U. S. Department of Homeland Security
  • Washington, D.C., United States
Recent publications
Today digital technologies are evolving to accommodate small businesses and young entrepreneurs by reducing their time-to-market while encouraging rapid innovation in mobile, Extended Reality (XR), Internet of Things (IoT), cloud, and edge devices. The leading operating system Android typically takes one to a few days to perform application vetting and go to production by leveraging code analysis technologies in their Play Protect anti-malware program. However, developers with malicious intent are looking to circumvent this detection mechanism by exploiting Google’s relatively lenient trust policies that allow for package distribution and feature updates. This paper develops a proof-of-concept malware that exploits customers’ trust and Google’s policies to circumvent popular voice search applications. Our results show that attackers can initially circumvent Play Protect by uploading benign applications to build trust and then add malicious feature updates incrementally to distribute highly intrusive malware into user systems. This malware can scan and collect private user data from the device and exfiltrate it to the command-and-control server. The contributions are three-fold. (1) A proof-of-concept stealthy malware and publishing mechanism has developed that highlights the relative ease with which Google Play Protect policies may be subverted. (2) a comprehensive evaluation has been performed using major publicly available anti-malware solutions. (3) Recommendations and policies have been suggested to prevent this attack and ensure users’ privacy concerns (IMUTA is a novel attack in which malicious functionality is slowly added to a benign application through updates. This attack evades malware detection tools and exploits user trust. The attack can be launched against any application distribution platform like the Play Store).
Distance learning has been adopted as an alternative learning strategy to the face-to-face teaching methodology. It has been largely implemented by many governments worldwide due to the spread of the COVID-19 pandemic and the implication in enforcing lockdown and social distancing. In emergency situations distance learning is referred to as Emergency Remote Teaching (ERT). Due to this dynamic, sudden shift, and scaling demand in distance learning, many challenges have been accentuated. These include technological adoption, student commitments, parent involvement, and teacher extra burden management, changes in the organization methodology, in addition to government development of new guidelines and regulations to assess, manage, and control the outcomes of distance learning. The objective of this paper is to analyze the alternatives of distance learning and discuss how these alternatives reflect on student academic performance and retention in distance learning education. We first, examine how different stakeholders make use of distance learning to achieve the learning objectives. Then, we evaluate various alternatives and criteria that influence distance learning, we study the correlation between them and extract the best alternatives. The model we propose is a multi-criteria decision-making model that assigns various scores of weights to alternatives, then the best-scored alternative is passed through a recommendation model. Finally, our system proposes customized recommendations to students, and teachers which will lead to enhancing student academic performance. We believe that this study will serve the education system and provides valuable insights and understanding of the use of distance learning and its effectiveness.
We assessed the interrater reliability, convergent validity, and discriminant validity of the Self-Injurious Thoughts and Behaviors Interview-Short Form (SITBI-SF) in a sample of 1,944 active duty service members and veterans seeking services for posttraumatic stress disorder (PTSD) and related conditions. The SITBI-SF demonstrated high interrater reliability and good convergent and discriminant validity. The measurement properties of the SITBI-SF were comparable across service members and veterans. Approximately 8% of participants who denied a history of suicidal ideation on the SITBI-SF reported suicidal ideation on a separate self-report questionnaire (i.e., discordant responders). Discordant responders reported significantly higher levels of PTSD symptoms than those who denied suicidal ideation on both response formats. Findings suggest that the SITBI-SF is a reliable and valid interview-based measure of suicide-related thoughts and behaviors for use with military service members and veterans. Suicide risk assessment might be optimized if the SITBI-SF interview is combined with a self-report measure of related constructs.
While difficult to define, terrorism and terrorist-related aggressive acts can have a significant impact on societies and individuals. Acts of terrorism can disrupt the functioning of our day-to-day lives and can produce a range of emotional reactions including anxiety, anger, and fear. Prior literature has demonstrated that the public’s emotional response to terrorism has an impact on policy. Additionally, survivors can experience both short-term and long-term mental health difficulties; thus understanding how we measure these reactions is vital. The purpose of this chapter is to provide an overview of the literature and measures used to examine emotional response to terrorist-related aggressive acts. Sociodemographic variables are also considered. This chapter includes practical implications and considerations for practitioners for researchers and clinicians.
Analytical methods exist to detect biothreat agents in environmental samples during a response to biological contamination incidents. However, the coastal zone facilities and assets of the US Coast Guard (USCG), including response boats in diverse geographical areas and maritime environmental conditions, can pose complex and unique challenges for adapting existing analytical detection methods. The traditional culture (TC) and the rapid viability polymerase chain reaction (RV-PCR) methods were evaluated for their compatibility for maritime environmental surface and grab sample analysis to detect spores of Bacillus thuringiensis subspecies kurstaki (Btk), a surrogate for Bacillus anthracis. The representative samples collected from a USCG installation included surfaces, such as aluminum on boats, nonskid tread on decks of watercraft, computer touchscreens, and concrete piers, and grab samples of boat washdown water, soil, vegetation, and gravel from surrounding areas. Replicate samples were spiked with Btk spores at two to three tenfold increasing levels and analyzed. Out of a total of 150 samples collected and analyzed, the TC method gave 10 false-positive and 19 false-negative results, while the RV-PCR method-based analysis resulted in 0 false-positive and 26 false-negative results. An abundance of microbial background and particulates in some samples interfered with true results, while both methods gave similar results for samples with low microbial background and particulates. Improved and high-throughput sample processing methods are needed for analysis of complex environmental samples.
Importance: Improved, efficient, and acceptable treatments are needed for combat-related posttraumatic stress disorder (PTSD). Objective: To determine the efficacy of 2 compressed prolonged exposure (PE) therapy outpatient treatments for combat-related PTSD. Design, setting, and participants: This randomized clinical trial was conducted among military personnel and veterans at 4 sites in Texas from 2017 to 2019. Assessors were blinded to conditions. Data were analyzed from November 2020 to October 2022. Interventions: The interventions were massed-PE, which included 15 therapy sessions of 90 minutes each over 3 weeks, vs intensive outpatient program PE (IOP-PE), which included 15 full-day therapy sessions over 3 weeks with 8 treatment augmentations. The IOP-PE intervention was hypothesized to be superior to massed-PE. Main outcomes and measures: Coprimary outcomes included the Clinician-Administered PTSD Scale for Diagnostic and Statistical Manual of Mental Disorders (Fifth Edition) (DSM-5) (CAPS-5) and the PTSD Checklist for DSM-5 (PCL-5) administered at baseline and posttreatment follow-ups. Measures ranged from 0 to 80, with higher scores indicating greater severity. Diagnostic remission and reliable change were secondary outcomes. Results: Among 319 military personnel and veterans screened, 234 were randomized (mean [SD] age, 39.20 [7.72] years; 182 [78%] male participants), with 117 participants randomized to IOP-PE and 117 participants randomized to massed-PE. A total of 61 participants (26%) were African American, 58 participants (25%) were Hispanic, and 102 participants (44%) were White; 151 participants (65%) were married. Linear mixed-effects models found that CAPS-5 scores decreased in both treatment groups at the 1-month follow-up (IOP-PE: mean difference, -13.85 [95% CI, -16.47 to -11.23]; P < .001; massed-PE: mean difference, -14.13 [95% CI, -16.63 to -11.62]; P < .001). CAPS-5 change scores differed from 1- to 6-month follow-ups (mean difference, 4.44 [95% CI, 0.89 to 8.01]; P = .02). PTSD symptoms increased in massed-PE participants during follow-up (mean difference, 3.21 [95% CI, 0.65 to 5.77]; P = .01), whereas IOP-PE participants maintained treatment gains (mean difference, 1.23 [95% CI, -3.72 to 1.27]; P = .33). PCL-5 scores decreased in both groups from baseline to 1-month follow-up (IOP-PE: mean difference, -21.81 [95% CI, -25.57 to -18.04]; P < .001; massed-PE: mean difference, -19.96 [95% CI, -23.56 to -16.35]; P < .001) and were maintained at 6 months (IOP-PE: mean change, -0.21 [95% CI, -3.47 to 3.06]; P = .90; massed-PE: mean change, 3.02 [95% CI, -0.36 to 6.40]; P = .08). Both groups had notable PTSD diagnostic remission at posttreatment (IOP-PE: 48% [95% CI, 36% to 61%] of participants; massed-PE: 62% [95% CI, 51% to 73%] of participants), which was maintained at 6 months (IOP-PE: 53% [95% CI, 40% to 66%] of participants; massed-PE: 52% [95% CI, 38% to 66%] of participants). Most participants demonstrated reliable change on the CAPS-5 (61% [95% CI, 52% to 69%] of participants) and the PCL-5 (74% [95% CI, 66% to 81%] of participants) at the 1-month follow-up. Conclusions and relevance: These findings suggest that PE can be adapted into compressed treatment formats that effectively reduce PTSD symptoms. Trial registration: ClinicalTrials.gov Identifier: NCT03529435.
Several security tools have been described in recent times to assist security teams; however, the effectiveness and success remain limited to specific devices. Phishing is a type of cyberattack that uses fraudulent emails and websites to obtain personal information from unsuspecting users, such as passwords and credit card numbers. Hackers can gain access to your information through a variety of methods, and the most common of which are king, phishing, spear phishing, social engineering, and dictionary attacks. Each of these techniques is unique, but they all have the same goal: to obtain your personal information. Nevertheless, there is the potential to exploit this problem in terms of security. In this paper, we used the Bash Bunny (BB), a new tool designed to assist military, law enforcement, and penetration tester teams with their work to conduct exfiltration without privilege escalation through T1200, T1052, and T1052.001 techniques in air-gapped networks with effectiveness/success 99.706%.
Objective Multiple myeloma is a clonal plasma cell proliferation often causing bone lytic lesions. It is sometimes challenging to differentiate these lytic lesions associated with multiple myeloma from bone destruction due to a metastasis. Although coexistence of solid tumors and plasma cell myeloma in one patient has been described, synchronous skeletal metastases from both neoplasms occurring in the same bone lesion is exceptional. Indeed, only one case has been reported in the literature. Case presentation Herein, we report a case involving a 68-year-old Caucasian male patient admitted to our department for coronavirus disease 2019 infection with incidental finding of multiple lytic bone lesions during hospitalization. Laboratory tests revealed an increased immunoglobulin G kappa M protein and high levels of carbohydrate antigen 19-9. Bone marrow aspiration showed increased atypical plasma cells consistent with multiple myeloma. Percutaneous image-guided biopsy of one of the osteolytic lesions was performed. Pathological examination identified both plasma cell neoplasm and poorly differentiated metastatic carcinoma within the same bone lytic lesions. Conclusion The present case raises awareness among clinicians and pathologists that clinical and radiologic suspicion of multiple myeloma may be within the spectrum of second primary malignancies.
As climate change continues to exacerbate hazard losses across the USA, many communities are seeking to permanently reduce their hazard exposure by relocating households out of high-risk areas. In the USA, governments have traditionally relocated households using two mechanisms: buyout programs and eminent domain. Although both programs acquire private properties for public ownership and use, buyout programs are defined as voluntary by government entities, whereas eminent domain is compulsory. For decades, Harris County, Texas, has used both voluntary buyouts and eminent domain to relocate households out of flood-prone areas for different uses; buyouts produce open space, whereas eminent domain is used for flood risk reduction projects Although the literature on buyouts continues to grow, especially related to managed retreat, little research considers mandated relocation in response to hazard in the USA despite the increasing potential and calls for mandated relocations due to sea level rise and other climate-induced hazards. To address this gap in the literature, we analyze county records spanning approximately 100 years to examine the geographic patterns related to Harris County’s use of eminent domain and buyouts programs to mitigate flood hazards. Integrating these records into a Geographic Information System, this novel study is the first to compare these two programs and consider the implications for future managed retreat.
This article sheds light on a notable first in the history of air power. On 18 October 1940, four Italian Savoia-Marchetti SM.82s took off from the Dodecanese Islands in the Eastern Mediterranean, attacked the refinery of Bahrain in the Arabian Gulf and landed safely in Eritrea on the Red Sea coast. It was the longest mission ever carried out in total autonomy of flight and the first three-continent mission in the history of air bombing. This remarkable feat caught the British by surprise. Bahrain was thought to be so far away from enemy bases that it needed no defences at all. And, although the raid caused very little damage, it highlighted the exposed nature of Bahrain’s oilfields and refinery, forcing the hard-pressed British Empire to divert resources to defend an obscure theatre of war originally thought to be safe. This largely neglected mission is significant because in the course of the Second World War no other air forces managed to repeat this achievement or to equal this distance and because the Regia Aeronautica demonstrated an imaginative use of limited technology by upgrading the transport SM.82 planes into aircraft capable of carrying out bombing operations beyond the reach of its conventional bomber force. In this sense, it was a remarkable performance. But, at the same time, the bombing of Bahrain also illustrated how unprepared Italy’s armed forces were. Although by the end of 1940 the Regia Aeronautica had conducted several raids across the Mediterranean, the Red Sea and the Arabian Gulf, it had failed to achieve anything significant. This failure exposed all the limitations of a war effort that had been imposed on the armed forces by Mussolini despite conclusive evidence that Italy was not prepared to sustain a long conflict.
Immutability and traceability are the main reasons for the popularity of blockchain. Nevertheless, its transparency also makes the transactions visible to all participants, which seriously violates the privacy of some dealers. In order to transfer accounts over blockchain, all verifiers should be empowered with the ability to confirm the transactions, leading to the conflict between extensive consensus and individual privacy. Orienting to privacy issues of UTXO (Unspent Transaction Output), this paper exploited the unconditional security of Shamir’s secret sharing to construct a logic-physical map for public chain, which enabled noninteractive transaction verification without privacy infringement. A comprehensive analysis indicated that the proposed scheme is secure under UC (Universal Composability) framework with practical computation and communication overheads.
Background China's health spending has surged in the past five years, rising from 1,315.9 billion yuan to 1,754.5 billion yuan, an average annual growth rate is 7.5%. In order to control the excessive growth of medical expenses, China proposed Diagnosis-Intervention Packet (DIP) and DRGs payment methods based on local conditions, DIP was piloted in Guangzhou in 2018. The purpose of this study is to better provide evidence for the development of medical payment methods and also provide policy information for the development of medical insurance payment methods to support the promotion of DIP. Methods The data were collected from the medical expenses of inpatients provided by the Medical Insurance Department of a tertiary hospital in Guangzhou. SPSS 26.0 software was used to calculate the average hospitalization cost (AHC), proportion of nursing expenses (PNE), proportion of medicines fees (PM), proportion of examination fees (PEF), proportion of laboratory fees (PLF), length of stay and average age of inpatients from four dimensions without distinguishing diseases, core diseases, comprehensive diseases and single diseases. The Difference in Difference (DID) model was used to empirically analyze the data, and the robustness was tested. Results After the implementation of DIP, the growth rate of medical expenses has been controlled. As the cost data for all inpatients, compared with Fee-For-Service (FFS), DIP increased the PNE (β=0.006, p<0.1), and decreased PM(β=-0.051, p<0.05). From the perspective of core disease dimension, DIP decreased PEF (β=-0.015, p<0.05) and PM (β=-0.076, p<0.1). From the perspective of comprehensive diseases, DIP increased PNE (β=0.005, p<0.1). In terms of single diseases, DIP decreased the PEF (β=-0.044, p<0.05) and PLE (β=-0.054, p<0.001). The empirical results passed the equilibrium trend test and the robustness test. Conclusions DIP is more suitable for China's medical environment. It controls the growth rate of medical service costs, reduces PM, PLF and PEF to varying degrees, changes the structure of medical costs, guides the rational allocation of medical and health resources, and reflects the value of medical personnel services.
In February 2021, in response to emergence of more transmissible SARS-CoV-2 virus variants, the Canton Grisons launched a unique RNA mass testing program targeting the labour force in local businesses. Employees were offered weekly tests free of charge and on a voluntary basis. If tested positive, they were required to self-isolate for ten days and their contacts were subjected to daily testing at work. Thereby, the quarantine of contact persons could be waved.Here, we evaluate the effects of the testing program on the tested cohorts. We examined 121,364 test results from 27,514 participants during February–March 2021. By distinguishing different cohorts of employees, we observe a noticeable decrease in the test positivity rate and a statistically significant reduction in the associated incidence rate over the considered period. The reduction in the latter ranges between 18 and 50%. The variability is partly explained by different exposures to exogenous infection sources (e.g., contacts with visiting tourists or cross-border commuters). Our analysis provides the first empirical evidence that applying repetitive mass testing to a real population over an extended period of time can prevent spread of COVID-19 pandemic. However, to overcome logistic, uptake, and adherence challenges it is important that the program is carefully designed and that disease incursion from the population outside of the program is considered and controlled.
In the research of searchable encryption, fine-grained data authorization is a convenient way to manage the search rights for users. Recently, Liu et al. proposed a fine-grained searchable scheme with verification, which can control the search authorization and verify the results. In this paper, we first present a forgery attack against Liu et al.’s scheme and then propose a novel scheme of verifiable data search with fine-grained authorization in edge environment. Based on the key aggregate mechanism and Merkle hash tree, our proposed scheme not only achieves file-oriented search permission management but also implements the correctness and completeness verification of search results. In addition, with the assistance of edge server, resource-constrained users can easily perform the tasks of search and verification. Finally, we prove our scheme is secure based on the decision l -bilinear Diffie–Hellman exponent problem. The performance analysis and experiment results demonstrate that our proposed scheme has lower computation, communication, and storage costs contrast to the existing schemes.
Currently, unmanned aircraft systems (UASs) or drones are in service in various industrial fields, and each UAS operator establishes and operates their own independent drone system. These individual drone systems interact only with their own components without any integrated management. As the number of UASs is increasing due to the expansion of the drone industry, standardized operation is required. Therefore, to integrate and manage existing drone systems, the Federal Aviation Administration and National Aeronautics and Space Administration devised UAS Traffic Management (UTM). The drone identity module (DIM), which is being developed as a drone identification device, securely stores the remote identification (RID) of each drone and performs a cryptographic operation to secure information between the drone and UTM infrastructure. The DIM performs cryptographic authentication protocols to achieve cryptographic identification and authentication with the UTM infrastructure, which requires random numbers. Modern cryptographic systems rely on difficult computations, and an environment capable of generating secure cryptographic random numbers must be configured to provide high computational costs to attackers. In this paper, we explain the need for random numbers in the DIM, analyze random number generators used in related drone-based studies, and analyze the characteristics of noise resource generation devices that can be used in existing drone systems. Subsequently, based on the analysis results, existing methods are used to generate random numbers in the DIM, and limitations are derived. To overcome these limitations, we propose a method of generating random numbers in the DIM using quantum noise resources. For our proposal, we conduct an analysis of the physical specifications of noise resource generation devices, DIM prototypes, and quantum noise resource generators in existing drone systems, and we present the results of NIST 800-90B entropy measurement using data collected from quantum random number generators.
Institution pages aggregate content on ResearchGate related to an institution. The members listed on this page have self-identified as being affiliated with this institution. Publications listed on this page were identified by our algorithms as relating to this institution. This page was not created or approved by the institution. If you represent an institution and have questions about these pages or wish to report inaccurate content, you can contact us here.
228 members
Venkaiah Betapudi
  • Research and Development Division
David Ben Stern
  • National Bioforensic Analysis Center
Washington, D.C., United States