Enhancing security of linux-based android devices

Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways from payment systems to assisting the lives of elderly or disabled people. Security threats for these devices become increasingly dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level. Therefore, third-party developers have the opportunity to develop kernel-based low-level security tools which is not normal for smartphone platforms. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS for example, holding the greatest market share among all smartphone OSs, was closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners� privacy. In this work, we present our current results in analyzing the security of Android smartphones with a focus on its Linux side. Our results are not limited to Android, they are also applicable to Linux-based smartphones such as OpenMoko Neo FreeRunner. Our contribution in this work is three-fold. First, we analyze android framework and the Linux-kernel to check security functionalities. We survey wellaccepted security mechanisms and tools which can increase device security. We provide descriptions on how to adopt these security tools on Android kernel, and provide their overhead analysis in terms of resource usage. As open smartphones are released and may increase their market share similar to Symbian, they may attract attention of malware writers. Therefore, our second contribution focuses on malware detection techniques at the kernel level. We test applicability of existing signature and intrusion detection methods in Android environment. We focus on monitoring events on the kernel; that is, identifying critical kernel, log file, file system and network activity events, and devising efficient mechanisms to monitor them in a resource limited environment. Our third contribution involves initial results of our malware detection mechanism basing on static function call analysis. We identified approximately 105 Executable and Linking Format (ELF) executables installed to the Linux side of Android. We perform a statistical analysis on the function calls used by these applications. The results of the analysis can be compared to newly installed applications for detecting significant differences. Additionally, certain function calls indicate malicious activity. Therefore, we present a simple decision tree for deciding the suspiciousness of the corresponding application. Our results present a first step towards detecting malicious applications on Android-based devices.

National architecture conference 2012

May was a particularly busy month with lots of exciting architectural things happening in Brisbane, including the sell-out 2012 National Architecture Conference. The total number of conference attendees was 1,625, which was the largest number of attendees to any Australian National Architecture Conference to date. This was the first time that the National Architecture Conference had been held in Brisbane in over 20 years, and the enormous turnout of 947 Queenslanders to the conference was testament to the positive decision to include Brisbane as a conference venue. The theme of this year’s conference was ‘experience’. Building on ideas introduced in the recent ‘natural artifice’ conference, creative directors Shane Thompson, Michael Rayner and Peter Skinner focused closely on the real, sensed experience of architecture within its natural and constructed settings and the experience of designing and making architecture. The conference attracted a variety of high profile international speakers, including architect and professor, Wang Shu, the 2012 Pritzker Architecture Prize Laureate and co-founder of the Amateur Architecture Studio in China. Other highlights included presentations from Peter Rich [South Africa], Kathryn Findlay [United Kingdom], Rachel Neeson [Australia], Anuradha Mathur & Dilip da Cunha [United States] and Kjetil Thorsen [Norway]. QUT had a strong presence at the conference. In addition to pleasing attendance rates from QUT School of Design students and staff, our Head-of-School Professor Paul Sanders, was given the honourable task of introducing keynote speaker Peter Rich, and facilitating the Q&A session after his presentation, which received a standing ovation. There were many events organised for students and young architects by QUT’s SONA reps, including a masterclass, opening party, collaborative design and construction of the SONA Pavilion, and finally, organisation of the all important SONA Hangover Breakfast, the morning after the closing party. The 2012 National Architecture Conference was truly memorable and an experience not to have been missed. I encourage anyone with a passion for architecture and a desire to be completely inspired by current and emerging leaders in our exciting profession, to start making plans to attend next year’s conference.

From simulation to emulation : an integrated approach for network security evaluation

We present a virtual test bed for network security evaluation in mid-scale telecommunication networks. Migration from simulation scenarios towards the test bed is supported and enables researchers to evaluate experiments in a more realistic environment. We provide a comprehensive interface to manage, run and evaluate experiments. On basis of a concrete example we show how the proposed test bed can be utilized.

Kerberos based security system for session initiation protocol

Session Initiation Protocol (SIP) is developed to provide advanced voice services over IP networks. SIP unites telephony and data world, permitting telephone calls to be transmitted over Intranets and Internet. Increase in network performance and new mechanisms for guaranteed quality of service encourage this consolidation to provide toll cost savings. Security comes up as one of the most important issues when voice communication and critical voice applications are considered. Not only the security methods provided by traditional telephony systems, but also additional methods are required to overcome security risks introduced by the public IP networks. SIP considers security problems of such a consolidation and provides a security framework. There are several security methods defined within SIP specifications and extensions. But, suggested methods can not solve all the security problems of SIP systems with various system requirements. In this thesis, a Kerberos based solution is proposed for SIP security problems, including SIP authentication and privacy. The proposed solution tries to establish flexible and scalable SIP system that will provide desired level of security for voice communications and critical telephony applications.

Militarism and International Relations : Political economy, security, theory, edited by Anna Stavrianakis and Jan Selby, Abingdon, Routledge, 2012, 212 pp., £80.00 (hardback), ISBN 978-0-415-61491-7

An engaging narrative is maintained throughout this edited collection of articles that address the issue of militarism in international relations. The book seamlessly integrates historical and contemporary perspectives on militarism with theory and relevant international case studies, resulting in a very informative read. The work is comprised of three parts. Part 1 deals with the theorisation of militarism and includes chapters by Anna Stavrianakis and Jan Selby, Martin Shaw, Simon Dalby, and Nicola Short. It covers a range of topics relating to historical and contemporary theories of militarism, geopolitical threat construction, political economy, and the US military’s ‘cultural turn’.

Usability and security of gaze-based graphical grid passwords

We present and analyze several gaze-based graphical password schemes based on recall and cued-recall of grid points; eye-trackers are used to record user's gazes, which can prevent shoulder-surfing and may be suitable for users with disabilities. Our 22-subject study observes that success rate and entry time for the grid-based schemes we consider are comparable to other gaze-based graphical password schemes. We propose the first password security metrics suitable for analysis of graphical grid passwords and provide an in-depth security analysis of user-generated passwords from our study, observing that, on several metrics, user-generated graphical grid passwords are substantially weaker than uniformly random passwords, despite our attempts at designing schemes to improve quality of user-generated passwords.

A proposed Australian industrial control system security curriculum

The security of industrial control systems in critical infrastructure is a concern for the Australian government and other nations. There is a need to provide local Australian training and education for both control system engineers and information technology professionals. This paper proposes a postgraduate curriculum of four courses to provide knowledge and skills to protect critical infrastructure industrial control systems. Our curriculum is unique in that it provides security awareness but also the advanced skills required for security specialists in this area. We are aware that in the Australian context there is a cultural gap between the thinking of control system engineers who are responsible for maintaining and designing critical infrastructure and information technology professionals who are responsible for protecting these systems from cyber attacks. Our curriculum aims to bridge this gap by providing theoretical and practical exercises that will raise the awareness and preparedness of both groups of professionals.

Visualising security incidents through event aggregation

Extracting and aggregating the relevant event records relating to an identified security incident from the multitude of heterogeneous logs in an enterprise network is a difficult challenge. Presenting the information in a meaningful way is an additional challenge. This paper looks at solutions to this problem by first identifying three main transforms; log collection, correlation, and visual transformation. Having identified that the CEE project will address the first transform, this paper focuses on the second, while the third is left for future work. To aggregate by correlating event records we demonstrate the use of two correlation methods, simple and composite. These make use of a defined mapping schema and confidence values to dynamically query the normalised dataset and to constrain result events to within a time window. Doing so improves the quality of results, required for the iterative re-querying process being undertaken. Final results of the process are output as nodes and edges suitable for presentation as a network graph.

The Australian Business Assessment of Computer User Security (ABACUS): A national survey.

The Australian Business Assessment of Computer User Security (ABACUS) survey is a nationwide assessment of the prevalence and nature of computer security incidents experienced by Australian businesses. This report presents the findings of the survey which may be used by businesses in Australia to assess the effectiveness of their information technology security measures.

A comparative analysis of the integration of SOA elements in widely-used enterprise architecture frameworks

In recent years, enterprise architecture (EA) has captured increasing interest as a means to systematically consolidate and manage various enterprise artefacts in order to provide holistic decision support for business/IT alignment and business/IT landscapes management. To provide a holistic perspective on the enterprise over time, EA frameworks need to co-evolve with the changes in the enterprise and its IT over time. In this paper we focus on the emergence of Service-Oriented Architecture (SOA). There is a need to integrate SOA with EA to keep EA relevant and to use EA products to help drive successful SOA. This paper investigates and compares the integration of SOA elements in five widely used EA frameworks: Archimate, The Open Group Architecture Framework (TOGAF), Federal Enterprise Architecture Framework (FEAF), Department of Defence Architecture Framework (DoDAF) and the Ministry of Defence Architecture Framework (MODAF). It identifies what SOA elements are considered and their relative position in the overall structure. The results show that services and related elements are far from being well-integrated constructs in current EA frameworks and that the different EA frameworks integrated SOA elements in substantially different ways. Our results can support the academic EA and SOA communities with a closer and more consistent integration of EA and SOA and support practitioners in identifying an EA framework that provides the SOA support that matches their requirements.

Effects of scaffold architecture on cranial bone healing

Scaffolds for bone tissue engineering should be designed to optimize cell migration, enhance new bone formation and give mechanical support. In the present study, we used polycaprolactone-tricalciumphosphate (PCL/TCP) scaffolds with two different fibre lay down patterns which were coated with hydroxyapatite and gelatine as an approach for optimizing bone regeneration in a critical sized calvarial defect. After 12 weeks bone regeneration was quantified using microCT analysis, biomechanical testing and histological evaluation. Notably, the experimental groups containing coated scaffolds showed lower bone formation and lower biomechanical properties within the defect compared to the uncoated scaffolds. Surprisingly, the different lay down pattern of the fibres resulted in different bone formation and biomechanical properties; namely 0/60/120° scaffolds revealed lower bone formation and biomechanical properties compared to the 0/90° scaffolds in all the experimental groups. The different architecture of the scaffold fibres may have an effect on nutrition supply as well as the attachment of the newly formed matrix to the scaffold. Therefore, future bone regeneration strategies utilising scaffolds should consider scaffold architecture as an important factor during the scaffold optimisation stages in order to move closer to a clinical application.

Simulation architecture for the design of cooperative collision warning systems

Simulation has been widely used to estimate the benefits of Cooperative Systems (CS) based on Inter-Vehicular Communications (IVC). This paper presents a new architecture built with the SiVIC simulator and the RTMaps™ multisensors prototyping platform. We introduce several improvements from a previous similar architecture, regarding IVC modelisation and vehicles’ control. It has been tuned with on-road measurements to improve fidelity. We discuss the results of a freeway emergency braking scenario (EEBL) implemented to validate our architecture’s capabilities.

Simulation architecture for cooperative ITS applications and augmented perception

Cooperative Systems provide, through the multiplication of information sources over the road, a lot of potential to improve the safety of road users, especially drivers. However, developing cooperative ITS applications requires additional resources compared to non-cooperative applications which are both time consuming and expensive. In this paper, we present a simulation architecture aimed at prototyping cooperative ITS applications in an accurate and detailed, close-to-reality environment; the architecture is designed to be modular and generalist. It can be used to simulate any type of CS applications as well as augmented perception. Then, we discuss the results of two applications deployed with our architecture, using a common freeway emergency braking scenario. The first application is Emergency Electronic Brake Light (EEBL); we discuss improvements in safety in terms of the number of crashes and the severity of crashes. The second application compares the performance of a cooperative risk assessment using an augmented map against a non-cooperative approach based on local-perception only. Our results show a systematic improvement of forward warning time for most vehicles in the string when using the augmented-map-based risk assessment.

Background to the development of a curriculum for the history of “cyber” and “communications” security

For any discipline to be regarded as a professional undertaking by which its members may be treated as true “professionals” in a specific area, practitioners must clearly understand that discipline’s history as well as the place and significance of that history in current practice as well as its relevance to available technologies and artefacts at the time. This is common for many professional disciplines such as medicine, pharmacy, engineering, law and so on but not yet, this paper submits, in information technology. Based on twenty five elapsed years of experience in developing and delivering Cybersecurity courses at undergraduate and postgraduate levels, this paper proposes a rationale and set of differing perspectives for the planning and development of curricula relevant to the delivery of appropriate courses in the history of cybersecurity or information assurance to information and communications technology (ICT) students and thus to potential information technology professionals.