Monitoring and analysis of internet traffic targeting unused address spaces

Today’s evolving networks are experiencing a large number of different attacks ranging from system break-ins, infection from automatic attack tools such as worms, viruses, trojan horses and denial of service (DoS). One important aspect of such attacks is that they are often indiscriminate and target Internet addresses without regard to whether they are bona fide allocated or not. Due to the absence of any advertised host services the traffic observed on unused IP addresses is by definition unsolicited and likely to be either opportunistic or malicious. The analysis of large repositories of such traffic can be used to extract useful information about both ongoing and new attack patterns and unearth unusual attack behaviors. However, such an analysis is difficult due to the size and nature of the collected traffic on unused address spaces. In this dissertation, we present a network traffic analysis technique which uses traffic collected from unused address spaces and relies on the statistical properties of the collected traffic, in order to accurately and quickly detect new and ongoing network anomalies. Detection of network anomalies is based on the concept that an anomalous activity usually transforms the network parameters in such a way that their statistical properties no longer remain constant, resulting in abrupt changes. In this dissertation, we use sequential analysis techniques to identify changes in the behavior of network traffic targeting unused address spaces to unveil both ongoing and new attack patterns. Specifically, we have developed a dynamic sliding window based non-parametric cumulative sum change detection techniques for identification of changes in network traffic. Furthermore we have introduced dynamic thresholds to detect changes in network traffic behavior and also detect when a particular change has ended. Experimental results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach, using both synthetically generated datasets and real network traces collected from a dedicated block of unused IP addresses.

Specifying and enforcing a fine-grained information flow policy : model and experiments

In this paper we present a model for defining and enforcing a fine-grained information flow policy. We describe how the policy can be enforced on a typical computer and present experiments using the proposed model. A key feature of the model is that it allows the expression of rules which detail precisely which information elements are allowed to mix together. For example, the model allows the expression of a policy which forbids a doctor from mixing the personal medical details of the patients. The enforcement mechanisms tracks and records information flows within the system so that dynamic changes to the policy can be made with respect to information elements which may have propagated to different locations in the system.

Numerical simulation of axially loaded concrete columns under transverse impact and vulnerability assessment

With a view to assessing the vulnerability of columns to low elevation vehicular impacts, a non-linear explicit numerical model has been developed and validated using existing experimental results. The numerical model accounts for the effects of strain rate and confinement of the reinforced concrete, which are fundamental to the successful prediction of the impact response. The sensitivity of the material model parameters used for the validation is also scrutinised and numerical tests are performed to examine their suitability to simulate the shear failure conditions. Conflicting views on the strain gradient effects are discussed and the validation process is extended to investigate the ability of the equations developed under concentric loading conditions to simulate flexural failure events. Experimental data on impact force–time histories, mid span and residual deflections and support reactions have been verified against corresponding numerical results. A universal technique which can be applied to determine the vulnerability of the impacted columns against collisions with new generation vehicles under the most common impact modes is proposed. Additionally, the observed failure characteristics of the impacted columns are explained using extended outcomes. Based on the overall results, an analytical method is suggested to quantify the vulnerability of the columns.

Assessment of oral proficiency in EAP programs : a case for pair interaction

Reliability and validity in the testing of spoken language are essential in order to assess learners' English language proficiency as evidence of their readiness to begin courses in tertiary institutions. Research has indicated that the task chosen to elicit language samples can have a marked effect on both the nature of the interaction, including the power differential, and assessment, raising the issue of ethics. This exploratory studey, with a group of 32 students from the Peoples's Republic of China preparing for tertiary study in Singapore, compares test-takers' reactions to the use of an oral proficiency interview and a pair interaction.

Dynamic energy absorption characteristics of foam-filled conical tubes under oblique impact loading

This paper treats the crush behaviour and energy absorption response of foam-filled conical tubes subjected to oblique impact loading. Dynamic computer simulation techniques validated by experimental testing are used to carry out a parametric study of such devices. The study aims at quantifying the energy absorption of empty and foam-filled conical tubes under oblique impact loading, for variations in the load angle and geometry parameters of the tube. It is evident that foam-filled conical tubes are preferable as impact energy absorbers due to their ability to withstand oblique impact loads as effectively as axial impact loads. Furthermore, it is found that the energy absorption capacity of filled tubes is better maintained compared to that of empty tubes as the load orientation increases. The primary outcome of this study is design information for the use of foam-filled conical tubes as energy absorbers where oblique impact loading is expected.

An analysis of the RC4 family of stream ciphers against algebraic attacks

To date, most applications of algebraic analysis and attacks on stream ciphers are on those based on lin- ear feedback shift registers (LFSRs). In this paper, we extend algebraic analysis to non-LFSR based stream ciphers. Specifically, we perform an algebraic analysis on the RC4 family of stream ciphers, an example of stream ciphers based on dynamic tables, and inves- tigate its implications to potential algebraic attacks on the cipher. This is, to our knowledge, the first pa- per that evaluates the security of RC4 against alge- braic attacks through providing a full set of equations that describe the complex word manipulations in the system. For an arbitrary word size, we derive alge- braic representations for the three main operations used in RC4, namely state extraction, word addition and state permutation. Equations relating the inter- nal states and keystream of RC4 are then obtained from each component of the cipher based on these al- gebraic representations, and analysed in terms of their contributions to the security of RC4 against algebraic attacks. Interestingly, it is shown that each of the three main operations contained in the components has its own unique algebraic properties, and when their respective equations are combined, the resulting system becomes infeasible to solve. This results in a high level of security being achieved by RC4 against algebraic attacks. On the other hand, the removal of an operation from the cipher could compromise this security. Experiments on reduced versions of RC4 have been performed, which confirms the validity of our algebraic analysis and the conclusion that the full RC4 stream cipher seems to be immune to algebraic attacks at present.

Design and evaluation of an MRI compatible axial compression device for 3D assessment of spinal deformity and flexibility in adolescent idiopathic scoliosis

Magnetic Resonance Imaging (MRI) offers a valuable research tool for the assessment of 3D spinal deformity in AIS, however the horizontal patient position imposed by conventional scanners removes the axial compressive loading on the spine. The objective of this study was to design, construct and test an MRI compatible compression device for research into the effect of axial loading on spinal deformity using supine MRI scans. The device was evaluated by performing unloaded and loaded supine MRI scans on a series of 10 AIS patients. The patient group had a mean initial (unloaded) major Cobb angle of 43±7º, which increased to 50±9º on application of the compressive load. The 7° increase in mean Cobb angle is consistent with that reported by a previous study comparing standing versus supine posture in scoliosis patients (Torell et al, 1985. Spine 10:425-7).

An environmental assessment model for knowledge-based urban development

Purpose – In recent years, knowledge-based urban development (KBUD) has introduced as a new strategic development approach for the regeneration of industrial cities. It aims to create a knowledge city consists of planning strategies, IT networks and infrastructures that achieved through supporting the continuous creation, sharing, evaluation, renewal and update of knowledge. Improving urban amenities and ecosystem services by creating sustainable urban environment is one of the fundamental components for KBUD. In this context, environmental assessment plays an important role in adjusting urban environment and economic development towards a sustainable way. The purpose of this paper is to present the role of assessment tools for environmental decision making process of knowledge cities. Design/methodology/approach – The paper proposes a new assessment tool to figure a template of a decision support system which will enable to evaluate the possible environmental impacts in an existing and future urban context. The paper presents the methodology of the proposed model named ‘ASSURE’ which consists of four main phases. Originality/value –The proposed model provides a useful guidance to evaluate the urban development and its environmental impacts to achieve sustainable knowledge-based urban futures. Practical implications – The proposed model will be an innovative approach to provide the resilience and function of urban natural systems secure against the environmental changes while maintaining the economic development of cities.

A dog of a QCAT : collateral effects of mandated English assessment in the Torres Strait

This paper critiques a 2008 Queensland Studies Authority (QSA) assessment initiative known as Queensland Comparable Assessment Tasks, or QCATs. The rhetoric is that these centrally devised assessment tasks will provide information about how well students can apply what they know, understand and can do in different contexts (QSA, 2009). The QCATs are described as ‘authentic, performance-based assessment’ that involves a ‘meaningful problem’, ‘emphasises critical thinking and reasoning’ and ‘provides students with every opportunity to do their best work’ (QSA, 2009). From my viewpoint as a teacher, I detail my professional concerns with implementing the 2008 middle primary English QCAT in one case study Torres Strait Island community. Specifically I ask ‘QCATs: Comparable with what?’ and ‘QCATs: Whose authentic assessment?’. I predict the possible collateral effects of implementing this English assessment in this remote Indigenous community, concluding, rather than being an example of quality assessment, colloquially speaking, it is nothing more than a ‘dog’.

Social studies disciplinary knowledge: Tensions between state curriculum and national assessment requirements

In this chapter, we are particularly concerned with making visible the general principles underlying the transmission of Social Studies curriculum knowledge, and considering it in light of a high-stakes mandated national assessment task. Specifically, we draw on Bernstein’s theoretical concept of pedagogic models as a tool for analysing orientations to teaching and learning. We introduce a case in point from the Australian context: one state Social Studies curriculum vis-a-vis one part of the Year Three national assessment measure for reading. We use our findings to consider the implications for the disciplinary knowledge of Social Studies in the communities in which we are undertaking our respective Australian Research Council Linkage project work (Glasswell et al.; Woods et al.). We propose that Social Studies disciplinary knowledge is being constituted, in part, through power struggles between different agencies responsible for the production and relay of official forms of state curriculum and national literacy assessment. This is particularly the case when assessment instruments are used to compare and contrast school results in highly visible web based league tables (see, for example, http://myschoolaustralia.ning.com/).

Towards a game theoretic authorisation model

Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users’ access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer from the assumption that users will (can) not depart from the expected behaviour implicit in the authorisation policy. In reality however, users can and do depart from the canonical behaviour. This paper argues that the conflict of interest between insiders and authorisation mechanisms is analogous to the subset of problems formally studied in the field of game theory. It proposes a game theoretic authorisation model that can ensure users’ potential misuse of a resource is explicitly considered while making an authorisation decision. The resulting authorisation model is dynamic in the sense that its access decisions vary according to the changes in explicit factors that influence the cost of misuse for both the authorisation mechanism and the insider.

Validating denial of service vulnerabilities in web services

The loosely-coupled and dynamic nature of web services architectures has many benefits, but also leads to an increased vulnerability to denial of service attacks. While many papers have surveyed and described these vulnerabilities, they are often theoretical and lack experimental data to validate them, and assume an obsolete state of web services technologies. This paper describes experiments involving several denial of service vulnerabilities in well-known web services platforms, including Java Metro, Apache Axis, and Microsoft .NET. The results both confirm and deny the presence of some of the most well-known vulnerabilities in web services technologies. Specifically, major web services platforms appear to cope well with attacks that target memory exhaustion. However, attacks targeting CPU-time exhaustion are still effective, regardless of the victim’s platform.