An investigation of nucleation events in a coastal urban environment in the southern hemisphere

The occurrence of and conditions favourable to nucleation were investigated at an industrial and commercial coastal location in Brisbane, Australia during five different campaigns covering a total period of 13 months. To identify potential nucleation events, the difference in number concentration in the size range 14-30 nm (N14-30) between consecutive observations was calculated using first-order differencing. The data showed that nucleation events were a rare occurrence, and that in the absence of nucleation the particle number was dominated by particles in the range 30-300 nm. In many instances, total particle concentration declined during nucleation. There was no clear pattern in change in NO and NO2 concentrations during the events. SO2 concentration, in the majority of cases, declined during nucleation but there were exceptions. Most events took place in summer, followed by winter and then spring, and no events were observed for the autumn campaigns. The events were associated with sea breeze and long-range transport. Roadside emissions, in contrast, did not contribute to nucleation, probably due to the predominance of particles in the range 50-100 nm associated with these emissions.

Public sector evaluation of festivals and special events

This research project set out to explore Unitary Authority (UA) involvement in festivals and special events across Wales. It considers the level and nature of UA involvement and investigates activity by event purpose; reasons for, and characteristics of, UA engagement; and, crucially, the extent and nature of event evaluation. The study’s aim was to begin the development of a baseline of information for further research into the growing use of festivals and special events as a strategy for local economic development in Wales. A quantitative survey approach facilitated a comprehensive snapshot of UA responses whilst also incorporating discursive elements. A telephone survey was designed and undertaken with representatives of all 22 UA departments responsible for festivals and events in Wales. The research reveals a significant level of festival and special event activity across Wales, supported primarily for its perceived socio-cultural value. However, evaluation would appear to be focused on improving processes and measuring economic outputs rather than assessing whether socio-cultural objectives are being achieved. Whilst overwhelmingly positive about efforts to improve approaches to evaluation, respondents held clear views about the complications most likely to hamper any such efforts. These responses focused upon the need for flexibility, cost effectiveness and comparability across festival and special event typologies.

Abstracting and correlating heterogeneous events to detect complex scenarios

The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.

Nurse-determined assessment of cardiac output. Comparing a non-invasive cardiac output device and pulmonary artery catheter: a prospective observational study.

Background The accurate measurement of Cardiac output (CO) is vital in guiding the treatment of critically ill patients. Invasive or minimally invasive measurement of CO is not without inherent risks to the patient. Skilled Intensive Care Unit (ICU) nursing staff are in an ideal position to assess changes in CO following therapeutic measures. The USCOM (Ultrasonic Cardiac Output Monitor) device is a non-invasive CO monitor whose clinical utility and ease of use requires testing. Objectives To compare cardiac output measurement using a non-invasive ultrasonic device (USCOM) operated by a non-echocardiograhically trained ICU Registered Nurse (RN), with the conventional pulmonary artery catheter (PAC) using both thermodilution and Fick methods. Design Prospective observational study. Setting and participants Between April 2006 and March 2007, we evaluated 30 spontaneously breathing patients requiring PAC for assessment of heart failure and/or pulmonary hypertension at a tertiary level cardiothoracic hospital. Methods SCOM CO was compared with thermodilution measurements via PAC and CO estimated using a modified Fick equation. This catheter was inserted by a medical officer, and all USCOM measurements by a senior ICU nurse. Mean values, bias and precision, and mean percentage difference between measures were determined to compare methods. The Intra-Class Correlation statistic was also used to assess agreement. The USCOM time to measure was recorded to assess the learning curve for USCOM use performed by an ICU RN and a line of best fit demonstrated to describe the operator learning curve. Results In 24 of 30 (80%) patients studied, CO measures were obtained. In 6 of 30 (20%) patients, an adequate USCOM signal was not achieved. The mean difference (±standard deviation) between USCOM and PAC, USCOM and Fick, and Fick and PAC CO were small, −0.34 ± 0.52 L/min, −0.33 ± 0.90 L/min and −0.25 ± 0.63 L/min respectively across a range of outputs from 2.6 L/min to 7.2 L/min. The percent limits of agreement (LOA) for all measures were −34.6% to 17.8% for USCOM and PAC, −49.8% to 34.1% for USCOM and Fick and −36.4% to 23.7% for PAC and Fick. Signal acquisition time reduced on average by 0.6 min per measure to less than 10 min at the end of the study. Conclusions In 80% of our cohort, USCOM, PAC and Fick measures of CO all showed clinically acceptable agreement and the learning curve for operation of the non-invasive USCOM device by an ICU RN was found to be satisfactorily short. Further work is required in patients receiving positive pressure ventilation.

Levels of cardiac knowledge and cardiopulmonary resuscitation training among older people in Queensland

Objectives: The current study was conducted to determine levels of cardiac knowledge and cardiopulmonary resuscitation (CPR) training in older people in Queensland, Australia.---------- Methods: A telephone survey of 4490 Queensland adults examined respondents’ knowledge of coronary heart disease (CHD) risk factors, knowledge of heart attack symptoms, knowledge of the local emergency telephone number, as well as respondents’ rates and recency of training in CPR.---------- Results: Older participants, aged 60 years and over, were approximately one and a half times more likely than the 30–39 year-old reference group to have limited knowledge of heart disease risk factors (OR = 1.53), and low knowledge of heart attack symptoms (OR = 1.60). Knowledge of the local emergency telephone number also decreased with age. Older participants had significantly lower rates of training in CPR, with almost three quarters (71.7%) reporting that they had never been trained. Older people who had completed CPR training were significantly less likely to have done so recently.---------- Conclusions: Cardiac knowledge levels and CPR training rates in older Queensland persons were lower than those found in the younger population.

Staff perspectives of a cardiology short stay unit

Objective To evaluate staff perceptions about working environment, efficiency and the clinical safety of a cardiovascular intervention short stay unit (SSU) during the first year of operation. Design Postal questionnaire. Setting Cardiac catheterisation laboratory (CCL), coronary care unit (CCU), general cardiology ward (GCW) and the short stay unit (SSU) of a tertiary referral hospital situated in the mid coastal region of NSW. Subjects Cardiologists (including visiting medical officers [VMO]), cardiology fellows, cardiology advanced trainees and nurses. Results Responses on the working environment of the SSU and the discharge process were statistically significant. A substantial proportion of both nurses and doctors had concerns about patient safety, even though no adverse events were formally recorded in the database. Conclusions Though the participants of the survey agree on the efficiency of the SSU in providing beds to the hospital, they disagree on aspects that are important in the functioning of the SSU, including the working environment, patient selection and clinical safety. The results highlight potential issues that could be improved or addressed and are relevant to the rollout of SSUs across NSW.

Characterising anomalous events using change point correlation on unsolicited network traffic

Monitoring unused or dark IP addresses offers opportunities to extract useful information about both on-going and new attack patterns. In recent years, different techniques have been used to analyze such traffic including sequential analysis where a change in traffic behavior, for example change in mean, is used as an indication of malicious activity. Change points themselves say little about detected change; further data processing is necessary for the extraction of useful information and to identify the exact cause of the detected change which is limited due to the size and nature of observed traffic. In this paper, we address the problem of analyzing a large volume of such traffic by correlating change points identified in different traffic parameters. The significance of the proposed technique is two-fold. Firstly, automatic extraction of information related to change points by correlating change points detected across multiple traffic parameters. Secondly, validation of the detected change point by the simultaneous presence of another change point in a different parameter. Using a real network trace collected from unused IP addresses, we demonstrate that the proposed technique enables us to not only validate the change point but also extract useful information about the causes of change points.