A Framework for Cybersecurity Alert Distribution and Response Network (ADRIAN)

Security Information and Event Management (SIEM) platforms are critical for organizations to monitor and manage their security operations centers. However, organizations using SIEM platforms have several challenges such as inefficiency of alert management and integration with real-time communication tools. These challenges cause delays and cost penalties for organizations in their efforts to resolve the alerts and potential security breaches. This paper introduces a cybersecurity Alert Distribution and Response Network (Adrian) system. Adrian introduces a novel enhancement to SIEM platforms by integrating SIEM functionalities with real-time collaboration platforms. Adrian leverages the uniquity of mobile applications of collaboration platforms to provide real-time alerts, enabling a two-way communication channel that facilitates immediate response to security incidents and efficient SIEM platform management. To demonstrate Adrian’s capabilities, we have introduced a case-study that integrates Wazuh, a SIEM platform, to Slack, a collaboration platform. The case study demonstrates all the functionalities of Adrian including the real-time alert distribution, alert customization, alert categorization, and enablement of management activities, thereby increasing the responsiveness and efficiency of Adrian’s capabilities. The study concludes with a discussion on the potential expansion of Adrian’s capabilities including the incorporation of artificial intelligence (AI) for enhanced alert prioritization and response automation.

An improved algorithm based on equivalent sound velocity profile method at large incident angle

With the development of ultra-wide coverage technology,multibeam echo-sounder(MBES)system has put forward higher requirements for localization accuracy and computational efficiency of ray tracing method.The classical equivalent sound speed profile(ESSP)method replaces the measured sound velocity profile(SVP)with a simple constant gradient SVP,reducing the computational workload of beam positioning.However,in deep-sea environment,the depth measurement error of this method rapidly increases from the central beam to the edge beam.By analyzing the positioning error of the ESSP method at edge beam,it is discovered that the positioning error increases monotonically with the incident angle,and the relationship between them could be expressed by polynomial function.Therefore,an error correction algorithm based on polynomial fitting is obtained.The simulation experiment conducted on an inclined seafloor shows that the proposed algorithm exhibits comparable efficiency to the original ESSP method,while significantly improving bathymetry accuracy by nearly eight times in the edge beam.

Study on the optimal incident proton energy of ^(7)Li(p,n)^(7)Be neutron source for boron neutron capture therapy

Boron neutron capture therapy(BNCT)is recognized as a precise binary targeted radiotherapy technique that effectively eliminates tumors through the^(10)B(n,α)^(7)Li nuclear reaction.Among various neutron sources,accelerator-based sources have emerged as particularly promising for BNCT applications.The^(7)Li(p,n)^(7)Be reaction is highly regarded as a potential neutron source for BNCT,owing to its low threshold energy for the reaction,significant neutron yield,appropriate average neutron energy,and additional benefits.This study utilized Monte Carlo simulations to model the physical interactions within a lithium target subjected to proton bombardment,including neutron moderation by an MgF_(2)moderator and subsequent BNCT dose analysis using a Snyder head phantom.The study focused on calculating the yields of epithermal neutrons for various incident proton energies,finding an optimal energy at 2.7 MeV.Furthermore,the Snyder head phantom was employed in dose simulations to validate the effectiveness of this specific incident energy when utilizing a^(7)Li(p,n)^(7)Be neutron source for BNCT purposes.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

Incident prevention tools-incident investigations and pre-job safety analyses

Careful and thorough incident investigations and pre-job safety analyses completed by knowledgeable and competent individuals can significantly reduce workplace incidents. Working parties must act together to make these safety tools effective. To get the staff units to work together in a co-ordinated manner, they must be shown the value of their work in preventing accidents. Examples of actual accidents investigated during the author's 18 years as a mine inspector in Saskatchewan are discussed within the context of pre-job safety analyses. The causes of the accidents are explored with close reference to how pre-job safety analyses could have prevented their occurrence.

GNSS array receiver faced with overloaded interferences:anti-jamming performance and the incident directions of interferences

Anti-jamming solutions based on antenna arrays enhance the anti-jamming ability and the robustness of global navigation satellite system(GNSS)receiver remarkably.However,the performance of the receiver will deteriorate significantly in the overloaded interferences scenario.We define the overloaded interferences scenario as where the number of interferences is more than or equal to the number of antenna arrays elements.In this paper,the effect mechanism of interferences with different incident directions is found by studying the anti-jamming performance of the adaptive space filter.The theoretical analysis and conclusions,which are first validated through numerical examples,reveal the relationships between the optimal weight vector and the eigenvectors of the input signal autocorrelation matrix,the relationships between the interference cancellation ratio(ICR),the signal to interference and noise power ratio(SINR)of the adaptive space filter output and the number of interferences,the eigenvalues of the input signal autocorrelation matrix.In addition,two simulation experiments are utilized to further corroborate the theoretical findings through soft anti-jamming receiver.The simulation results match well with the theoretical analysis results,thus validating the effect mechanism of overloaded interferences.The simulation results show that,for a four elements circular array,the performance difference is up to 19 dB with different incident directions of interferences.Anti-jamming performance evaluation and jamming deployment optimization can obtain more accurate and efficient results by using the conclusions.

Evaluation and Outcome of Surgeon-Reported Incidents regarding Surgical Patient Safety

Background: We retrospectively analyzed incident reports from surgeons to learn about surgical patient safety and improve surgical quality. Material and Methods: For the 10 years and 3 months between February 2007 and May 2017, 236 incident reports from surgeons were collected. The impact levels of the incidents for patients were represented by a degree of adverse influence to a patient (level 0, 1, 2, 3a, 3b, 4a, 4b, and 5). The outcome of the incident reports was evaluated by the profile, cause, surgery-relation, and factor. Results: The level of incidents resulted in level 0 (n = 18, 7.6%), level 1 (n = 28, 11.9%), level 2 (n = 16, 6.8%), level 3a (n = 44, 18.6%), level 3b (n = 94, 39.8%), level 4a (n = 1, 0.4%), level 4b (n = 6, 2.5%), level 5 (n = 15, 6.4%) and others (n = 14, 5.9%). The profiles of the surgery-related incidents (n = 84) showed other unexpected events (15.7%, n = 37), second surgery within 24 hours (9.3%, n = 22), and unexpected excessive bleeding (6.8%, n = 16). The cause of the sur-gery-related incidents involved hemorrhage (n = 45, 53.6%). Except for complications and accidental diseases (n = 77, 32.6%), the occurrence factor of the incidents cited factors of personal behavior (n = 85, 36.0%), human factors (n = 37, 15.7%), environmental equipment (n = 6, 2.5%), and others (n = 31, 13.1%). Conclusions: The perioperative incidents submitted by surgeons were comparatively proved to be a higher influence level for patients such as unexpected events or surgery and second surgery within 24 hours. An incident reporting system is crucial for surgeons to ensure both surgical patient safety and to improve surgical quality. An aggressive reporting attitude should become useful to enhance safety awareness on a facility-wide basis.

Emergency Response for a Laboratory Biosafety Incident

On December 14, 2017, a faculty member of a university in Hunan Province reported that an anthrax vaccine strain might have recovered virulence during an undergraduate experiment and potential exposure could not be ruled out for the students involved. Upon receiving the case report, the CDC, health bureaus, and local governments at the county, prefectural, and provincial levels promptly organized experts in different fields (including epidemiologists, biosafety experts, and laboratory testing experts) for case investigation, evaluation, and response. As the investigation results showed, no virulence recovery was identified in the involved anthrax vaccine strain;and no contamination of Bacillus anthracis was detected at the involved areas. Thus, the university returned to normal functioning.

Development of a System to Support Surgical Safety-I and Safety-II. Implementation of Resilient Surgical Healthcare for Bleeding Incidents in Thoracic Surgery

Background: Since bleedings in surgery are infrequent and inexperienced, we always try to proceed with surgery assuming a crisis situation, adhere to routine procedures and its standardization. We focus on the bleeding accidents and reveal how to implement a resilient healthcare theory. By clarifying the Safety-I and Safety-II, we developed a system to support surgical safety based on the surgeon’s individual, team, and organization. Material and Methods: We searched 25 cases of bleeding incidents in thoracic surgery, which were obtained from the database of the Project to Collect Medical Near-Miss/Adverse Event Information of the Japan Council of Quality Health Care in April 2018. Retrospectively, we analyzed 13 hemorrhage cases in our department between July 2002 and March 2020. We studied their surgical factors such as procedures, sites and causes of bleeding, response, treatment, and outcomes. Results: The causes of bleeding included damage of the adhesion detachment, insertions of automatic sutures and forceps, detachment of ultrasonic scalpel, vascular taping, removal of resected lung, lymph node dissection, exfoliation of the infiltrated adventitia of vessels, pull-out of vessel, gauze attachment with staple cut-line of vessel, thoracoscopic collision, infectious vascular rupture, detachment of vascular ligature, and suction tube hit. We summarized the variation in the usual controllable and unexpected uncontrollable bleeding and learned how to respond and treat them. We built up the balanced combination of Safety-I and Safety-II in the daily routine work in normal surgery, the patient’s individual factors, the massive bleeding, and its life-threatening crisis. Conclusions: We can learn how to prevent and respond to bleeding accidents by developing a system to support surgical safety (Safety-I and Safety-II). We can flexibly respond to unexpected bleeding disturbances under constraints by adjusting the surgeon’s individuals, team, and organization.

Network Security Incidents Frequency Prediction Based on Improved Genetic Algorithm and LSSVM

Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artificial neural network may not reach a high degree of preciseness.Least Squares Support Vector Machines (LSSVM) is a kind of machine learning methods based on the statistics learning theory,it can be applied to solve small sample and non-linear problems very well.This paper applied LSSVM to predict the occur frequency of network security incidents.To improve the accuracy,it used an improved genetic algorithm to optimize the parameters of LSSVM.Verified by real data sets,the improved genetic algorithm (IGA) converges faster than the simple genetic algorithm (SGA),and has a higher efficiency in the optimization procedure.Specially,the optimized LSSVM model worked very well on the prediction of frequency of network security incidents.

Risk Factors for Anesthesia-Related Airway Patient Safety Incidents:A Single-Center Retrospective Case-Control Analysis from 2009 to 2022

Objective Airway-related patient safety incident(PSI)has always been the top concern of anesthesiologists because this type of incidents could severely threaten patient safety if not treated immediately and properly.This study intends to reveal the composition,prognosis,and to identify risk factors for airway related incidents reported by anesthesiologists.Methods All airway related PSIs reported by anesthesiologists in a Chinese academic hospital between September 2009 and May 2022 were collected from the PSI reporting system.Patients with airway incidents reported were matched 1:1 with controls based on sex and type of surgery.Univariable and multivariable analysis were performed to find risk factors associated with airway incident occurrence,and to evaluate influence of airway PSIs on patient prognosis.Results Among 1,038 PSIs voluntarily reported by anesthesiologists during the study period,281 cases(27.1%)were airway-related incidents,with an overall reporting incidence of 4.74 per 10,000 among 592,884 anesthesia care episodes.Only ASA physical status was found to be significant independent predictor of these airway PSIs(P=0.020).Patients with airway PSIs reported had longer extubation time(0.72±1.56 d vs.0.16±0.77 d,95%CI:0.29 to 0.82,P<0.001),longer ICU length of stay(LOS)(1.63±5.71 d vs.0.19±0.84 d,95%CI:0.57 to 2.32,P=0.001),longer post operative LOS(10.56±13.09 d vs.7.59±10.76 d,95%CI:0.41 to 5.53,P=0.023),and longer total in-hospital LOS(14.99±15.18 d vs.11.62±11.88 d,95%CI:0.46 to 6.27,P=0.024).Conclusions This single-center retrospective case-control study describes the composition of airway-related PSIs reported by anesthesiologists within thirteen years.Airway incidents might influence patient prognosis by elongating extubation time and LOS.Airway PSI data were worth analyzing to improve patient safety.

Human Sensor Web Crowd Sourcing Security Incidents Management in Tanzania Context

Security incidents affecting information systems in cyberspace keep on rising. Researchers have raised interest in finding out how to manage security incidents. Various solutions proposed do not effectively address the problematic situation of security incidents. The study proposes a human sensor web Crowd sourcing platform for reporting, searching, querying, analyzing, visualizing and responding to security incidents as they arise in real time. Human sensor web Crowd sourcing security incidents is an innovative approach for addressing security incidents affecting information systems in cyberspace. It employs outsourcing collaborative efforts initiatives outside the boundaries of the given organization in solving a problematic situation such as how to improve the security of information systems. It was managed by soft systems methodology. Moreover, security maturity level assessment was carried out to determine security requirements for managing security incidents using ISO/IEC 21827: Systems security engineering capability maturity model with a rating scale of 0 - 5. It employed descriptive statistics and non-parametric statistical method to determine the significance of each variable based on a research problem. It used Chi-Square Goodness of Fit Test (X2) to determine the statistical significance of result findings. The findings revealed that security controls and security measures are implemented in ad-hoc. For managing security incidents, organizations should use human sensor web Crowd sourcing platform. The study contributes to knowledge base management learning integration: practical implementation of Crowd sourcing in information systems security.

Knowledge Management Strategy for Handling Cyber Attacks in E-Commerce with Computer Security Incident Response Team (CSIRT)

Electronic Commerce (E-Commerce) was created to help expand the market share network through the internet without the boundaries of space and time. However, behind all the benefits obtained, E-Commerce also raises the issue of consumer concerns about the responsibility for personal data that has been recorded and collected by E-Commerce companies. The personal data is in the form of consumer identity names, passwords, debit and credit card numbers, conversations in email, as well as information related to consumer requests. In Indonesia, cyber attacks have occurred several times against 3 major E-Commerce companies in Indonesia. In 2019, users’ personal data in the form of email addresses, telephone numbers, and residential addresses were sold on the deep web at Bukalapak and Tokopedia. Even though E-Commerce affected by the cyber attack already has a Computer Security Incident Response Team (CSIRT) by recruiting various security engineers, both defense and attack, this system still has a weakness, namely that the CSIRT operates in the aspect of handling and experimenting with defense, not yet on how to store data and prepare for forensics. CSIRT will do the same thing again, and so on. This is called an iterative procedure, one day the attack will come back and only be done with technical handling. Previous research has succeeded in revealing that organizations that have Knowledge Management (KM), the organization has succeeded in reducing costs up to four times from the original without using KM in the cyber security operations. The author provides a solution to create a knowledge management strategy for handling cyber incidents in CSIRT E-Commerce in Indonesia. This research resulted in 4 KM Processes and 2 KM Enablers which were then translated into concrete actions. The KM Processes are Knowledge Creation, Knowledge Storing, Knowledge Sharing, and Knowledge Utilizing. While the KM Enabler is Technology Infrastructure and People Competency.

Methodology for Automatically Setting Camera View to Mile Marker for Traffic Incident Management

Traffic incident management (TIM) is a FHWA Every Day Counts initiative with the objective of reducing secondary crashes, improving travel reliability, and ensuring safety of responders. Agency roadside cameras play a critical role in TIM by helping dispatchers quickly identify the precise location of incidents when receiving reports from motorists with varying levels of spatial accuracy. Reconciling position reports that are often mile marker based, with cameras that operate in a Pan-Tilt-Zoom coordinate system relies on dispatchers having detailed knowledge for hundreds of cameras and perhaps some presets. During real-time incident dispatching, reducing the time it takes to identify the most relevant cameras and setting their view on the incident is an important opportunity to improve incident management dispatch times. This research develops a camera-to-mile marker mapping technique that automatically sets the camera view to a specified mile marker within the field-of-view of the camera. Over 350 traffic cameras along Indiana’s 2250 directional miles of interstate were mapped to approximately 5000 discrete locations that correspond to approximately 780 directional miles (~35% of interstate) of camera coverage. This newly developed technique will allow operators to quickly identify the nearest camera and set them to the reported location. This research also identifies segments on the interstate system with limited or no camera coverage for decision makers to prioritize future capital investments. This paper concludes with brief discussion on future research to automate the mapping using LiDAR data and to set the cameras after automatically detecting the events using connected vehicle trajectory data.

Unmanned aerial vehicle based intelligent triage system in mass-casualty incidents using 5G and artificial intelligence

BACKGROUND:Rapid on-site triage is critical after mass-casualty incidents(MCIs)and other mass injury events.Unmanned aerial vehicles(UAVs)have been used in MCIs to search and rescue wounded individuals,but they mainly depend on the UAV operator’s experience.We used UAVs and artificial intelligence(AI)to provide a new technique for the triage of MCIs and more efficient solutions for emergency rescue.METHODS:This was a preliminary experimental study.We developed an intelligent triage system based on two AI algorithms,namely OpenPose and YOLO.Volunteers were recruited to simulate the MCI scene and triage,combined with UAV and Fifth Generation(5G)Mobile Communication Technology real-time transmission technique,to achieve triage in the simulated MCI scene.RESULTS:Seven postures were designed and recognized to achieve brief but meaningful triage in MCIs.Eight volunteers participated in the MCI simulation scenario.The results of simulation scenarios showed that the proposed method was feasible in tasks of triage for MCIs.CONCLUSION:The proposed technique may provide an alternative technique for the triage of MCIs and is an innovative method in emergency rescue.

Traffic Incident Management Performance Measures: Ranking Agencies on Roadway Clearance Time

This study develops a procedure to rank agencies based on their incident responses using roadway clearance times for crashes. This analysis is not intended to grade agencies but to assist in identifying agencies requiring more training or resources for incident management. Previous NCHRP reports discussed usage of different factors including incident severity, roadway characteristics, number of lanes involved and time of incident separately for estimating the performance. However, it does not tell us how to incorporate all the factors at the same time. Thus, this study aims to account for multiple factors to ensure fair comparisons. This study used 149,174 crashes from Iowa that occurred from 2018 to 2021. A Tobit regression model was used to find the effect of different variables on roadway clearance time. Variables that cannot be controlled directly by agencies such as crash severity, roadway type, weather conditions, lighting conditions, etc., were included in the analysis as it helps to reduce bias in the ranking procedure. Then clearance time of each crash is normalized into a base condition using the regression coefficients. The normalization makes the process more efficient as the effect of uncontrollable factors has already been mitigated. Finally, the agencies were ranked by their average normalized roadway clearance time. This ranking process allows agencies to track their performance of previous crashes, can be used in identifying low performing agencies that could use additional resources and training, and can be used to identify high performing agencies to recognize for their efforts and performance.

Teaching Intercultural Competence Using Critical Incident and Cultural Story Telling

Intercultural literacy is attached increasingly great importance in this interconnected world.People from diversified cultural backgrounds need to interact with each other for various purposes.Schools and organizations offer courses to improve people’s intercultural competence.This paper examines two effective techniques to teach intercultural competence in the classroom setting:critical incident activity and cultural story telling.These two strategies can help achieve the desired objectives of Michael Byram’s intercultural communication model.