Explore the vast range of titles available.

[This corrects the article DOI: 10.1371/journal.pone.0212555.].

Covert channels exploit existing network resources, such as packet headers and timing information, to transfer information in ways not originally intended for communication, making them undetectable by conventional methods. This poses significant security risks, as these channels can be used maliciously despite stringent security measures like firewalls. Hence, there is a critical need for a generalized mechanism capable of blindly detecting covert communications within network traffic. We have developed a framework to evaluate covert timing channels and conducted experiments with an active warden. Our findings indicate that the active warden effectively prevents covert timing communication, demonstrating the framework's potential for enhancing network security.

Dealing with scarcity issues of Internet protocol version 4 (IPv4), internet engineering task force (IETF) developed Internet protocol version 6 (IPv6) to support the needs of IP addresses for future use of the internet, however, one challenge that must be faced while transitioning to IPv6 is in the area of security. IPv6 is a new protocol that has many new probabilities for attackers to exploit the protocol stack and one of them is through IPv6 extension headers. Mishandling of extension headers are the security nightmares for network administrators, allowing for new security threats that will cause denial of service (DoS). As a result, the mishandling of IPv6 extension Headers creates new attack vectors that could lead to DoS–which can be exploited for different purposes, such as creating covert channels, fragmentation attacks, and routing header 0 attacks. Furthermore, this paper becomes proof of concepts that even to this day our well-known network devices are still exploitable by these attack vectors.

ObjectiveTo develop exposure estimates for sub-concussive head impacts (SCHI) for use in retrospective epidemiological studies among former professional association football players.MethodsPlaying and heading history data were available from questionnaires of ex-professional association football players (n=163) participating in the Health and Ageing Data in the Game of football (HEADING) study (https://www.lshtm.ac.uk/research/centres-projects-groups/heading-study). We use linear mixed effect regression to model the number of headers and other head impacts as a function of potential exposure affecting factors including decade of play (playing position, level of play, league) and context of event (games vs training). Models are elaborated with player identifier as the random effect and potential exposure affecting factors as the fixed effects. Model selection is based on a stepwise approach.ResultsResults from models based on 1465 observations representing individual playing periods defined by club and decade of play suggest the number of head impacts to differ significantly between playing positions, event context, decades and level of play. Number of head impacts was higher among defenders and utility players when compared with players in other positions. Professional play was also associated with an increased number of head impacts compared to apprentice, amateur and semi-professional play, with the average number of reported head impacts declining throughout the observation period (1949–2015). The model explained 40% of the total variability in reported number of head impacts.ConclusionCurrently further models for blows and head-to-head collisions are being developed. Validation exercises including comparisons of bias and precision against observations not included in the modelling processes are also underway. At the conference we will report the results of the final models alongside those of the validation exercises. The model results will be used to estimate cumulative exposure to SCHI in epidemiological studies of former association football players.

With the development of Internet technology, cyberspace security has become a research hotspot. Network traffic classification is closely related to cyberspace security. In this paper, the problem of classification based on raw traffic data is investigated. This involves the granularity analysis of packets, separating packet headers from payloads, complementing and aligning packet headers, and converting them into structured data, including three representation types: bit, byte, and segmented protocol fields. Based on this, we propose the Rew-LSTM classification model for experiments on publicly available datasets of encrypted traffic, and the results show that excellent results can be obtained when using only the data in packet headers for multiple classification, especially when the data is represented using bit, which outperforms state-of-the-art methods. In addition, we propose a global normalization method, and experimental results show that it outperforms feature-specific normalization methods for both Tor traffic and regular encrypted traffic.

In recent years, the rapid evolution of ransomware has led to the development of numerous techniques designed to evade traditional malware detection methods. To address this issue, a novel approach is proposed in this study, leveraging machine learning to encode critical information from Portable Executable (PE) headers into visual representations of ransomware samples. The proposed method selects highly impactful features for data sample classification and encodes them as images based on predefined color rules. A deep learning model named peIRCECon (PE Header-Image-based Ransomware Classification Ensemble with Concatenating) is also developed by integrating prominent architectures, such as VGG16 and ResNet50, and incorporating the concatenating method to enhance ransomware detection and classification performance. Experimental results using self-collected datasets demonstrate the efficacy of this approach, achieving high accuracy of 99.85% in distinguishing between ransomware and benign samples. This promising approach holds the potential to significantly improve the effectiveness of ransomware detection and classification, thereby contributing to more robust cybersecurity defense systems.

The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of penetration into the information systems where confidential information is processed is malware. An attacker injects malware into a computer system, after which he has full or partial access to critical information in the information system. This paper proposes an ensemble classification-based methodology for malware detection. The first-stage classification is performed by a stacked ensemble of dense (fully connected) and convolutional neural networks (CNN), while the final stage classification is performed by a meta-learner. For a meta-learner, we explore and compare 14 classifiers. For a baseline comparison, 13 machine learning methods are used: K-Nearest Neighbors, Linear Support Vector Machine (SVM), Radial basis function (RBF) SVM, Random Forest, AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net, Passive Classifier, Ridge Classifier and Stochastic Gradient Descent classifier. We present the results of experiments performed on the Classification of Malware with PE headers (ClaMP) dataset. The best performance is achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner.

Although most head impacts in soccer are headers, limited knowledge exists about how header magnitude varies by on-field scenario. This study aimed to compare head kinematics during on-field headers by play state (i.e., corner kick, goal kick, free kick, throw-in, drill, or live ball), intent (i.e., pass, shot, or clearance), and outcome (i.e., successful or unsuccessful). Fifteen female collegiate soccer players were instrumented with mouthpiece-based head impact sensors during 72 practices and 24 games. A total of 336 headers were verified and contextualized via film review. Play state was associated with peak linear acceleration, rotational acceleration, and rotational velocity (all p < .001) while outcome was associated with peak linear acceleration (p < .010). Header intent was not significantly associated with any kinematic metric. Headers during corner kicks (22.9 g, 2189.3 rad/s2, 9.87 rad/s), goal kicks (24.3 g, 2658.9 rad/s2, 10.1 rad/s), free kicks (18.0 g, 1843.3 rad/s2, 8.43 rad/s), and live balls (18.8 g, 1769.7 rad/s2, 8.09 rad/s) each had significantly greater mean peak linear acceleration (all p < .050), rotational acceleration (all p < .001), and rotational velocity (all p < .001) than headers during drills (13.0 g, 982.4 rad/s2, 5.28 rad/s). Headers during goal kicks also had a significantly greater mean rotational acceleration compared to headers during live ball scenarios (p < .050). Successful headers (18.3 g) had a greater mean peak linear acceleration compared to unsuccessful headers (13.8 g; p < .010). Results may help inform efforts to reduce head impact exposure in soccer.

The Internet of Things (IoT) facilitates the integration of diverse devices, leading to the formation of networks such as Low-power Wireless Personal Area Networks (LoWPANs). These networks have inherent constraints that make header and payload compression an attractive solution to optimise communication. In this work, we evaluate the performance of Generic Header Compression (6LoWPAN-GHC), defined in RFC 7400, for IEEE 802.15.4-based networks running the IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL). Through simulation and real-device experiments, we study the impact of 6LoWPAN-GHC on energy consumption and delays and investigate for which scenarios 6LoWPAN-GHC is beneficial. We show that all RPL control packets are compressible by 6LoWPAN-GHC, which reduces their transmission delay and as such their vulnerability to interference. However, for the devices under study transmitting at 250 kbit/s, the energy gain obtained from sending a compressed packet is outweighed by the energy needed to compress it. The use of 6LoWPAN-GHC causes an energy increase of between 2% and 26%, depending on the RPL packet type. When the range is more important than the bandwidth and a sub-GHz band is used at 10 kbit/s, an energy gain of 11% to 29% can be obtained, depending on the type of RPL control packet.