String-Theory-in-Nutshell

String Theory in Nutshell

Aries - Missile Defence System

Aries - Missile Defence System

1.  Introduction

1.1 Purpose

Conventional target tracking systems which either deploy radar or camera contain inherent drawbacks. Radars for example are good at tracking distant objects, give a precise distant measurement and could adopt complex algorithms to trace objects. But because of an active sensor radars are easily discovered by foreign entities. On the other hand they often err triggering false alarms due to poor target recognition fidelity. Image sensors like infrared and visible light CCD cameras cannot track distant targets as expediently as radars but are good at image detection, covert operation and provides accurate azimuth and elevation angles about the target. The proposed system fuses the two technologies combining advantages and eliminating drawbacks.

1.2 Scope of the System

The system deploys an image sensor and radar. The radar is good at detecting remote objects but not close range objects. The camera on the other hand is good at close range objects. The operations of both sensors are fused to give a far more effective tracking system. The scope of the system is as follows,

a.       Detects both short range and long rage objects.

b.      Provide object orientation details.

c.       Continuously tracks the path of the target

d.      Switching between radar and image sensor for more covert operation.

1.3 Applications of the System

The system could be implemented in missile defence systems and any related security discipline.

2.  Background

Radars and cameras are highly used in modern surveillance systems. Complex computations can be performed by using software in order to make the system yield more information than was previously possible. Regardless of how effective these systems can be made with the aid of software and other enhancements they still contain inherent drawbacks that cannot be eliminated. As an example the radar uses an active sensor which can be detected by foreign objects. This project ventures at combining the two technologies in order to eliminate these drawbacks.

This report discusses the fusion of a radar and image sensor for surveillance purposes. The underlying principle could differ based on the application of the system. The implementation of both the radar and image sensor are taken separately and discussed.

3.  Project Description

3.1 Solution Outline

The solution would comprise of a

a.       Radar Subsystem

b.      Image Sensor Subsystem

c.       Software

3.2 Solution Description

The software named Aries will be used to fuse the operation of the radar and image sensor subsystems. It comprises of three components, Data Measurement, Fusion Measurement and Decision Making

The radar subsystem will be used as the primary device to track and trace distant targets. From the data obtained the direction (azimuth angle) and distance of the object will be calculated. This information will then be sent to the Data Measurement component of the software. The Fusion Measurement component decides whether the object is within the range of the camera, if so the Decision Making component deactivates the radar and feeds the image sensor subsystem with the distance and direction measurements. Once the object is beyond the range of the camera the radar is reactivated. 

Shown below is the operation spectrum of the system.

a.       At b-c the operation of the radar and camera fuse

b.      At a-b only the camera will be functional

c.       At c-d only the radar will be functional

1.  Implementation of Radar Subsystem

4.1 Function of the Radar

Radar (Radio Detection and Ranging) radiates electromagnetic energy to identify foreign objects. The electromagnetic waves are reflected if they meet an electrically leading surface. The radar is in the receive mode in between the transmitted pulses. The presence of a target within the propagation range is determined if the reflected waves are received at the place of origin.

4.2 Determining Distance

The actual range of the target from the radar is known as the Slant Range. Since the wave travels to the target and back the distance can be obtained by dividing the round trip time by two. The equation is shown below,

4.3 Determining Direction

By measuring the direction at which the antenna is pointing when the signal is received both the azimuth angle and the elevation of the object can be determined. The angular determination of the target is determined by the directive of the antenna. The directive is the ability of the antenna to concentrate the transmitted energy at a particular direction. The diagram below shows the top view of the radar. The azimuth angle is measure with respective to the north.

4.4 Determining Elevation

The radar will hold the elevation angle at a constant but varies the azimuth angle. The return can then be mapped on the horizontal plane. As shown in the diagram below the elevation angle obtained by the radar is only a close estimate. The image sensor subsystem will be used in order to obtain a more accurate estimate of the elevation of the object.

4.5 The Plan Position Indicator

The results will be viewed using a Plan Position Indicator (PPI), which is the most common type of radar display. The radar is positioned at the centre of the display. While the radar rotates a beam sweeps the PPI. The distance and the height of the object from the radar are shown as concentric rings. In the diagram shown below the dotted line is the horizontal beam that sweeps the display and the dark spot is an identified object.

4.6 Transmitting and Receiving Operation of the Radar

The radar switches between the transmitting and receiving mode at a predetermined rate using a device called a duplexer. If a target is within the vicinity of propagation the transmitted wave will be reflected and received when the radar is in receive mode. The lapse between two transmitted waves is known as the Pulse Repetition Time (PRT), during which the reflected wave should be receive in order for the radar to trace the target. The reciprocal of that is known as the Pulse Repetition Frequency (PRF).

This method imposes restrictions on the maximum and minimum range of the radar. During transmitting time the radar cannot receive because the receiver is switched off by the duplexer and vice versa. The minimum range is calculated by measuring the width of the wave and multiplying it by the speed of light. Thus to measure a closer range a shorter pulse needs to be used. But this affects the maximum range since shorter pulses have less effective energy making reflected waves from distant targets untraceable. In order to measure a longer range a longer pulse with a longer PRT need to be used, but this is at odds with the minimum range of the radar. As far as the implemented system is concern the primary operation of the radar is to track distant targets as the target closes on its range the operation will be transferred to the camera. In order to accomplish this a longer pulse with a longer PRT will be used.

4.7 Minimum Range of the Radar

The minimal measuring distance R_min  is the minimum distance at which the target will be detected. For this it is necessary that the pulse completely leaves the radar and the duplexer switch on the receiving unit. The shortest time at which the pulse will be recovered by the radar will decide the minimum range. This is shown in the following equation,

According to the above equation a longer pulse (P_wd) will have a larger minimum range.

4.8 Maximum Range of the Radar

The Pulse Repetition Frequency (PRF) determines the maximum range of the radar. Unlike the minimum range when considering the maximum range two phenomena need to be addressed. The returning echo signal maybe placed into either of the following,

·         Into the next transmit time, when the radar receive mode is switched off or,

·         The next receive time, which may lead to erroneous results.

As shown in the equation above the PRT is crucial because target-returns that are received after the PRT expires are either not detected or are shown at incorrect locations on the radar screen. Such results are known as ambiguous returns. Therefore the image sensor will be used to confirm the presence of a target at a given location.

1.  Implementation of Image Sensor Subsystem

5.1 Function of the Image Sensor

The function of the image sensor is to perform target detection and obtain the elevation angle of the object. In addition to that the image sensor obtains a distance and direction measurement of the target which will be fused with the measurements obtained by the radar to give a more accurate estimate. A motion tracking software will be used in order to track the motion of the target and adjust the coordinates of the image sensor accordingly.

5.2 Determining Target Elevation

When the software decides to activate the image sensor it provides the image sensor subsystem with the slant range and direction measurements obtained from the radar. Once the object is located, based on the slant range measurement the image sensor subsystem changes the cameras focus on the object according to the following formula,

Where f is the cameras focus, u is the object distance measure and v is the image distant measure.

The diagram below shows the coordinates of the camera. X axis is the vertical plane, Z axis is the optical centre and the X axis is vertical to the YZ plane.

Once the camera locks on to the target an accurate measure for the elevation of the object can be obtained.

5.3Target Detection

Before the camera locks on to a target it first needs to detect the target within a certain frame. In places where the image background is simple like the sky or sea, the peak method can be used to detect the object. 

As shown in the above figure the maximum gray-scale value point can be identified as the object.

When the background is complicated such as the ground the object needs to be extracted from the background. For this a Frame Subtraction method will be deployed. In this method the image of the object is generated by first subtracting the current image with an image frame taken at a previous time and then subtracting the current image with an image frame taken from another previous time. This subtraction procedure removes the background clutter since the backgrounds of all three images are nearly the same. Afterwards the two resulting images are logically ANDed in order to detect the current position of the object of interest.

The diagram above demonstrated the subtraction procedure. The results obtained are shown in the diagram in the bottom. The procedure continues for the successive frames in order to keep tacking the object of interest.

1.  Implementing Software

6.1 Purpose of software

Software is required to interpret raw data obtained by the radar and image sensor subsystems. The software required by the system can be broken down into three main categories,

·         Radar Subsystem Software

·         Image Sensor Subsystem Software

·         Aries Software

6.2 Radar Subsystem Software

The radar subsystem software is required to calculate the azimuth angle (direction) and the range distance of the object based on the returning pulse. A study needs to be made in order to determine the maximum range of the radar in accordance with the radar equations given above. Once a target is detected its range distance and direction has to be plotted in the plan position indicator.

6.3 Aries Software

The Data Measurement component of Aries Software obtains the direction and range distance of the target from the radar subsystem. Based on this information the Fusion Measurement component decides whether the object is within the range of the image sensor. If so the image sensor is activated and the radar is deactivated by the Decision Making component. Once the image sensor is in operation the software obtains its data from the image sensor subsystem. If the target moves beyond the range of the camera the radar subsystem will be reactivated.

The Aries Software switches the operation mode between the radar and image sensor subsystem. But based on the application of the system the software could be programmed to operate with both subsystems in the fusion region of the operation spectrum to give a more accurate estimate regarding the position of the object.

6.4 Image Sensor Subsystem Software

Once the operation is transferred to the image sensor the software first has to detect the target and then continue tracking the target. It will also calculate the direction, distance and elevation of the object.

A Motion tracker software will track the motion of the target so that that image sensor could change its co-ordinates according to the motion of the object.

The diagram below shows how the three software systems will be working together.

1.  Further Enhancements

·         Predicting Object Future Path – With the necessary software the system could predict the future path of a given target.

·         Target Recognition – Image recognition software could be integrated to the system to identify object without human intervention.

2.  Limitation

·         This report discusses the fusion of radar and image sensor technologies for surveillance purposes. The underlying principle on how the two technologies can be fused is given, but not discussed in an application specific manner. As an example if the system is implemented for missile defence purposes there would be additional hardware and software components that need to be integrated with it.

·         Precise values for the maximum and minimum range of the radar cannot be given. Practical observations need to be made before these values can be derived.

·         The simplified operation spectrum of the system is given in the report. Precise values for the operation range of the radar and camera cannot be given since that would require practical observation.

3.   Summary

Radars and image sensors and highly used in modern surveillance systems. Although many developments have been made these systems still contain inherent drawbacks. A more effective surveillance system can be produce if the two technologies are integrated, combining their advantages and eliminating drawbacks.

References

1.        Zhiqiang Hou, “Target Tracking Systems”, Research thesis, Institute of Automation         School of Electronics and Information Engineering, Xian Jianotong University, Xian,                                                                                 China, 2003.

2.        Clarf f. Olson, Daniel P. Huttenlocher, “Automatic Target Recognition by Matching Oriented Endge Pixels”, vol 6, IEEE Transactions on image Processing, 1997.

3.        Banh Namd, “Moving Target Detection Method using Two-Frame Subtraction”, U.S patent 5150426, September 22, 1992.

4.        David Tweed, Andre Calway, “Tracking Many Object Using Subordinate Condensation”, M.S thesis, Computer Science Department, Bristol University, U.K, 2005

5.        “Air Surveillance Radar”, globalsecurity.com, 3,July,2008. [Online]. Available at http://www.globalsecurity.org/military/systems/aircraft/systems/air-surveillance-radars.htm [Accessed 2.August.2009 ]

6.        “Radar Tutorial” , radartutorial.com, 3.May.2005[Online], Available at http://www.radartutorial.eu/04.history/hi04.en.html [Accessed 25.August.2009]

Data Leakage Prevention Presentation

Information Security Guide for Parents - Part 2

3. Intro to Online Security

Nowadays online information security plays a vital role in our day to day life. Especially the social media have gone main-stream among the teenagers. Starting from sharing personal information with your friends and connecting with new people and social networking facilities have been trending.

First let’s see what the cyber space is and information security?

Cyber space can be called as a network of networks where we can store and share information and other resources. Nowadays teenagers are addicted to surf the internet which is a part of cyber space for various activities such as educational use, social networking, downloading iTunes or even to play an online game.  The data which children enter in these online activities are considered as information and depending on the type of data which is visible children are vulnerable to exploitation and harm by criminal such as computer sex offenders.  

While posting the personal data online users are vulnerable for threats, therefore let’s consider the rising threats which are coupled with these trends and the article will highlight how to mitigate these attacks. 

How do criminals gather information and use the information to their advantage?

Cyber Stalking using sources such as social media criminals target children and gather information about their personal information such as age , name , school , pictures and videos, social gathering places and upcoming events , interests , music , hobbies.  The data will be used to qualify targets and then gradually seduce the targets using attention, affection and even gifts.

4. Social Networking

First of all let’s dig into the social network. People post sensitive data such as pictures, connect with strangers, chatting and messaging strangers that you have never met before.   Anyone with a malicious intention can deceive children and tempt them to revile sensitive personal data, which will be used for scams and even blackmailing children.  So let’s see how we can mitigate this. First of all control the visibility of your sensitive data. Do not revel sensitive data in the public domain, use the data visibility option in social networks to protect your private data and stop listing it in search engines for public access. Also it is very important to be concern whom do the child add on social networks as a friend. Best practices do not add strangers. Most of the social network attacks are based on deception which is also called as Social Engineering.  This can be used to perform identity thrift.

For an instance if the criminal was able to social engineer the child to double click a file which was sent by him, it will automatically install a key logger in Childs personal computer. The criminal will be able to monitor every key stoke typed by the child ,  all the password the child enter and list of all the web site the child visit. This will be serious threat to the child because looking at the key log information the attacker can use it to blackmail the child, use for cyber bulling,  seduce the child or use the Childs user account such as social media account to spread the key logger among the Childs friend list.

Also some criminals use the social media to get in touch with children. Then gradually seduce the targets using attention, affection and even gifts while spending considerable amount of time and money in the process. They will spend time to listen and empathize to problems of the children to build trust. Then gradually introduce sexual content to their conversation by exploring the curiosity of the children for sexuality and sexually explicit materials. Then use the conversations and the materials sent by the child such as nude picture for blackmail or even cyber bulling.

The power and danger of social media and cyber bulling, as sexually explicit or other humiliating pictures or videos spread like wildfire with a click of a mouse.

One in six US children aged 12 to 17 have received a sexually suggestive nude or nearly nude photo or video of someone they know, a recent study by the Pew Research Center found.

And the Crimes against Children Research Center estimated that police investigated nearly 3,500 cases of youth-produced sexual images in 2008 and 2009. ^[2]

Information Security Guide for Parents - Part 1

5. Reference

[1]. http://www.bcs.org/upload/pdf/pdgc.pdf

[2]. http://sg.news.yahoo.com/two-teens-convicted-us-viral-video-rape-case-033207040.html

[3]. http://www.apa.org/science/about/psa/2003/12/jackson.aspx

[4]. http://www.fbi.gov/stats-services/publications/parent-guide 

Author - Shariyaz Abdeen
http://lk.linkedin.com/in/shariyaz
 shariyaz1@gmail.com

Impotent Links

http://cxsecurity.com 

Site 1 of World Laboratory of Bugtraq 2 (WLB2) is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications.

kaspersky Cyber heat Real time MAP

http://cybermap.kaspersky.com

infosec-tools

Tools



1. Digital Attack Map - World Map Shows Every Denial Of Service Attack Happening Right Now In Real Time




2. Cyber Attack Map






4. IP Tracker with map & Search

Infosec Review - IT Business and Security News

Cyber Crime Investigation - Email Scams

                                                                                                                                                                   

Analysis of the Email header

http://www.mxtoolbox.com/Public/Tools/EmailHeaders.aspx?huid=ccab1dea-f656-444e-b058-c453c1c71f55

http://www.iptrackeronline.com/email-header-analysis.php

Analysis of original ip

Content-Transfer-Encoding: 7bit

X-Originating-IP: [105.200.97.33]

X-Mailer: Zimbra 7.1.4_GA_2555 (ZimbraWebClient - GC28 (Win)/7.1.4_GA_2555)

Content-Length: 2063

A cisco service is used to analyze the domain reparation and the black listed activities of the domain

http://www.senderbase.org/senderbase_queries/detailip?search_string=105.200.97.33

The domain is black listed in the CBL because it's participating in a botnet. (kelihos spambot)

http://cbl.abuseat.org/lookup.cgi?ip=105.200.97.114

IP Address 105.200.97.114 is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet.

It was last detected at 2013-08-15 13:00 GMT (+/- 30 minutes), approximately 5 days, 16 hours, 59 minutes ago.

This IP is infected (or NATting for a computer that is infected) with the kelihos spambot. In other words, it's participating in a botnet.

http://en.wikipedia.org/wiki/Kelihos_botnet

The Kelihos botnet was first discovered around December 2010.[2] Researchers originally suspected having found a new version of either the Storm or Waledac botnet, due to similarities in the modus operandi and source code of the bot,[3][4] but analysis of the botnet showed it was instead a new, 45,000-infected-computer-strong, botnet that was capable of sending an estimated 4 billion spam messages a day.[5][6] In September 2011[7] Microsoft took down the botnet in an operation codenamed "Operation b79".[5][8] At the same time, Microsoft filed civil charges against Dominique Alexander Piatti, dotFREE Group SRO and 22 John Doe defendants for suspected involvement in the botnet for issuing 3,700 subdomains that were used by the botnet.[8][9] These charges were later dropped when Microsoft determined that the named defendants did not intentionally aid the botnet controllers.[10][11]

In January 2012 a new version of the botnet was discovered, one sometimes referred to as Kelihos.b or Version 2,[1][6][7] consisting of an estimated 110,000 infected computers.[1][12] During this same month Microsoft pressed charges against Russian citizen Andrey Sabelnikov, a former IT security professional, for being the alleged creator of the Kelihos Botnet sourcecode.[11][13][14] The second version of the botnet itself was shut down by it in March 2012 by several privately owned firms by sinkholing it – a technique which gave the companies control over the botnet while cutting off the original controllers.[2][15]

Following the shutdown of the second version of the botnet, a new version surfaced as early as 2 April, though there is some disagreement between research groups whether the botnet is simply the remnants of the disabled Version 2 botnet, or a new version altogether.[16][17] This version of the botnet currently consists of an estimated 70,000 infected computers. The Kelihos.c version mostly infects computers through Facebook by sending users of the website malicious download links. Once clicked, a Trojan horse named Fifesoc is downloaded, which turns the computer into a zombie, which is part of the botnet.[18]

Analysis of the domain

http://cbl.abuseat.org/lookup.cgi?ip=105.200.97.114

This enables you to send a mail by manipulating the mail server if the mail server is configured as a relay.

So the send have manipulate the shaw.ca(Return-Path: <njmedley@shaw.ca>) mail server to hide his identity and also have the motive to either spread a botnet or it might just be a scam which he intend to carry out. But by the looks of the origin of the mail and the originated email address I suspect the intention is to use my pc as a bot net.

Rebecca Brown <rebecca_brown47@yahoo.com.ph> : ph stands for Philippine

X-Originating-IP: [105.200.97.33]

21 August 2013
105.200.97.33
ISP: Etisalat Misr
Misr, Al Qahirah (11), Egypt
Lat: 30.05 Lon: 31.25

I have receive it from njmedley@shaw.ca but the return path have been altered to rebecca_brown47@yahoo.com.p so when i reply the mail will b received by this yahoo account.

Return-Path: <njmedley@shaw.ca>

Reply-To: Rebecca Brown <rebecca_brown47@yahoo.com.ph>

So looking at the facts my conclusion will be this 

 Analysis of the Email

Dear Friend,
            Sir, My name is Eng. Rebecca Brown. I am from a state called Texas in US; I am indeed a single mother. I am a petroleum engineer with Shell Petroleum, US government contracted me few years ago and I was posted from Mexico ocean to Iraq, this is my 5nd year here in Baghdad IRAQ. I am the engineer testing and checking the oil given to the white house by Iraqi government. My signature and reports play a vital role between USA and Iraqi government in the area of crude oil.

Some US diplomats and Iraqi oil minister Abdul Karim Luaibi with some top Iraqi government officials made some crude oil deal worth hundreds of millions of dollars and my role was needed to cover up the deal. I was given a total sum of $10 million dollars the money was moved out of Iraq through Diplomatic means.

      This $10 million dollars sealed and locked in a metal Box with codes known to me only was moved out of Iraq because we are not allowed by US government rules to engage in such deal, this is the reason I want you to partnership with me and stand to receive this money on my behalf in your home country. The company that moved the money out of Iraq will transfer the BOX to your desired destination.

Sir, I will offer to you a total sum of 10% of the total amount for receiving the Box and keep with you till my arrival to meet with you to discuss other possible business. You must keep this conversation as TOP SECRET between both of us.

If you accept this proposal I will only needs the followings:-
(1) Full Name
(2)Your current address
(3)Your private telephone number
(4)Your position at work place
(5)Your international passport copy or current driving license

As soon as I get all this information I will process a document and sent to you and I will send a copy to the company introducing you to the company as my only partner and to release the Box to you.

The whole process is simple and risk free but we must maintain low profile and obey rules of confidentiality.
Best Regards
Your friend & partner
Eng. Rebecca Brown 

IRAQ

Looking at the above highlighted texts,

Use of unusual sentences – I am indeed a single mother

Misspell 5^th as 5nd

The suspicious amount of cash been offered

Requesting your sensitive personal data such as copy of your international passport, driving license also the other highlighted data such as address and full name.

It’s very easy to identify such a scam by looking at its offering, grammar and saplings mistakes. Ones you receive such an email think logically, would anyone in the world offer such cash or valuables for free? Will this be risk free? At this point itself you should be able to identify the scam. By looking at the above scam mail, the simple unusual way of expressions and saplings error clarifies us that the mail was not drafted by an American also the person who drafted the mail is not a native English speaker. So as the ip address suggested  

X-Originating-IP: [105.200.97.33]

21 August 2013
105.200.97.33
ISP: Etisalat Misr
Misr, Al Qahirah (11), Egypt
Lat: 30.05 Lon: 31.25

There is a possibility this mail is generated from 105.200.97.33 Egypt.

This should be either a scam to collect sensitive data to use in a fraud such an identity thrift, Credit Card fraud or they might infect the computer to use it as a botnet to conduct DDOS attacks and just install a key logger to gather personal details.

This are the most possible attacks by analyzing the behavior of the scam mail but until I gather further details I cannot pin point the motive behind this scam mail. Hope this provide the readers an insight to avoid such attacks which are usually coupled with social engineering.