Work-related road risks and legal liabilities : report for the Redland City Council

Workplace serious injuries and deaths due to unsafe work practices are a substantial health and socioeconomic burden to the community, particularly in industries such as construction, agriculture and fishing, and transport and storage. Some 2000 individuals die each year from work-related causes and tens of thousands of individuals incur permanent disabling work-related injuries and the direct (e.g., medical & legal) and indirect (e.g., lost productivity) cost to the Australian economy has been estimated between $32 billion and $57 billion annually. A common cause of workplace injuries and deaths is occupational driving and work-related fatal road crashes comprise between 23 and 32% of work-related fatalities each year. A major safety concern across the various industry groups therefore involve deaths and injuries associated with work-related driving. However, while organisations emphasise safety practices in most spheres of the workplace they often neglect work-related driving and lack appropriate policies to enhance safe driving practices.

Intrusion detection framework for encrypted networks

Network-based Intrusion Detection Systems (NIDSs) monitor network traffic for signs of malicious activities that have the potential to disrupt entire network infrastructures and services. NIDS can only operate when the network traffic is available and can be extracted for analysis. However, with the growing use of encrypted networks such as Virtual Private Networks (VPNs) that encrypt and conceal network traffic, a traditional NIDS can no longer access network traffic for analysis. The goal of this research is to address this problem by proposing a detection framework that allows a commercial off-the-shelf NIDS to function normally in a VPN without any modification. One of the features of the proposed framework is that it does not compromise on the confidentiality afforded by the VPN. Our work uses a combination of Shamir’s secret-sharing scheme and randomised network proxies to securely route network traffic to the NIDS for analysis. The detection framework is effective against two general classes of attacks – attacks targeted at the network hosts or attacks targeted at framework itself. We implement the detection framework as a prototype program and evaluate it. Our evaluation shows that the framework does indeed detect these classes of attacks and does not introduce any additional false positives. Despite the increase in network overhead in doing so, the proposed detection framework is able to consistently detect intrusions through encrypted networks.

Secure data aggregation in wireless sensor networks

A Wireless Sensor Network (WSN) is a set of sensors that are integrated with a physical environment. These sensors are small in size, and capable of sensing physical phenomena and processing them. They communicate in a multihop manner, due to a short radio range, to form an Ad Hoc network capable of reporting network activities to a data collection sink. Recent advances in WSNs have led to several new promising applications, including habitat monitoring, military target tracking, natural disaster relief, and health monitoring. The current version of sensor node, such as MICA2, uses a 16 bit, 8 MHz Texas Instruments MSP430 micro-controller with only 10 KB RAM, 128 KB program space, 512 KB external ash memory to store measurement data, and is powered by two AA batteries. Due to these unique specifications and a lack of tamper-resistant hardware, devising security protocols for WSNs is complex. Previous studies show that data transmission consumes much more energy than computation. Data aggregation can greatly help to reduce this consumption by eliminating redundant data. However, aggregators are under the threat of various types of attacks. Among them, node compromise is usually considered as one of the most challenging for the security of WSNs. In a node compromise attack, an adversary physically tampers with a node in order to extract the cryptographic secrets. This attack can be very harmful depending on the security architecture of the network. For example, when an aggregator node is compromised, it is easy for the adversary to change the aggregation result and inject false data into the WSN. The contributions of this thesis to the area of secure data aggregation are manifold. We firstly define the security for data aggregation in WSNs. In contrast with existing secure data aggregation definitions, the proposed definition covers the unique characteristics that WSNs have. Secondly, we analyze the relationship between security services and adversarial models considered in existing secure data aggregation in order to provide a general framework of required security services. Thirdly, we analyze existing cryptographic-based and reputationbased secure data aggregation schemes. This analysis covers security services provided by these schemes and their robustness against attacks. Fourthly, we propose a robust reputationbased secure data aggregation scheme for WSNs. This scheme minimizes the use of heavy cryptographic mechanisms. The security advantages provided by this scheme are realized by integrating aggregation functionalities with: (i) a reputation system, (ii) an estimation theory, and (iii) a change detection mechanism. We have shown that this addition helps defend against most of the security attacks discussed in this thesis, including the On-Off attack. Finally, we propose a secure key management scheme in order to distribute essential pairwise and group keys among the sensor nodes. The design idea of the proposed scheme is the combination between Lamport's reverse hash chain as well as the usual hash chain to provide both past and future key secrecy. The proposal avoids the delivery of the whole value of a new group key for group key update; instead only the half of the value is transmitted from the network manager to the sensor nodes. This way, the compromise of a pairwise key alone does not lead to the compromise of the group key. The new pairwise key in our scheme is determined by Diffie-Hellman based key agreement.

The Aboriginal version of Ken Done ... banal aboriginal identities in Australia

Histories of representation of Blackness are quite distinct in Australia and in America. Indigenous Australian identities have been consistently 'fatal', in Baudrillard's use of that term. So, while Black American representation includes intensely banal images of middle-class, materialistic individuals, such histories are largely absent in the Australian context. This implies that the few such representations which do occur — and particularly those of everyday game shows such as Sale of the Century and Family Feud — are particularly important for presenting a trivial, unexciting version of Aboriginality. This also clarifies the distinction between American and Australian versions of Blackness, and suggests that the latter set of representations might be more usefully viewed in relation to Native American rather than Black American images. The status of indigeneity might prove to be more relevant to Australian Aboriginal representation than the previously favoured identity of skin colour (Blackness).

Self-defence against terrorism in the post 9/11 world

In 1986 the then United States Secretary of State George Shultz asserted that: It is absurd to argue that international law prohibits us from capturing terrorists in international waters or airspace; from attacking them on the soil of other nations, even for the purpose of rescuing hostages; or from using force against states that support, train and harbor terrorists or guerrillas. At that time the United States’ claim of a right to use military force in self-defence against terrorism2 received little support from other states.3 The predominant view then was that terrorist attacks committed by private or non-state actors were a form of criminal activity to be combated through domestic and international criminal justice mechanisms. The notion that such terrorist acts should be treated as ‘armed attacks’ triggering a victim state’s right of self-defence was not accepted by the majority of states. To suggest, as Shultz had done, that a state not directly responsible for terrorist acts could have its territorial integrity violated by military action targeting terrorists located within that state, was a controversial proposition in 1986. However, some fifteen years later, when the United States and a coalition of allies launched a military campaign in Afghanistan following the 11 September 2001 (hereafter ‘9/11’) terrorist attacks, there was virtually unanimous international support for the use of force.

Illegal street racing and associated (hooning) behaviours

In an Australian context, the term hooning refers to risky driving behaviours such as illegal street racing and speed trials, as well as behaviours that involve unnecessary noise and smoke, which include burn outs, donuts, fish tails, drifting and other skids. Hooning receives considerable negative media attention in Australia, and since the 1990s all Australian jurisdictions have implemented vehicle impoundment programs to deal with the problem. However, there is limited objective evidence of the road safety risk associated with hooning behaviours. Attempts to estimate the risk associated with hooning are limited by official data collection and storage practices, and the willingness of drivers to admit to their illegal behaviour in the event of a crash. International evidence suggests that illegal street racing is associated with only a small proportion of fatal crashes; however, hooning in an Australian context encompasses a broader group of driving behaviours than illegal street racing alone, and it is possible that the road safety risks will differ with these behaviours. There is evidence from North American jurisdictions that vehicle impoundment programs are effective for managing drink driving offenders, and drivers who continue to drive while disqualified or suspended both during and post-impoundment. However, these programs used impoundment periods of 30 – 180 days (depending on the number of previous offences). In Queensland the penalty for a first hooning offence is 48 hours, while the vehicle can be impounded for up to 3 months for a second offence, or permanently for a third or subsequent offence within three years. Thus, it remains unclear whether similar effects will be seen for hooning offenders in Australia, as no evaluations of vehicle impoundment programs for hooning have been published. To address these research needs, this program of research consisted of three complementary studies designed to: (1) investigate the road safety implications of hooning behaviours in terms of the risks associated with the specific behaviours, and the drivers who engage in these behaviours; and (2) assess the effectiveness of current approaches to dealing with the problem; in order to (3) inform policy and practice in the area of hooning behaviour. Study 1 involved qualitative (N = 22) and quantitative (N = 290) research with drivers who admitted engaging in hooning behaviours on Queensland roads. Study 2 involved a systematic profile of a large sample of drivers (N = 834) detected and punished for a hooning offence in Queensland, and a comparison of their driving and crash histories with a randomly sampled group of Queensland drivers with the same gender and age distribution. Study 3 examined the post-impoundment driving behaviour of hooning offenders (N = 610) to examine the effects of vehicle impoundment on driving behaviour. The theoretical framework used to guide the research incorporated expanded deterrence theory, social learning theory, and driver thrill-seeking perspectives. This framework was used to explore factors contributing to hooning behaviours, and interpret the results of the aspects of the research designed to explore the effectiveness of vehicle impoundment as a countermeasure for hooning. Variables from each of the perspectives were related to hooning measures, highlighting the complexity of the behaviour. This research found that the road safety risk of hooning behaviours appears low, as only a small proportion of the hooning offences in Study 2 resulted in a crash. However, Study 1 found that hooning-related crashes are less likely to be reported than general crashes, particularly when they do not involve an injury, and that higher frequencies of hooning behaviours are associated with hooning-related crash involvement. Further, approximately one fifth of drivers in Study 1 reported being involved in a hooning-related crash in the previous three years, which is comparable to general crash involvement among the general population of drivers in Queensland. Given that hooning-related crashes represented only a sub-set of crash involvement for this sample, this suggests that there are risks associated with hooning behaviour that are not apparent in official data sources. Further, the main evidence of risk associated with the behaviour appears to relate to the hooning driver, as Study 2 found that these drivers are likely to engage in other risky driving behaviours (particularly speeding and driving vehicles with defects or illegal modifications), and have significantly more traffic infringements, licence sanctions and crashes than drivers of a similar (i.e., young) age. Self-report data from the Study 1 samples indicated that Queensland’s vehicle impoundment and forfeiture laws are perceived as severe, and that many drivers have reduced their hooning behaviour to avoid detection. However, it appears that it is more common for drivers to have simply changed the location of their hooning behaviour to avoid detection. When the post-impoundment driving behaviour of the sample of hooning offenders was compared to their pre-impoundment behaviour to examine the effectiveness of vehicle impoundment in Study 3, it was found that there was a small but significant reduction in hooning offences, and also for other traffic infringements generally. As Study 3 was observational, it was not possible to control for extraneous variables, and is, therefore, possible that some of this reduction was due to other factors, such as a reduction in driving exposure, the effects of changes to Queensland’s Graduated Driver Licensing scheme that were implemented during the study period and affected many drivers in the offender sample due to their age, or the extension of vehicle impoundment to other types of offences in Queensland during the post-impoundment period. However, there was a protective effect observed, in that hooning offenders did not show the increase in traffic infringements in the post period that occurred within the comparison sample. This suggests that there may be some effect of vehicle impoundment on the driving behaviour of hooning offenders, and that this effect is not limited to their hooning driving behaviour. To be more confident in these results, it is necessary to measure driving exposure during the post periods to control for issues such as offenders being denied access to vehicles. While it was not the primary aim of this program of research to compare the utility of different theoretical perspectives, the findings of the research have a number of theoretical implications. For example, it was found that only some of the deterrence variables were related to hooning behaviours, and sometimes in the opposite direction to predictions. Further, social learning theory variables had stronger associations with hooning. These results suggest that a purely legal approach to understanding hooning behaviours, and designing and implementing countermeasures designed to reduce these behaviours, are unlikely to be successful. This research also had implications for policy and practice, and a number of recommendations were made throughout the thesis to improve the quality of relevant data collection practices. Some of these changes have already occurred since the expansion of the application of vehicle impoundment programs to other offences in Queensland. It was also recommended that the operational and resource costs of these laws should be compared to the road safety benefits in ongoing evaluations of effectiveness to ensure that finite traffic policing resources are allocated in a way that produces maximum road safety benefits. However, as the evidence of risk associated with the hooning driver is more compelling than that associated with hooning behaviour, it was argued that the hooning driver may represent the better target for intervention. Suggestions for future research include ongoing evaluations of the effectiveness of vehicle impoundment programs for hooning and other high-risk driving behaviours, and the exploration of additional potential targets for intervention to reduce hooning behaviour. As the body of knowledge regarding the factors contributing to hooning increases, along with the identification of potential barriers to the effectiveness of current countermeasures, recommendations for changes in policy and practice for hooning behaviours can be made.

A spoofing detection method for civilian L1 GPS and the E1-B Galileo Safety of Life service

This paper describes an effective method for signal-authentication and spoofing detection for civilian GNSS receivers using the GPS L1 C/A and the Galileo E1-B Safety of Life service. The paper discusses various spoofing attack profiles and how the proposed method is able to detect these attacks. This method is relatively low-cost and can be suitable for numerous mass-market applications. This paper is the subject of a pending patent.

A learning-based approach to reactive security

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender’s strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker’s incentives and knowledge.

Open problems in the security of learning

Machine learning has become a valuable tool for detecting and preventing malicious activity. However, as more applications employ machine learning techniques in adversarial decision-making situations, increasingly powerful attacks become possible against machine learning systems. In this paper, we present three broad research directions towards the end of developing truly secure learning. First, we suggest that finding bounds on adversarial influence is important to understand the limits of what an attacker can and cannot do to a learning system. Second, we investigate the value of adversarial capabilities-the success of an attack depends largely on what types of information and influence the attacker has. Finally, we propose directions in technologies for secure learning and suggest lines of investigation into secure techniques for learning in adversarial environments. We intend this paper to foster discussion about the security of machine learning, and we believe that the research directions we propose represent the most important directions to pursue in the quest for secure learning.

The threat to scientific integrity in environmental and occupational medicine

Over the last century, environmental and occupational medicine has played a significant role in the protection and improvement of public health. However, scientific integrity in this field has been increasingly threatened by pressure from some industries and governments. For example, it has been reported that the tobacco industry manipulated eminent scientists to legitimise their industrial positions, irresponsibly distorted risk and deliberately subverted scientific processes, and influenced many organisations in receipt of tobacco funding. Many environmental whistleblowers were sued and encountered numerous personal attacks. In some countries, scientific findings have been suppressed and distorted, and scientific advisory committees manipulated for political purposes by government agencies. How to respond to these threats is an important challenge for environmental and occupational medicine professionals and their societies. The authors recommend that professional organisations adopt a code of ethics that requires openness from public health professionals; that they not undertake research or use data where they do not have freedom to publish their results if these data have public health implications; that they disclose all possible conflicts; that the veracity of their research results should not be compromised; and that their research independence be protected through professional and legal support. The authors furthermore recommend that research funding for public health not be directly from the industry to the researcher. An independent, intermediate funding scheme should be established to ensure that there is no pressure to analyse data and publish results in bad faith. Such a funding system should also provide equal competition for funds and selection of the best proposals according to standard scientific criteria.

Libya and the international community’s 'responsibility to protect'

The Libyan regime’s attacks on its own civilian population are a test case for the international community’s commitment to the notion of a “responsibility to protect” (R2P). The UN Security Council’s statement on 22 February 2011 explicitly invoked this concept by calling on “the Government of Libya to meet its responsibility to protect its population”. Yet, with Muammar Gaddafi encouraging further violence against protesters and threatening to fight “until the last drop of blood” it seems unlikely that the Security Council’s warning will be heeded. Greater pressure from the international community will be needed to bring an end to the atrocities in Libya. The international response to the Libyan crisis represents an opportunity to translate the theory of R2P into practice.

The tales we tell : exploring the legal stories of Queensland women who kill

The bulk of the homicide research to date has focused on male offending, with little consideration given to women's offending and in particular, their constructions within the courtroom following a homicide-related charge. This thesis examines, in detail, nineteen homicide cases finalised in the Queensland Supreme Courts between 01/01/1997 and 31/12/2002, in order to document and discuss the various legal stories available to women who kill. Predominantly, two “stock stories” are available within the court. The first, presented by the defence, offers the accused woman a victimised position to occupy. Evidence of victimisation is made available through previous abuse, expert testimony from psychologists and psychiatrists, challenges to her mental health, or appeals to her emotional nature. The second stock story, presented by the prosecution, positions the accused woman as angry, full of revenge, calculating and self serving. Such a script is usually supported by witnesses, police evidence, and family members. This thesis examines these competing and contradictory scripts using thematic discourse analysis to examine the court transcripts in detail. It argues that the "truth" of the fatal incident is based on one of these two prevailing scripts. This research destabilises the dominant script of violent female offending in the feminist literature. Most research to date has focussed on explaining the circumstances in which women kill, concentrating attention on the victimisation of the violent offending woman and negating or de-prioritising any volition on her part. By analysing all transcripts of women whose trials were held within the specified period, this research is able to demonstrate the stories used to describe their complex offending, and draw attention to the anger and intent that can occur alongside the victimisation.

The beliefs which motivate young male and female drivers to speed : a comparison of low and high intenders

In Australia, young drivers aged 17 to 24 years, and particularly males, have the highest risk of being involved in a fatal crash. Investigation of young drivers’ beliefs allows for a greater understanding of their involvement in risky behaviours, such as speeding, as beliefs are associated with intentions, the antecedent to behaviour. The theory of planned behaviour (TPB) was used to conceptualise beliefs using a scenario based questionnaire distributed to licensed drivers (N = 398). The questionnaire measured individual’s beliefs and intentions to speed in a particular situation. Consistent with a TPB-based approach, the beliefs of those with low intentions to speed (‘low intenders’) were compared with the beliefs of those with high intentions (‘high intenders’) with such comparisons conducted separately for males and females. Overall, significant differences in the beliefs held by low and high intenders and for both females and males were found. Specifically, for females, it was found that high intenders were significantly more likely to perceive advantages of speeding, less likely to perceive disadvantages, and more likely to be encouraged to speed on familiar and inappropriately signed roads than female low intenders. Females, however, did not differ in their perceptions of support from friends, with all females reporting some level of disapproval from most friends and all females (i.e., low and high intenders) reporting approval to speed from their male friends. The results for males revealed that high intenders were significantly more likely to speed on familiar and inappropriately signed roads as well as having greater perceptions of support from all friends, except from those friends with whom they worked. Low and high intending males did not differ in their perceptions of the advantages and disadvantages of speeding, with the exception of feelings of excitement whereby high intenders reported speeding to be more exciting than low intenders. The findings are discussed in terms of how they may directly inform the content of mass media and public education campaigns aimed at encouraging young drivers to slow down.

Data preprocessing for anomaly based network intrusion detection : a review

Data preprocessing is widely recognized as an important stage in anomaly detection. This paper reviews the data preprocessing techniques used by anomaly-based network intrusion detection systems (NIDS), concentrating on which aspects of the network traffic are analyzed, and what feature construction and selection methods have been used. Motivation for the paper comes from the large impact data preprocessing has on the accuracy and capability of anomaly-based NIDS. The review finds that many NIDS limit their view of network traffic to the TCP/IP packet headers. Time-based statistics can be derived from these headers to detect network scans, network worm behavior, and denial of service attacks. A number of other NIDS perform deeper inspection of request packets to detect attacks against network services and network applications. More recent approaches analyze full service responses to detect attacks targeting clients. The review covers a wide range of NIDS, highlighting which classes of attack are detectable by each of these approaches. Data preprocessing is found to predominantly rely on expert domain knowledge for identifying the most relevant parts of network traffic and for constructing the initial candidate set of traffic features. On the other hand, automated methods have been widely used for feature extraction to reduce data dimensionality, and feature selection to find the most relevant subset of features from this candidate set. The review shows a trend toward deeper packet inspection to construct more relevant features through targeted content parsing. These context sensitive features are required to detect current attacks.

Parametric differences between a real-world distributed denial-of-service attack and a flash event

Distributed Denial-of-Service (DDoS) attacks continue to be one of the most pernicious threats to the delivery of services over the Internet. Not only are DDoS attacks present in many guises, they are also continuously evolving as new vulnerabilities are exploited. Hence accurate detection of these attacks still remains a challenging problem and a necessity for ensuring high-end network security. An intrinsic challenge in addressing this problem is to effectively distinguish these Denial-of-Service attacks from similar looking Flash Events (FEs) created by legitimate clients. A considerable overlap between the general characteristics of FEs and DDoS attacks makes it difficult to precisely separate these two classes of Internet activity. In this paper we propose parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate our proposal. Our analysis shows that even though FEs appear very similar to DDoS attacks, there are several subtle dissimilarities which can be exploited to separate these two classes of events.