (OSTI)

Today Distributed Denial of Service (DDoS) attacks are causing major threat to perform online business over the Internet. Recently several schemes have been proposed on how to prevent some of these attacks, but they suffer from a range of problems, some of them being impractical and others not being effective against these attacks. Our previous work proposed an automated model that deals with the overall DDoS problem. With a new packet marking technique and agent design, our approach has many advanced features to minimize the DDoS attacks within a single ISP domain. In this paper we discuss different types of attacks that are possible on our model and propose techniques to counteract the identified attacks. We will also discuss security protocols for communication between different entities in our model.

Udaya Kiran Tupakula

2003-01-01T23:59:59.000Z

127

Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Protecting Intelligent Distributed Power Grids Against Cyber Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Development of a novel distributed and hierarchical security layer specific to intelligent grid design will help protect intelligent distributed power grids from cyber attacks. Intelligent power grids are interdependent energy management systems-encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cybersecurity. Protecting Intelligent Distributed Power Grids Again Cyber Attacks.pdf

128

How to Protect Your Web Server from Attacks  

Science Conference Proceedings (OSTI)

How to Protect Your Web Server from Attacks. ... Web servers are the software programs that make information available over the Internet. ...

2012-11-01T23:59:59.000Z

129

Precision air data support for chem/bio attack response .  

E-Print Network (OSTI)

??The defense response against chemical and biological (Chem/bio) weapons has gained a renewed focus in light of the 11 Sept 2001 terrorist attack. A successful… (more)

Tan, Kwang Liang

2003-01-01T23:59:59.000Z

130

Hydrogen Attack in Creeping Polycrystals Due to Cavitation on ...  

Science Conference Proceedings (OSTI)

Sep 1, 1994 ... Hydrogen Attack (HA) is the development at elevated temperatures of grain boundary cavitation by internal methane gas, which is generated by ...

131

Rapid cooling technology could aid surgery patients, heart attack...  

NLE Websites -- All DOE Office Websites (Extended Search)

cooling technology could aid surgery patients, heart attack victims Diagram shows how ice slurry cools blood INTERNAL COOLING - An ice slurry, delivered through an endotracheal...

132

Thermal Barrier Coatings for Resistance Against Attack by Molten ...  

Science Conference Proceedings (OSTI)

Presentation Title, Thermal Barrier Coatings for Resistance Against Attack by Molten Silicate Deposits from CMAS Sand, Volcanic Ash, or Coal Fly Ash Ingested ...

133

Cyber Security Audit and Attack Detection Toolkit: National SCADA...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

May 2008 This project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and...

134

Trust Anchor Lifecycle Attack Protection | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

secure software providing independent testing, monitoring, and control of energy control system component operation Trust Anchor Lifecycle Attack Protection More Documents...

135

False Data Injection Attacks in Smart Grid: Challenges and ...  

Science Conference Proceedings (OSTI)

... to disrupt the energy distribution of smart ... attacks against distributed energy routing in smart grid. ... on Cyber Technology in Automation, Control, and ...

2012-04-12T23:59:59.000Z

136

Remote radiation dosimetry  

DOE Patents (OSTI)

Disclosed are methods and apparatus for remotely measuring radiation levels. Such are particularly useful for measuring relatively high levels or dosages of radiation being administered in radiation therapy. They are also useful for more general radiation level measurements where remote sensing from the remaining portions of the apparatus is desirable. The apparatus uses a beam generator, such as a laser beam, to provide a stimulating beam. The stimulating beam is preferably of wavelengths shorter than 6 microns, or more advantageously less than 2 microns. The stimulating beam is used to stimulate a remote luminescent sensor mounted in a probe which emits stored luminescent energy resulting from exposure of the sensor to ionizing radiation. The stimulating beam is communicated to the remote luminescent sensor via transmissive fiber which also preferably serves to return the emission from the luminescent sensor. The stimulating beam is advantageously split by a beam splitter to create a detector beam which is measured for power during a reading period during which the luminescent phosphor is read. The detected power is preferably used to control the beam generator to thus produce desired beam power during the reading period. The luminescent emission from the remote sensor is communicated to a suitable emission detector, preferably after filtering or other selective treatment to better isolate the luminescent emission.

Braunlich, Peter F. (Pullman, WA); Tetzlaff, Wolfgang (Pullman, WA); Hegland, Joel E. (Pullman, WA); Jones, Scott C. (Pullman, WA)

1991-01-01T23:59:59.000Z

137

Remote radiation dosimetry  

DOE Patents (OSTI)

Disclosed are methods and apparatus for remotely measuring radiation levels. Such are particularly useful for measuring relatively high levels or dosages of radiation being administered in radiation therapy. They are also useful for more general radiation level measurements where remote sensing from the remaining portions of the apparatus is desirable. The apparatus uses a beam generator, such as a laser beam, to provide a stimulating beam. The stimulating beam is preferably of wavelengths shorter than 6 microns, or more advantageously less than 2 microns. The stimulating beam is used to stimulate a remote luminescent sensor mounted in a probe which emits stored luminescent energy resulting from exposure of the sensor to ionizing radiation. The stimulating beam is communicated to the remote luminescent sensor via a transmissive fiber which also preferably serves to return the emission from the luminescent sensor. The stimulating beam is advantageously split by a beam splitter to create a detector beam which is measured for power during a reading period during which the luminescent phosphor is read. The detected power is preferably used to control the beam generator to thus produce desired beam power during the reading period. The luminescent emission from the remote sensor is communicated to a suitable emission detector, preferably after filtering or other selective treatment to better isolate the luminescent emission. 8 figures.

Braunlich, P.F.; Tetzlaff, W.; Hegland, J.E.; Jones, S.C.

1991-03-12T23:59:59.000Z

138

U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: McAfee Email Gateway Lets Remote Users Bypass Authentication 4: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks August 27, 2012 - 7:00am Addthis PROBLEM: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks PLATFORM: McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 (MEG 6.7.x is NOT affected.) McAfee Email and Web Security (EWS) 5.6 Patch 3 and earlier McAfee Email and Web Security (EWS) 5.5 Patch 6 and earlier ABSTRACT: Several vulnerabilities were reported in McAfee Email Gateway. reference LINKS: McAfee Security Bulletin ID: SB10026 SecurityTracker Alert ID: 1027444

139

V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Mozilla Firefox Multiple Bugs Let Remote Users Execute 29: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks November 21, 2012 - 2:00am Addthis PROBLEM: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 17.0 ABSTRACT: Multiple vulnerabilities were reported in Mozilla Firefox REFERENCE LINKS: Mozilla Foundation Security Advisories Bugtraq ID: 55260 SecurityTracker Alert ID: 1027791 CVE-2012-4201, CVE-2012-4202, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4206, CVE-2012-4207,CVE-2012-4208, CVE-2012-4209, CVE-2012-4210, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216,

140

U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

44: McAfee Email Gateway Lets Remote Users Bypass Authentication 44: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks August 27, 2012 - 7:00am Addthis PROBLEM: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks PLATFORM: McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 (MEG 6.7.x is NOT affected.) McAfee Email and Web Security (EWS) 5.6 Patch 3 and earlier McAfee Email and Web Security (EWS) 5.5 Patch 6 and earlier ABSTRACT: Several vulnerabilities were reported in McAfee Email Gateway. reference LINKS: McAfee Security Bulletin ID: SB10026 SecurityTracker Alert ID: 1027444

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Remote connector development study  

SciTech Connect

Plutonium-uranium extraction (PUREX) connectors, the most common connectors used at the Hanford site, offer a certain level of flexibility in pipe routing, process system configuration, and remote equipment/instrument replacement. However, these desirable features have inherent shortcomings like leakage, high pressure drop through the right angle bends, and a limited range of available pipe diameters that can be connect by them. Costs for construction, maintenance, and operation of PUREX connectors seem to be very high. The PUREX connector designs include a 90{degree} bend in each connector. This increases the pressure drop and erosion effects. Thus, each jumper requires at least two 90{degree} bends. PUREX connectors have not been practically used beyond 100 (4 in.) inner diameter. This study represents the results of a survey on the use of remote pipe-connection systems in US and foreign plants. This study also describes the interdependence between connectors, remote handling equipment, and the necessary skills of the operators.

Parazin, R.J.

1995-05-01T23:59:59.000Z

142

U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM WebSphere Commerce User Information Disclosure 2: IBM WebSphere Commerce User Information Disclosure Vulnerability U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability October 2, 2012 - 6:00am Addthis PROBLEM: IBM WebSphere Commerce User Information Disclosure Vulnerability PLATFORM: WebSphere Commerce Versions 6.0.0.0 to 6.0.0.11 WebSphere Commerce Versions 7.0.0.0 to 7.0.0.6 ABSTRACT: A vulnerability in WebSphere Commerce could allow disclosure of user personal data. reference LINKS: IBM Security Bulletin 1612484 X-Force Vulnerability Database (78867) Secunia Advisory SA50821 CVE-2012-4830 IMPACT ASSESSMENT: Medium Discussion: A remote unauthenticated attacker could exploit a security vulnerability in WebSphere Commerce to expose user personal data. The attack can be performed manually and the effort required is comparatively low.

143

JC3 Medium Impact Assessment Bulletins | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

October 26, 2011 October 26, 2011 U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behavior of a web application in a user's browser, without compromising the underlying system. Attackers can exploit this issue by enticing an unsuspecting user to follow a malicious URI. October 24, 2011 U-017: HP MFP Digital Sending Software Lets Local Users Obtain Potentially Sensitive Information A vulnerability was reported in HP MFP Digital Sending Software. A local user can obtain potentially sensitive information. October 21, 2011 U-016: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability An unauthenticated, remote attacker could exploit this vulnerability to

144

T-607: Update: Adobe Acrobat, Reader, and Flash Player SWF File Processing  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Update: Adobe Acrobat, Reader, and Flash Player SWF File 7: Update: Adobe Acrobat, Reader, and Flash Player SWF File Processing Arbitrary Code Execution Vulnerability T-607: Update: Adobe Acrobat, Reader, and Flash Player SWF File Processing Arbitrary Code Execution Vulnerability April 21, 2011 - 3:03am Addthis PROBLEM: The vulnerability is due to improper processing of Adobe Flash content. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view malicious Flash (.swf) files with the affected software. If successful, the attacker could execute arbitrary code or cause a DoS condition on the targeted system. PLATFORM: Adobe Flash Player versions prior to 10.2.153.1 for Microsoft Windows, Apple Macintosh, Linux, and Solaris systems Adobe Flash Player versions prior to 10.2.156.12 for Android systems

145

T-539: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

39: Adobe Acrobat, Reader, and Flash Player Arbitrary Code 39: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability T-539: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability January 21, 2011 - 6:24am Addthis PROBLEM: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability. PLATFORM: Adobe products (Adobe Acrobat, Reader, and Flash Player) ABSTRACT: An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user. If the user holds elevated privileges, the attacker could execute arbitrary code that results in complete system compromise. reference LINKS: Cisco Security Bulletin Adobe Bulletin CVE-2010-3654 IMPACT ASSESSMENT: High Discussion: Adobe Acrobat, Reader, and Flash Player contain a vulnerability that could

146

T-539: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Adobe Acrobat, Reader, and Flash Player Arbitrary Code 9: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability T-539: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability January 21, 2011 - 6:24am Addthis PROBLEM: Adobe Acrobat, Reader, and Flash Player Arbitrary Code Execution Vulnerability. PLATFORM: Adobe products (Adobe Acrobat, Reader, and Flash Player) ABSTRACT: An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user. If the user holds elevated privileges, the attacker could execute arbitrary code that results in complete system compromise. reference LINKS: Cisco Security Bulletin Adobe Bulletin CVE-2010-3654 IMPACT ASSESSMENT: High Discussion: Adobe Acrobat, Reader, and Flash Player contain a vulnerability that could

147

Remote electrochemical sensor  

DOE Patents (OSTI)

An electrochemical sensor is described for remote detection, particularly useful for metal contaminants and organic or other compounds. The sensor circumvents technical difficulties that previously prevented in-situ remote operations. The microelectrode, connected to a long communications cable, allows convenient measurements of the element or compound at timed and frequent intervals and instrument/sample distances of ten feet to more than 100 feet. The sensor is useful for both downhole groundwater monitoring and in-situ water (e.g., shipboard seawater) analysis. 21 figs.

Wang, J.; Olsen, K.; Larson, D.

1997-10-14T23:59:59.000Z

148

Attacking the IPsec Standards in Encryption-only Configurations  

Science Conference Proceedings (OSTI)

We describe new attacks which break any RFCcompliant implementation of IPsec making use of encryption-only ESP in tunnel mode. The new attacks are both efficient and realistic: they are ciphertext-only and need only the capability to eavesdrop on ESP-encrypted ...

Jean Paul Degabriele; Kenneth G. Paterson

2007-05-01T23:59:59.000Z

149

A novel technique of recognising multi-stage attack behaviour  

Science Conference Proceedings (OSTI)

With the increasing amount of security audit data, management and analysis of it become a critical and challenging issue. Security alerts and threat analysis project (SATA) aims at analysing security events and detecting security threat. In this ... Keywords: attack plan recognition, correlativity, intrusion detection, multi-stage attacks, security alerts, security threats, threat analysis

Li Wang; Yao Li; Zhi-tang Li

2010-12-01T23:59:59.000Z

150

Selective Attack of Welds by Flow-Accelerated Corrosion  

Science Conference Proceedings (OSTI)

Flow-accelerated corrosion (FAC), a degradation mechanism that attacks carbon steel material, has been a significant issue for nuclear plants for some time. Until recently, though, welds were thought to be largely immune to this mechanism. This work demonstrates that significant weld attacks have been occurring at a number of nuclear plants throughout the world.

2002-07-26T23:59:59.000Z

151

The dark side of the Internet: Attacks, costs and responses  

Science Conference Proceedings (OSTI)

The Internet and Web technologies have originally been developed assuming an ideal world where all users are honorable. However, the dark side has emerged and bedeviled the world. This includes spam, malware, hacking, phishing, denial of service attacks, ... Keywords: Click fraud, Cyber warfare, Denial of service attack, Digital rights management, Hacking, Malware, Online frauds, Online gambling, Online piracy, Phishing, Spam

Won Kim; Ok-Ran Jeong; Chulyun Kim; Jungmin So

2011-05-01T23:59:59.000Z

152

Survey and Simulation on Malicious Data Attack on Power Market  

E-Print Network (OSTI)

It is expected that the next generation of power grid will be more intelligent in power distribution, grid data attack. A cyber-spy may inject malicious data to make power grid in danger. In this report the financial risk of data attack, a bunch of notions with respect to power grid are studies. Observability

Lavaei, Javad

153

Heart Attack Survival Plan Information To Share With  

E-Print Network (OSTI)

Heart Attack Survival Plan Information To Share With Emergency Personnel/Hospital Staff Medicines in Time to Heart Attack Signs In partnership with: The National Council on the Aging U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES Public Health Service National Institutes of Health National Heart, Lung

Bandettini, Peter A.

154

Cyber Security Audit and Attack Detection Toolkit: Bandolier and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection capability for energy control systems. By building configuration audit and attack detection capabilities into tools already used by the energy sector, Bandolier and Portaledge offer energy asset owners low-cost and easily integrable control systems security solutions. Energy system operators can optimize the security of their control system configuration using Bandolier Security Audit Files, which assess the current configuration against an optimal security configuration.

155

Remote Sensing of Polar Regions  

Science Conference Proceedings (OSTI)

Polar researchers have historically been innovative and adaptive users of satellite remote sensing data, and their experiences can suggest ways to enhance the use of remote sensing throughout the climate sciences. We performed a semistructured ...

Dan Lubin; Gabrielle Ayres; Steven Hart

2009-06-01T23:59:59.000Z

156

T-664: Apache Santuario Buffer Overflow Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

664: Apache Santuario Buffer Overflow Lets Remote Users Deny 664: Apache Santuario Buffer Overflow Lets Remote Users Deny Service T-664: Apache Santuario Buffer Overflow Lets Remote Users Deny Service July 8, 2011 - 12:32pm Addthis PROBLEM: A vulnerability was reported in Apache Santuario. A remote user can cause denial of service conditions. PLATFORM: Prior to 1.6.1 - Apache Santuario XML Security for C++ library versions prior to V1.6.1 ABSTRACT: A buffer overflow exists when creating or verifying XML signatures with RSA keys of sizes on the order of 8192 or more bits. This typically results in a crash and denial of service in applications that verify signatures using keys that could be supplied by an attacker. reference LINKS: SecurityTracker Alert ID: 1025755 Bugzilla: 719698: CVE-2011-2516 xml-security-c The Apache Software Foundation - CVE-2011-2516

157

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: HP StorageWorks File Migration Agent Buffer Overflows Let 6: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code July 19, 2012 - 7:14am Addthis PROBLEM: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code PLATFORM: HP StorageWorks File Migration Agent ABSTRACT: Two vulnerabilities were reported in HP StorageWorks File Migration Agent. reference LINKS: SecurityTracker Alert ID: 1027281 ZDI-12-127 ZDI-12-126 IMPACT ASSESSMENT: High Discussion: The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. 1. (ZDI-12-127) The specific flaw exists within the HsmCfgSvc.exe service

158

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code July 19, 2012 - 7:14am Addthis PROBLEM: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code PLATFORM: HP StorageWorks File Migration Agent ABSTRACT: Two vulnerabilities were reported in HP StorageWorks File Migration Agent. reference LINKS: SecurityTracker Alert ID: 1027281 ZDI-12-127 ZDI-12-126 IMPACT ASSESSMENT: High Discussion: The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability.

159

T-529: Apple Mac OS PackageKit Distribution Script Remote Code Execution  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Apple Mac OS PackageKit Distribution Script Remote Code 29: Apple Mac OS PackageKit Distribution Script Remote Code Execution Vulnerability T-529: Apple Mac OS PackageKit Distribution Script Remote Code Execution Vulnerability January 6, 2011 - 2:53pm Addthis PROBLEM: Apple Mac OS PackageKit Distribution Script Remote Code Execution Vulnerability PLATFORM: Apple Mac OS X Server 10.6 - 10.6.5, Apple Mac OS X 10.6 - 10.6.5 Vulnerable Platforms Details ABSTRACT: A format string issue exists in PackageKit's handling of distribution scripts. A man-in-the-middle attacker may be able to cause an unexpected application termination or arbitrary code execution when Software Update checks for new updates. This issue is addressed through improved validation of distribution scripts. This issue does not affect systems prior to Mac OS

160

Interpreting Remote Sensing NOx Measurements  

E-Print Network (OSTI)

Interpreting Remote Sensing NOx Measurements Robert Slott, Consultant, Donald Stedman and Saj tailpipe emissions (HC, CO, NOx) are changing with time hUse remote sensing hMeasurements in at least 4 of the year at each location hUniform QC/QA and data reporting Paper # 2001-01-3640 #12;Remote Sensing

Denver, University of

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

4, 133, 2007 Remote sensing  

E-Print Network (OSTI)

HESSD 4, 1­33, 2007 Remote sensing approach to parsimonious streamflow modeling B. P. Weissling et System Sciences A multitemporal remote sensing approach to parsimonious streamflow modeling. P. Weissling (bweissling@swca.com) 1 #12;HESSD 4, 1­33, 2007 Remote sensing approach to parsimonious

Paris-Sud XI, Université de

162

Remote Sensing Ayman F. Habib Introduction  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 1 Introduction #12;Remote Sensing Ayman F. Habib 2 Overview · Remote sensing: definition. · Remote sensing versus photogrammetry. · Elements of remote sensing. · Key;Remote Sensing Ayman F. Habib 3 Overview · Acquisition platforms: ­ Historical overview. ­ Terrestrial

Habib, Ayman

163

TCPL: A Defense against wormhole attacks in wireless sensor networks  

Science Conference Proceedings (OSTI)

Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.

Kumar, K. E. Naresh [PG Student, Dept of Computer Science and Engineering, KBNCE, Gulbarga, Karnataka (India); Waheed, Mohd. Abdul [Asst. Professor, Dept of Computer Science and Engineering, KBNCE, Gulbarga, Karnataka (India); Basappa, K. Kari [Professor, Dept of E and CE, Dayanand College of Engineering, Banglore, Karnataka (India)

2010-10-26T23:59:59.000Z

164

Remote repair appliance  

DOE Patents (OSTI)

A remote appliance for supporting a tool for performing work at a worksite on a substantially circular bore of a workpiece and for providing video signals of the worksite to a remote monitor comprising: a baseplate having an inner face and an outer face; a plurality of rollers, wherein each roller is rotatably and adjustably attached to the inner face of the baseplate and positioned to roll against the bore of the workpiece when the baseplate is positioned against the mouth of the bore such that the appliance may be rotated about the bore in a plane substantially parallel to the baseplate; a tool holding means for supporting the tool, the tool holding means being adjustably attached to the outer face of the baseplate such that the working end of the tool is positioned on the inner face side of the baseplate; a camera for providing video signals of the worksite to the remote monitor; and a camera holding means for supporting the camera on the inner face side of the baseplate, the camera holding means being adjustably attached to the outer face of the baseplate. In a preferred embodiment, roller guards are provided to protect the rollers from debris and a bore guard is provided to protect the bore from wear by the rollers and damage from debris.

Heumann, Frederick K. (Ballston Spa, NY); Wilkinson, Jay C. (Ballston Spa, NY); Wooding, David R. (Saratoga Springs, NY)

1997-01-01T23:59:59.000Z

165

Remote repair appliance  

DOE Patents (OSTI)

A remote appliance for supporting a tool for performing work at a work site on a substantially circular bore of a work piece and for providing video signals of the work site to a remote monitor comprises: a base plate having an inner face and an outer face; a plurality of rollers, wherein each roller is rotatably and adjustably attached to the inner face of the base plate and positioned to roll against the bore of the work piece when the base plate is positioned against the mouth of the bore such that the appliance may be rotated about the bore in a plane substantially parallel to the base plate; a tool holding means for supporting the tool, the tool holding means being adjustably attached to the outer face of the base plate such that the working end of the tool is positioned on the inner face side of the base plate; a camera for providing video signals of the work site to the remote monitor; and a camera holding means for supporting the camera on the inner face side of the base plate, the camera holding means being adjustably attached to the outer face of the base plate. In a preferred embodiment, roller guards are provided to protect the rollers from debris and a bore guard is provided to protect the bore from wear by the rollers and damage from debris. 5 figs.

Heumann, F.K.; Wilkinson, J.C.; Wooding, D.R.

1997-12-16T23:59:59.000Z

166

Remote repair appliance  

DOE Patents (OSTI)

A remote appliance is described for supporting a tool for performing work at a worksite on a substantially circular bore of a workpiece and for providing video signals of the worksite to a remote monitor comprising: a baseplate having an inner face and an outer face; a plurality of rollers, wherein each roller is rotatably and adjustably attached to the inner face of the baseplate and positioned to roll against the bore of the workpiece when the baseplate is positioned against the mouth of the bore such that the appliance may be rotated about the bore in a plane substantially parallel to the baseplate; a tool holding means for supporting the tool, the tool holding means being adjustably attached to the outer face of the baseplate such that the working end of the tool is positioned on the inner face side of the baseplate; a camera for providing video signals of the worksite to the remote monitor; and a camera holding means for supporting the camera on the inner face side of the baseplate, the camera holding means being adjustably attached to the outer face of the baseplate. In a preferred embodiment, roller guards are provided to protect the rollers from debris and a bore guard is provided to protect the bore from wear by the rollers and damage from debris.

Heumann, F.K.; Wilkinson, J.C.; Wooding, D.R.

1996-12-31T23:59:59.000Z

167

Healing heart attack victims, one cell at a time  

NLE Websites -- All DOE Office Websites (Extended Search)

E-mail: stark8@llnl.gov FOR IMMEDIATE RELEASE April 2, 2009 NR-09-04-02 Healing heart attack victims, one cell at a time LIVERMORE, Calif. -- By using the amount of carbon...

168

On attack causality in internet-connected cellular networks  

Science Conference Proceedings (OSTI)

The emergence of connections between telecommunications networks and the Internet creates significant avenues for exploitation. For example, through the use of small volumes of targeted traffic, researchers have demonstrated a number of attacks capable ...

Patrick Traynor; Patrick McDaniel; Thomas La Porta

2007-08-01T23:59:59.000Z

169

Risk-Based models of attacker behavior in cybersecurity  

Science Conference Proceedings (OSTI)

Even as reliance on information and communication technology networks continues to grow, and their potential security vulnerabilities become a greater threat, very little is known about the humans who perpetrate cyber attacks--what are their strategies, ...

Si Li; Ryan Rickert; Amy Sliva

2013-04-01T23:59:59.000Z

170

New cryptographic protocols With side-channel attack security  

E-Print Network (OSTI)

Cryptographic protocols implemented in real world devices are subject to tampering attacks, where adversaries can modify hardware or memory. This thesis studies the security of many different primitives in the Related-Key ...

Miller, Rachel A., S.M. (Rachel Ann). Massachusetts Institute of Technology

2012-01-01T23:59:59.000Z

171

Argonne applied mathematicians use INCITE awards to attack energy...  

NLE Websites -- All DOE Office Websites (Extended Search)

to attack energy problems March 27, 2013 Tweet EmailPrint What is the best possible power grid configuration for our nation? How can we balance the increasing demands for...

172

Remote Desktop | Argonne National Laboratory  

NLE Websites -- All DOE Office Websites (Extended Search)

Remote Desktop Remote Desktop Using Remote Desktop to Connect to Your Work Computer With Remote Desktop, you can have access to a computer at the Laboratory through another computer. For example, you can connect to your work computer from home and have access to all of your programs, files, and network resources as though you were sitting at your computer at work. You can leave programs running at work and see your work desktop displayed on your home computer, with the same programs running. Remote Desktop can be used in many situations, including: Working at home. Access work in progress on your office computer from home and have full access to all local and remote devices. Collaborating. Access your desktop from a colleague's office to work together on projects, such as updating a slide presentation or proofreading

173

REMOTE CONTROLLED SWITCHING DEVICE  

DOE Patents (OSTI)

An electrical switching device which can be remotely controlled and in which one or more switches may be accurately operated at predetermined times or with predetermined intervening time intervals is described. The switching device consists essentially of a deck, a post projecting from the deck at right angles thereto, cam means mounted for rotation around said posts and a switch connected to said deck and actuated by said cam means. Means is provided for rotating the cam means at a constant speed and the switching apparatus is enclosed in a sealed container with external adjusting means and electrical connection elements.

Hobbs, J.C.

1959-02-01T23:59:59.000Z

174

Remote Sensing R. E. Mcintosh  

NLE Websites -- All DOE Office Websites (Extended Search)

participate in an intensive operation period (lOP) planned for June 1993. The Microwave Remote Sensing Laboratory (MIRSL) is developing a mobile, scanning millimeter-wave radar...

175

A random M-ary method based countermeasure against side channel attacks  

Science Conference Proceedings (OSTI)

The randomization of scalar multiplication in ECC is one of the fundamental concepts in defense methods against side channel attacks. This paper proposes a countermeasure against simple and differential power analyses attacks through randomizing the ... Keywords: DPA, SPA, elliptic curve cryptosystems, power analysis attacks, random m-ary recoding algorithm, side channel attacks

MahnKi Ahn; JaeCheol Ha; HoonJae Lee; SangJae Moon

2003-05-01T23:59:59.000Z

176

U-254: Webmin Flaws Let Remote Authenticated Users Execute Arbitrary Code  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

54: Webmin Flaws Let Remote Authenticated Users Execute 54: Webmin Flaws Let Remote Authenticated Users Execute Arbitrary Code and View Arbitrary Files U-254: Webmin Flaws Let Remote Authenticated Users Execute Arbitrary Code and View Arbitrary Files September 10, 2012 - 6:00am Addthis PROBLEM: Webmin Multiple Input Validation Vulnerabilities PLATFORM: The vulnerabilities are reported in version 1.580. Other versions may also be affected. ABSTRACT: An authenticated attacker may be able to execute arbitrary commands. reference LINKS: Webmin Security Alerts Bugtraq ID: 55446 Secunia Advisory SA50512 SecurityTracker Alert ID: 1027507 US CERT Vulnerability Note VU#788478 CVE-2012-2981 CVE-2012-2982 CVE-2012-2983 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities have been reported in Webmin, which can be exploited by malicious users to compromise a vulnerable system and by

177

Remote Sensing: A New Tool For Automobile  

E-Print Network (OSTI)

Remote Sensing. Recent breakthroughs in manufacturing low- emitting vehicles and in remote sensing of a moving car-style testing centers. Remote sensing technology now allows a piece of equipment small enough to fit in a van

Denver, University of

178

Remote Facilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Remote Facilities Remote Facilities Remote Facilities October 16, 2013 - 4:55pm Addthis Renewable Energy Options for Renovations in Remote Areas Photovoltaics (PV) Small Wind Daylighting Solar Water Heating Passive Solar Design Biomass Heating When a Federal building or facility is located away from existing power lines, many renewable energy technologies including photovoltaics and wind become cost-effective options when compared to extending utilities or transporting fuel for onsite generators. Photovoltaics Photovoltaics (PV) are often cost-effective in remote power applications. In these circumstances, the system is coupled with batteries and can provide complete facility power. Proper system design is critical and must account for the building electrical loads and be sized to meet that load

179

Sensing remote nuclear spins  

E-Print Network (OSTI)

Sensing single nuclear spins is a central challenge in magnetic resonance based imaging techniques. Although different methods and especially diamond defect based sensing and imaging techniques in principle have shown sufficient sensitivity, signals from single nuclear spins are usually too weak to be distinguished from background noise. Here, we present the detection and identification of remote single C-13 nuclear spins embedded in nuclear spin baths surrounding a single electron spins of a nitrogen-vacancy centre in diamond. With dynamical decoupling control of the centre electron spin, the weak magnetic field ~10 nT from a single nuclear spin located ~3 nm from the centre with hyperfine coupling as weak as ~500 Hz is amplified and detected. The quantum nature of the coupling is confirmed and precise position and the vector components of the nuclear field are determined. Given the distance over which nuclear magnetic fields can be detected the technique marks a firm step towards imaging, detecting and cont...

Zhao, Nan; Schmid, Berhard; Isoya, Junichi; Markham, Mathew; Twitchen, Daniel; Jelezko, Fedor; Liu, Ren-Bao; Fedder, Helmut; Wrachtrup, Jörg

2012-01-01T23:59:59.000Z

180

REMOTE CONTROL MANIPULATOR  

DOE Patents (OSTI)

The patent covers a remote-control manipulator in which a tool is carried on a tube at an end thereof angularly related to the main portion of the tube and joined thereto by a curved section. The main portion of the tube is mounted for rotation and axial shifting in a wall separating safe and dangerous areas. The tool is actuated to grasp and release an object in the dangerous area by means of a compound shaft extending through the tube, the shaft having a flexible section extending through the curved section of the tube. The tool is moved about in the dangerous area by rotation and axial movement of the main portion of the tube. Additional movement of the tool is obtained through axial shifting of the shaft with respect to the tube through which it extends. (AEC)

Coffman, R.T.

1962-11-27T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

V-201: Cisco Intrusion Prevention System SSP Fragmented Traffic Denial of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Cisco Intrusion Prevention System SSP Fragmented Traffic 1: Cisco Intrusion Prevention System SSP Fragmented Traffic Denial of Service Vulnerability V-201: Cisco Intrusion Prevention System SSP Fragmented Traffic Denial of Service Vulnerability July 19, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in Cisco Intrusion Prevention System PLATFORM: Cisco ASA 5500-X Series Adaptive Security Appliances Cisco Intrusion Prevention System (IPS) 7.1 ABSTRACT: A vulnerability in the implementation of the code that processes fragmented traffic could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive or cause the affected system to reload. REFERENCE LINKS: Secunia Advisory SA54246 SecurityTracker ID: 1028806 Cisco Advisory ID: cisco-sa-20130717-ips CVE-2013-1218

182

Page not found | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

71 - 3780 of 28,905 results. 71 - 3780 of 28,905 results. Download EIS-0440: DOE and EPA Notice of Availability of a Draft Environmental Impact Statement Quartzsite Solar Energy Project and Proposed Yuma Field Office Resource Management Plan Amendment, La Paz County, Arizona (November 2011) http://energy.gov/nepa/downloads/eis-0440-doe-and-epa-notice-availability-draft-environmental-impact-statement Download EA-1753: Finding of No Significant Impact Beacon Power Corporation Flywheel Frequency Regulation Plant, Chicago Heights, Illinois http://energy.gov/nepa/downloads/ea-1753-finding-no-significant-impact Article T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability The vulnerability is due to an unspecified error in the affected software when it processes .pdf files. An unauthenticated, remote attacker could

183

T-544: Cisco Security Advisory: Cisco Content Services Gateway  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Cisco Security Advisory: Cisco Content Services Gateway 4: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities January 27, 2011 - 7:00am Addthis PROBLEM: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities PLATFORM: Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 ABSTRACT: Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these

184

T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

22: Adobe Acrobat and Reader Unspecified Memory Corruption 22: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability May 13, 2011 - 3:25am Addthis PROBLEM: Adobe Acrobat and Reader contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. PLATFORM: Adobe Reader versions 9.4.1 and prior, versions 8.2.5 and prior, and version 10.0 Acrobat Standard and Professional versions 9.4.1 and prior and version 10.0 Acrobat Standard and Professional versions 8.2.5 and prior Acrobat Professional Extended versions 9.4.1 and prior Acrobat 3D versions 8.2.5 and prior Adobe Flash Player versions 10.2.159.1 and prior for Windows, Macintosh, Linux, and Solaris ABSTRACT: The vulnerability is due to an unspecified error in the affected software

185

Page not found | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

11 - 23020 of 28,905 results. 11 - 23020 of 28,905 results. Article U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability The IKEv1 feature of Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected device. http://energy.gov/cio/articles/u-138-cisco-ios-ipsec-ike-unspecified-denial-service-vulnerability Article Registration Now Open for 2013 Science Bowl Teams Participating Teams Compete in Science, Technology, Engineering, and Math for Opportunity to Travel to Washington, DC for the National Science Bowl http://energy.gov/articles/registration-now-open-2013-science-bowl-teams Article Global Nuclear Energy Partnership Steering Group Members Approve Transformation to the International Framework for Nuclear Energy

186

V -209:Cisco WAAS (Wide Area Application Services) Arbitrary Code Execution  

NLE Websites -- All DOE Office Websites (Extended Search)

V -209:Cisco WAAS (Wide Area Application Services) Arbitrary Code V -209:Cisco WAAS (Wide Area Application Services) Arbitrary Code Execution Vulnerabilities V -209:Cisco WAAS (Wide Area Application Services) Arbitrary Code Execution Vulnerabilities August 2, 2013 - 2:25am Addthis PROBLEM: Two vulnerabilities have been reported in Cisco WAAS (Wide Area Application Services), which can be exploited by malicious users and malicious people to compromise a vulnerable system. PLATFORM: Versions 5.0.x, 5.1.x, and 5.2.x. ABSTRACT: Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system. REFERENCE LINKS: Secunia Advisory SA54372 CVE-2013-3443 CVE-2013-3444 IMPACT ASSESSMENT: High

187

Page not found | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

51 - 23560 of 28,905 results. 51 - 23560 of 28,905 results. Article T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these vulnerabilities. http://energy.gov/cio/articles/t-544-cisco-security-advisory-cisco-content-services-gateway-vulnerabilities-0 Page Recovery Act The Department estimates the $6 billion Recovery Act investment will allow

188

T-544: Cisco Security Advisory: Cisco Content Services Gateway  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Cisco Security Advisory: Cisco Content Services Gateway 4: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities January 27, 2011 - 2:04pm Addthis PROBLEM: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities PLATFORM: Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 ABSTRACT: Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these

189

T-656: Microsoft Office Visio DXF File Handling Arbitrary Code Execution  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Microsoft Office Visio DXF File Handling Arbitrary Code 6: Microsoft Office Visio DXF File Handling Arbitrary Code Execution Vulnerability T-656: Microsoft Office Visio DXF File Handling Arbitrary Code Execution Vulnerability June 28, 2011 - 3:42pm Addthis PROBLEM: Functional code that demonstrates an exploit of the Microsoft Office Visio DXF file handling arbitrary code execution vulnerability is publicly available. PLATFORM: Microsoft Office Visio 2002 SP2 and prior Microsoft Office Visio 2003 SP3 and prior Microsoft Office Visio 2007 SP2 and prior ABSTRACT: Microsoft Office Visio contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. reference LINKS: IntelliShield ID: 20432 Original Release: S516 CVE-2010-1681 IMPACT ASSESSMENT: High Discussion: The vulnerability exists because the affected software does not perform

190

REMOTE ACCESS SERVICES | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

REMOTE ACCESS SERVICES REMOTE ACCESS SERVICES REMOTE ACCESS SERVICES Access the information you need... Anywhere. Anytime. Different service providers within the Department offer remote access services based on your specific work requirements. If you need assistance, please contact your individual service provider. Energy IT Services (EITS) Remote Access Services Outlook Web Access RSA Token Login RSA Token Instructions HSPD-12 Login HSPD-12 Badge Instructions Virtual Private Network Instructions Citrix Workplace Instructions Energy Information Administration (EIA) Remote Access Services Outlook Web Access EIA VPN Office of Intelligence and Counterintelligence (IN) Remote Access Services Outlook Web Access Office of Science (SC) Remote Access Services Citrix Workplace Help for EITS Customers

191

Behavior-based remote executing agents  

E-Print Network (OSTI)

remote execution semantics, and intermediary commu- nication handling)remote, more advantageous, location. ReAgents simplify the use of mobile agent technology by transparently handling

Hung, Eugene

2006-01-01T23:59:59.000Z

192

T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Windows Remote Desktop Client DLL Loading Error Lets Remote 3: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code March 9, 2011 - 3:05pm Addthis PROBLEM: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution. PLATFORM: Remote Desktop Connection Client Version(s): 5.2, 6.0, 6.1, 7.0 ABSTRACT: A vulnerability was reported in Windows Remote Desktop Client. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Microsoft Security Bulletin MS11-017 SecurityTracker Alert ID:1025172 CVE-2011-0029 IMPACT ASSESSMENT: Moderate Discussion: A remote user can create a specially crafted DLL file on a remote share (e.g., WebDAV, SMB share). When the target user opens a valid Remote

193

Protecting location privacy: optimal strategy against localization attacks  

Science Conference Proceedings (OSTI)

The mainstream approach to protecting the location-privacy of mobile users in location-based services (LBSs) is to alter the users' actual locations in order to reduce the location information exposed to the service provider. The location obfuscation ... Keywords: location inference attacks, location privacy, location-based services, optimal defense strategy, privacy protection, service quality, stackelberg bayesian games

Reza Shokri; George Theodorakopoulos; Carmela Troncoso; Jean-Pierre Hubaux; Jean-Yves Le Boudec

2012-10-01T23:59:59.000Z

194

Using DISE to protect return addresses from attack  

Science Conference Proceedings (OSTI)

Stack-smashing by buffer overflow is a common tactic used by viruses and worms to crash or hijack systems. Exploiting a bounds-unchecked copy into a stack buffer, an attacker can---by supplying a specially-crafted and unexpectedly long input---overwrite ...

Marc L. Corliss; E. Christopher Lewis; Amir Roth

2005-03-01T23:59:59.000Z

195

Kipnis-shamir attack on unbalanced oil-vinegar scheme  

Science Conference Proceedings (OSTI)

The public key of the Oil-Vinegar scheme consists of a set of m quadratic equations in m+n variables over a finite field Fq. Kipnis and Shamir broke the balanced Oil-Vinegar scheme where d = n-m = 0 by finding equivalent ... Keywords: Kipnis-Shamir attack, Oil-Vinegar scheme, multivariate public key cryptosystem, signature scheme

Weiwei Cao; Lei Hu; Jintai Ding; Zhijun Yin

2011-05-01T23:59:59.000Z

196

Attacks against process control systems: risk assessment, detection, and response  

Science Conference Proceedings (OSTI)

In the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively ... Keywords: IDS, SCADA, control systems, critical infrastructure protection, cyber-physical systems, security

Alvaro A. Cárdenas; Saurabh Amin; Zong-Syun Lin; Yu-Lun Huang; Chi-Yen Huang; Shankar Sastry

2011-03-01T23:59:59.000Z

197

Using Criticality to Attack Performance Bottlenecks Brian Allen Fields  

E-Print Network (OSTI)

Using Criticality to Attack Performance Bottlenecks Brian Allen Fields Electrical Engineering that the challenges software optimizers and microarchitects face every day boil down to a single problem: bottleneck cache miss or window stall. Tasks such as tuning processors for energy efficiency and finding the right

Hill, Mark D.

198

MULTOPS: a data-structure for bandwidth attack detection  

Science Conference Proceedings (OSTI)

A denial-of-service bandwidth attack is an attempt to disrupt an online service by generating a traffic overload that clogs links or causes routers near the victim to crash. We propose a heuristic and a data-structure that network devices (such as routers) ...

Thomer M. Gil; Massimiliano Poletto

2001-08-01T23:59:59.000Z

199

REMOTE HANDLING ARRANGEMENTS  

DOE Patents (OSTI)

A means for handling remotely a sample pellet to be irradiated in a nuclear reactor is proposed. It is comprised essentially of an inlet tube extending through the outer shield of the reactor and being inclined so that its outer end is at a higher elevation than its inner end, an outlet tube extending through the outer shield being inclined so that its inner end is at a higher elevation than its outer end, the inner ends of these two tubes being interconnected, and a straight tube extending through the outer shield and into the reactor core between the inlet and outlet tubes and passing through the juncture of said inner ends. A rod-like member is rotatably and slidely operated within the central straight tube and has a receptacle on its inner end for receiving a sample pellet from the inlet tube. The rod member is operated to pick up a sample pellet from the inlet tube, carry the sample pellet into the irradiating position within the core, and return to the receiving position where it is rotated to dump the irradiated pellet into the outlet tube by which it is conveyed by gravity to the outside of the reactor. Stop members are provided in the inlet tube, and electrical operating devices are provided to control the sequence of the operation automatically.

Ginns, D.W.

1958-04-01T23:59:59.000Z

200

Working Remotely | Argonne National Laboratory  

NLE Websites -- All DOE Office Websites (Extended Search)

Working Remotely Working Remotely Remote Access Use VPN to access Argonne resources Wake up your computer if power management policies have been applied Connect to your work computer by using Remote Desktop Communications Log into web-based e-mail Outlook Zimbra Send instant messages with Jabber Use Argonne's voice mail and teleconferencing services Use Adobe Connect for web conferencing E-Mail Client and Mobile Device Configuration Changes for Exchange 2010 Cyber Security Secure your home computers Passwords MyPassword Change your password Choosing a good password Other Tools Upload a file for retrieval by others (login required) Argonne SharePoint Server (login required) Inside Argonne (accessible onsite or through VPN) Focal Point Management Blog (accessible onsite or through VPN)

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Mercury: Enabling Remote Procedure Call  

NLE Websites -- All DOE Office Websites (Extended Search)

High-Performance Computing (HPC), allows the execution of routines to be dele- gated to remote nodes, which can be set aside and dedicated to specific tasks. However, existing...

202

ENGO 435 Ayman F. Habib Remote Sensing  

E-Print Network (OSTI)

ENGO 435 Ayman F. Habib 1 Remote Sensing Fall 2003 ENGO 435 Ayman F. Habib 2 Contact Information of remotes sensing. ­ Definitions and concepts. ­ Applications in Geomatics Engineering. · Emphasis: ­ Elements of remote sensing. ­ Systems for the acquisition of remote sensing data. ­ Radiometric

Habib, Ayman

203

REMOTE SENSING OF ENVIRONMENT I COURSE SYLLABUS  

E-Print Network (OSTI)

-1- REMOTE SENSING OF ENVIRONMENT I COURSE SYLLABUS GEOG 526, Fall 2012 T Th 9:30 ­ 10:45 228 relating to remote sensing of the earth's environment. We will begin by examining remote sensing as a field will shift to digital image processing and to areas in which remote sensing is applied as a tool for mapping

Peterson, Blake R.

204

Remote Sensing Ayman F. Habib Image Classification  

E-Print Network (OSTI)

1 Remote Sensing Ayman F. Habib 1 Chapter 6 Image Classification Remote Sensing Ayman F. Habib 2. ­ Unsupervised classification. · Accuracy assessment. #12;2 Remote Sensing Ayman F. Habib 3 Image Classification of image pixels is based on their digital numbers/grey values in one or more spectral bands. Remote Sensing

Habib, Ayman

205

Remote Sensing Techniques | Open Energy Information  

Open Energy Info (EERE)

Remote Sensing Techniques Remote Sensing Techniques Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Technique: Remote Sensing Techniques Details Activities (0) Areas (0) Regions (0) NEPA(0) Exploration Technique Information Exploration Group: Remote Sensing Techniques Exploration Sub Group: None Parent Exploration Technique: Exploration Techniques Information Provided by Technique Lithology: Stratigraphic/Structural: Hydrological: Thermal: Dictionary.png Remote Sensing Techniques: Remote sensing utilizes satellite and/or airborne based sensors to collect information about a given object or area. Remote sensing data collection methods can be passive or active. Passive sensors (e.g., spectral imagers) detect natural radiation that is emitted or reflected by the object or area

206

CHAPTER 12:CHAPTER 12: Remote Sensing ofRemote Sensing of  

E-Print Network (OSTI)

1 CHAPTER 12:CHAPTER 12: Remote Sensing ofRemote Sensing of WaterWaterWaterWater REFERENCE: Remote SensingREFERENCE: Remote Sensing of the Environmentof the Environment John R. Jensen (2007)John R. Jensen yy y the waterthe water with remotewith remote sensing?sensing? #12;2 THE BLUE PLANETTHE BLUE PLANET

Gilbes, Fernando

207

Remote Sensing Ayman F. Habib Radiometric Processing of Remote Sensing Data  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 4 Radiometric Processing of Remote Sensing Data #12;Remote. · Noise removal. · Point and edge detection. ­ Frequency domain. #12;Remote Sensing Ayman F. Habib 3 Radiometric Calibration #12;Remote Sensing Ayman F. Habib 4 Recorded Digital Numbers (DN) · Recorded grey

Habib, Ayman

208

Remote Invocation in Java G52CON Concepts of Concurrency Remote Invocation in Java  

E-Print Network (OSTI)

.out.println(account.balance()); } catch (Exception e) { // Error handling } } } Remote Invocation in Java G52CON ­ Concepts of Concurrency1 Remote Invocation in Java G52CON ­ Concepts of Concurrency Remote Invocation in Java · Provided by the java.rmi package · Based on a model of remote method invocation (RMI), equivalent to remote procedure

Mills, Steven

209

Remote drill bit loader  

DOE Patents (OSTI)

A drill bit loader is described for loading a tapered shank of a drill bit into a similarly tapered recess in the end of a drill spindle. The spindle has a transverse slot at the inner end of the recess. The end of the tapered shank of the drill bit has a transverse tang adapted to engage in the slot so that the drill bit will be rotated by the spindle. The loader is in the form of a cylinder adapted to receive the drill bit with the shank projecting out of the outer end of the cylinder. Retainer pins prevent rotation of the drill bit in the cylinder. The spindle is lowered to extend the shank of the drill bit into the recess in the spindle and the spindle is rotated to align the slot in the spindle with the tang on the shank. A spring unit in the cylinder is compressed by the drill bit during its entry into the recess of the spindle and resiliently drives the tang into the slot in the spindle when the tang and slot are aligned. In typical remote drilling operations, whether in hot cells or water pits, drill bits have been held using a collet or end mill type holder with set screws. In either case, to load or change a drill bit required the use master-slave manipulators to position the bits and tighten the collet or set screws. This requirement eliminated many otherwise useful work areas because they were not equipped with slaves, particularly in water pits.

Dokos, J.A.

1996-12-31T23:59:59.000Z

210

U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: OpenSSL DTLS Bug Lets Remote Users Deny Service 5: OpenSSL DTLS Bug Lets Remote Users Deny Service U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service January 20, 2012 - 9:15am Addthis PROBLEM: OpenSSL DTLS Bug Lets Remote Users Deny Service PLATFORM: Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected. ABSTRACT: A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. REFERNCE LINKS: CVE-2012-0050 SecurityTracker Alert ID: 1026548 OpenSSL Security Advisory [18 Jan 2011] OpenSSL News IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in OpenSSL. The fix to correct the Datagram Transport Layer Security (DTLS) vulnerability referenced by CVE-2011-4108 introduced a flaw. A remote user can send specially crafted data to cause denial of service conditions on the target system.

211

T-662: ISC BIND Packet Processing Flaw Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: ISC BIND Packet Processing Flaw Lets Remote Users Deny 2: ISC BIND Packet Processing Flaw Lets Remote Users Deny Service T-662: ISC BIND Packet Processing Flaw Lets Remote Users Deny Service July 6, 2011 - 7:47am Addthis PROBLEM: A vulnerability was reported in ISC BIND. A remote user can cause denial of service conditions. PLATFORM: 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, 9.8.1b1 ABSTRACT: A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured

212

A proposal of extension of FMS-Based mechanism to find attack paths  

Science Conference Proceedings (OSTI)

With the increase of internet service providers(companies) for the rapidly growing numbers of internet users in recent years, malicious attackers has been growing too. Due to these attacks, corporate image can be impaired significantly by such damages ...

Byung-Ryong Kim; Ki-Chang Kim

2006-05-01T23:59:59.000Z

213

Argonne applied mathematicians use INCITE awards to attack energy problems  

NLE Websites -- All DOE Office Websites (Extended Search)

Argonne applied mathematicians use INCITE awards to attack energy problems Argonne applied mathematicians use INCITE awards to attack energy problems March 27, 2013 Tweet EmailPrint What is the best possible power grid configuration for our nation? How can we balance the increasing demands for power while minimizing costs and avoiding waste of resources? Last year, Mihai Anitescu, a computational mathematician in Argonne's Mathematics and Computer Science Division. received DOE funding to establish the Multifaceted Mathematics for Complex Energy Systems (M2ACS) to tackle these questions. As part of the M2ACS research, Anitescu and his colleagues at Argonne are focusing on ways to optimize the effects of randomly changing variables, say, in wind or resource demand. Such variables can number into the billions. And to be useful for energy systems planning, any calculations

214

Ice slurry technology can save heart attack victims, surgery patients  

NLE Websites -- All DOE Office Websites (Extended Search)

Ice Ice slurry technology can save heart attack victims, surgery patients Director's Welcome Organization Achievements Highlights Fact Sheets, Brochures & Other Documents Multimedia Library About Nuclear Energy Nuclear Reactors Designed by Argonne Argonne's Nuclear Science and Technology Legacy Opportunities within NE Division Visit Argonne Work with Argonne Contact us For Employees Site Map Help Join us on Facebook Follow us on Twitter NE on Flickr Celebrating the 70th Anniversary of Chicago Pile 1 (CP-1) Argonne OutLoud on Nuclear Energy Argonne Energy Showcase 2012 Highlights Bookmark and Share Ice slurry technology can save heart attack victims, surgery patients Doctors use an endoscope to see the application of the slurry during a laparoscopic kidney surgery on a pig

215

Using DISE to Protect Return Addresses from Attack  

E-Print Network (OSTI)

Stack-smashing by buffer overflow is a common tactic used by viruses and worms to crash or hijack systems. Exploiting a bounds-unchecked copy into a stack buffer, an attacker can---by supplying a specially-crafted and unexpectedly long input--- overwrite a stored return address and trigger the execution of code of her choosing. In this paper, we propose to protect code from this common form of attack using dynamic instruction stream editing (DISE), a previously proposed hardware mechanism that implements binary rewriting in a transparent, efficient, and convenient way by rewriting the dynamic instruction stream rather than the static executable. Simply, we define productions (rewriting rules) that instrument program calls and returns to maintain and verify a "shadow" stack of return addresses in a protected region of memory. When invalid return addresses are detected, the application is terminated.

Marc Corliss Christopher; E Christopher; Lewis Amir Roth

2004-01-01T23:59:59.000Z

216

Enhanced Secure DNS:  A Defense Against DDOS Attacks  

E-Print Network (OSTI)

The success of distributed denial of service (DDOS)  attacks carried out against ebusiness websites in February 2000 pointed out the deficiencies of an Internet where millions of dollars are transacted daily. Many experts call for the cooperation of the Internet community as a whole to follow safe network administation practices in order to foil the DDOS threat,  but such advice mostly goes unheeded. A novel strategy to fight DDOS attacks,  called intrusion tolerance,  argues that such attacks are impossible to stop,  so it is better to find a way to successfully tolerate them. One such proposal,  termed the Secure Collective Defense (SCOLD),  uses nextgeneration domain name system (DNS)  Berkeley Internet Name Domain (BIND)  software to enable preferred clients to communicate with computers on a network that is being attacked. The features of this new BIND code include a program,  nsreroute,  that securely installs an authoritative zone for the victim domain onto a client DNS server. This BIND software sets up an IP tunnel that forces queries from the client DNS server to the victim DNS server to traverse a SCOLDaware proxy server,  which forwards the query through a secret alternate gateway. This thesis chronicles the addition of code made to the latest version of BIND to satisfy the requirements of SCOLD. The results of experiments using the enhanced DNS BIND in the SCOLD architecture is detailed. This paper ends with the many lessons I have learned from this project. iii

David Boyd Wilkinson; David B. Wilkinson; C. Edward Chow; David Boyd (m. S; Computer Science; C. Edward Chow

2003-01-01T23:59:59.000Z

217

Security of differential phase shift quantum key distribution against individual attacks  

E-Print Network (OSTI)

We derive a proof of security for the Differential Phase Shift Quantum Key Distribution (DPSQKD) protocol under the assumption that Eve is restricted to individual attacks. The security proof is derived by bounding the average collision probability, which leads directly to a bound on Eve's mutual information on the final key. The security proof applies to realistic sources based on pulsed coherent light. We then compare individual attacks to sequential attacks and show that individual attacks are more powerful.

Edo Waks; Hiroki Takesue; Yoshihisa Yamamoto

2005-08-15T23:59:59.000Z

218

U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apple Remote Desktop Encryption Failure Lets Remote Users 0: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information August 21, 2012 - 7:00am Addthis PROBLEM: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information PLATFORM: Apple Remote Desktop after 3.5.1 and prior to 3.6.1 ABSTRACT: A remote user can monitor potentially sensitive information. reference LINKS: Apple.com Apple Article: HT5433 SecurityTracker Alert ID: 1027420 CVE-2012-0681 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apple Remote Desktop. When a user connects to a third-party VNC server with the 'Encrypt all network data' setting enabled, network data is not encrypted. A remote user monitoring the

219

Detecting Relay Attacks with Timing-Based Protocols  

E-Print Network (OSTI)

Abstract. Distance bounding protocols have been proposed as means of detecting relay attacks, also known as mafia fraud. In this paper we present the first symmetric key based distance bounding protocol that is also resistant to so-called terrorist fraud, a variant of mafia fraud. Relay attacks present a serious threat to RF security devices (contactless smart cards, RFID tags and the like) because they undermine the implicit assumption that the device is physically close to the reader when it is operating. In applications such as physical access control this assumption of physical proximity is all-important. Distance bounding protocols require a communication channel that can exchange single bits with extremely low latency. This unconventional communication requirement has prompted Hancke and Kuhn to assert in a recent publication [12] that ultra wide band (UWB) radio is necessary to achieve a useful distance bounding resolution. We analyse this assertion and present a alternative, novel communication approach that leverages the phenomena of side channel leakage to deliver a low latency channel. Our proposal is capable of detecting sophisticated relay attacks without resorting to the considerable expense and complexity of UWB radio. We present experimental results to support our arguments. 1

Jason Reid; Juan M. González Nieto; Tee Tang; Bouchra Senadji

2007-01-01T23:59:59.000Z

220

Defending against an Internet-based attack on the physical world  

Science Conference Proceedings (OSTI)

We discuss the dangers that scalable Internet functionality may present to the real world, focusing on a simple yet impactful attack that we believe may occur quite soon. We offer and critique various solutions to this class of attack and hope to provide ... Keywords: Internet Threats, automated attacks, computer security, comuter security, cybercrime, internet threats

Simon Byers; Aviel D. Rubin; David Kormann

2002-11-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks  

Science Conference Proceedings (OSTI)

SQL injection attacks are one of the top-most threats for applications written for the Web. These attacks are launched through specially crafted user inputs, on Web applications that use low-level string operations to construct SQL queries. In this work, ... Keywords: SQL injection attacks, dynamic monitoring, retrofitting code, symbolic evaluation

Prithvi Bisht; P. Madhusudan; V. N. Venkatakrishnan

2010-02-01T23:59:59.000Z

222

Countermeasures against fault attacks on software implemented AES: effectiveness and cost  

Science Conference Proceedings (OSTI)

In this paper we present software countermeasures specifically designed to counteract fault injection attacks during the execution of a software implementation of a cryptographic algorithm and analyze the efficiency of these countermeasures. We propose ... Keywords: countermeasures, fault attacks, side-channel attacks

Alessandro Barenghi; Luca Breveglieri; Israel Koren; Gerardo Pelosi; Francesco Regazzoni

2010-10-01T23:59:59.000Z

223

DDoS attack detection method based on linear prediction model  

Science Conference Proceedings (OSTI)

Distributed denial of service (DDoS) attack is one of the major threats to the current Internet. The IP Flow feature value (FFV) algorithm is proposed based on the essential features of DDoS attacks, such as the abrupt traffic change, flow dissymmetry, ... Keywords: ARMA model, attack features, distributed denial of service, linear prediction, network security

Jieren Cheng; Jianping Yin; Chengkun Wu; Boyun Zhang; Yun Liu

2009-09-01T23:59:59.000Z

224

Skeleton composition using remote data  

E-Print Network (OSTI)

Abstract. Skeletons simplify parallel programming by providing general patterns of parallel computations. When several skeletons are used inside the same program, skeleton composition usually leads to aggregation and redistribution of the intermediate data on a single process. Though the programmer can overcome the performance loss at a lower level of abstraction by altering the existing skeletons or not using them at all. A high-level concept like skeleton-based programming, however, calls for a more general solution. Remote data provides runtime mechanisms that allow declaratively specified processes to access other processes ’ data via remote handles. This enables the programmer to easily build complex skeletons by combining simpler ones. Skeletons can be composed without the drawback of collecting and then redistributing the data in between two skeleton instances. Another advantage is that skeletons which inherently depend on their inner communication patterns are easily implemented using remote data. We present the implementation of remote data in the parallel functional language Eden and show the definition of some example skeletons with a remote data interface.

Mischa Dieterle; Thomas Horstmeyer; Rita Loogen

2010-01-01T23:59:59.000Z

225

The REMOTE SENSlNf  

Office of Legacy Management (LM)

REMOTE REMOTE SENSlNf ' . 1 ARllRllRRv OF THE UNITED STATES DEPARTMENT OF ENERGY . . . . .a. * ~~&hrEAWWMms Gap ~~&hrEAwwMms Gap ECT FOLLdW-UP REPORT ECT FOLLdW-UP REPORT NOVEMBER 1979 NOVEMBER 1979 AN AERIAL RADIOLOGICAL SURVEY OF THE CURTIS BAY FACILITY OF THE W. FL GRACE COMPANY Baltimore, Maryland t. Kent Hilton Project Scientist APPROVED FORPUBLlCATlON ' : T. P. Stuart, Manager Remote Sensing Sciences Department ATTACHMENT 4- ECT Follow-Up Report AN AERIAL RADIOLOGICAL SURVEY OF THE CURTIS BAY FACILITY This is the second of two reports discussing the gamma ray radiation levels measured at the Curtis Bay facility of the W. R. Grace Company. The first report presented gross count contours and gamma ray spectra over the most active areas. Refined gross count isopleth maps will be

226

Lighting for remote viewing systems  

SciTech Connect

Scenes viewed by television do not provide the same channels of information for judgment of distances as scenes viewed directly, since television eliminates or degrades several depth perception cues. However, it may be possible to improve depth perception of televised scenes by enhancing the information available through depth cues that are available from lighting. A literature survey and expert opinions were integrated to design a remote lighting arrangement which could enhance depth perception of operators performing remote handling operations. This paper describes the lighting arrangement and discusses some of its advantages and disadvantages. 10 references, 2 figures.

Draper, J.V.

1984-01-01T23:59:59.000Z

227

Lighting for remote viewing systems  

SciTech Connect

Scenes viewed by television do not provide the same channels of information for judgement of distances as scenes viewed directly, since television eliminates or degrades several depth perception cues. However, it may be possible to improve depth perception of televised scenes by enhancing the information available through depth cues that are available from lighting. A literature survey and expert opinions were integrated to design a remote lighting arrangement which could enhance depth perception of operators performing remote handling operations. This paper describes the lighting arrangement and discusses some of its advantages and disadvantages. 10 references, 2 figures.

Draper, J.V.

1984-01-01T23:59:59.000Z

228

Using the Domain Name System to Thwart Automated Client-Based Attacks  

SciTech Connect

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so. Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.

Taylor, Curtis R [ORNL; Shue, Craig A [ORNL

2011-09-01T23:59:59.000Z

229

Denial-of-service attacks on battery-powered mobile computers  

E-Print Network (OSTI)

Sleep deprivation attacks are a form of denial of service attack whereby an attacker renders a pervasive computing device inoperable by draining the battery more quickly than it would be drained under normal usage. We describe three main methods for an attacker to drain the battery: (1) Service request power attacks, where repeated requests are made to the victim for services, typically over a network--even if the service is not provided the victim must expend energy deciding whether or not to honor the request; (2) benign power attacks, where the victim is made to execute a valid but energy-hungry task repeatedly, and (3) malignant power attacks, where the attacker modifies or creates an executable to make the system consume more energy than it would otherwise. Our initial results demonstrate the increased power consumption due to these attacks, which we believe are the first real examples of these attacks to appear in the literature. We also propose a power-secure architecture to thwart these power attacks by employing multi-level authentication and energy signatures. 1.

Thomas Martin; Michael Hsiao; Dong Ha; Jayan Krishnaswami

2004-01-01T23:59:59.000Z

230

U-081: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users 1: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code U-081: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code January 13, 2012 - 9:15am Addthis PROBLEM: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code PLATFORM: McAfee ABSTRACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026513 Zero Day Initiative ZDI-12-012 McAfee Threat Intelligence IMPACT ASSESSMENT: High Discussion: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee Security-as-a-Service. User interaction is required to exploit this vulnerability in that the target must visit a

231

Barrier Slicing for Remote Software Trusting  

Science Conference Proceedings (OSTI)

Remote trusting aims at verifying the "healthy" execution of a program running on an untrusted client that communicates with a trusted server via network connection. After giving a formal definition of the remote trusting problem and a test to determine ...

Mariano Ceccato; Mila Dalla Preda; Jasvir Nagra; Christian Collberg; Paolo Tonella

2007-09-01T23:59:59.000Z

232

Publicly Verifiable Remote Data Integrity  

Science Conference Proceedings (OSTI)

More and more customers are outsourcing data storage to remote archive service providers that are responsible for properly preserving the data. As such, it has become crucial for an archive service to be capable of providing evidence to demonstrate the ... Keywords: data outsourcing, integrity, pairing, public verifiability

Ke Zeng

2008-10-01T23:59:59.000Z

233

Fact Sheet: Protecting Intelligent Distributed Power Grids Against Cyber Attacks  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Protecting Intelligent Distributed Protecting Intelligent Distributed Power Grids Against Cyber Attacks Development of a novel distributed and hierarchical security layer specific to intelligent grid design Intelligent power grids are interdependent energy management systems- encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cyber security. This two-year project will develop three security components unique to intelligent power grids. The first is an automated

234

Fact Sheet: Cyber Security Audit and Attack Detection Toolkit  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Audit and Audit and Attack Detection Toolkit Adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will be provided at no or a low cost to control system asset owners. The popular Nessus Vulnerability Scanner supports an audit plug-in that gathers configuration information from

235

This lesson plan is part of the National Heart, Lung, and Blood Institute's (NHLBI) heart attack education campaign, Act in Time to Heart Attack Signs.  

E-Print Network (OSTI)

#12;#12;#12;This lesson plan is part of the National Heart, Lung, and Blood Institute's (NHLBI) heart attack education campaign, Act in Time to Heart Attack Signs. It was designed to be the 10th session of an existing 9-session heart health education course for Latinos entitled Your Heart, Your Life

Bandettini, Peter A.

236

DIRECTED ENERGY BIOMETRICS AND REMOTE SENSING  

Science Conference Proceedings (OSTI)

... New and Reorganized Appendices ?Sample Audit Forms ?And more ANSI Z 136.8 Page 6. DIRECTED ENERGY REMOTE SENSING: ...

2013-02-21T23:59:59.000Z

237

Remote Sens. 2011, 3, x-x manuscripts; doi:xx1 Remote Sensing3  

E-Print Network (OSTI)

Remote Sens. 2011, 3, x-x manuscripts; doi:xx1 2 Remote Sensing3 ISSN 2072-42924 www16 7 Lebanese National Council For Scientific Research, Remote Sensing Centre, Beirut, Lebanon17 in Remote Sensing, 2011, 3(6), 1266-1283. The original publication is available at http://www.mdpi.com/ Doi

Paris-Sud XI, Université de

238

Remote Sens. 2011, 3, 2529-2551; doi:10.3390/rs3112529 Remote Sensing  

E-Print Network (OSTI)

Remote Sens. 2011, 3, 2529-2551; doi:10.3390/rs3112529 Remote Sensing ISSN 2072-4292 www.mdpi.com/journal/remotesensing Article Multispectral Remote Sensing from Unmanned Aircraft: Image Processing Workflows and Applications Abstract: Using unmanned aircraft systems (UAS) as remote sensing platforms offers the unique ability

239

Remote Sensing 2010, 2, 2274-2304; doi:10.3390/rs2092274 Remote Sensing  

E-Print Network (OSTI)

Remote Sensing 2010, 2, 2274-2304; doi:10.3390/rs2092274 Remote Sensing ISSN 2072-4292 www.mdpi.com/journal/remotesensing Review Remote Sensing of Irrigated Agriculture: Opportunities and Challenges Mutlu Ozdogan *, Yang Yang / Published: 27 September 2010 Abstract: Over the last several decades, remote sensing has emerged

Wisconsin at Madison, University of

240

Polarimetric remote sensing system analysis: Digital Imaging and Remote Sensing Image Generation (DIRSIG) model  

E-Print Network (OSTI)

i Polarimetric remote sensing system analysis: Digital Imaging and Remote Sensing Image Generation CENTER FOR IMAGING SCIENCE Title of Dissertation: Polarimetric remote sensing system analysis: DIRSIG____________________________________________________________ Date #12;vi #12;vii Polarimetric remote sensing system analysis: DIRSIG model validation and impact

Salvaggio, Carl

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Remote Sens. 2013, 5, 5926-5943; doi:10.3390/rs5115926 Remote Sensing  

E-Print Network (OSTI)

Remote Sens. 2013, 5, 5926-5943; doi:10.3390/rs5115926 Remote Sensing ISSN 2072-4292 www: 6 November 2013 / Accepted: 7 November 2013 / Published: 14 November 2013 Abstract: Remote sensing challenging to model crop yields based on remotely sensed data due to the variation in radiation use

Myneni, Ranga B.

242

REMOTE LABORATORIES IN AUTOMATION: AIP-PRIMECA RAO ARI PLATFORM Remote Laboratories in Automation  

E-Print Network (OSTI)

Terms -- Education, Laboratories, Manufacturing automation, Remote handling I.INTRODUCTION For a fewREMOTE LABORATORIES IN AUTOMATION: AIP-PRIMECA RAO ARI PLATFORM Remote Laboratories in Automation learners to train themselves on remote real or virtual systems. They represent essential components in e

Paris-Sud XI, Université de

243

Remote Food Shopping Robot System in a Supermarket Realization of the shopping task from remote places  

E-Print Network (OSTI)

the experimental result performed with the integrated system. Index Terms-- Remote shopping, Foods handling, Human dailylifeRemote shopping, Foods handling, Human dailylife I. INTRODUCTION In this research we focusedRemote Food Shopping Robot System in a Supermarket ­Realization of the shopping task from remote

Ohya, Akihisa

244

10 January 2009 PHOTOGRAMMETRIC ENGINEERING & REMOTE SENSING High Performance Computing in Remote Sensing  

E-Print Network (OSTI)

10 January 2009 PHOTOGRAMMETRIC ENGINEERING & REMOTE SENSING High Performance Computing in Remote Book ReviewBook Review High Performance Computing in Remote Sensing introduces the most recent advances in the incorporation of the high-performance computing (HPC) paradigm in remote sensing missions. Eighteen well

Plaza, Antonio J.

245

Remote Sensing for Water Quality Applications  

E-Print Network (OSTI)

Remote Sensing for Water Quality Applications #12;Objective Give a brief update on GEO Inland and Nearshore Coastal Water Quality Remote Sensing Workshop (GEO Work Task WA-06-01)) Held in Geneva and Nearshore Coastal Water Quality Remote Sensing Workshop (GEO Work Task WA-06-01)) Organizing committee

246

Airborne remote sensing in the frozen north  

E-Print Network (OSTI)

20 Airborne remote sensing in the frozen north High level shot from 10,000 feet shows, Chief Pilot and Operations Manager for NERC's Airborne Remote Sensing Facility reports on a recent trip expert ­ the Airborne Remote Sensing Facility flew to the Norwegian archipelago of Svalbard on August 3

Brierley, Andrew

247

Bylaws of the Center for Remote Sensing  

E-Print Network (OSTI)

DRAFT Bylaws of the Center for Remote Sensing Agricultural and Biological Engineering University for the conduct and operation of the Center for Remote Sensing (CRS) at the University of Florida (UF). The CRS and international recognition in research, teaching, and outreach for cutting-edge technologies in remote sensing

Watson, Craig A.

248

Geography 477 Introduction to Remote Sensing  

E-Print Network (OSTI)

Geography 477 Introduction to Remote Sensing www.sdal.uiuc.edu Dr. Tom Frank 321 Davenport Hall tdfrank@uiuc.edu 333-7248 #12;Remotely-sensed images of light reflected or emitted from the earth of the earth's environments #12;Remote sensing is the science or art of deriving information about an object

Frank, Thomas D.

249

Challenges and Opportunities of Remote Sensing in  

E-Print Network (OSTI)

Challenges and Opportunities of Remote Sensing in Caribbean Coastal Waters Fernando Gilbes-Santaella, Ph.D. Associate Professor Geological and Environmental Remote Sensing Laboratory Department of this presentation Discuss the potential and limitations for remote sensing of ocean color and coral reefs monitoring

Gilbes, Fernando

250

Remote Sensing of the Rob Holman1  

E-Print Network (OSTI)

Remote Sensing of the Nearshore Rob Holman1 and Merrick C. Haller2 1 College of Earth, Ocean- ate temporal or spatial density or at reasonable logistical or financial costs. Remote sensing algo- rithms by which the most important geophysical variables can be estimated from remote sensing

Haller, Merrick

251

The development of new algorithms for remote sensing of snow ...  

Science Conference Proceedings (OSTI)

Mar 14, 2010 ... remote sensing algorithm development, calibration and validation in ... Keywords Remote sensing Á Retrieval algorithms Á. Fractional snow ...

252

Remote Sensing Methods for Imaging Dose to Water  

Science Conference Proceedings (OSTI)

Remote Sensing Methods for Imaging Dose to Water. Summary: Calorimetry based upon remote sensing of the temperature ...

2013-02-26T23:59:59.000Z

253

T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Apple iOS Certificate Chain Validation Flaw Lets Certain 6: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions July 26, 2011 - 1:06am Addthis PROBLEM: A vulnerability was reported in Apple iOS. A remote user with the ability to conduct a man-in-the-middle attack can access or modify SSL/TLS sessions. PLATFORM: iOS 4.2.5 through 4.2.9 for iPhone 4 (CDMA) iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM) iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later iOS 3.2 through 4.3.4 for iPad ABSTRACT: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions. reference LINKS: SecurityTracker Alert ID: 1025837

254

V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

65: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote 65: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server May 28, 2013 - 12:46am Addthis PROBLEM: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server PLATFORM: Cisco WebEx for iOS 4.1, Other versions may also be affected. ABSTRACT: A vulnerability was reported in Cisco WebEx for iOS. REFERENCE LINKS: Cisco SecurityTracker Alert ID: 1028592 Secunia Advisory SA51412 CVE-2012-6399 IMPACT ASSESSMENT: Medium DISCUSSION: A security issue in Cisco WebEx for iOS can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to the application not properly verifying the server SSL certificate. This can be exploited to e.g. spoof the server

255

T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

76: Apple iOS Certificate Chain Validation Flaw Lets Certain 76: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions July 26, 2011 - 1:06am Addthis PROBLEM: A vulnerability was reported in Apple iOS. A remote user with the ability to conduct a man-in-the-middle attack can access or modify SSL/TLS sessions. PLATFORM: iOS 4.2.5 through 4.2.9 for iPhone 4 (CDMA) iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM) iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later iOS 3.2 through 4.3.4 for iPad ABSTRACT: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions. reference LINKS: SecurityTracker Alert ID: 1025837

256

T-690: Check Point Endpoint Security On-Demand Client Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Check Point Endpoint Security On-Demand Client Lets Remote 0: Check Point Endpoint Security On-Demand Client Lets Remote Users Execute Arbitrary Code T-690: Check Point Endpoint Security On-Demand Client Lets Remote Users Execute Arbitrary Code August 10, 2011 - 8:45am Addthis PROBLEM: Due to quality issues within the software, an attacker is able to access insecure methods from the "trustworthy" Java applet or ActiveX control and exploit those features to compromise all client systems that trust the correctly signed Java applet or ActiveX control (e.g. all users that need to use this software for accessing internal systems over company VPN). PLATFORM: Multiple products:- R65.70 - R70.40 - R71.30 - R75 - Connectra R66.1 - Connectra R66.1n - VSX R65.20 - VSX R67 ABSTRACT: Check Point Endpoint Security On-Demand Client Lets Remote Users Execute

257

Iran's Response to a U.S. Attack  

E-Print Network (OSTI)

Click to skip to the comments section. Editor's Note: Readers, you can click the PDF button on the menu above to make this article into a PDF suitable for printing or e-reading. Michael Rienzi lays out a detailed analysis of Iran's potential reactions to a strike and finds the following thesis to be likely. Iran’s reaction to an attack by the US would be to use all means at its disposal including their large arsenal of missiles, asymmetric warfare, regular forces, and economic/political disruption methods that would cause large amounts of devastation, casualties, economic disruption, and fear; in the hopes that the enemy would lose the support of its citizens and allies, thus forcing them to end the confrontation; Iran would use all means at its disposal to accomplish this goal rather quickly as they would try to avoid an extended conflict. “Iran would not hesitate to retaliate if attacked. If enemies intend to endanger our welfare and security, we will adopt measures which will make them regret their actions."Islamic Revolutionary Guards Corps

V. Rienzi; Brig Gen; Mohammad Hejazi

2012-01-01T23:59:59.000Z

258

Remote Sensing Ayman F. Habib Electro-Magnetic Radiation  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 2 Electro-Magnetic Radiation #12;Remote Sensing Ayman F. Habib 2 Elements of Remote Sensing #12;Remote Sensing Ayman F. Habib 3 Chapter 2 Radiation: nature & source #12;Remote Sensing Ayman F. Habib 4 Chapter 2 Interaction with the atmosphere #12;Remote Sensing

Habib, Ayman

259

Remote Sensing Ayman F. Habib Electro-Magnetic Radiation  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 2 Electro-Magnetic Radiation Remote Sensing Ayman F. Habib 2 Elements of Remote Sensing #12;Remote Sensing Ayman F. Habib 3 Chapter 2 Radiation: nature & source Remote Sensing Ayman F. Habib 4 Chapter 2 Interaction with the atmosphere #12;Remote Sensing Ayman

Habib, Ayman

260

Java^TM RemoteMethod Invocation Specification  

E-Print Network (OSTI)

2.7 Exception Handling in Remote Method Invocation. . . . . 11 2.8 Object Methods Overridden Handling in Remote Method Invocation . Object Methods Overridden by the RemoteObject Class . The Semantics.7 Exception Handling in Remote Method Invocation Since remote methods include java.rmi.Remote

Demurjian, Steven A.

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Definition: Remote Sensing Techniques | Open Energy Information  

Open Energy Info (EERE)

Remote Sensing Techniques Remote Sensing Techniques Jump to: navigation, search Dictionary.png Remote Sensing Techniques Remote sensing utilizes satellite and/or airborne based sensors to collect information about a given object or area. Remote sensing data collection methods can be passive or active. Passive sensors (e.g., spectral imagers) detect natural radiation that is emitted or reflected by the object or area being observed. In active remote sensing (e.g., radar) energy is emitted and the resultant signal that is reflected back is measured.[1] View on Wikipedia Wikipedia Definition Remote sensing is the acquisition of information about an object or phenomenon without making physical contact with the object. In modern usage, the term generally refers to the use of aerial sensor technologies

262

CoercionCoercion--Resistant RemoteResistant Remote Voting Using Decryption MixesVoting Using Decryption Mixes  

E-Print Network (OSTI)

-Resistant Remote Voting 12 Ballot HandlingBallot Handling · Problem: LHS+onion of ballot reveals too much ­ MustCoercionCoercion--Resistant RemoteResistant Remote Voting Using Decryption MixesVoting Using September 16, 2005 Clarkson and Myers: Coercion-Resistant Remote Voting 2 Remote VotingRemote Voting · Clear

Schoenmakers, Berry

263

CMS FNAL Remote Operations Center  

NLE Websites -- All DOE Office Websites (Extended Search)

LHC@FNAL Remote Operations Center (ROC) at Fermilab is located on the first floor of Wilson Hall. From the ROC, shifters perform real-time monitoring of the data recorded by the CMS Experiment. LHC@FNAL Remote Operations Center (ROC) at Fermilab is located on the first floor of Wilson Hall. From the ROC, shifters perform real-time monitoring of the data recorded by the CMS Experiment. ROC WBM / WBM Twiki FNAL ELog Mailing List Agendas / ROC Presentations & Notes WBM Publications Runs CVS SiTracker / MTCC AEM / AEM help Screen Snapshot Service FAQ Accounts & Nodes New User Instructions WebCams CMS Workbook Directories / Glossaries Photos Vidyo / EVO Google / Wikipedia LHC@FNAL Computing Console Map Documents Mailing List One East Mtg Schedule rocshare Telephones To Do List Video Conferencing CMS Shifter CSC DAQ DataOps DQM / FNAL ROC ECAL Event Display HCAL Pixel Trigger Global Run Calendar CMS Live Contact List DAQ Status DAS

264

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention  

Science Conference Proceedings (OSTI)

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01T23:59:59.000Z

265

Time Stamp Attack on Wide Area Monitoring System in Smart Grid  

E-Print Network (OSTI)

Security becomes an extremely important issue in smart grid. To maintain the steady operation for smart power grid, massive measurement devices must be allocated widely among the power grid. Previous studies are focused on false data injection attack to the smart grid system. In practice, false data injection attack is not easy to implement, since it is not easy to hack the power grid data communication system. In this paper, we demonstrate that a novel time stamp attack is a practical and dangerous attack scheme for smart grid. Since most of measurement devices are equipped with global positioning system (GPS) to provide the time information of measurements, it is highly probable to attack the measurement system by spoofing the GPS. By employing the real measurement data in North American Power Grid, simulation results demonstrate the effectiveness of the time stamp attack on smart grid.

Zhang, Zhenghao; Li, Husheng; Pei, Changxing

2011-01-01T23:59:59.000Z

266

Assessing and Enhancing the Security of Transmission Assets From International Physical Attack  

Science Conference Proceedings (OSTI)

Potential intentional attacks against electric power systems include sabotage; physical assault; disruption of sensors, information systems, computer networks, and fail-safe systems; tampering with process safety; and indirect attacks such as disruption of water, fuel, or key personnel. While outages from intentional attacks on the physical security of utility assets are rare, such outages can adversely impact the economy, the environment, public safety, and national security. This white paper ...

2013-12-03T23:59:59.000Z

267

Thermal Barrier Coatings Resistant to Attack by Molten Fly Ash in ...  

Science Conference Proceedings (OSTI)

Presentation Title, Thermal Barrier Coatings Resistant to Attack by Molten Fly Ash in Integrated Gas Combined Cycle Turbine Engines. Author(s), Andrew D.

268

High Performance Computing techniques for attacking reduced version of AES using XL and XSL methods.  

E-Print Network (OSTI)

??A known-plaintext attack on the Advanced Encryption Standard can be formulated as a system of quadratic multivariate polynomial equations in which the unknowns represent key… (more)

Kleiman, Elizabeth

2010-01-01T23:59:59.000Z

269

Real-time wind estimation and display for chem/bio attack response using UAV data .  

E-Print Network (OSTI)

??The defense response to a Chemical and Biological attack would be importantly based on predicting the dispersion of a toxic cloud. Considering that an Unmanned… (more)

Sir, CristiaĚ

2003-01-01T23:59:59.000Z

270

A simple and low cost platform to perform Power Analysis Attacks.  

E-Print Network (OSTI)

??Power Analysis Attacks use the fact that power consumption in modern microprocessors and cryptographic devices depends on the instructions executed on them and so, it… (more)

Carmona, Manuel

2012-01-01T23:59:59.000Z

271

Remote Inspection, Measurement and Handling for LHC  

E-Print Network (OSTI)

Personnel access to the LHC tunnel will be restricted to varying extents during the life of the machine due to radiation, cryogenic and pressure hazards. The ability to carry out visual inspection, measurement and handling activities remotely during periods when the LHC tunnel is potentially hazardous offers advantages in terms of safety, accelerator down time, and costs. The first applications identified were remote measurement of radiation levels at the start of shut-down, remote geometrical survey measurements in the collimation regions, and remote visual inspection during pressure testing and initial machine cool-down. In addition, for remote handling operations, it will be necessary to be able to transmit several real-time video images from the tunnel to the control room. The paper describes the design, development and use of a remotely controlled vehicle to demonstrate the feasibility of meeting the above requirements in the LHC tunnel. Design choices are explained along with operating experience to-dat...

Kershaw, K; Coin, A; Delsaux, F; Feniet, T; Grenard, J L; Valbuena, R

2007-01-01T23:59:59.000Z

272

Proceedings: Remote Monitoring Technology 2008 Workshop  

Science Conference Proceedings (OSTI)

This report provides information from the Remote Monitoring Technology Working Group meeting, held in September 2008. The meeting focused on an update of a number of recent technical developments in Remote Monitoring Technology (RMT). Utility attendees also detailed RMT system purchases, deployment and operation of remote monitoring equipment. EPRI intended the broad scope of the meeting to facilitate a discussion of important industry experiences ranging from the initial design and procurement of system...

2009-07-31T23:59:59.000Z

273

Transcript - "Millimeter-Wave Remote Biometric Identification...  

NLE Websites -- All DOE Office Websites (Extended Search)

can be rapidly deployed for security screening, health of soldiers in battlefield and disaster rescue efforts... Transcript of Video Our product enables remote wireless...

274

Remote Access of Computer Controlled Experiments.  

E-Print Network (OSTI)

??In this paper, we present a way for students to access and operate laboratory equipment, controlled by a laboratory computer via a remote access program.… (more)

Nilsson, Kristian; Zackrisson, Johan

2008-01-01T23:59:59.000Z

275

Cost Effectiveness of On-Site Chlorine Generation for Chlorine Truck Attack Prevention  

Science Conference Proceedings (OSTI)

A chlorine tank truck attack could cause thousands of fatalities. As a means of preventing chlorine truck attacks, I consider the on-site generation of chlorine or hypochlorite at all U.S. facilities currently receiving chlorine by truck. I develop and ... Keywords: applications, cost-effectiveness, public policy, risk analysis, terrorism, uncertainty

Anthony M. Barrett

2010-12-01T23:59:59.000Z

276

A defence scheme against Identity Theft Attack based on multiple social networks  

Science Conference Proceedings (OSTI)

Recently, on-line social networking sites become more and more popular. People like to share their personal information such as their name, birthday and photos on these public sites. However, personal information could be misused by attackers. One kind ... Keywords: Identity Theft Attack, Multi-dimensional social network, Social networks

Bing-Zhe He, Chien-Ming Chen, Yi-Ping Su, Hung-Min Sun

2014-04-01T23:59:59.000Z

277

Program on Technology Innovation: Chloride Attack-Induced Aging of Concrete Structures in the Energy Industry  

Science Conference Proceedings (OSTI)

Corrosion of embedded steel elements (reinforcement, liner, pre- or post-tensioning device) is a major cause of structure dysfunction resulting in large maintenance and repair costs worldwide. This report focuses on chloride attack–induced aging of concrete structures in the energy industry. Chloride attack is a common aging issue caused by marine environment, the extensive ...

2012-11-30T23:59:59.000Z

278

A spotlight on security and privacy risks with future household robots: attacks and lessons  

Science Conference Proceedings (OSTI)

Future homes will be populated with large numbers of robots with diverse functionalities, ranging from chore robots to elder care robots to entertainment robots. While household robots will offer numerous benefits, they also have the potential to introduce ... Keywords: cyber-physical systems, domestic robots, household robots, multi-robot attack, privacy, robots, security, single-robot attack, ubiquitous robots

Tamara Denning; Cynthia Matuszek; Karl Koscher; Joshua R. Smith; Tadayoshi Kohno

2009-09-01T23:59:59.000Z

279

Secure multipliers resilient to strong fault-injection attacks using multilinear arithmetic codes  

Science Conference Proceedings (OSTI)

Public-key cryptographic devices are vulnerable to fault-injection attacks. As countermeasures, a number of secure architectures based on linear and nonlinear error detecting codes were proposed. Linear codes provide protection only against primitive ... Keywords: arithmetic codes, cryptography, multipliers, sidechannel attacks

Zhen Wang, Mark Karpovsky, Ajay Joshi

2012-06-01T23:59:59.000Z

280

Cryptanalysis of keystream generator by decimated sample based algebraic and fast correlation attacks  

Science Conference Proceedings (OSTI)

This paper proposes a novel approach for cryptanalysis of keystream generators consisting of the composition of a linear finite state machine (LFSM) and nonlinear mapping. The proposed approach includes a dedicated decimation of the sample for cryptanalysis ... Keywords: LFSRs, algebraic attacks, decimation, fast correlation attack, nonlinear combination keystream generator, state transition matrix, stream ciphers

Miodrag J. Mihaljevi?; Marc P. C. Fossorier; Hideki Imai

2005-12-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Power and EM Attacks on Passive $13.56\\,\\textrm{MHz}$ RFID Devices  

Science Conference Proceedings (OSTI)

During the last years, more and more security applications have been developed that are based on passive 13.56 MHz RFID devices. Among the most prominent applications are electronic passports and contactless payment systems. This article discusses the ... Keywords: AES, DEMA, DPA, EM Attacks, Power Analysis, RFID, Side-Channel Attacks

Michael Hutter; Stefan Mangard; Martin Feldhofer

2007-09-01T23:59:59.000Z

282

Distinguishing Attack on the Secret-Prefix MAC Based on the 39-Step SHA-256  

Science Conference Proceedings (OSTI)

In this paper, we present the first distinguishing attack on the LPMAC based on step-reduced SHA-256. The LPMAC is the abbreviation of the secret-prefix MAC with the length prepended to the message before hashing and it's a more secure version of the ... Keywords: MAC, SHA-256, distinguishing attack

Hongbo Yu; Xiaoyun Wang

2009-06-01T23:59:59.000Z

283

Distributed detection of mobile malicious node attacks in wireless sensor networks  

Science Conference Proceedings (OSTI)

In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to ... Keywords: Intrusion detection, Mobile malicious node, Sequential hypothesis testing

Jun-Won Ho; Matthew Wright; Sajal K. Das

2012-05-01T23:59:59.000Z

284

Brain and Heart 1. Reducing your risk of stroke and heart attack. . . . 3  

E-Print Network (OSTI)

#12;Contents Brain and Heart 1. Reducing your risk of stroke and heart attack. . . . 3 2. Exercising for a healthy heart . . . . . . . . . . . . . . . . 4 3. Choosing a home blood pressure unit . . . . . . . . . . . . . . . . . 47 #12;BRAIN AND HEART Reducing your risk of stroke and heart attack One of the best ways to protect

Jagannatham, Aditya K.

285

Remote Sensing Ayman F. Habib Data Acquisition Systems  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 3 Data Acquisition Systems #12;Remote Sensing Ayman F. ­ Electro-mechanical scanners. #12;Remote Sensing Ayman F. Habib 3 Overview · LIDAR operational principles for recognition and classification purposes. #12;Remote Sensing Ayman F. Habib 4 Remote Sensing Systems Utilized

Habib, Ayman

286

Remote Sensing Ayman F. Habib Image Registration & Rectification  

E-Print Network (OSTI)

Remote Sensing Ayman F. Habib 1 Chapter 5 Image Registration & Rectification #12;Remote Sensing: Resampling techniques. #12;Remote Sensing Ayman F. Habib 3 Image Registration #12;Remote Sensing Ayman F be integrated/fused. Object Space Left Image Right Image Image Registration: Objective #12;Remote Sensing Ayman

Habib, Ayman

287

Remote Sensing Ayman F. Habib Image Registration & Rectification  

E-Print Network (OSTI)

1 Remote Sensing Ayman F. Habib 1 Chapter 5 Image Registration & Rectification Remote Sensing Ayman: Resampling techniques. #12;2 Remote Sensing Ayman F. Habib 3 Image Registration Remote Sensing Ayman F. Habib be integrated/fused. Object Space Left Image Right Image Image Registration: Objective #12;3 Remote Sensing

Habib, Ayman

288

Defeating Internet attacks and Spam using "disposable" Mobile IPv6 home addresses  

E-Print Network (OSTI)

We propose a model of operation for next generation wireless Internet, in which a mobile host has hundreds of "disposable" Mobile IPv6 home addresses. Each correspondent is distributed a different disposable home address. If attacked on a given home address, the mobile user can block packets to that address and become unreachable to the attacker. Blocking one address does not affect other addresses. Other correspondents can still reach the mobile host. A new home address can also be requested via e-mail, instant messaging, or directly from the target host using a protocol that we develop. This model is especially useful against battery exhausting Denial-of-Service (DoS) attacks and CPU exhausting distributed DoS attacks, since it seems to be the only viable solution, currently. We show however that this model can also be used to defeat other attacks and also to stop spam.

Mutaf, Pars

2011-01-01T23:59:59.000Z

289

Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices  

E-Print Network (OSTI)

Mobile computers are subject to a unique form of denial of service attack known as a battery exhaustion attack, in which an attacker attempts to rapidly drain the battery of the device. In this paper we present our first steps in the design of an intrusion detection system for these attacks, a system that takes into account the performance, energy, and memory constraints of mobile computing devices. This intrusion detection system uses several parameters, such as CPU load and disk accesses, to estimate the power consumption using a linear regression model, allowing us to find the energy used on a per process basis, and thus identifying processes that are potentially battery exhaustion attacks. 1.

Daniel C. Nash; Thomas L. Martin; Dong S. Ha; Michael S. Hsiao

2005-01-01T23:59:59.000Z

290

18 IEEE Geoscience and Remote Sensing Society Newsletter September 2011 International Geoscience and Remote Sensing Symposium,  

E-Print Network (OSTI)

18 IEEE Geoscience and Remote Sensing Society Newsletter · September 2011 International Geoscience and Remote Sensing Symposium, Honolulu, Hawai'i: IEEE, 2000. [27] R. K. Raney, "Hybrid-Polarity SAR Architecture," in CD-ROM Proceedings, IEEE International and Geoscience Remote Sensing Symposium IGARSS, Denver

Fischlin, Andreas

291

Remotely readable fiber optic compass  

DOE Patents (OSTI)

A remotely readable fiber optic compass. A sheet polarizer is affixed to a magnet rotatably mounted in a compass body, such that the polarizer rotates with the magnet. The optical axis of the sheet polarizer is preferably aligned with the north-south axis of the magnet. A single excitation light beam is divided into four identical beams, two of which are passed through the sheet polarizer and through two fixed polarizing sheets which have their optical axes at right angles to one another. The angle of the compass magnet with respect to a fixed axis of the compass body can be determined by measuring the ratio of the intensities of the two light beams. The remaining ambiguity as to which of the four possible quadrants the magnet is pointing to is resolved by the second pair of light beams, which are passed through the sheet polarizer at positions which are transected by two semicircular opaque strips formed on the sheet polarizer. The incoming excitation beam and the four return beams are communicated by means of optical fibers, giving a remotely readable compass which has no electrical parts.

Migliori, A.; Swift, G.W.; Garrett, S.L.

1985-04-30T23:59:59.000Z

292

Free energies for acid attack reactions of lithium cobaltate.  

Science Conference Proceedings (OSTI)

The attack of lithium-ion battery cathodes by stray aqueous HF, with resultant dissolution, protonation, and possibly other unintended reactions, can be a significant source of capacity fade. We explore the calculation of reaction free energies of lithium cobaltate in acid by a 'hybrid' method, in which solid-phase free energies are calculated from first principles at the generalized gradient approximation + intrasite coulomb interaction (GGA+U) level and tabulated values of ionization potentials and hydration energies are employed for the aqueous species. Analysis of the dissolution of the binary oxides Li{sub 2}O and CoO suggests that the atomic energies for Co and Li should be shifted from values calculated by first principles to yield accurate reaction free energies within the hybrid method. With the shifted atomic energies, the hybrid method was applied to analyze proton-promoted dissolution and protonation reactions of LiCoO{sub 2} in aqueous acid. Reaction free energies for the dissolution reaction, the reaction to form Co{sub 3}O{sub 4} spinel, and the proton-for-lithium exchange reaction are obtained and compared to empirical values. An extension of the present treatment to consider partial reactions is proposed, with a view to investigating interfacial and environmental effects on the dissolution reaction.

Benedek, R.; van de Walle, A.; Chemical Sciences and Engineering Division; California Inst. of Tech.

2008-01-01T23:59:59.000Z

293

Protecting Intelligent Distributed Power Grids against Cyber Attacks  

Science Conference Proceedings (OSTI)

Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

2010-12-31T23:59:59.000Z

294

Substation Security and Remote Access Implementation Strategies  

Science Conference Proceedings (OSTI)

This project analyzed control system remote access solutions in a side-by-side comparison. Five systems were lab-tested against common functions used by utilities to access and manage electronic control systems. The five vendors’ products met the basic remote access requirements tested.BackgroundElectronic control systems that actuate protective equipment and physical operations in the ...

2012-12-20T23:59:59.000Z

295

Neural maps in remote sensing image analysis  

Science Conference Proceedings (OSTI)

We study the application of self-organizing maps (SOMs) for the analyses of remote sensing spectral images. Advanced airborne and satellite-based imaging spectrometers produce very high-dimensional spectral signatures that provide key information to ... Keywords: generalized relevance learning vector quantization, image analysis, remote sensing, self-organizing map

Thomas Villmann; Erzsébet Merényi; Barbara Hammer

2003-04-01T23:59:59.000Z

296

Modeling of Spectralon diffusers for radiometric calibration in remote sensing  

E-Print Network (OSTI)

Modeling of Spectralon diffusers for radiometric calibration in remote sensing G. Bazalgette Courre Abstract. Onboard calibration of radiometric measurements in remote sensing is often achieved for publication May 28, 2003. 1 Introduction Light diffusers are used in remote sensing applications

Sprik, Rudolf

297

Remote Sensing for Biodiversity Conservation of the Albertine Rift  

E-Print Network (OSTI)

183 10 Remote Sensing for Biodiversity Conservation of the Albertine Rift in Eastern Africa Samuel 2003). The rapidly developing field of remote sensing has been invaluable to biodiversity conservation...............................................................................................184 10.3 Remote Sensing of the Albertine Rift .....................................................185

Wang, Y.Q. "Yeqiao"

298

Multiple Instrument Distributed Aperture Sensor (MIDAS) For Planetary Remote Sensing  

E-Print Network (OSTI)

Multiple Instrument Distributed Aperture Sensor (MIDAS) For Planetary Remote Sensing Joe Pitman An innovative approach that enables greatly increased return from planetary science remote sensing missions as the primary remote sensing science payload, thereby reducing the cost, resources, complexity, integration

Marcus, Philip S.

299

Snowpack spatial variability: towards understanding its effect on remote sensing  

E-Print Network (OSTI)

Snowpack spatial variability: towards understanding its effect on remote sensing measurements spatial variability: towards understanding its effect on remote sensing mea- surements and snow slope large errors in these basin estimates. Remote sensing measurements offer a promising alternative, due

Marshall, Hans-Peter

300

Design of a Graphic Generator for Remote Terminal Application  

Science Conference Proceedings (OSTI)

The design of a graphic display system for remote terminal application is presented. Control data requirements are reduced by generating a useful set of graphic primitives locally at the remote terminals. Keywords: Computer graphics, digital differential analyzers, peripherals, remote terminals.

J. R. Armstrong

1973-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

92: VMware Workstation/Player VM Remote Device Bug Lets Local or 92: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x aBSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.

302

U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

VMware Workstation/Player VM Remote Device Bug Lets Local or VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x ABSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash. Impact:

303

Remote field eddy current inspection  

SciTech Connect

The Remote Field Eddy Current (RFEC) technique uses an internal probe to inspect conducting tubes nondestructively. A coaxial solenoidal exciter, energized with low frequency AC, and detector coils near the inside of the pipe wall are separated by about two pipe diameters to obtain through wall transmission and equal sensitivity to defects on the outside or inside of the pipe wall. Calculation methods are outlined and the voltage plane polar plot signal representation for defect measurement is described. Slit defect interactions in ferromagnetic and non-ferromagnetic tubes are discussed. Defect-induced anomalous fields are interpreted in terms of anomalous source eddy current and missing magnetization defect models. The use of computer animations to represent the time variations of high resolution field measurements and calculations is described.

Atherton, D.L. [Queen`s Univ., Kingston, Ontario (Canada). Dept. of Physics

1995-11-01T23:59:59.000Z

304

Shedding Light on RFID Distance Bounding Protocols and Terrorist Fraud Attacks  

E-Print Network (OSTI)

The vast majority of RFID authentication protocols assume the proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios an intruder can be located between the prover (tag) and the verifier (reader) and trick this last one into thinking that the prover is in close proximity. This attack is generally known as a relay attack in which scope distance fraud, mafia fraud and terrorist attacks are included. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed during the last years but vulnerabilities of major or minor relevance have been identified in most of them. In 2008, Kim et al. [18] proposed a new distance bounding protocol with the objective of being the best in terms of security, privacy, tag computational overhead and fault tolerance. In this paper, we analyze this protocol and we present a passive full disclosure attack, which allows an adversary to discover the long-term secret key of the tag. The presented attack is very relevant, since no security objectives are met in Kim et al.’s protocol. Then, design guidelines are introduced with the aim of facilitating protocol designers the stimulating task of designing secure and efficient schemes against relay attacks. Finally a new protocol, named Hitomi and inspired by [18], is designed conforming the guidelines proposed previously.

Pedro Peris-lopez; Julio C. Hern; Aikaterini Mitrokotsa; Juan M. E. Tapiador

2010-01-01T23:59:59.000Z

305

WADeS: a tool for Distributed Denial of Service Attack detection  

E-Print Network (OSTI)

The increasing popularity of web-based applications has led to several critical services being provided over the Internet. This has made it imperative to monitor the network traffic so as to prevent malicious attackers from depleting the network's resources and denying service to legitimate users. In our research work, we propose WADeS (Wavelet based Attack Detection Signatures), an approach to detect a Distributed Denial of Service Attack using Wavelet methods. We develop a new framework that uses LRU cache filtering to capture the high bandwidth flows followed by computation of wavelet variance on the aggregate miss traffic. The introduction of attack traffic in the network would elicit changes in the wavelet variance. This is combined with thresholding methods to enable attack detection. Sampling techniques can be used to tailor the cost of our detection mechanism. The mechanism we suggest is independent of routing information, thereby making attack detection immune to IP address spoofing. Using simulations and quantitative measures, we find that our mechanism works successfully on several kinds of attacks. We also use statistical methods to validate the results obtained.

Ramanathan, Anu

2002-01-01T23:59:59.000Z

306

T-608: HP Virtual Server Environment Lets Remote Authenticated...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP Virtual Server Environment Lets Remote Authenticated Users Gain Elevated Privileges T-608: HP Virtual Server Environment Lets Remote Authenticated Users Gain Elevated...

307

Geothermal Exploration Using Aviris Remote Sensing Data Over...  

Open Energy Info (EERE)

Using Aviris Remote Sensing Data Over Fish Lake Valley, Nv Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Conference Paper: Geothermal Exploration Using Aviris Remote...

308

V-202: Cisco Video Surveillance Manager Bugs Let Remote Users...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially...

309

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary...

310

U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code September 18, 2012 -...

311

T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution...

312

U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-120: EMC Smarts Network Configuration Manager Java RMI Access Control Flaw Lets Remote Users Gain Full Control...

313

Community Energy Planning A Resource Guide for Remote Communities...  

Open Energy Info (EERE)

Resource Guide for Remote Communities in Canada Jump to: navigation, search Name Community Energy Planning A Resource Guide for Remote Communities in Canada AgencyCompany...

314

Time Synchronization Attack in Smart Grid-Part I: Impact and Analysis  

E-Print Network (OSTI)

Many operations in power grids, such as fault detection and event location estimation, depend on precise timing information. In this paper, a novel Time Synchronization Attack (TSA) is proposed to attack the timing information in smart grid. Since many applications in smart grid utilize synchronous measurements and most of the measurement devices are equipped with global positioning system (GPS) for precise timing, it is highly probable to attack the measurement system by spoofing the GPS. The effectiveness of TSA is demonstrated for three applications of phasor measurement unit (PMU) in smart grid, namely transmission line fault detection, voltage stability monitoring and event locationing. The validity of TSA is demonstrated by numerical simulations.

Zhang, Zhenghao; Dimitrovski, Aleksandar D; Li, Husheng

2012-01-01T23:59:59.000Z

315

Time Stamp Attack in Smart Grid: Physical Mechanism and Damage Analysis  

E-Print Network (OSTI)

Many operations in power grids, such as fault detection and event location estimation, depend on precise timing information. In this paper, a novel time stamp attack (TSA) is proposed to attack the timing information in smart grid. Since many applications in smart grid utilize synchronous measurements and most of the measurement devices are equipped with global positioning system (GPS) for precise timing, it is highly probable to attack the measurement system by spoofing the GPS. The effectiveness of TSA is demonstrated for three applications of phasor measurement unit (PMU) in smart grid, namely transmission line fault detection, voltage stability monitoring and event locationing.

Gong, Shuping; Li, Husheng; Dimitrovski, Aleksandar D

2012-01-01T23:59:59.000Z

316

Heating remote rooms in passive solar buildings  

DOE Green Energy (OSTI)

Remote rooms can be effectively heated by convection through a connecting doorway. A simple steady-state equation is developed for design purposes. Validation of a dynamic model is achieved using data obtained over a 13-day period. Dynamic effects are investigated using a simulation analysis for three different cases of driving temperature; the effect is to reduce the temperature difference between the driving room and the remote room compared to the steady-state model. For large temperature swings in the driving room a strategy which uses the intervening door in a diode mode is effective. The importance of heat-storing mass in the remote room is investigated.

Balcomb, J.D.

1981-01-01T23:59:59.000Z

317

Remotely operated submersible underwater suction apparatus  

DOE Patents (OSTI)

A completely submersible, remotely operated underwater suction device for collection of irradiated materials in a nuclear pool is disclosed. The device includes a pump means for pumping water through the device, a filter means for capturing irradiated debris, remotely operated releasable connector means, a collection means and a means for remotely maneuvering the collection means. The components of the suction device may be changed and replaced underwater to take advantage of the excellent radiation shielding ability of water to thereby minimize exposure of personnel to radiation.

Kristan, Louis L. (2111 Brentwood Dr., Idaho Falls, ID 83402)

1990-01-01T23:59:59.000Z

318

Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Audit and Attack Detection Toolkit: National SCADA Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will

319

A study on visual attack to BPCS-Steganography and countermeasure  

Science Conference Proceedings (OSTI)

This paper discusses a visual attack to BPCS-Steganography (Bit-Plane Complexity Segmentation-Steganography) and presents a countermeasure. BPCS replaces noisy blocks with the binary patterns mapped from secret data. The logical operation called conjugate ...

Michiharu Niimi; Hideki Noda; Bruce Segee

2005-09-01T23:59:59.000Z

320

Analyzing resiliency of the smart grid communication architectures under cyber attack  

Science Conference Proceedings (OSTI)

Smart grids are susceptible to cyber-attack as a result of new communication, control and computation techniques employed in the grid. In this paper, we characterize and analyze the resiliency of smart grid communication architecture, specifically an ...

Anas AlMajali; Arun Viswanathan; Clifford Neuman

2012-08-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Not-a-Bot (NAB): Improving Service Availability in the Face of Botnet Attacks  

E-Print Network (OSTI)

A large fraction of email spam, distributed denial-of-service (DDoS) attacks, and click-fraud on web advertisements are caused by traffic sent from compromised machines that form botnets. This paper posits that by identifying ...

Gummadi, Ramakrishna

322

Remote NDE Technology for Steam Turbines  

Science Conference Proceedings (OSTI)

Remote nondestructive evaluation technology (NDE) for steam turbines has potential for use as an alternative to inspections requiring extensive machine disassembly and for use during short-term outages, to provide an interim look at machine operability.

2002-11-21T23:59:59.000Z

323

Quick-connect coupler for remote manipulation  

DOE Patents (OSTI)

An adaptor for a single-point attachment, push-to-connect/pull-to- disconnect, quick-connect fluid coupler which enables the coupler to be remotely manipulated. 5 figs.

Dobbins, J.C.

1989-07-27T23:59:59.000Z

324

Remotely piloted vehicles; A selective bibliography  

SciTech Connect

This report is a bibliography from the International Aerospace Abstracts and the Scientific and Technical Aerospace Abstracts on remotely piloted vehicles. Most of the applications of these RPV`s are military in nature.

Farley, R. [comp.

1975-12-01T23:59:59.000Z

325

Solar Power Expert For Remote Robotic Explorers  

E-Print Network (OSTI)

Robotic exploration of remote areas to assist or replace human exploration reduces the cost, hazard and tedium of such exploration. For remote explorers, power is the most critical resource, and the most common source of that power is solar energy. Information about the robot configuration, the planned path, the terrain and the position of the sun can be processed by a solar power expert software module to calculate the power provided by a given plan of action. Using this information to select the best plans will enable remote robotic explorers to extend their lifetimes. This paper presents the development of a solar power expert and its implementation on a simulator. Several patterned path plans are evaluated with various solar panel configurations, starting times and locations, concentrating on polar regions. 1. EXPLORATION ROBOTS Capable and adaptable robots are needed for exploring areas too dangerous or costly for humans to visit. Planets, moons, and remote earthly locations suc...

Kimberly Shillcutt Robotics; Kimberly Shillcutt; William Whittaker

1999-01-01T23:59:59.000Z

326

On-road remote sensing of vehicle emissions in  

E-Print Network (OSTI)

On-road remote sensing of vehicle emissions in the Auckland Region August 2003 Technical 1877353000 www.arc.govt.nz #12;TP 198 On-Road Remote Sensing of Vehicle Emissions in the Auckland Region #12;Page i TP 198 On-Road Remote Sensing of Vehicle Emissions in the Auckland Region On-road remote sensing

Denver, University of

327

Global remote sensing research trends during 19912010: a bibliometric analysis  

E-Print Network (OSTI)

Global remote sensing research trends during 1991­2010: a bibliometric analysis Yanhua Zhuang to remote sensing of SCI and SSCI databases during 1991­2010, this study evaluated the geographical, institutional, national, and spatiotemporal patterns in remote sensing research. Remote sensing research went up

Gruner, Daniel S.

328

Remote Sensing of Natural Areas: Procedures and Considerations for  

E-Print Network (OSTI)

1 Remote Sensing of Natural Areas: Procedures and Considerations for Assessing Vegetation Ecosystems and Remote Sensing Program Introduction Remote sensing can be defined as the acquisi- tion for rapid analysis. In the last Technical Report, we provided an in- troduction to how remote sensing can

329

Fiber optically isolated and remotely stabilized data transmission system  

DOE Patents (OSTI)

A fiber optically isolated and remotely stabilized data transmission system s described wherein optical data may be transmitted over an optical data fiber from a remote source which includes a data transmitter and a power supply at the remote source. The transmitter may be remotely calibrated and stabilized via an optical control fiber, and the power source may be remotely cycled between duty and standby modes via an optical control fiber.

Nelson, Melvin A. (Santa Barbara, CA)

1992-01-01T23:59:59.000Z

330

Fiber optically isolated and remotely stabilized data transmission system  

DOE Patents (OSTI)

A fiber optically isolated and remotely stabilized data transmission systems described wherein optical data may be transmitted over an optical data fiber from a remote source which includes a data transmitter and a power supply at the remote source. The transmitter may be remotely calibrated and stabilized via an optical control fiber, and the power source may be remotely cycled between duty and standby modes via an optical control fiber. 3 figs.

Nelson, M.A.

1992-11-10T23:59:59.000Z

331

A fiber optically isolated and remotely stabilized data transmission system  

DOE Patents (OSTI)

It is, an object of this invention to provide a fiber optically isolated and remotely stabilized data transmission system wherein optical data may be transmitted over an optical data fiber from a remote source which includes a data transmitter and a power supply at the remote source, the transmitter may be remotely calibrated and stabilized via an optical control fiber, and the power source may be remotely cycled between duty and standby modes via an optical control fiber.

Nelson, M.A.

1991-01-01T23:59:59.000Z

332

A fiber optically isolated and remotely stabilized data transmission system  

DOE Patents (OSTI)

It is, an object of this invention to provide a fiber optically isolated and remotely stabilized data transmission system wherein optical data may be transmitted over an optical data fiber from a remote source which includes a data transmitter and a power supply at the remote source, the transmitter may be remotely calibrated and stabilized via an optical control fiber, and the power source may be remotely cycled between duty and standby modes via an optical control fiber.

Nelson, M.A.

1991-12-31T23:59:59.000Z

333

Shedding Some Light on RFID Distance Bounding Protocols and Terrorist Attacks  

E-Print Network (OSTI)

During the last years, researchers have focused on designing secure and efficient RFID authentication protocols. The vast majority of these protocols assume proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios, an intruder can be located between the prover (tag) and the verifier (reader) and trick the latter into thinking that the prover is in close proximity. This attack is globally known as a relay attack, a kind that includes others such as distance fraud, mafia fraud and terrorist attacks. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed in the last years, but vulnerabilities of major or minor relevance have been identified in all of them. In 2008, Kim et al. [10] proposed a new distance bounding protocol with the objective of being the best one in terms of security, privacy, tag computational overhead and fault tolerance- as claimed by their authors. The study of this recent protocol is the main subject of this paper. We present a passive full disclosure attack which allows an adversary-listening the public messages exchanged on the channel- to discover the long-term secret key of the tag. The presented attack is very relevant as it implies that none of the protocol security objectives are guaranteed. Additionally, we also show that the probability of a successful mafia fraud attack against the Reid et al. protocol [16] is bounded by (3/4) n and not by (7/8) n as Piramuthu states in [15].

unknown authors

2009-01-01T23:59:59.000Z

334

Remote inspection system for hazardous sites  

SciTech Connect

Long term storage of special nuclear materials poses a number of problems. One of these is a need to inspect the items being stored from time to time. Yet the environment is hostile to man, with significant radiation exposure resulting from prolonged presence in the storage facility. This paper describes research to provide a remote inspection capability, which could lead to eliminating the need for humans to enter a nuclear storage facility. While there are many ways in which an RI system might be created, this paper describes the development of a prototype remote inspection system, which utilizes virtual reality technology along with robotics. The purpose of this system is to allow the operator to establish a safe and realistic telepresence in a remote environment. In addition, it was desired that the user interface for the system be as intuitive to use as possible, thus eliminating the need for extensive training. The goal of this system is to provide a robotic platform with two cameras, which are capable of providing accurate and reliable stereographic images of the remote environment. One application for the system is that it might be driven down the corridors of a nuclear storage facility and utilized to inspect the drums inside, all without the need for physical human presence. Thus, it is not a true virtual reality system providing simulated graphics, but rather an augmented reality system, which performs remote inspection of an existing, real environment.

Redd, J.; Borst, C.; Volz, R.A.; Everett, L.J. [Texas A and M Univ., College Station, TX (United States). Computer Science Dept.] [Texas A and M Univ., College Station, TX (United States). Computer Science Dept.

1999-04-01T23:59:59.000Z

335

Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks  

E-Print Network (OSTI)

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

Tilaro, F

2011-01-01T23:59:59.000Z

336

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks  

SciTech Connect

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

Hartman, Steven M [ORNL

2012-01-01T23:59:59.000Z

337

Remote rendering using vtk and vic.  

Science Conference Proceedings (OSTI)

This paper presents a remote rendering application that involves the extension of the Visualization Toolkit (vtk) and the Video Conferencing Tool (vie) for use in remote rendering complete with interaction from the remote site using the vie user interface. Vtk is an open source C++ library, with Tel, Python, and Java bindings for computer graphics, image processing, and visualization [3]. Vtk provides a higher level of support, beyond the traditional low-level libraries, for creating visualization applications. Vtk includes algorithms to support the visualization of scalars, vectors, and tensors. Vic is a flexible tool built by Lawrence Berkeley National Laboratory for real-time video conferencing over the Internet [2]. Vie's user interface is built as Tcl/Tk script embedded in the applications. This allows developers to prototype changes to the interface in a simple and straightforward manner.

Olson, R.; Papka, M.E.

2000-09-19T23:59:59.000Z

338

History of remote handling at LAMPF  

SciTech Connect

A portable remote-handling system (Monitor) has been developed for performing remote maintenance on radioactive experimental facilities at the Clinton P. Anderson Meson Physics Facility (LAMPF). This system has been continually improved since its implementation in 1976. The present system has performed highly sophisticated tasks in improving and maintaining the LAMPF experimental facility. Unlike conventional hot-cell remote-handling technology, the Monitor system is portable and highly flexible, thereby allowing quick response to unforeseen tasks with minimal planning and/or special tooling. In addition to performing routine maintenance and repairs, the Monitor system is capable of performing major revisions and improvements to current facilities, keeping pace with new experimental requirements.

Grisham, D.L.; Lambert, J.E.

1982-01-01T23:59:59.000Z

339

Definition: Remote Service Switch | Open Energy Information  

Open Energy Info (EERE)

Service Switch Service Switch Jump to: navigation, search Dictionary.png Remote Service Switch A power switch within a smart meter that allows a utility to turn electrical service to a residential customer premise on or off. The switch is remotely operated from the utility using the AMI communications infrastructure. This feature is limited to residential meters providing 200 amp service or less, and allows a utility to quickly switch service without having to roll a service truck. This can be particularly useful for reducing service time and associated costs for establishing or terminating services for move-ins/move-outs, or for switching off service for safety reasons.[1] Related Terms advanced metering infrastructure References ↑ https://www.smartgrid.gov/category/technology/remote_service_switch

340

Remote sensing of cirrus cloud particle size and optical depth using polarimetric sensor measurements  

E-Print Network (OSTI)

and J. Pelon, 1999b: Remote sensing of cirrus radiativepar- ticles: Remote sensing and climatic implications.S. C. Tsay, 1999: Remote sensing of cirrus cloud parameters

Ou, Szu-cheng C; Liou, K N; Takano, Y; Slonaker, R L

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

T-606: Sun Java System Access Manager Lets Remote Users Partially...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

06: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data T-606: Sun Java System Access Manager Lets Remote...

342

Geobotanical Remote Sensing for Geothermal Exploration  

DOE Green Energy (OSTI)

This paper presents a plan for increasing the mapped resource base for geothermal exploration in the Western US. We plan to image large areas in the western US with recently developed high resolution hyperspectral geobotanical remote sensing tools. The proposed imaging systems have the ability to map visible faults, surface effluents, historical signatures, and discover subtle hidden faults and hidden thermal systems. Large regions can be imaged at reasonable costs. The technique of geobotanical remote sensing for geothermal signatures is based on recent successes in mapping faults and effluents the Long Valley Caldera and Mammoth Mountain in California.

Pickles, W L; Kasameyer, P W; Martini, B A; Potts, D C; Silver, E A

2001-05-22T23:59:59.000Z

343

Microwave remote sensing of ionized air.  

SciTech Connect

We present observations of microwave scattering from ambient room air ionized with a negative ion generator. The frequency dependence of the radar cross section of ionized air was measured from 26.5 to 40 GHz (Ka-band) in a bistatic mode with an Agilent PNA-X series (model N5245A) vector network analyzer. A detailed calibration scheme is provided to minimize the effect of the stray background field and system frequency response on the target reflection. The feasibility of detecting the microwave reflection from ionized air portends many potential applications such as remote sensing of atmospheric ionization and remote detection of radioactive ionization of air.

Liao, S.; Gopalsami, N.; Heifetz, A.; Elmer, T.; Fiflis, P.; Koehl, E. R.; Chien, H. T.; Raptis, A. C. (Nuclear Engineering Division)

2011-07-01T23:59:59.000Z

344

Remote Sensing of Chiral Signatures on Mars  

E-Print Network (OSTI)

We describe circular polarization as a remote sensing diagnostic of chiral signatures which may be applied to Mars. The remarkable phenomenon of homochirality provides a unique biosignature which can be amenable to remote sensing through circular polarization spectroscopy. The natural tendency of microbes to congregate in close knit communities would be beneficial for such a survey. Observations of selected areas of the Mars surface could reveal chiral signatures and hence explore the possibility of extant or preserved biological material. We describe a new instrumental technique that may enable observations of this form.

Sparks, William; Germer, Thomas A; Robb, Frank; Kolokolova, Ludmilla

2012-01-01T23:59:59.000Z

345

SOLERAS - solar applications in remote locations  

Science Conference Proceedings (OSTI)

The purpose of this international technology workshop was to promote the exchange of research information on solar applications in remote locations. Scientists and engineers from the United States, Saudia Arabia, Central and South America, Southeast Asia, and Oceania were represented at this sixth annual workshop conducted under the auspices of the SOLERAS program. The objective of the workshop was to address the issues of construction, operation, and maintenance of solar energy systems in remote locations. Photovoltaic, wind, solar thermal, biomass, and geothermal technologies were considered. Also considered was the use of solar energy for agricultural purposes. Each paper has been separately indexed for inclusion in the Energy Data Base.

Khoshaim, B.H.; Williamson, J.S.; Meiners, A.; Mallory, R. (eds.)

1985-05-01T23:59:59.000Z

346

Category:Remote Sensing Techniques | Open Energy Information  

Open Energy Info (EERE)

Remote Sensing Techniques Remote Sensing Techniques Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Geothermalpower.jpg Looking for the Remote Sensing Techniques page? For detailed information on remote sensing techniques used as a geothermal exploration technique, click here. Category: Remote Sensing Techniques Add.png Add a new Remote Sensing Technique Subcategories This category has the following 2 subcategories, out of 2 total. A [+] Active Sensors‎ (1 categories) 2 pages P [×] Passive Sensors‎ 13 pages Pages in category "Remote Sensing Techniques" The following 2 pages are in this category, out of 2 total. A Active Sensors L Long-Wave Infrared Retrieved from "http://en.openei.org/w/index.php?title=Category:Remote_Sensing_Techniques&oldid=594055"

347

On-Road Emissions in Asia Measured by Remote Sensing.  

E-Print Network (OSTI)

On-Road Emissions in Asia Measured by Remote Sensing. · Donald H. Stedman, Gary A. Bishop on-road advantage · Large on-road emissions cause poor air quality. · Remote sensing measures on

Denver, University of

348

IMBALANCED RADIATION ENTROPY AND IMPLICATIONS FOR REMOTE SENSING  

E-Print Network (OSTI)

IMBALANCED RADIATION ENTROPY AND IMPLICATIONS FOR REMOTE SENSING Yangang Liu, Wei Wu and Warren and radiation entropy is needed to close the system. A new remote sensing approach is presented

Johnson, Peter D.

349

U-220: Google Android DNS Resolver Randomization Flaw Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Off-by-one Bug Lets Remote Users Deny Service U-271: Google Android Dialer TEL URL Handling Flaw Lets Remote Users Deny Service V-065: Adobe Flash Player Buffer Overflow...

350

U-077: Google Chrome Multiple Flaws Let Remote Users Execute...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

overflow in libxml. CVE-2011-3919. A remote user can trigger a stack overflow in glyph handling.CVE-2011-3922. Impact: A remote user can create HTML that, when loaded by the...

351

Center for Interdisciplinary Remotely-Piloted Aircraft Studies (CIRPAS)  

Science Conference Proceedings (OSTI)

A remotely piloted aircraft research facility is described that will provide new capabilities for atmospheric and oceanographic measurements. The aircraft can fly up to 24 h over remote ocean regions, at low or high altitude, and in various other ...

R. T. Bluth; P. A. Durkee; P. Finn; L. M. Russell; J. H. Seinfeld; R. C. Flagan; L. M. Russell; P. A. Crowley

1996-11-01T23:59:59.000Z

352

T-574: Google Chrome Multiple Flaws Let Remote Users Execute...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code T-574: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code March 10, 2011 - 3:05pm Addthis...

353

Blade Manufacturing Improvement: Remote Blade Manufacturing Demonstration  

DOE Green Energy (OSTI)

The objective of this program was to investigate manufacturing improvements for wind turbine blades. The program included a series of test activities to evaluate the strength, deflection, performance, and loading characteristics of the prototype blades. The original contract was extended in order to continue development of several key blade technologies identified in the project. The objective of the remote build task was to demonstrate the concept of manufacturing wind turbine blades at a temporary manufacturing facility in a rural environment. TPI Composites successfully completed a remote manufacturing demonstration in which four blades were fabricated. The remote demonstration used a manufacturing approach which relied upon material ''kits'' that were organized in the factory and shipped to the site. Manufacturing blades at the wind plant site presents serious logistics difficulties and does not appear to be the best approach. A better method appears to be regional manufacturing facilities, which will eliminate most of the transportation cost, without incurring the logistical problems associated with fabrication directly onsite. With this approach the remote facilities would use commonly available industrial infrastructure such as enclosed workbays, overhead cranes, and paved staging areas. Additional fatigue testing of the M20 root stud design was completed with good results. This design provides adhesive bond strength under fatigue loading that exceeds that of the fastener. A new thru-stud bonding concept was developed for the M30 stud design. This approach offers several manufacturing advantages; however, the test results were inconclusive.

ASHWILL, THOMAS D.

2003-05-01T23:59:59.000Z

354

Hybrid power technology for remote military facilities  

DOE Green Energy (OSTI)

The Department of Defense (DoD) operates hundreds of test, evaluation, and training facilities across the US and abroad. Due to the nature of their missions, these facilities are often remote and isolated from the utility grid. The preferred choice for power at these facilities has historically been manned diesel generators. The DoD Photovoltaic Review Committee, estimates that on the order of 350 million gallons of diesel fuel is burned each year to generate the 2000 GWh of electricity required to operate these remote military facilities. Other federal agencies, including the National Park Service and the USDA Forest Service use diesel generators for remote power needs as well. The generation of power diesel generators is both expensive and detrimental to the environment. The augmentation of power from diesel generators with power processing and battery energy storage enhances the efficiency and utilization of the generator resulting in lower fuel consumption and lower generator run- time in proportion to the amount of renewables added. The hybrid technology can both reduce the cost of power and reduce environmental degradation at remote DoD facilities. This paper describes the expected performance and economics of photovoltaic/diesel hybrid systems. Capabilities and status of systems now being installed at DoD facilities are presented along with financing mechanisms available within DoD.

Chapman, R.N.

1996-09-01T23:59:59.000Z

355

Blade Manufacturing Improvement: Remote Blade Manufacturing Demonstration  

SciTech Connect

The objective of this program was to investigate manufacturing improvements for wind turbine blades. The program included a series of test activities to evaluate the strength, deflection, performance, and loading characteristics of the prototype blades. The original contract was extended in order to continue development of several key blade technologies identified in the project. The objective of the remote build task was to demonstrate the concept of manufacturing wind turbine blades at a temporary manufacturing facility in a rural environment. TPI Composites successfully completed a remote manufacturing demonstration in which four blades were fabricated. The remote demonstration used a manufacturing approach which relied upon material ''kits'' that were organized in the factory and shipped to the site. Manufacturing blades at the wind plant site presents serious logistics difficulties and does not appear to be the best approach. A better method appears to be regional manufacturing facilities, which will eliminate most of the transportation cost, without incurring the logistical problems associated with fabrication directly onsite. With this approach the remote facilities would use commonly available industrial infrastructure such as enclosed workbays, overhead cranes, and paved staging areas. Additional fatigue testing of the M20 root stud design was completed with good results. This design provides adhesive bond strength under fatigue loading that exceeds that of the fastener. A new thru-stud bonding concept was developed for the M30 stud design. This approach offers several manufacturing advantages; however, the test results were inconclusive.

ASHWILL, THOMAS D.

2003-05-01T23:59:59.000Z

356

SCADA architecture with mobile remote components  

Science Conference Proceedings (OSTI)

With the advent of new technologies, the demand of connecting IT systems to the Internet is increasing. This is also the case for Control systems specifically SCADA (Supervisory Control and Data Acquisition) systems. Traditional SCADA systems are connected ... Keywords: SCADA, control systems, mobility, remote components

Tai-Hoon Kim

2010-08-01T23:59:59.000Z

357

Remote PC Security: Securing the home worker  

Science Conference Proceedings (OSTI)

A recent study of 1000 teleworkers in 10 countries, commissioned by Cisco, showed that one in five allows friends, family and others to use their work PC to access the Internet. Now is the time to pull stray remote workers back into the security fold. ...

Steven Furnell

2006-11-01T23:59:59.000Z

358

Alternative Carriers For Remote Renewable Energy Sources Using...  

Open Energy Info (EERE)

Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Journal Article: Alternative Carriers For Remote Renewable Energy Sources Using Existing Cng Infrastructure...

359

Passive Millimeter-Wave Spectrometer for Remote Chemical Detection  

NLE Websites -- All DOE Office Websites (Extended Search)

Passive Millimeter-Wave Spectrometer for Remote Chemical Detection Multimedia Nuclear Systems Analysis Engineering Analysis Nonproliferation and National Security Detection &...

360

TESLA-Based Defense Against Pollution Attacks in P2P Systems with Network Coding  

E-Print Network (OSTI)

TESLA-Based Defense Against Pollution Attacks in P2P Systems with Network Coding Anh Le, Athina and time asymmetry (as in TESLA [1]) to provide source authentication for the detection scheme and non; pollution; detection; identification; TESLA; homomorphic MAC. I. INTRODUCTION Peer-to-peer (P2P) systems

Markopoulou, Athina

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Shedding Some Light on RFID Distance Bounding Protocols and Terrorist Attacks  

E-Print Network (OSTI)

During the last years, researchers have focused on designing secure and efficient RFID authentication protocols. The vast majority of these protocols assume proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios, an intruder can be located between the prover (tag) and the verifier (reader) and trick the latter into thinking that the prover is in close proximity. This attack is globally known as a relay attack, a kind that includes others such as distance fraud, mafia fraud and terrorist attacks. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed in the last years, but vulnerabilities of major or minor relevance have been identified in all of them. In 2008, Kim et al. [10] proposed a new distance bounding protocol with the objective of being the best one in terms of security, privacy, tag computational overhead and fault tolerance - as claimed by their authors. The study of this rec...

Peris-Lopez, Pedro; Tapiador, J M E; van der Lubbe, Jan C A

2009-01-01T23:59:59.000Z

362

Statement on the Eighth Anniversary of the 9/11 Attacks | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

on the Eighth Anniversary of the 9/11 Attacks on the Eighth Anniversary of the 9/11 Attacks Statement on the Eighth Anniversary of the 9/11 Attacks September 11, 2009 - 12:00am Addthis "Today, we pause to remember the nearly 3,000 men and women who lost their lives in the horrific attacks of 9/11 and to honor the heroes of that terrible day. The people we lost came from all walks of life, all parts of the country, and all corners of the world. What they had in common was their innocence and that they were loved by those they left behind. "Although it has been eight years since that day, we cannot let the passage of time dull our memories or diminish our resolve. We still face grave threats from extremists, and we are deeply grateful to all those who serve our country to keep us safe. I'm especially proud of the men and women at

363

Empirical Study of Tolerating Denial-of-Service Attacks with a Proxy Network  

E-Print Network (OSTI)

­ MicroGrid [9, 10] ­ to study proxy networks with real applications and real DoS attacks. MicroGrid supports detailed packet-level simulation of large networks and use of unmodified applications. With MicroGrid

Chien, Andrew A.

364

[2010] Avoiding Side-Channel Attacks in Embedded Systems with Non-deterministic Branches  

Science Conference Proceedings (OSTI)

In this paper, we suggest handling security in embedded systems by introducing a small architectural change. We propose the use of a non-deterministic branch instruction to generate non-determinism in the execution of encryption algorithms. Non-determinism ... Keywords: embedded system security, side-channel attacks, hiding countermeasure

Pedro Malagon, Juan-Mariano de Goyeneche, Marina Zapater, Jose M. Moya

2010-01-01T23:59:59.000Z

365

False data injection attacks against state estimation in electric power grids  

Science Conference Proceedings (OSTI)

A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, ... Keywords: Power grids, attack, state estimation

Yao Liu; Peng Ning; Michael K. Reiter

2011-05-01T23:59:59.000Z

366

Not-a-Bot: improving service availability in the face of botnet attacks  

Science Conference Proceedings (OSTI)

A large fraction of email spam, distributed denial-of-service (DDoS) attacks, and click-fraud on web advertisements are caused by traffic sent from compromised machines that form botnets. This paper posits that by identifying human-generated traffic ...

Ramakrishna Gummadi; Hari Balakrishnan; Petros Maniatis; Sylvia Ratnasamy

2009-04-01T23:59:59.000Z

367

Towards an Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computing Devices  

E-Print Network (OSTI)

. These restrictions include limited processor power, memory, and power usage. Whereas a typical desktop system today for these attacks, a system that takes into account the performance, energy, and memory constraints of mobile accesses, to estimate the power consumption using a linear regression model, allowing us to find the energy

Ha, Dong S.

368

Contactless electromagnetic active attack on ring oscillator based true random number generator  

Science Conference Proceedings (OSTI)

True random number generators (TRNGs) are ubiquitous in data security as one of basic cryptographic primitives. They are primarily used as generators of confidential keys, to initialize vectors, to pad values, but also as random masks generators in some ... Keywords: EM injections, IEMI, TRNGs, active attacks, ring oscillators

Pierre Bayon; Lilian Bossuet; Alain Aubert; Viktor Fischer; François Poucheret; Bruno Robisson; Philippe Maurine

2012-05-01T23:59:59.000Z

369

On False Data Injection Attacks against Distributed Energy Routing in Smart Grid  

Science Conference Proceedings (OSTI)

Smart Grid is a new type of energy-based cyber physical system (CPS) that will provide reliable, secure, and efficient energy transmission and distribution. The way to secure the distributed energy routing process that efficiently utilizes the distributed ... Keywords: Smart grid, Distributed energy routing, False data injection attacks, Energy distribution

Jie Lin; Wei Yu; Xinyu Yang; Guobin Xu; Wei Zhao

2012-04-01T23:59:59.000Z

370

A Look In the Mirror: Attacks on Package Managers Author Names Removed for Anonymous Submission  

E-Print Network (OSTI)

for security. There is no protection of package metadata or the root metadata. Package Metadata An attacker can of the package in the package meta- data protects the package from tampering. Packages Resistance to metadata, the package metadata is protected from tam- pering. Packages The signature on the root metadata prevents

Hartman, John H.

371

An Efficient Analytical Solution to Thwart DDoS Attacks in Public Domain  

E-Print Network (OSTI)

In this paper, an analytical model for DDoS attacks detection is proposed, in which propagation of abrupt traffic changes inside public domain is monitored to detect a wide range of DDoS attacks. Although, various statistical measures can be used to construct profile of the traffic normally seen in the network to identify anomalies whenever traffic goes out of profile, we have selected volume and flow measure. Consideration of varying tolerance factors make proposed detection system scalable to the varying network conditions and attack loads in real time. NS-2 network simulator on Linux platform is used as simulation testbed. Simulation results show that our proposed solution gives a drastic improvement in terms of detection rate and false positive rate. However, the mammoth volume generated by DDoS attacks pose the biggest challenge in terms of memory and computational overheads as far as monitoring and analysis of traffic at single point connecting victim is concerned. To address this problem, a distributed...

Gupta, B B; Misra, Manoj; 10.1145/1523103.1523203

2012-01-01T23:59:59.000Z

372

Iago attacks: why the system call API is a bad untrusted RPC interface  

Science Conference Proceedings (OSTI)

In recent years, researchers have proposed systems for running trusted code on an untrusted operating system. Protection mechanisms deployed by such systems keep a malicious kernel from directly manipulating a trusted application's state. Under such ... Keywords: iago attacks, overshadow, system call

Stephen Checkoway; Hovav Shacham

2013-04-01T23:59:59.000Z

373

Passive Faraday-mirror attack in a practical two-way quantum-key-distribution system  

Science Conference Proceedings (OSTI)

The Faraday mirror (FM) plays a very important role in maintaining the stability of two-way plug-and-play quantum key distribution (QKD) systems. However, the practical FM is imperfect, which will not only introduce an additional quantum bit error rate (QBER) but also leave a loophole for Eve to spy the secret key. In this paper we propose a passive Faraday mirror attack in two-way QKD system based on the imperfection of FM. Our analysis shows that if the FM is imperfect, the dimension of Hilbert space spanned by the four states sent by Alice is three instead of two. Thus Eve can distinguish these states with a set of Positive Operator Valued Measure (POVM) operators belonging to three-dimension space, which will reduce the QBER induced by her attack. Furthermore, a relationship between the degree of the imperfection of FM and the transmittance of the practical QKD system is obtained. The results show that the probability that Eve loads her attack successfully depends on the degree of the imperfection of FM rapidly, but the QBER induced by Eve's attack changes slightly with the degree of the FM imperfection.

Sun Shihai; Jiang Musheng; Liang Linmei [Department of Physics, National University of Defense Technology, Changsha 410073 (China)

2011-06-15T23:59:59.000Z

374

The Small and Silent Force Multiplier: A Swarm UAV--Electronic Attack  

Science Conference Proceedings (OSTI)

At the last two decades, according to UAVs concepts and technological advances, there have been lots of unimagined improvements. Nowadays there are serious works and researches about the usage of UAVs in military operations at electronic warfare (EW) ... Keywords: Electronic attack, Electronic warfare, Swarm UAV, UAS, UAV, Unmanned Aircraft Systems, Unmanned aerial vehicle

Polat Cevik; Ibrahim Kocaman; Abdullah S. Akgul; Barbaros Akca

2013-04-01T23:59:59.000Z

375

Security computing for the resiliency of protecting from internal attacks in distributed wireless sensor networks  

Science Conference Proceedings (OSTI)

Wireless sensor network (WSNs) have been making up of a mass of spatially distributed autonomous sensors to monitor physical or environmental conditions. However, security threats to WSNs become increasingly diversified, prevention based due to their ... Keywords: distributed wireless sensor networks, internal attacks, resiliency, security computing, sensor optimum deployment

Xu Huang; Dharmendra Sharma; Muhammad Ahmed

2012-09-01T23:59:59.000Z

376

Adaptive Distributed Traffic Control Service for DDoS Attack Mitigation  

E-Print Network (OSTI)

Frequency and intensity of Internet attacks are rising with an alarming pace. Several technologies and concepts were proposed for fighting distributed denial of service (DDoS) attacks: traceback, pushback, i3, SOS and Mayday. This paper shows that in the case of DDoS reflector attacks they are either ineffective or even counterproductive. We then propose a novel concept and system that extends the control over network traffic by network users to the Internet using adaptive traffic processing devices. We safely delegate partial network management capabilities from network operators to network users. All network packets with a source or destination address owned by a network user can now also be controlled within the Internet instead of only at the network user's Internet uplink. By limiting the traffic control features and by restricting the realm of control to the "owner" of the traffic, we can rule out misuse of this system. Applications of our system are manifold: prevention of source address spoofing, DDoS attack mitigation, distributed firewall-like filtering, new ways of collecting traffic statistics, traceback, distributed network debugging, support for forensic analyses and many more.

Thomas Dübendorfer; Matthias Bossardt; Bernhard Plattner

2005-01-01T23:59:59.000Z

377

Regulating Greenhouse Gas 'Leakage': How California Can Evade the Impending Constitutional Attacks  

Science Conference Proceedings (OSTI)

Federalist greenhouse gas regulation poses many constitutional pitfalls, and some fear that California's cap-and-trade and procurement cap proposals are vulnerable to constitutional challenge. An attack under the commerce clause seems to pose the biggest threat, but the author proposes an alternative that can eliminate this threat: market participation. (author)

Potts, Brian H.

2006-06-15T23:59:59.000Z

378

Regulating greenhouse gas 'leakage': how California can evade the impending constitutional attacks  

Science Conference Proceedings (OSTI)

Federalist greenhouse gas regulation poses many constitutional pitfalls, and some fear that California's cap-and-trade and procurement cap proposals are vulnerable to constitutional challenge. An attack under the commerce clause seems to pose the biggest threat, but the author proposes an alternative that can eliminate this threat: market participation.

Brian H. Potts

2006-06-15T23:59:59.000Z

379

The Jericho Option: Al-Qa'ida and Attacks on Critical Infrastructure  

SciTech Connect

There is no doubt that al-Qaida and its affiliates have displayed, and continue to display, an acute interest in attacking targets that are considered to be important components of the infrastructure of the United States. What has not thus far been carried out, however, is an in-depth examination of the basic nature, historical evolution, and present scope of the organization's objectives that might help government personnel develop sound policy recommendations and analytical indicators to assist in detecting and interdicting plots of this nature. This study was completed with the financial support of the Lawrence Livermore National Laboratory, through a project sponsored by the U.S. Department of Homeland Security, Science and Technology Directorate. It is specifically intended to increase counterterrorism analysts understanding of certain features of al-Qaida's strategy and operations in order to facilitate the anticipation and prevention of attacks directed against our most critical infrastructures. The procedure adopted herein has involved consulting a wide variety of source materials that bear on the topic, ranging from sacred religious texts and historical accounts to al-Qaida-linked materials and the firsthand testimony of captured members of the group. It has also intentionally combined multiple approaches, including exploring the more esoteric religion-historical referents that have served to influence al-Qaida's behavior, providing a strategic analysis of its objectives and targeting rationales, closely examining the statements and writings of al-Qaida leaders and spokesmen (in part on the basis of material translated from primary sources), offering a descriptive analysis of its past global attack patterns, and producing concise but nonetheless in-depth case studies of its previous ''infrastructural'' attacks on U.S. soil. The analyses contained herein tend to support the preliminary assessment made by some of the authors in an earlier report, namely, that transnational jihadist organizations are amongst the extremist groups that are most likely to carry out successful attacks against targets that U.S. officials would categorize as elements of this country's critical infrastructure. These networks clearly have the operational capabilities to conduct these types of attacks, even on a large scale, and they display a number of ideological proclivities that may incline them to attack such targets. Although this seems self-evident, this study has also yielded more detailed insights into the behavior and orientation of al-Qaida and its affiliated networks.

Ackerman, G; Blair, C; Bale, J; Hahn, G; DiLorenzo, E; Vadlamudi, S; Lunsford, C

2006-08-28T23:59:59.000Z

380

Quantum interference of electromagnetic fields from remote quantum memories  

E-Print Network (OSTI)

We observe quantum, Hong-Ou-Mandel, interference of fields produced by two remote atomic memories. High-visibility interference is obtained by utilizing the finite atomic memory time in four-photon delayed coincidence measurements. Interference of fields from remote atomic memories is a crucial element in protocols for scalable generation of multi-node remote qubit entanglement.

T. Chaneliere; D. N. Matsukevich; S. D. Jenkins; S. -Y. Lan; R. Zhao; T. A. B. Kennedy; A. Kuzmich

2006-09-27T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

New Approaches to Forest Monitoring using Remote Sensing  

E-Print Network (OSTI)

New Approaches to Forest Monitoring using Remote Sensing MSS 1972 ASTER 2001 Matt Hansen and John Townshend #12;New Approaches to Forest Monitoring using Remote Sensing ·Sampling approaches for the Boreal remotely sensed data · Matthew C. Hansen, · Stephen V. Stehman, · Peter V. Potapov, · Thomas R. Loveland

382

Multiple Instrument Distributed Aperture Sensor (MIDAS) For Remote Sensing  

E-Print Network (OSTI)

Multiple Instrument Distributed Aperture Sensor (MIDAS) For Remote Sensing Joe Pitman,a , Alan that enables greatly increased return from earth and planetary science remote sensing missions is described are integrated into MIDAS as the primary remote sensing science payload, thereby reducing the cost, resources

Fienup, James R.

383

Remote Sensing of Railroad Locomotive Emissions: A Feasibility Study  

E-Print Network (OSTI)

Remote Sensing of Railroad Locomotive Emissions: A Feasibility Study Peter J. Popp, Gary A. Bishop, DC 20590 #12;Remote Sensing of Railroad Engine Emissions 2 INTRODUCTION Many cities in the United be #12;Remote Sensing of Railroad Engine Emissions 3 operated at a preset power output and fixed engine

Denver, University of

384

Remote Sensing Data and Information for Hydrological Monitoring and Modeling  

E-Print Network (OSTI)

1 Remote Sensing Data and Information for Hydrological Monitoring and Modeling Reza Khanbilvardi Springs, MD, USA 1 Introduction Remote sensing data and information are shown great potential in supplying measurements, remote sensing based measurements are spatially averages over the pixels can appropriate

Krakauer, Nir Y.

385

EN-025 Tools & Applications December 2008 Lidar Remote Sensing  

E-Print Network (OSTI)

EN-025 Tools & Applications December 2008 Lidar Remote Sensing: Mapping British Columbia's Forests with Lasers By Christopher W. Bater, Denis Collins, and Nicholas C. Coops KEYWORDS: remote sensing, lidar. Collins, and N.C. Coops. 2008. Lidar remote sensing: mapping British Columbia's forests with lasers

386

Multivariate and Supervised Approaches for Mathematical Morphology in Remote Sensing  

E-Print Network (OSTI)

Multivariate and Supervised Approaches for Mathematical Morphology in Remote Sensing S´ebastien Lef`evre Image Sciences, Computer Sciences and Remote Sensing Laboratory (LSIIT) Models, Image and Vision Team MM Supervised MM Applications in Remote Sensing Conclusion Mathematical Morphology is a powerful

Lefèvre, Sébastien

387

Remote Sensing Messungen zur on-road Bestimmung der  

E-Print Network (OSTI)

LUBETRAX Remote Sensing Messungen zur on-road Bestimmung der Abgase von schweren Motorfahrzeugen, Chur, ZĂĽrich, Brugg Dr. Peter Maly (Projektleitung) Dr. Stefan Scherer Dr. G.A. Bishop (Remote Sensing;Inhaltsverzeichnis Zusammenfassung 1 1. Einleitung und Zielsetzung 3 1.1 Remote Sensing Messungen (FEAT) 4 1

Denver, University of

388

Real-time Remote Sensing of Snowmobiles Emissions at  

E-Print Network (OSTI)

Real-time Remote Sensing of Snowmobiles Emissions at Yellowstone National Park: An Oxygenated Fuel 68509 #12;Real-time Remote Sensing of Snowmobile Emissions at Yellowstone National Park 2 Executive Summary In the winter of 1999, the University of Denver conducted a remote sensing study at Yellowstone

Denver, University of

389

Wireless Tomography, Part I: A Novel Approach to Remote Sensing  

E-Print Network (OSTI)

Wireless Tomography, Part I: A Novel Approach to Remote Sensing R. C. Qiu, M. C. Wicks, L. Li, Z. Browning.12@us.af.mil Abstract--Wireless tomography, a novel approach to remote sensing, is proposed--radio frequency tomography, remote sensing, cognitive radar, cognitive radio. I. INTRODUCTION The ever increasing

Qiu, Robert Caiming

390

Remote Sensing of Western-Caribbean Coral Communities  

E-Print Network (OSTI)

Remote Sensing of Western-Caribbean Coral Communities Introduction: Despite the fact that coral. Remote sensing has been suggested as a potential tool for monitoring the spatial extent, health the Spectral Reflectance of Corals In-Situ. GIScience and Remote Sensing. Maeder, J., Narumalani, S., Rundquist

Nebraska-Lincoln, University of

391

Remote Sensing Tools Can Add Precision to Your Farming Operation  

E-Print Network (OSTI)

Remote Sensing Tools Can Add Precision to Your Farming Operation Harold Kaufman, Terry Wheeler is therefore important for the success of precision agriculture on individual farms. Remote sensing is a method.digitalglobe.com). However, the most inexpensive method of remote sensing is to shoot infrared images with a 35mm camera

Mukhtar, Saqib

392

UAS remote sensing missions for rangeland applications Andrea S. Lalibertea  

E-Print Network (OSTI)

UAS remote sensing missions for rangeland applications Andrea S. Lalibertea *, Craig Wintersb for remote sensing applications from unmanned aircraft systems (UAS). In this article, we describe a proven workflow for UAS-based remote sensing, and discuss geometric errors of image mosaics and classification

393

Remote Sensing in Support of Multilateral Environmental Agreements  

E-Print Network (OSTI)

Remote Sensing in Support of Multilateral Environmental Agreements Alex de Sherbinin CIESIN, from 172 in 1970 to more than 475 today · the sophistication of remote sensing and geospatial sets · the number of global and regional initiatives attempting to apply remote sensing (RS

Columbia University

394

Remote Sensing of Natural Areas: Procedures and Considerations for  

E-Print Network (OSTI)

1 Remote Sensing of Natural Areas: Procedures and Considerations for Assessing Stress and Pollution Jason Goldberg, James Perry, and John Anderson Coastal Ecosystems and Remote Sensing Program Introduction Remote sensing can be defined as the acquisi- tion and measurement of data/information on some

395

Remote Sensing Applications for Sustainable Aquaculture in Africa  

E-Print Network (OSTI)

Remote Sensing Applications for Sustainable Aquaculture in Africa Joseph E. Quansah1 , Gilbert L of the science with respect to remote sensing applications for aquaculture, including site location, aquaculture for multi-sensor remote sensing deployment to support sustainable fish production in these environments

Jiang, Wen

396

Chris Densham T2K Target Remote Handling  

E-Print Network (OSTI)

Chris Densham T2K Target Remote Handling CJ Densham, MD Fitton, M Baldwin, M Woodward Rutherford are handled by remote controlled crane. Concrete shield Horns are shielded by iron and concrete shields A numerical controlled crane is used in the TS. A remote handling machine is attached to this crane. Crane

McDonald, Kirk

397

Towards an Abstraction for Remote Evaluation in Erlang  

E-Print Network (OSTI)

as parameters as well. 4. Considerations for Proposed Solutions Although solutions for handling remote spawning codebases are handled, a remote node may also require that certain code dependencies use the local versionTowards an Abstraction for Remote Evaluation in Erlang Adrian Francalanza CS, ICT, University

Francalanza, Adrian

398

Guidelines for Handling Confidential Information by Remote Access  

E-Print Network (OSTI)

Guidelines for Handling Confidential Information by Remote Access You have signed an OHSU of your access to OHSU electronic information and/or other sanctions. Remember, using remote access of the OHSU facilities. When you are utilizing remote access, you must provide the same level of security used

Chapman, Michael S.

399

ATMO 642 Remote Sensing of the Atmosphere Jan. 17, 2012 ATMO 642: Remote Sensing of the Atmosphere  

E-Print Network (OSTI)

ATMO 642 Remote Sensing of the Atmosphere Jan. 17, 2012 ATMO 642: Remote Sensing of the Atmosphere. 15 % Exam 1 15 % Exam 2 15 % Exam 3 30 % Homework/In class exercises 25 % Project #12;ATMO 642 Remote Sensing of the Atmosphere Jan. 17, 2012 Project: We are going to have a semester long research project

Peterson, Blake R.

400

Remote/New sites: Many Field  

NLE Websites -- All DOE Office Websites (Extended Search)

Remote/New sites: Many Field Remote/New sites: Many Field Campaigns require temporary installations on non-ACRF sites. This requires identification of landowners, negotiation of leases, and infrastructure logistics for electrical and internet connectivity. Argonne National Laboratory is managed by UChicago-Argonne LLC for the U.S. Department of Energy SGP Field Campaigns: The Other Side of Operations Brad W. Orr 1 Dan J. Rusk 2 John Schatz 2 Dan Nelson 2 David Breedlove 2 Douglas L. Sisterson 1 1 Argonne National Laboratory, Argonne, IL 2 ACRF/SGP, Cherokee Nation Distributors, Stilwell, OK Background Implementation All departments must work closely together to implement a campaign. In addition they must have the flexibility to adapt to new and unique instrument deployments. The

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

REMEM: REmote MEMory as Checkpointing Storage  

SciTech Connect

Checkpointing is a widely used mechanism for supporting fault tolerance, but notorious in its high-cost disk access. The idea of memory-based checkpointing has been extensively studied in research but made little success in practice due to its complexity and potential reliability concerns. In this study we present the design and implementation of REMEM, a REmote MEMory checkpointing system to extend the checkpointing storage from disk to remote memory. A unique feature of REMEM is that it can be integrated into existing disk-based checkpointing systems seamlessly. A user can flexibly switch between REMEM and disk as checkpointing storage to balance the efficiency and reliability. The implementation of REMEM on Open MPI is also introduced. The experimental results confirm that REMEM and the proposed adaptive checkpointing storage selection are promising in both performance, reliability and scalability.

Jin, Hui [Illinois Institute of Technology; Sun, Xian-He [Illinois Institute of Technology; Chen, Yong [ORNL; Ke, Tao [Illinois Institute of Technology

2010-01-01T23:59:59.000Z

402

Polarimetric Remote Sensing of Solar System Objects  

E-Print Network (OSTI)

This book outlines the basic physical principles and practical methods of polarimetric remote sensing of Solar System objects and summarizes numerous advanced applications of polarimetry in geophysics and planetary astrophysics. In the first chapter we present a complete and rigorous theory of electromagnetic scattering by disperse media directly based on the Maxwell equations and describe advanced physically based modeling tools. This is followed, in Chapter 2, by a theoretical analysis of polarimetry as a remote-sensing tool and an outline of basic principles of polarimetric measurements and their practical implementations. In Chapters 3 and 4, we describe the results of extensive ground-based, aircraft, and spacecraft observations of numerous Solar System objects (the Earth and other planets, planetary satellites, Saturn's rings, asteroids, trans-Neptunian objects, and comets). Theoretical analyses of these data are used to retrieve optical and physical characteristics of planetary surfaces and atmospheres...

Mishchenko, M I; Kiselev, N N; Lupishko, D F; Tishkovets, V P; Kaydash, V G; Belskaya, I N; Efimov, Y S; Shakhovskoy, N M

2010-01-01T23:59:59.000Z

403

Remote procedure execution software for distributed systems  

SciTech Connect

Remote Procedure Execution facilitates the construction of distributed software systems, spanning computers of various types. Programmers who use the RPX package specify subroutine calls which are to be executed on a remote computer. RPX is used to generate code for dummy routines which transmit input parameters and receive output parameters, as well as a main program which receives procedure call requests, calls the requested procedure, and returns the result. The package automatically performs datatype conversions and uses an appropriate connection oriented protocol. Supported operating systems/processors are VMS(VAX), UNIX(MIPS R2000, R3000) and Software Components Group's pSOS (680x0). Connection oriented protocols are supported over Ethernet (TCP/IP) and RS232 (a package of our own design). 2 refs., 2 figs.

Petravick, D.L.; Berman, E.F.; Sergey, G.P.

1989-05-01T23:59:59.000Z

404

Self-referencing remote optical probe  

DOE Patents (OSTI)

A probe for remote spectrometric measurements of fluid samples having a hollow probe body with a sliding reflective plug therein and a lens at one end, ports for admitting and expelling the fluid sample and a means for moving the reflector so that reference measurement can be made with the reflector in a first position near the lens and a sample measurement can be made with the reflector away from the lens and the fluid sample between the reflector and the lens. Comparison of the two measurements will yield the composition of the fluid sample. The probe is preferably used for remote measurements and light is carried to and from the probe via fiber optic cables. 3 figs.

O' Rourke, P.E.; Prather, W.S.; Livingston, R.R.

1990-02-12T23:59:59.000Z

405

Self-referencing remote optical probe  

DOE Patents (OSTI)

A probe is described for remote spectrometric measurements of fluid samples having a hollow probe body with a sliding reflective plug therein and a lens at one end, ports for admitting and expelling the fluid sample and a means for moving the reflector so that reference measurement can be made with the reflector in a first position near the lens and a sample measurement can be made with the reflector away from the lens and the fluid sample between the reflector and the lens. Comparison of the two measurements will yield the composition of the fluid sample. The probe is preferably used for remote measurements and light is carried to and from the probe via fiber optic cables. 3 figures.

O' Rourke, P.E.; Prather, W.S.; Livingston, R.R.

1991-08-13T23:59:59.000Z

406

Small geothermal electric systems for remote powering  

DOE Green Energy (OSTI)

This report describes conditions and costs at which quite small (100 to 1,000 kilowatt) geothermal systems could be used for off-grid powering at remote locations. This is a first step in a larger process of determining locations and conditions at which markets for such systems could be developed. The results suggest that small geothermal systems offer substantial economic and environmental advantages for powering off-grid towns and villages. Geothermal power is most likely to be economic if the system size is 300 kW or greater, down to reservoir temperatures of 100{degree}C. For system sizes smaller than 300 kW, the economics can be favorable if the reservoir temperature is about 120{degree}C or above. Important markets include sites remote from grids in many developing and developed countries. Estimates of geothermal resources in many developing countries are shown.

Entingh, Daniel J.; Easwaran, Eyob.; McLarty, Lynn

1994-08-08T23:59:59.000Z

407

Portsmouth X300 remote assay monitor system  

SciTech Connect

Personnel in the Instrumentation and Controls Division at Oak Ridge National Laboratory (ORNL) in association with the United States Enrichment Corporation (USEC) have recently developed a system for monitoring and tracking the assay of enriched uranium from the production facilities at the Portsmouth Gaseous Diffusion Plant (PORTS). This work was sponsored by the USEC and has involved the expansion and improvement of an existing system that was developed by ORNL. The system provides control room operators with real-time information on the withdrawal operations of uranium hexafluoride at the withdrawal stations at PORTS. An additional system was developed to display the real-time information from each of the three withdrawal stations at a remotely located building. This report describes the remote assay monitor and display system that has been developed and installed at PORTS Building X300.

Smith, D.E.

1996-07-01T23:59:59.000Z

408

Depolarization remote sensing by orthogonality breaking  

E-Print Network (OSTI)

A new concept devoted to sensing the depolarization strength of materials from a single measurement is proposed and successfully validated on a variety of samples. It relies on the measurement of the orthogonality breaking between two orthogonal states of polarization after interaction with the material to be characterized. The two fields orthogonality being preserved after propagation in birefringent media, this concept is shown to be perfectly suited to depolarization remote sensing through fibers, opening the way to real time depolarization endoscopy.

Fade, Julien

2012-01-01T23:59:59.000Z

409

Flexible Network Attached Storage using Remote DMA  

E-Print Network (OSTI)

We propose to make nodes in a cluster double as compute nodes and network attached storage (NAS) nodes. This allows for a flexible and customizable storage system as the NAS control software is handled by regular workstations. The nodes can still be efficient compute nodes if networks with remote DMA capabilities are used, as such networks remove the processor from the data forwarding loop. We demonstrate this through measurements of a prototype implementation.

Jřrgen S. Hansen

2001-01-01T23:59:59.000Z

410

Remote controlled vacuum joint closure mechanism  

DOE Patents (OSTI)

A remotely operable and maintainable vacuum joint closure mechanism for a noncircular aperture is disclosed. The closure mechanism includes an extendible bellows coupled at one end to a noncircular duct and at its other end to a flange assembly having sealed grooves for establishing a high vacuum seal with the abutting surface of a facing flange which includes an aperture forming part of the system to be evacuated. A plurality of generally linear arrangements of pivotally coupled linkages and piston combinations are mounted around the outer surface of the duct and aligned along the length thereof. Each of the piston/linkage assemblies is adapted to engage the flange assembly by means of a respective piston and is further coupled to a remote controlled piston drive shaft to permit each of the linkages positioned on a respective flat outer surface of the duct to simultaneously and uniformly displace a corresponding piston and the flange assembly with which it is in contact along the length of the duct in extending the bellows to provide a high vacuum seal between the movable flange and the facing flange. A plurality of latch mechanisms are also pivotally mounted on the outside of the duct. A first end of each of the latch mechanisms is coupled to a remotely controlled latch control shaft for displacing the latch mechanism about its pivot point. In response to the pivoting displacement of the latch mechanism, a second end thereof is displaced so as to securely engage the facing flange.

Doll, David W. (San Diego, CA); Hager, E. Randolph (La Jolla, CA)

1986-01-01T23:59:59.000Z

411

A Survey of Attacks, Security Mechanisms and Challenges in Wireless Sensor Networks  

E-Print Network (OSTI)

Wireless Sensor networks (WSN) is an emerging technology and have great potential to be employed in critical situations like battlefields and commercial applications such as building, traffic surveillance, habitat monitoring and smart homes and many more scenarios. One of the major challenges wireless sensor networks face today is security. While the deployment of sensor nodes in an unattended environment makes the networks vulnerable to a variety of potential attacks, the inherent power and memory limitations of sensor nodes makes conventional security solutions unfeasible. The sensing technology combined with processing power and wireless communication makes it profitable for being exploited in great quantity in future. The wireless communication technology also acquires various types of security threats. This paper discusses a wide variety of attacks in WSN and their classification mechanisms and different securities available to handle them including the challenges faced.

Padmavathi, Dr G

2009-01-01T23:59:59.000Z

412

Computer Security: Computer security threats, vulnerabilities and attacks (3/4)  

E-Print Network (OSTI)

Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

CERN. Geneva

2012-01-01T23:59:59.000Z

413

The economic impacts of the September 11 terrorist attacks: a computable general equilibrium analysis  

SciTech Connect

This paper develops a bottom-up approach that focuses on behavioral responses in estimating the total economic impacts of the September 11, 2001, World Trade Center (WTC) attacks. The estimation includes several new features. First, is the collection of data on the relocation of firms displaced by the attack, the major source of resilience in muting the direct impacts of the event. Second, is a new estimate of the major source of impacts off-site -- the ensuing decline of air travel and related tourism in the U.S. due to the social amplification of the fear of terrorism. Third, the estimation is performed for the first time using Computable General Equilibrium (CGE) analysis, including a new approach to reflecting the direct effects of external shocks. This modeling framework has many advantages in this application, such as the ability to include behavioral responses of individual businesses and households, to incorporate features of inherent and adaptive resilience at the level of the individual decision maker and the market, and to gauge quantity and price interaction effects across sectors of the regional and national economies. We find that the total business interruption losses from the WTC attacks on the U.S. economy were only slightly over $100 billion, or less than 1.0% of Gross Domestic Product. The impacts were only a loss of $14 billion of Gross Regional Product for the New York Metropolitan Area.

Oladosu, Gbadebo A [ORNL; Rose, Adam [University of Southern California, Los Angeles; Bumsoo, Lee [University of Illinois; Asay, Gary [University of Southern California

2009-01-01T23:59:59.000Z

414

Ambrosia Beetle (Coleoptera: Scolytidae) Species, Flight, and Attack on Living Eastern Cottonwood Trees.  

SciTech Connect

ABSTRACT In spring 2002, ambrosia beetles (Coleoptera: Scolytidae) infested an intensively managed 22-ha tree plantation on the upper coastal plain of South Carolina. Nearly 3,500 scolytids representing 28 species were captured in ethanol-baited traps from 18 June 2002 to 18 April 2004. More than 88% of total captures were exotic species. Five species [Dryoxylon onoharaensum (Murayama), Euwallacea validus (Eichhoff), Pseudopityophthorus minutissimus (Zimmermann), Xyleborus atratus Eichhoff, and Xyleborus impressus Eichhoff]) were collected in South Carolina for the Ă?Â?Ă?Â?rst time. Of four tree species in the plantation, eastern cottonwood, Populus deltoides Bartram, was the only one attacked, with nearly 40% of the trees sustaining ambrosia beetle damage. Clone ST66 sustained more damage than clone S7C15. ST66 trees receiving fertilization were attacked more frequently than trees receiving irrigation, irrigation_fertilization, or controls, although the number of S7C15 trees attacked did not differ among treatments. The study location is near major shipping ports; our results demonstrate the necessity for intensive monitoring programs to determine the arrival, spread, ecology, and impact of exotic scolytids.

D.R. Coyle; D.C. Booth: M.S. Wallace

2005-12-01T23:59:59.000Z

415

Minimum State Awareness for Resilient Control Systems Under Cyber-Attack  

Science Conference Proceedings (OSTI)

State awareness for a control system is the accurate knowledge of the internal states of the system realization. To maintain stable operation, a controller requires a certain degree of state awareness. By definition, a cyber-attacker decreases the state awareness by modifying or removing the information available to the operator and control system. By doing so, the attacker can directly cause damage to the physical system through the control system, or indirectly by causing the operator to react in a damaging manner to the false information. In a number of recent papers, detection and mitigation strategies have been proposed that assume state awareness. The goal of the attacker to reduce or remove state awareness makes this assumption invalid for most situations. One of the central problems of resilient control is developing methods to retain sufficient state awareness to continue operation during a cyberattack. In this paper, we will define state awareness, discuss the consequences of loss of state awareness, and some potential research directions for maintaining state awareness.

Kisner, Roger [ORNL; Fugate, David L [ORNL; McIntyre, Timothy J [ORNL

2012-01-01T23:59:59.000Z

416

Protecting Buildings From a Biological or Chemical Attack: actions to take  

NLE Websites -- All DOE Office Websites (Extended Search)

Protecting Buildings From a Biological or Chemical Attack: actions to take Protecting Buildings From a Biological or Chemical Attack: actions to take before or during a release Title Protecting Buildings From a Biological or Chemical Attack: actions to take before or during a release Publication Type Report Year of Publication 2003 Authors Price, Phillip N., Michael D. Sohn, Ashok J. Gadgil, William W. Delp, David M. Lorenzetti, Elizabeth U. Finlayson, Tracy L. Thatcher, Richard G. Sextro, Elisabeth A. Derby, and Sondra A. Jarvis Abstract This report presents advice on how to operate a building to reduce casualties from a biological or chemical attack, as well as potential changes to the building (e.g. the design of the ventilation system) that could make it more secure. It also documents the assumptions and reasoning behind the advice. The particular circumstances of any attack, such as the ventilation system design, building occupancy, agent type, source strength and location, and so on, may differ from the assumptions made here, in which case actions other than our recommendations may be required; we hope that by understanding the rationale behind the advice, building operators can modify it as required for their circumstances. The advice was prepared by members of the Airflow and Pollutant Transport Group, which is part of the Indoor Environment Department at the Lawrence Berkeley National Laboratory. The group's expertise in this area includes: tracer-gas measurements of airflows in buildings (Sextro, Thatcher); design and operation of commercial building ventilation systems (Delp); modeling and analysis of airflow and tracer gas transport in large indoor spaces (Finlayson, Gadgil, Price); modeling of gas releases in multi-zone buildings (Sohn, Lorenzetti, Finlayson, Sextro); and occupational health and safety experience related to building design and operation (Sextro, Delp). This report is concerned only with building design and operation; it is not a how-to manual for emergency response. Many important emergency response topics are not covered here, including crowd control, medical treatment, evidence gathering, decontamination methods, and rescue gear

417

U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Cisco IOS IPSec IKE Unspecified Denial of Service 8: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability April 2, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco IOS XE 2.1.x Cisco IOS XE 2.2.x Cisco IOS XE 2.3.x Cisco IOS XE 2.4.x Cisco IOS XE 2.5.x Cisco IOS XE 2.6.x Cisco IOS XE 3.1.x Cisco IOS XE 3.3.x ABSTRACT: The IKEv1 feature of Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected device. REFERENCE LINKS: Vendor Advisory Secunia Advisory SA48607 CVE-2012-0381 iMPACT ASSESSMENT: High discussion: The March 28, 2012, Cisco IOS Software Security Advisory bundled

418

U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Citrix Provisioning Services Unspecified Flaw Lets Remote 1: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code May 3, 2012 - 7:00am Addthis PROBLEM: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: 6.1 and prior ABSTRACT: A vulnerability was reported in Citrix Provisioning Services. A remote user can execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1027004 Secunia Advisory SA48971 Citrix advisory IMPACT ASSESSMENT: Medium Discussion: A remote user can send a specially crafted packet to trigger an unspecified flaw and execute arbitrary code on the target system. The code will run with the privileges of the target service.

419

Freedom and order : how democratic governments abridge civil liberties after terrorist attacks -- and why sometimes they don't  

E-Print Network (OSTI)

This dissertation is driven by the following question: "What explains the variation in governments' civil liberty-abridging responses to terrorist attacks?" In the United States, it was not until a year after the 1995 ...

Rubin, Gabriel, Ph. D. Massachusetts Institute of Technology

2008-01-01T23:59:59.000Z

420

Attacking the Kad Network Peng Wang, James Tyra, Eric Chan-Tin, Tyson Malchow, Denis Foo Kune,  

E-Print Network (OSTI)

Attacking the Kad Network Peng Wang, James Tyra, Eric Chan-Tin, Tyson Malchow, Denis Foo Kune 55455 {pwang,tyra,dchantin,malchow,foo,hopper,kyd}@cs.umn.edu ABSTRACT The Kad network

Kim, Dae-Shik

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Remote vacuum compaction of compressible hazardous waste  

DOE Patents (OSTI)

A system is described for remote vacuum compaction and containment of low-level radioactive or hazardous waste comprising a vacuum source, a sealable first flexible container, and a sealable outer flexible container for receiving one or more first flexible containers. A method for compacting low level radioactive or hazardous waste materials at the point of generation comprising the steps of sealing the waste in a first flexible container, sealing one or more first containers within an outer flexible container, breaching the integrity of the first containers, evacuating the air from the inner and outer containers, and sealing the outer container shut.

Coyne, M.J.; Fiscus, G.M.; Sammel, A.G.

1996-12-31T23:59:59.000Z

422

Remote vacuum compaction of compressible hazardous waste  

DOE Patents (OSTI)

A system for remote vacuum compaction and containment of low-level radioactive or hazardous waste comprising a vacuum source, a sealable first flexible container, and a sealable outer flexible container for receiving one or more first flexible containers. A method for compacting low level radioactive or hazardous waste materials at the point of generation comprising the steps of sealing the waste in a first flexible container, sealing one or more first containers within an outer flexible container, breaching the integrity of the first containers, evacuating the air from the inner and outer containers, and sealing the outer container shut.

Coyne, Martin J. (Pittsburgh, PA); Fiscus, Gregory M. (McMurray, PA); Sammel, Alfred G. (Pittsburgh, PA)

1998-01-01T23:59:59.000Z

423

Remote vacuum compaction of compressible hazardous waste  

DOE Patents (OSTI)

A system is described for remote vacuum compaction and containment of low-level radioactive or hazardous waste comprising a vacuum source, a sealable first flexible container, and a sealable outer flexible container for receiving one or more first flexible containers. A method for compacting low level radioactive or hazardous waste materials at the point of generation comprising the steps of sealing the waste in a first flexible container, sealing one or more first containers within an outer flexible container, breaching the integrity of the first containers, evacuating the air from the inner and outer containers, and sealing the outer container shut. 8 figs.

Coyne, M.J.; Fiscus, G.M.; Sammel, A.G.

1998-10-06T23:59:59.000Z

424

High aspect ratio, remote controlled pumping assembly  

DOE Patents (OSTI)

A miniature dual syringe-type pump assembly is described which has a high aspect ratio and which is remotely controlled, for use such as in a small diameter penetrometer cone or well packer used in water contamination applications. The pump assembly may be used to supply and remove a reagent to a water contamination sensor, for example, and includes a motor, gearhead and motor encoder assembly for turning a drive screw for an actuator which provides pushing on one syringe and pulling on the other syringe for injecting new reagent and withdrawing used reagent from an associated sensor. 4 figs.

Brown, S.B.; Milanovich, F.P.

1995-11-14T23:59:59.000Z

425

Vulnerability analysis of three remote voting methods  

E-Print Network (OSTI)

This article analyses three methods of remote voting in an uncontrolled environment: postal voting, internet voting and hybrid voting. It breaks down the voting process into different stages and compares their vulnerabilities considering criteria that must be respected in any democratic vote: confidentiality, anonymity, transparency, vote unicity and authenticity. Whether for safety or reliability, each vulnerability is quantified by three parameters: size, visibility and difficulty to achieve. The study concludes that the automatisation of treatments combined with the dematerialisation of the objects used during an election tends to substitute visible vulnerabilities of a lesser magnitude by invisible and widespread vulnerabilities.

Enguehard, Chantal

2009-01-01T23:59:59.000Z

426

Remote measurement of ground source emissivity  

SciTech Connect

The remote measurement of the emissivity of ground materials is of tremendous value in their identification and mapping. Traditional techniques use reflected solar radiation for this measurement for wavelengths shorter than 5 {mu}m. With the development of new techniques, the 10 Jim atmospheric transmission window might also be used for this purpose. Previous work using the multi-angle data acquisition technique demonstrated its utility to determine source thermal emission. Here we find the multi-angle technique can be used to determine the source specular reflectivity to {approximately}0.05 if there is very good system performance (NETD {approx} 0.01 K).

Henderson, J.R.

1995-07-01T23:59:59.000Z

427

Millimeter-Wave Remote Biometric Identification and Tracking...  

NLE Websites -- All DOE Office Websites (Extended Search)

- Multimedia Bookmark and Share Millimeter-Wave Remote Biometric Identification and Tracking (RBIT) System for Security Applications Argonne National Laboratory and Northwestern...

428

V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

or userGrant) can send specially crafted data via the web interface or XMLRPC API to gain additional administrative privileges. IMPACT: A remote authenticated user can...

429

Remote Sensing- Principles And Interpretation | Open Energy Informatio...  

Open Energy Info (EERE)

Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Reference Material: Remote Sensing- Principles And Interpretation Details Activities (1) Areas (1) Regions (0)...

430

An Integrated Mapping And Remote Sensing Investigation Of The...  

Open Energy Info (EERE)

And Remote Sensing Investigation Of The Structural Control For Fumarole Location In The Eburru Volcanic Complex, Kenya Rift Jump to: navigation, search GEOTHERMAL ENERGYGeothermal...

431

U-219: Symantec Web Gateway Input Validation Flaws Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords U-219: Symantec Web Gateway Input...

432

Active and Passive Remote Sensing Diagram | Open Energy Information  

Open Energy Info (EERE)

2013 DOI Not Provided Check for DOI availability: http:crossref.org Online Internet link for Active and Passive Remote Sensing Diagram Citation National Aeronautics and...

433

Improved Humidity Profiling by Combining Passive and Active Remote...  

NLE Websites -- All DOE Office Websites (Extended Search)

Science Team Meeting Proceedings, Albuquerque, New Mexico, March 22-26, 2004 Improved Humidity Profiling by Combining Passive and Active Remote Sensors at the Southern Great Plains...

434

Passive Millimeter-Wave Spectrometer for Remote Chemical Detection...  

NLE Websites -- All DOE Office Websites (Extended Search)

Media format Windows Media Format - Low Bandwidth Passive Millimeter-Wave Spectrometer for Remote Chemical Detection shown in this movie clip. :: Please wait until video loads...

435

A Remote Control Room at DIII-D (A25817)  

E-Print Network (OSTI)

Fusion Eng. Design 83, 480 (2008)6th IAEA Technical Committee Meeting on Control, Data Acquisition and Remote Participation for Fusion Research Inuyama, JP, 2007999613940

Abla, G.

2007-05-31T23:59:59.000Z

436

Method of determining forest production from remotely sensed forest parameters  

DOE Patents (OSTI)

A method of determining forest production entirely from remotely sensed data in which remotely sensed multispectral scanner (MSS) data on forest 5 composition is combined with remotely sensed radar imaging data on forest stand biophysical parameters to provide a measure of forest production. A high correlation has been found to exist between the remotely sensed radar imaging data and on site measurements of biophysical 10 parameters such as stand height, diameter at breast height, total tree height, mean area per tree, and timber stand volume.

Corey, J.C.; Mackey, H.E. Jr.

1987-08-31T23:59:59.000Z

437

Design of an Offshore Standby Base for Remote Regions.  

E-Print Network (OSTI)

?? In this Master?s thesis an optimization model for finding the optimal design of a standby base operating in remote regions is presented. The research… (more)

Andresen, Even Sunde

2013-01-01T23:59:59.000Z

438

Airborne remote sensing of estuarine intertidal radionuclide concentrations.  

E-Print Network (OSTI)

??The ability to map industrial discharges through remote sensing provides a powerful tool in environmental monitoring. Radionuclide effluents have been discharged, under authorization, into the… (more)

Rainey, Michael Patrick

1999-01-01T23:59:59.000Z

439

Available Technologies: Remote Detection of Blood Flow in ...  

Remote Detection of Blood Flow in Living Systems with Background-free MRI IB-2444. APPLICATIONS OF TECHNOLOGY: Clinical and experimental MRI; Portable ...

440

Solar-hydrogen systems for remote area power supply.  

E-Print Network (OSTI)

??Remote area power supply (RAPS) is a potential early market for solar-hydrogen systems because of the comparatively high cost of conventional energy sources such as… (more)

Ali, S

2007-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Wind-hydrogen energy systems for remote area power supply.  

E-Print Network (OSTI)

??Wind-hydrogen systems for remote area power supply are an early niche application of sustainable hydrogen energy. Optimal direct coupling between a wind turbine and an… (more)

Janon, A

2009-01-01T23:59:59.000Z

442

U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Directory CRL Validation Flaw Lets Remote Users Bypass Authentication. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server...

443

Microfluidic gas flow profiling using remote detection NMR  

E-Print Network (OSTI)

using remote detection NMR Christian Hilty* † , Eringas mixture containing 0.3% NMR active 129 Xe (1% Xe atNuclear Magnetic Resonance (NMR) to obtain spatially and

Hilty, Christian; McDonnell, Erin; Granwehr, Josef; Pierce, Kimberly; Han, Song-I Han; Pines, Alexander

2005-01-01T23:59:59.000Z

444

Remote sensing survey of the Coso geothermal area, Inyo county...  

Open Energy Info (EERE)

sensing survey of the Coso geothermal area, Inyo county, California. Technical publication 1968--1971 Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Report: Remote...

445

Jefferson Lab Science Series - Remote Control with Computers  

NLE Websites -- All DOE Office Websites (Extended Search)

(AIDS: The Science, The Impact) AIDS: The Science, The Impact Remote Control with Computers Dr. Chip Watson - CEBAF March 14, 1995 Making hundreds of computers do your bidding...

446

Remote control for anode-cathode adjustment  

DOE Patents (OSTI)

An apparatus for remotely adjusting the anode-cathode gap in a pulse power machine has an electric motor located within a hollow cathode inside the vacuum chamber of the pulse power machine. Input information for controlling the motor for adjusting the anode-cathode gap is fed into the apparatus using optical waveguides. The motor, controlled by the input information, drives a worm gear that moves a cathode tip. When the motor drives in one rotational direction, the cathode is moved toward the anode and the size of the anode-cathode gap is diminished. When the motor drives in the other direction, the cathode is moved away from the anode and the size of the anode-cathode gap is increased. The motor is powered by batteries housed in the hollow cathode. The batteries may be rechargeable, and they may be recharged by a photovoltaic cell in combination with an optical waveguide that receives recharging energy from outside the hollow cathode. Alternatively, the anode-cathode gap can be remotely adjusted by a manually-turned handle connected to mechanical linkage which is connected to a jack assembly. The jack assembly converts rotational motion of the handle and mechanical linkage to linear motion of the cathode moving toward or away from the anode.

Roose, Lars D. (Albuquerque, NM)

1991-01-01T23:59:59.000Z

447

Remote control for anode-cathode adjustment  

DOE Patents (OSTI)

An apparatus for remotely adjusting the anode-cathode gap in a pulse power machine has an electric motor located within a hollow cathode inside the vacuum chamber of the pulse power machine. Input information for controlling the motor for adjusting the anode-cathode gap is fed into the apparatus using optical waveguides. The motor, controlled by the input information, drives a worm gear that moves a cathode tip. When the motor drives in one rotational direction, the cathode is moved toward the anode and the size of the anode-cathode gap is diminished. When the motor drives in the other direction, the cathode is moved away from the anode and the size of the anode-cathode gap is increased. The motor is powered by batteries housed in the hollow cathode. The batteries may be rechargeable, and they may be recharged by a photovoltaic cell in combination with an optical waveguide that receives recharging energy from outside the hollow cathode. Alternatively, the anode-cathode gap can be remotely adjusted by a manually-turned handle connected to mechanical linkage which is connected to a jack assembly. The jack assembly converts rotational motion of the handle and mechanical linkage to linear motion of the cathode moving toward or away from the anode. 3 figs.

Roose, L.D.

1989-10-04T23:59:59.000Z

448

System and method for controlling remote devices  

DOE Patents (OSTI)

A system and method for controlling remote devices utilizing a radio frequency identification (RFID) tag device having a control circuit adapted to render the tag device, and associated objects, permanently inoperable in response to radio-frequency control signals. The control circuit is configured to receive the control signals that can include an enable signal, and in response thereto enable an associated object, such as a weapon; and in response to a disable signal, to disable the tag itself, or, if desired, to disable the associated weapon or both the device and the weapon. Permanent disabling of the tag can be accomplished by several methods, including, but not limited to, fusing a fusable link, breaking an electrically conductive path, permanently altering the modulation or backscattering characteristics of the antenna circuit, and permanently erasing an associated memory. In this manner, tags in the possession of unauthorized employees can be remotely disabled, and weapons lost on a battlefield can be easily tracked and enabled or disabled automatically or at will.

Carrender, Curtis Lee (Richland, WA); Gilbert, Ronald W. (Benton City, WA); Scott, Jeff W. (Pasco, WA); Clark, David A. (Kennewick, WA)

2006-02-07T23:59:59.000Z

449

Automatic camera tracking for remote manipulators  

SciTech Connect

The problem of automatic camera tracking of mobile objects is addressed with specific reference to remote manipulators and using either fixed or mobile cameras. The technique uses a kinematic approach employing 4 x 4 coordinate transformation matrices to solve for the needed camera PAN and TILT angles. No vision feedback systems are used, as the required input data are obtained entirely from position sensors from the manipulator and the camera-positioning system. All hardware requirements are generally satisfied by currently available remote manipulator systems with a supervisory computer. The system discussed here implements linear plus on/off (bang-bang) closed-loop control with a +-2-deg deadband. The deadband area is desirable to avoid operator seasickness caused by continuous camera movement. Programming considerations for camera control, including operator interface options, are discussed. The example problem presented is based on an actual implementation using a PDP 11/34 computer, a TeleOperator Systems SM-229 manipulator, and an Oak Ridge National Laboratory (ORNL) camera-positioning system. 3 references, 6 figures, 2 tables.

Stoughton, R.S.; Martin, H.L.; Bentz, R.R.

1984-07-01T23:59:59.000Z

450

Automatic camera tracking for remote manipulators  

Science Conference Proceedings (OSTI)

The problem of automatic camera tracking of mobile objects is addressed with specific reference to remote manipulators and using either fixed or mobile cameras. The technique uses a kinematic approach employing 4 x 4 coordinate transformation matrices to solve for the needed camera PAN and TILT angles. No vision feedback systems are used, as the required input data are obtained entirely from position sensors from the manipulator and the camera-positioning system. All hardware requirements are generally satisfied by currently available remote manipulator systems with a supervisory computer. The system discussed here implements linear plus on/off (bang-bang) closed-loop control with a +-2/sup 0/ deadband. The deadband area is desirable to avoid operator seasickness caused by continuous camera movement. Programming considerations for camera control, including operator interface options, are discussed. The example problem presented is based on an actual implementation using a PDP 11/34 computer, a TeleOperator Systems SM-229 manipulator, and an Oak Ridge National Laboratory (ORNL) camera-positioning system. 3 references, 6 figures, 2 tables.

Stoughton, R.S.; Martin, H.L.; Bentz, R.R.

1984-04-01T23:59:59.000Z

451

Near-surface remote sensing of canopy architecture and land-atmosphere interactions in an oak savanna ecosystem  

E-Print Network (OSTI)

MODIS satellite data. Remote Sensing of Environment, 106,a joint flux tower, remote sensing and modelling analysis.of the algorithm. Remote Sensing of Environment, 110,

Ryu, Youngryel

2010-01-01T23:59:59.000Z

452

Using GIS technology to manage information following a bio-terrorism attack.  

Science Conference Proceedings (OSTI)

The BROOM system was developed to collect, manage and analyze information from bioterrorist attacks on strategic buildings. GIS features help decision-makers and analysts rapidly assess the current status of contaminated facilities and develop optimized cleanup strategies. BROOM consists of networked server, desktop and PDA components. PDAs are deployed to collect samples of suspected bioagents, such as anthrax. Novel geostatistical methods are used to generate contaminant maps and define optimum locations for subsequent sampling. Efficiency and accuracy gains witnessed in field tests show that GIS technology can play a vital role in visualizing, managing and analyzing data from bioterrorism incidents.

Melton, Brad; Ramsey, James L., Jr.; Finley, Patrick

2005-05-01T23:59:59.000Z

453

int. j. remote sensing, 1999, vol. 20, no. 17, 3281 3291 A remote sensing and GIS-based model of habitats and biodiversity in  

E-Print Network (OSTI)

int. j. remote sensing, 1999, vol. 20, no. 17, 3281± 3291 A remote sensing and GIS-based model, University of Kansas, Lawrence, KS 66047, USA and §Kansas Applied Remote Sensing (KARS) Program, 2291 Irving 31 May 1998) Abstract. We used remotely sensed data and geographical information systems (GIS

Debinski, Diane M.

454

EAST TEXAS FOREST INVENTORY (ETFI) PILOT PROJECT REMOTE SENSING PHASE  

E-Print Network (OSTI)

EAST TEXAS FOREST INVENTORY (ETFI) PILOT PROJECT REMOTE SENSING PHASE Dr. Daniel R. Unger, Remote Resources Institute Arthur Temple College of Forestry Stephen F. Austin State University Nacogdoches, Texas the forest resources of East Texas based on the premise that the quantification and qualification of forest

Hung, I-Kuai

455

Remote Patient Monitoring Within a Future 5G Infrastructure  

Science Conference Proceedings (OSTI)

Systems of wearable or implantable medical devices (IMD), sensor systems for monitoring and transmitting physiological recorded signals, will in future health care services be used for purposes of remote monitoring. Today, there exist several constraints, ... Keywords: Implantable medical devices, Mobile communication, Remote monitoring, Security, Telemedicine, Wearable sensors

Vladimir Oleshchuk; Rune Fensli

2011-04-01T23:59:59.000Z

456

Conceptual design analyses for Hanford Site deployable remote spectroscopy systems  

Science Conference Proceedings (OSTI)

This document identifies potential remote, NIR spectroscopic waste surface moisture monitoring system design alternatives to be operated inside one of the Hanford Site, high level, nuclear waste storage tanks. Potential tank waste moisture data impacts from the remote NIR signal transfer through high humidity vapor space is evaluated.

Philipp, B.L.; Reich, F.R.

1994-09-01T23:59:59.000Z

457

Remote Book Browsing System using a Mobile Manipulator Tetsuo Tomizawa  

E-Print Network (OSTI)

Remote Book Browsing System using a Mobile Manipulator Tetsuo Tomizawa , Akihisa Ohya and Shin in this research is to help humans browse books located in a library from a remote location via the Internet. This task was decomposed into three major parts which are, the extraction and return of a book from

Ohya, Akihisa

458

RICE: a reliable and efficient remote instrumentation collaboration environment  

Science Conference Proceedings (OSTI)

Remote access of scientific instruments over the Internet (i.e., remote instrumentation) demand high-resolution (2D and 3D) video image transfers with simultaneous real-time mouse and keyboard controls. Consequently, user quality of experience (QoE) ...

Prasad Calyam; Abdul Kalash; Ramya Gopalan; Sowmya Gopalan; Ashok Krishnamurthy

2008-01-01T23:59:59.000Z

459

Practical parallel remote method invocation for the Babel compiler  

Science Conference Proceedings (OSTI)

Parallel components are types of software components that contain Single Program Multiple Data (SPMD) parallel code and are used and defined by the Common Component Architecture (CCA) component model. Parallel Remote Method Invocation (PRMI) defines ... Keywords: IDL compiler, parallel remote method invocation

Kostadin Damevski; Keming Zhang; Steven Parker

2007-10-01T23:59:59.000Z

460

An open modular system for monitoring remote sensors  

Science Conference Proceedings (OSTI)

The main goal of this project is to monitor and control remote sensors from one or more desalination plants. These plants can be found and distributed from each other miles away. All critical parameters must be controlled. In a desalination plant, the ... Keywords: EJB3, J2EE, SMS, alarm, eclipse, monitoring, remote control, sensor, struts, video camera

Ignacio Solinis-Camalich; Alexis Quesada-Arencibia; Jose Carlos Rodríguez-Rodríguez; Roberto Moreno-Díaz, Jr.

2007-02-01T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Neural network uncertainty assessment using Bayesian statistics with application to remote sensing  

E-Print Network (OSTI)

Neural network uncertainty assessment using Bayesian statistics with application to remote sensing for many inversion problems in remote sensing; however, uncertainty estimates are rarely provided Meteorology and Atmospheric Dynamics: General or miscellaneous; KEYWORDS: remote sensing, uncertainty, neural

Aires, Filipe

462

Remote Sensing and Field Mapping: Requisite Bed Fellows for Assessing River Systems  

E-Print Network (OSTI)

al. 1991. What Does Remote Sensing Do For Ecology? Ecology,B. 2006. Introduction to remote sensing. Edition 4. Guilford2004. The role of remote sensing technology in the EU water

Beagle, Julie

2009-01-01T23:59:59.000Z

463

Remote Sensing of Terrestrial and Submerged Aquatic Vegetation in Fire Island National  

E-Print Network (OSTI)

Remote Sensing of Terrestrial and Submerged Aquatic Vegetation in Fire Island National Seashore Satellite Remote Sensing Data in FIIS Vegetation Mapping The vegetation communities and spatial patterns necessary. #12;Hyperspectral Remote Sensing in Seagrass Habitat Mapping Recent development of hyperspectral

Wang, Y.Q. "Yeqiao"

464

uCom : spatial displays for visual awareness of remote locations  

E-Print Network (OSTI)

uCom enables remote users to be visually aware of each other using "spatial displays" - live views of a remote space assembled according to an estimate of the remote space's layout. The main elements of the system design ...

Araujo Santos, Ana Luisa de

2009-01-01T23:59:59.000Z

465

V-220: Juniper Security Threat Response Manager Lets Remote Authenticated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Juniper Security Threat Response Manager Lets Remote 0: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands V-220: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands August 17, 2013 - 4:01am Addthis PROBLEM: A remote authenticated user can execute arbitrary commands on the target system. PLATFORM: 2010.0, 2012.0, 2012.1, 2013.1 ABSTRACT: A vulnerability was reported in Juniper Security Threat Response Manager (STRM) REFERENCE LINKS: SecurityTracker Alert ID: 1028921 CVE-2013-2970 IMPACT ASSESSMENT: High DISCUSSION: A remote authenticated user can inject commands to execute arbitrary operating system commands with the privileges of the target web service. This can be exploited to gain shell access on the target device.

466

Alternative Carriers For Remote Renewable Energy Sources Using Existing Cng  

Open Energy Info (EERE)

Carriers For Remote Renewable Energy Sources Using Existing Cng Carriers For Remote Renewable Energy Sources Using Existing Cng Infrastructure Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Journal Article: Alternative Carriers For Remote Renewable Energy Sources Using Existing Cng Infrastructure Details Activities (0) Areas (0) Regions (0) Abstract: Optimal locations of renewable energy sources are often remote relative to consumers and electricity grids. In contrast, some existing CNG pipelines pass through optimal renewable energy harvesting regions. The growing interest in the possibility of using geothermal energy in central Australia has created a need to assess the economic, technical, and environmental viability of converting remote renewable energy to fuel for transport using existing CNG pipelines, and to compare this alternative

467

Remote Gas Well Monitoring Technology Applied to Marcellus Shale Site |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Remote Gas Well Monitoring Technology Applied to Marcellus Shale Remote Gas Well Monitoring Technology Applied to Marcellus Shale Site Remote Gas Well Monitoring Technology Applied to Marcellus Shale Site February 10, 2012 - 12:00pm Addthis Washington, DC - A technology to remotely monitor conditions at energy-rich Marcellus Shale gas wells to help insure compliance with environmental requirements has been developed through a research partnership funded by the U.S. Department of Energy (DOE). NETL-RUA researcher Dr. Michael McCawley hasdeveloped a technology to remotely monitor theenvironment around energy-rich Marcellus Shale gas wells. Photo courtesy of West Virginia University.The technology - which involves three wireless monitoring modules to measure volatile organic compounds, dust, light and sound - is currently being tested at a Marcellus

468

Remote implementation of partially unknown operations and its entanglement costs  

E-Print Network (OSTI)

We present the generalized version of Wang's protocol[A.M.Wang, Phys.Rev.A 74,032317 (2006)] for the remote implementation(sometimes referred to as quantum remote control) of partially unknown quantum operations. The protocol only requires no more than half of the entanglements used in Bidirectional Quantum State Teleportation. We also propose a protocol for another form of quantum remote control. It can remotely implement a unitary operation which is a combination of the projective representations of a group. Moreover, we prove that the Schmidt rank of the entanglements cannot not be less than the number of controlled parameters of the operations, which for the first time gives a lower bound on entanglement costs in remote implementation of quantum operations.

Shu-Hui Luo; An-Min Wang

2013-01-24T23:59:59.000Z

469

Fieldable Fourier Transform Spectrometer: System Construction, Background Variability Measurements, and Chemical Attack Warning Experiments  

SciTech Connect

The infrared sensors task at the Pacific Northwest National Laboratory (PNNL) is focused on the science and technology of remote and in-situ chemical sensors for detecting proliferation and countering terrorism. Missions to be addressed by remote chemical sensor development will include detecting proliferation of nuclear or chemical weapons, and providing warning of terrorist use of chemical weapons. Missions to be addressed by in-situ chemical sensor development include countering terrorism by screening luggage, personnel, and shipping containers for explosives, firearms, narcotics, chemical weapons, or chemical weapons residues, and mapping contaminated areas. The science and technology relevant to these primary missions is also likely to be useful for battlefield chemical weapons defense, air operations support, monitoring emissions from chemical weapons destruction facilities or industrial chemical plants, and law enforcement applications. PNNL will seek to serve organizations with direct interest in these missions through collaborative research and development efforts approved by NA-22. During FY02, PNNL began assembling a remote IR detection capability that would allow field experiments to be conducted. The capability consists of a commercially available FTIR (Fourier Transform Infrared) emission spectrometer and a frequency-modulation differential-absorption LIDAR (FM-DIAL) system being developed at PNNL. To provide environmental protection for these systems, a large, well insulated, temperature controlled trailer was specified and procured. While the FTIR system was field-ready, the FM-DIAL system required many modifications to prepare for field deployment. This document provides an overview of the FTIR system, summarizes the modifications made to the FM-DIAL system, and describes the salient features of the remote systems trailer.

Hatchell, Brian K.; Harper, Warren W.; Batishko, Charles R.; Johnson, Timothy J.; Sheen, David M.; Stewart, Timothy L.; Schultz, John F.

2002-10-01T23:59:59.000Z

470

Protecting buildings from a biological or chemical attack: Actions to take before or during a release  

SciTech Connect

This report presents advice on how to operate a building to reduce casualties from a biological or chemical attack, as well as potential changes to the building (e.g. the design of the ventilation system) that could make it more secure. It also documents the assumptions and reasoning behind the advice. The particular circumstances of any attack, such as the ventilation system design, building occupancy, agent type, source strength and location, and so on, may differ from the assumptions made here, in which case actions other than our recommendations may be required; we hope that by understanding the rationale behind the advice, building operators can modify it as required for their circumstances. The advice was prepared by members of the Airflow and Pollutant Transport Group, which is part of the Indoor Environment Department at the Lawrence Berkeley National Laboratory. The group's expertise in this area includes: tracer-gas measurements of airflows in buildings (Sextro, Thatcher); design and operation of commercial building ventilation systems (Delp); modeling and analysis of airflow and tracer gas transport in large indoor spaces (Finlayson, Gadgil, Price); modeling of gas releases in multi-zone buildings (Sohn, Lorenzetti, Finlayson, Sextro); and occupational health and safety experience related to building design and operation (Sextro, Delp). This report is concerned only with building design and operation; it is not a how-to manual for emergency response. Many important emergency response topics are not covered here, including crowd control, medical treatment, evidence gathering, decontamination methods, and rescue gear.

Price, Phillip N.; Sohn, Michael D.; Gadgil, Ashok J.; Delp, William W.; Lorenzetti, David M.; Finlayson, Elizabeth U.; Thatcher, Tracy L.; Sextro, Richard G.; Derby, Elisabeth A.; Jarvis, Sondra A.

2003-01-29T23:59:59.000Z

471

Higher coronary heart disease and heart attack morbidity in Appalachian coal mining regions  

SciTech Connect

This study analyzes the U.S. 2006 Behavioral Risk Factor Surveillance System survey data (N = 235,783) to test whether self-reported cardiovascular disease rates are higher in Appalachian coal mining counties compared to other counties after control for other risks. Dependent variables include self-reported measures of ever (1) being diagnosed with cardiovascular disease (CVD) or with a specific form of CVD including (2) stroke, (3) heart attack, or (4) angina or coronary heart disease (CHD). Independent variables included coal mining, smoking, BMI, drinking, physician supply, diabetes co-morbidity, age, race/ethnicity, education, income, and others. SUDAAN Multilog models were estimated, and odds ratios tested for coal mining effects. After control for covariates, people in Appalachian coal mining areas reported significantly higher risk of CVD (OR = 1.22, 95% CI = 1.14-1.30), angina or CHO (OR = 1.29, 95% C1 = 1.19-1.39) and heart attack (OR = 1.19, 95% C1 = 1.10-1.30). Effects were present for both men and women. Cardiovascular diseases have been linked to both air and water contamination in ways consistent with toxicants found in coal and coal processing. Future research is indicated to assess air and water quality in coal mining communities in Appalachia, with corresponding environmental programs and standards established as indicated.

Hendryx, M.; Zullig, K.J. [West Virginia University, Morgantown, WV (United States). Dept. of Community Medicine

2009-11-15T23:59:59.000Z

472

Protecting buildings from a biological or chemical attack: Actions to take before or during a release  

SciTech Connect

This report presents advice on how to operate a building to reduce casualties from a biological or chemical attack, as well as potential changes to the building (e.g. the design of the ventilation system) that could make it more secure. It also documents the assumptions and reasoning behind the advice. The particular circumstances of any attack, such as the ventilation system design, building occupancy, agent type, source strength and location, and so on, may differ from the assumptions made here, in which case actions other than our recommendations may be required; we hope that by understanding the rationale behind the advice, building operators can modify it as required for their circumstances. The advice was prepared by members of the Airflow and Pollutant Transport Group, which is part of the Indoor Environment Department at the Lawrence Berkeley National Laboratory. The group's expertise in this area includes: tracer-gas measurements of airflows in buildings (Sextro, Thatcher); design and operation of commercial building ventilation systems (Delp); modeling and analysis of airflow and tracer gas transport in large indoor spaces (Finlayson, Gadgil, Price); modeling of gas releases in multi-zone buildings (Sohn, Lorenzetti, Finlayson, Sextro); and occupational health and safety experience related to building design and operation (Sextro, Delp). This report is concerned only with building design and operation; it is not a how-to manual for emergency response. Many important emergency response topics are not covered here, including crowd control, medical treatment, evidence gathering, decontamination methods, and rescue gear.

Price, Phillip N.; Sohn, Michael D.; Gadgil, Ashok J.; Delp, William W.; Lorenzetti, David M.; Finlayson, Elizabeth U.; Thatcher, Tracy L.; Sextro, Richard G.; Derby, Elisabeth A.; Jarvis, Sondra A.

2003-01-29T23:59:59.000Z

473

Remote shock sensing and notification system  

DOE Patents (OSTI)

A low-power shock sensing system includes at least one shock sensor physically coupled to a chemical storage tank to be monitored for impacts, and an RF transmitter which is in a low-power idle state in the absence of a triggering signal. The system includes interface circuitry including or activated by the shock sensor, wherein an output of the interface circuitry is coupled to an input of the RF transmitter. The interface circuitry triggers the RF transmitter with the triggering signal to transmit an alarm message to at least one remote location when the sensor senses a shock greater than a predetermined threshold. In one embodiment the shock sensor is a shock switch which provides an open and a closed state, the open state being a low power idle state.

Muralidharan, Govindarajan (Knoxville, TN); Britton, Charles L. (Alcoa, TN); Pearce, James (Lenoir City, TN); Jagadish, Usha (Knoxville, TN); Sikka, Vinod K. (Oak Ridge, TN)

2010-11-02T23:59:59.000Z

474

Remote Adjustable focus Raman Spectroscopy Probe  

DOE Patents (OSTI)

A remote adjustable focus Raman spectroscopy probe allows for analyzing Raman scattered light from a point of interest external to the probe. An environmental barrier including at least one window separates the probe from the point of interest. An optical tube is disposed adjacent to the environmental barrier and includes along working length compound lens objective next to the window. A beam splitter and a mirror are at the other end. A mechanical means is used to translate the probe body in the X, Y, and Z directions resulting in a variable focus optical apparatus. Laser light is reflected by the beam splitter and directed toward the compound lens objective, then through the window and focused on the point of interest. Raman scattered light is then collected by the compound lens objective and directed through the beam splitter to a mirror. A device for analyzing the light, such as a monochrometer, is coupled to the mirror.

Schmucker, John E.; Blasi, Raymond J.; Archer, William B.

1998-07-28T23:59:59.000Z

475

Remote shock sensing and notification system  

DOE Patents (OSTI)

A low-power shock sensing system includes at least one shock sensor physically coupled to a chemical storage tank to be monitored for impacts, and an RF transmitter which is in a low-power idle state in the absence of a triggering signal. The system includes interference circuitry including or activated by the shock sensor, wherein an output of the interface circuitry is coupled to an input of the RF transmitter. The interface circuitry triggers the RF transmitting with the triggering signal to transmit an alarm message to at least one remote location when the sensor senses a shock greater than a predetermined threshold. In one embodiment the shock sensor is a shock switch which provides an open and a closed state, the open state being a low power idle state.

Muralidharan, Govindarajan (Knoxville, TN); Britton, Charles L. (Alcoa, TN); Pearce, James (Lenoir City, TN); Jagadish, Usha (Knoxville, TN); Sikka, Vinod K. (Oak Ridge, TN)

2008-11-11T23:59:59.000Z

476

Method to analyze remotely sensed spectral data  

SciTech Connect

A fast and rigorous multivariate curve resolution (MCR) algorithm is applied to remotely sensed spectral data. The algorithm is applicable in the solar-reflective spectral region, comprising the visible to the shortwave infrared (ranging from approximately 0.4 to 2.5 .mu.m), midwave infrared, and thermal emission spectral region, comprising the thermal infrared (ranging from approximately 8 to 15 .mu.m). For example, employing minimal a priori knowledge, notably non-negativity constraints on the extracted endmember profiles and a constant abundance constraint for the atmospheric upwelling component, MCR can be used to successfully compensate thermal infrared hyperspectral images for atmospheric upwelling and, thereby, transmittance effects. Further, MCR can accurately estimate the relative spectral absorption coefficients and thermal contrast distribution of a gas plume component near the minimum detectable quantity.

Stork, Christopher L. (Albuquerque, NM); Van Benthem, Mark H. (Middletown, DE)

2009-02-17T23:59:59.000Z

477

REMOTE CONTROL EQUIPMENT FOR PLUTONIUM METAL PRODUCTION  

SciTech Connect

Design and construction of remote control equipment for plutonium metal production are described. Criteria for the design of the equipment included the following: rubber gloves were to be completely eliminated; all mechanisms were to be built as integral units to facilitate replacement through use of the plastic- bag technique; no accessory equipment such as switches, valves, piping, or cylinders were to be inside the contaminated enclosure unless required to handle the plutonium; and all units were to be tested in mockups before final design. The chemical process, general layout, and operating function are outlined. Descriptions are given of all mechanical units, electrical systems, hydroxide slurry systems, ventilation systems, and chemical tanks and manifolds. (W.L.H.)

Hazen, W.C.

1951-10-01T23:59:59.000Z

478

Remote adjustable focus Raman spectroscopy probe  

DOE Patents (OSTI)

A remote adjustable focus Raman spectroscopy probe allows for analyzing Raman scattered light from a point of interest external probe. An environmental barrier including at least one window separates the probe from the point of interest. An optical tube is disposed adjacent to the environmental barrier and includes a long working length compound lens objective next to the window. A beam splitter and a mirror are at the other end. A mechanical means is used to translated the prove body in the X, Y, and Z directions resulting in a variable focus optical apparatus. Laser light is reflected by the beam splitter and directed toward the compound lens objective, then through the window and focused on the point of interest. Raman scattered light is then collected by the compound lens objective and directed through the beam splitter to a mirror. A device for analyzing the light, such as a monochrometer, is coupled to the mirror.

Schmucker, John E. (Hurt, VA); Blasi, Raymond J. (Harrison City, PA); Archer, William B. (Bethel Park, PA)

1999-01-01T23:59:59.000Z

479

Waste Calcining Facility remote inspection report  

SciTech Connect

The purpose of the Waste Calcining Facility (WCF) remote inspections was to evaluate areas in the facility which are difficult to access due to high radiation fields. The areas inspected were the ventilation exhaust duct, waste hold cell, adsorber manifold cell, off-gas cell, calciner cell and calciner vessel. The WCF solidified acidic, high-level mixed waste generated during nuclear fuel reprocessing. Solidification was accomplished through high temperature oxidation and evaporation. Since its shutdown in 1981, the WCFs vessels, piping systems, pumps, off-gas blowers and process cells have remained contaminated. Access to the below-grade areas is limited due to contamination and high radiation fields. Each inspection technique was tested with a mock-up in a radiologically clean area before the equipment was taken to the WCF for the actual inspection. During the inspections, essential information was obtained regarding the cleanliness, structural integrity, in-leakage of ground water, indications of process leaks, indications of corrosion, radiation levels and the general condition of the cells and equipment. In general, the cells contain a great deal of dust and debris, as well as hand tools, piping and miscellaneous equipment. Although the building appears to be structurally sound, the paint is peeling to some degree in all of the cells. Cracking and spalling of the concrete walls is evident in every cell, although the east wall of the off-gas cell is the worst. The results of the completed inspections and lessons learned will be used to plan future activities for stabilization and deactivation of the facility. Remote clean-up of loose piping, hand tools, and miscellaneous debris can start immediately while information from the inspections is factored into the conceptual design for deactivating the facility.

Patterson, M.W.; Ison, W.M.

1994-08-01T23:59:59.000Z

480

An apparatus for remotely handling components  

DOE Patents (OSTI)

The inventive apparatus for remotely handling barlike components which define a longitudinal direction includes a gripper mechanism for gripping the component including first and second gripper members longitudinally fixedly spaced from each other and oriented parallel to each other in planes transverse to the longitudinal direction. Each gripper member includes a jaw having at least one V-groove with opposing surfaces intersecting at a base and extending radially relative to the longitudinal direction for receiving the component in an open end between the opposing surfaces. The V-grooves on the jaw plate of t he first and second gripper members are aligned in the longitudinal direction to support the component in the first and second gripper members. A jaw is rotatably mounted on and a part of each of the first and second gripper members for selectively assuming a retracted mode in which the open end of the V-groove is unobstructed and active mode in which the jaw spans the open end of the V-groove in the first and second gripper members. The jaw has a locking surface for contacting the component in the active mode to secure the component between the locking surface of the jaw and the opposing surfaces of the V-groove. The locking surface has a plurality of stepped portions, each defining a progressively decreasing radial distance between the base of the V-groove and the stepped portion opposing the base to accommodate varying sizes of components. In a preferred embodiment, the apparatus also includes a control mechanism for remotely controlling movement of the jaw in the locking mode to assume one of a plurality of locking positions corresponding to positioning one of the stepped portions opposite the base.

Szkrybalo, G.A.; Griffin, D.L.

1992-12-31T23:59:59.000Z

Note: This page contains sample records for the topic "unauthenticated remote attacker" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

Remote Monitoring Technology Guidelines for Radiation Protection: Field Implementation of Remote Monitoring  

Science Conference Proceedings (OSTI)

EPRI has performed extensive work in developing and promoting radiation protection technologies to control worker exposure and ensure worker safety. This guideline provides radiation protection personnel with a comprehensive approach for implementing remote monitoring technology (RMT) in field activities to control worker exposure. The guideline was prepared by the EPRI RMT Working Group, which focuses on RMT application in radiation protection programs. This document draws heavily from analysis and reco...

2004-11-01T23:59:59.000Z

482

U-095: HP Data Protector Media Operations Lets Remote Users Execute...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code U-095: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code February 3, 2012 -...

483

U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

the target system. A remote authenticated user can execute SQL commands on the underlying database. A remote user can spoof connections in certain cases. Solution: The vendor has...

484

U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information...

485

T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions September 27,...

486

Discontinuous phase formation and selective attack of SiC materials exposed to low oxygen partial pressure environments  

DOE Green Energy (OSTI)

Three SiC materials were exposed to gas mixtures containing N{sub 2}, H{sub 2}, and CO at 1000-1300C, 1-740 torr for a few to 1000 h. Kinetic and thermodynamic studies indicate that CO is the predominant oxidizing species. A variety of corrosion processes were observed, including surface and internal pit formation, needle growth, grain boundary attack, and attack of impurities and surrounding material. In the case of a siliconized SiC, impurities such as Ca, Al, and Fe diffused rapidly through the Si matrix forming complex calcium aluminosilicates on the surface, leaving behind internal voids. Evaluation of the mechanical properties, including fractography, revealed a variety of degradative phenomena. Efforts to identify causes of pit formation suggested that the overall process was complex. Pits formed during attack of grain boundaries and regions containing transition metal impurities. Studies of single crystals showed preferential attack near impurities and crystalline defects, indicating that damaged crystals or certain crystal orientations in the polycrystalline materials are susceptible to attack. In addition, under some conditions where pit formation was observed, the strength of certain materials increased apparently due to flaw healing. It is suggested that flaws can heal in the absence of mechanical stress due to their high surface energy. However, second phases observed within partially healed surface cracks suggest impurities also contribute to the flaw healing processes.

Butt, D.P. [Los Alamos National Lab., NM (United States); Tressler, R.E.; Spear, K.E. [Pennsylvania State Univ., University Park, PA (United States). Dept. of Materials Science and Engineering

1993-09-01T23:59:59.000Z

487

Remote I/O : fast access to distant storage.  

SciTech Connect

As high-speed networks make it easier to use distributed resources, it becomes increasingly common that applications and their data are not colocated. Users have traditionally addressed this problem by manually staging data to and from remote computers. We argue instead for a new remote I/O paradigm in which programs use familiar parallel I/O interfaces to access remote file systems. In addition to simplifying remote execution, remote I/O can improve performance relative to staging by overlapping computation and data transfer or by reducing communication requirements. However, remote I/O also introduces new technical challenges in the areas of portability, performance, and integration with distributed computing systems. We propose techniques designed to address these challenges and describe a remote I/O library called RIO that we have developed to evaluate the effectiveness of these techniques. RIO addresses issues of portability by adopting the quasi-standard MPI-IO interface and by defining a RIO device and RIO server within the ADIO abstract I/O device architecture. It addresses performance issues by providing traditional I/O optimizations such as asynchronous operations and through implementation techniques such as buffering and message forwarding to off load communication overheads. RIO uses the Nexus communication library to obtain access to configuration and security mechanisms provided by the Globus wide area computing tool kit. Microbenchmarks and application experiments demonstrate that our techniques achieve acceptable performance in most situations and can improve turnaround time relative to staging.

Foster, I.; Kohr, D., Jr.; Krishnaiyer, R.; Mogill, J.

1997-12-17T23:59:59.000Z

488

Argonne Chemical Sciences & Engineering - Facilities - Remote Handling  

NLE Websites -- All DOE Office Websites (Extended Search)

Facilities Facilities * Actinide * Analytical Chemistry * Premium Coal Samples * Electrochemical Analysis * Glovebox * Glassblowing Fundamental Interactions Catalysis & Energy Conversion Electrochemical Energy Storage Nuclear & Environmental Processes National Security Institute for Atom-Efficient Chemical Transformations Center for Electrical Energy Storage: Tailored Interfaces Contact Us CSE Intranet Remote Handling Mockup Facility Remote Handling Mockup Facility Radiochemist Art Guelis observes technician Kevin Quigley preparing to cut open a surrogate uranium target. Argonne designed and built a Remote Handling Mockup Facility to let engineers simulate the handling of radioactive materials in a non-radioactive environment. The ability to carry out the details of an

489

Remote Excavation System technology evaluation report: Buried Waste Robotics Program  

SciTech Connect

This document describes the results from the Remote Excavation System demonstration and testing conducted at the Idaho National Engineering Laboratory during June and July 1993. The purpose of the demonstration was to ascertain the feasibility of the system for skimming soil and removing various types of buried waste in a safe manner and within all regulatory requirements, and to compare the performances of manual and remote operation of a backhoe. The procedures and goals of the demonstration were previously defined in The Remote Excavation System Test Plan, which served as a guideline for evaluating the various components of the system and discussed the procedures used to conduct the tests.

Not Available

1993-09-01T23:59:59.000Z

490

Project Plan Remote Target Fabrication Refurbishment Project  

Science Conference Proceedings (OSTI)

In early FY2009, the DOE Office of Science - Nuclear Physics Program reinstated a program for continued production of {sup 252}Cf and other transcurium isotopes at the Radiochemical Engineering Development Center (REDC) at Oak Ridge National Laboratory (ORNL). The FY2009 major elements of the workscope are as follows: (1) Recovery and processing of seven transuranium element targets undergoing irradiation at the High Flux Isotope Reactor (HFIR) at ORNL; (2) Development of a plan to manufacture new targets for irradiation beginning in early- to mid-FY10 to supply irradiated targets for processing Campaign 75 (TRU75); and (3) Refurbishment of the target manufacturing equipment to allow new target manufacture in early FY10 The {sup 252}Cf product from processing Campaign 74 (recently processed and currently shipping to customers) is expected to supply the domestic demands for a period of approximately two years. Therefore it is essential that new targets be introduced for irradiation by the second quarter of FY10 (HFIR cycle 427) to maintain supply of {sup 252}Cf; the average irradiation period is {approx}10 HFIR cycles, requiring about 1.5 calendar years. The strategy for continued production of {sup 252}Cf depends upon repairing and refurbishing the existing pellet and target fabrication equipment for one additional target production campaign. This equipment dates from the mid-1960s to the late 1980s, and during the last target fabrication campaign in 2005- 2006, a number of component failures and operations difficulties were encountered. It is expected that following the target fabrication and acceptance testing of the targets that will supply material for processing Campaign 75 a comprehensive upgrade and replacement of the remote hot-cell equipment will be required prior to subsequent campaigns. Such a major refit could start in early FY 2011 and would take about 2 years to complete. Scope and cost estimates for the repairs described herein were developed, and authorization for the work was received in July 2009 under the Remote Target Fabrication Refurbishment Task of the Enhanced Utilization of Isotope Facilities project (Project Identification Code 2005230) funded by the American Recovery and Reinvestment Act of 2009. The goal of this project is to recover the capability to produce 4-5 curium targets for the irradiation period starting with HFIR cycle 427, currently scheduled to begin 2/17/10. Assuming success, the equipment would then be used to fabricate 6-7 additional targets to hold for the next irradiation campaign specified by the program. Specific objectives are the return to functionality of the Cubicle 3 Pellet Fabrication Line; Cubicle 2 Target Assembly equipment; and Cubicle 1 Target Inspection and Final Assembly system.

Bell, Gary L [ORNL; Taylor, Robin D [ORNL

2009-08-01T23:59:59.000Z

491

Remote-Handled Transuranic Content Codes  

SciTech Connect

The Remote-Handled Transuranic (RH-TRU) Content Codes (RH-TRUCON) document describes the inventory of RH-TRU waste within the transportation parameters specified by the Remote-Handled Transuranic Waste Authorized Methods for Payload Control (RH-TRAMPAC).1 The RH-TRAMPAC defines the allowable payload for the RH-TRU 72-B. This document is a catalog of RH-TRU 72-B authorized contents by site. A content code is defined by the following components: • A two-letter site abbreviation that designates the physical location of the generated/stored waste (e.g., ID for Idaho National Laboratory [INL]). The site-specific letter designations for each of the sites are provided in Table 1. • A three-digit code that designates the physical and chemical form of the waste (e.g., content code 317 denotes TRU Metal Waste). For RH-TRU waste to be transported in the RH-TRU 72-B, the first number of this three-digit code is “3.” The second and third numbers of the three-digit code describe the physical and chemical form of the waste. Table 2 provides a brief description of each generic code. Content codes are further defined as subcodes by an alpha trailer after the three-digit code to allow segregation of wastes that differ in one or more parameter(s). For example, the alpha trailers of the subcodes ID 322A and ID 322B may be used to differentiate between waste packaging configurations. As detailed in the RH-TRAMPAC, compliance with flammable gas limits may be demonstrated through the evaluation of compliance with either a decay heat limit or flammable gas generation rate (FGGR) limit per container specified in approved content codes. As applicable, if a container meets the watt*year criteria specified by the RH-TRAMPAC, the decay heat limits based on the dose-dependent G value may be used as specified in an approved content code. If a site implements the administrative controls outlined in the RH-TRAMPAC and Appendix 2.4 of the RH-TRU Payload Appendices, the decay heat or FGGR limits based on a 10-day shipping period (rather than the standard 60-day shipping period) may be used as specified in an approved content code.

Washington TRU Solutions

2006-12-01T23:59:59.000Z

492

Frostbite Theater - Just for Fun - When Liquid Nitrogen Attacks! - Season 2  

NLE Websites -- All DOE Office Websites (Extended Search)

Season One Bloopers Season One Bloopers Previous Video (Season One Bloopers) Frostbite Theater Main Index Next Video (Freezing Balloons!) Freezing Balloons! When Liquid Nitrogen Attacks! - Season 2 Bloopers Making videos is just another opportunity to catch mistakes on film! Enjoy these outtakes from Season 2! [ Show Transcript ] Announcer: Frostbite Theater presents... Cold Cuts! No baloney! Joanna and Steve: Just science! Joanna: Hi! I'm Joanna! Steve: And I'm Steve! Joanna: We made more videos! Steve: And we made more mistakes! Joanna: Enjoy! ----------------------------------------- Joanna: What happens when the freezing power of liquid nitrogen... Steve: Oh, jeez! Joanna: Oh, oh, oh! That was a little too much! Steve: You okay? Joanna: Uh, huh. I'm fine. Steve: This is why you wear the safety gear. This is why you have the

493

Time Synchronization Attack in Smart Grid-Part II: Cross Layer Detection Mechanism  

E-Print Network (OSTI)

A novel time synchronization attack (TSA) on wide area monitoring systems in smart grid has been identified in the first part of this paper. A cross layer detection mechanism is proposed to combat TSA in part II of this paper. In the physical layer, we propose a GPS carrier signal noise ratio (C/No) based spoofing detection technique. In addition, a patch-monopole hybrid antenna is applied to receive GPS signal. By computing the standard deviation of the C/No difference from two GPS receivers, a priori probability of spoofing detection is fed to the upper layer, where power system state is estimated and controlled. A trustworthiness based evaluation method is applied to identify the PMU being under TSA. Both the physical layer and upper layer algorithms are integrated to detect the TSA, thus forming a cross layer mechanism. Experiment is carried out to verify the effectiveness of the proposed TSA detection algorithm.

Zhang, Zhenghao; Dimitrovski, Aleksandar D; Li, Husheng

2012-01-01T23:59:59.000Z

494

On wormhole attacks in underwater sensor networks: A two-tier localization approach  

E-Print Network (OSTI)

Under-Water Sensor Network (UWSN) is a novel networking paradigm to explore the uninhabited oceans. However, the characteristics of this new network, such as huge propagation delay, floating node mobility, and limited acoustic link capacity, are significantly different from land-based sensor networks. In this paper we show that underwater denial-of-service attack imposes great threats to any UWSN. Without proper countermeasures, underwater sensor networking is a mission impossible. We propose a localization based approach to answer the challenge. In our design, DUB and DDB, a pair of efficient single-round distance measuring schemes, are critical building blocks to realize our approach inspite of constrained node capability and floating node mobility. In addition, to cope with low/medium node mobiltiy, we propose a two-tier localization scheme to identify short-range wormholes instantly, and long-haul wormholes within a limited latency. Our simulation and implementation confirm the effectiveness of our design. I.

Jiejun Kong; Zhengrong Ji; Weichao Wang; Mario Gerla; Rajive Bagrodia

2004-01-01T23:59:59.000Z

495

LNG links remote supplies and markets  

Science Conference Proceedings (OSTI)

Liquefied natural gas (LNG) has established a niche for itself by matching remote gas supplies to markets that both lacked indigenous gas reserves and felt threatened in the aftermath of the energy crises of the 1970s and 1980s. It has provided a cost-effective energy source for these markets, while also offering an environmentally friendly fuel long before that was fashionable. The introduction of natural-gas use via LNG in the early years (mostly into France and Japan) has also allowed LNG to play a major role in developing gas infrastructure. Today, natural gas, often supplied as LNG, is particularly well-suited for use in the combined cycle technology used in independent power generation projects (IPPs). Today, LNG players cannot simply focus on monetizing gas resources. Instead, they must adapt their projects to meet the needs of changing markets. The impact of these changes on the LNG industry has been felt throughout the value chain from finding and producing gas, gas treatment, liquefaction, transport as a liquid, receiving terminals and regasification, and finally, to consumption by power producers, industrial users, and households. These factors have influenced the evolution of the LNG industry and have implications for the future of LNG, particularly in the context of worldwide natural gas.

Avidan, A.A.; Gardner, R.E.; Nelson, D.; Borrelli, E.N. [Mobil LNG Inc., Houston, TX (United States); Rethore, T.J. [Arthur D. Little Inc., Houston, TX (United States)

1997-06-02T23:59:59.000Z

496

Remote measurement of ground temperature and emissivity  

SciTech Connect

TAISIR, Temperature and Imaging System InfraRed, is a nominally satellite based platform for remote sensing of the earth. One of its design features is to acquire atmospheric data simultaneous with ground data, resulting in minimal dependence on external atmospheric models for data correction. Extensive modeling of the rms error of determining a ground temperature and emissivity for a gray body has been performed as a function of integration time, spectroscopic resolution of the system, ground emissivity, atmospheric variables, and atmospheric data accuracy. We find that increased resolution improves measurement accuracy by emphasizing those regions where the atmospheric transmission is highest and atmospheric emission/absorption lowest. We find rms temperature errors {le}1K and rms emissivity errors <0.01 are obtainable for reasonable seeing and with sufficient information about the atmosphere. A new method is developed for modeling the dependence of the band-averaged transmission and emission. Monte Carlo simulations of satellite data taken using a multi-angle technique are used to derive signal-to-noise requirements. The applicability of those results to the TAISIR system requirements are discussed.

Henderson, J.R.

1994-06-01T23:59:59.000Z

497

Remote sensor improves methane leakage surveys  

SciTech Connect

The remote sensing methane detector (RSMD) described in this paper is the result of a twelve year cooperative research program sponsored by the Columbia Gas System Service Corp., Environmental Research and Technology, Inc. and the Gas Research Institute. It is a hand-held, rechargeable battery-powered sensor that operates eight hours on one charge with a sensitivity very specific to methane. It can be scanned along the right of way to detect any methane in its path, up to at least 50 feet away. The RSMD is methane specific in that it only sense methane with minor sensitivity to ethane. This makes it particularly useful in industrial areas where present instruments are confused by solvents. It cannot be poisoned by silicones or leaded gasoline, since it is an optical system. When a cloud of methane has been detected by the RSMD, a sample cell attachment can be used to determine methane concentration in parts per million. A low power microcomputer is used in the RSMD to control its operation.

Eberle, A.C.; Kebabian, P.L.; Kruse, J.R.

1984-12-01T23:59:59.000Z

498

Survey of remote data monitoring systems  

DOE Green Energy (OSTI)

A self-contained data-logger device called an SDAS (Site Data Acquisition Subsystem) was built for the National Solar Data Network (NSDN) which could collect analog data from 96 channels, store the data for up to three days, and then transmit the stored data on request to a central facility by voice-grade telephone lines. This system has worked fairly well for the eight years that it has been in service. However, the design and components are getting old and newer dataloggers may be more reliable and accurate and less expensive. This report discusses the results of an extensive search for an SDAS replacement. The survey covered 62 models from 36 manufacturers. These numbers are not indicative of all the dataloggers or manufacturers available, but only those which appeared to have some qualifications for the NSDN datalogger replacement. This report views the datalogger as a system which is made up of sensors, a data acquisition and storage unit, a telecommunications subsystem, and a data processing subsystem. Therefore, there is a section on sensors used in the NSDN, telecommunications technology, and data processing requirements. These four components or subsystems are all necessary in order to have an integrated, successful remote data monitoring network.

Logee, T.L.; Kendall, P.W.; Pollock, E.O.; Raymond, M.G.; Knapp, R.C. Jr.

1984-09-01T23:59:59.000Z

499

U-223: Bugzilla May Disclose Confidential Information to Remote Users |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Bugzilla May Disclose Confidential Information to Remote 3: Bugzilla May Disclose Confidential Information to Remote Users U-223: Bugzilla May Disclose Confidential Information to Remote Users July 30, 2012 - 7:00am Addthis PROBLEM: Bugzilla May Disclose Confidential Information to Remote Users PLATFORM: Version(s): 2.17.5 to 3.6.9, 3.7.1 to 4.0.6, 4.1.1 to 4.2.1, 4.3.1 ABSTRACT: Two vulnerabilities were reported in Bugzilla. reference LINKS: The Vendor's Advisory Security Advisories CVE-2012-1969 CVE-2012-1968 SecurityTracker Alert ID: 1027320 Bug 777586 IMPACT ASSESSMENT: High Discussion: Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: In HTML bugmails, an improper validation of the permissions of the addressee can lead to confidential information about bugs and attachments

500

Researcher, Los Alamos National Laboratory - Space and Remote Sensing Group  

National Nuclear Security Administration (NNSA)

and Remote Sensing Group and Remote Sensing Group | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > About Us > Who We Are > In The Spotlight > Patrick Colestock Researcher, Los Alamos National Laboratory - Space and Remote Sensing Group Patrick Colestock Patrick Colestock Role: Researcher, Los Alamos National Laboratory - Space and Remote Sensing