Bat species comparisons based on external morphology: A test of traditional versus geometric morphometric approaches

External morphology is commonly used to identify bats as well as to investigate flight and foraging behavior, typically relying on simple length and area measures or ratios. However, geometric morphometrics is increasingly used in the biological sciences to analyse variation in shape and discriminate among species and populations. Here we compare the ability of traditional versus geometric morphometric methods in discriminating between closely related bat species – in this case European horseshoe bats (Rhinolophidae, Chiroptera) – based on morphology of the wing, body and tail. In addition to comparing morphometric methods, we used geometric morphometrics to detect interspecies differences as shape changes. Geometric morphometrics yielded improved species discrimination relative to traditional methods. The predicted shape for the variation along the between group principal components revealed that the largest differences between species lay in the extent to which the wing reaches in the direction of the head. This strong trend in interspecific shape variation is associated with size, which we interpret as an evolutionary allometry pattern.

A framework for generating realistic traffic for distributed denial-of-service attacks and flash events

An intrinsic challenge associated with evaluating proposed techniques for detecting Distributed Denial-of-Service (DDoS) attacks and distinguishing them from Flash Events (FEs) is the extreme scarcity of publicly available real-word traffic traces. Those available are either heavily anonymised or too old to accurately reflect the current trends in DDoS attacks and FEs. This paper proposes a traffic generation and testbed framework for synthetically generating different types of realistic DDoS attacks, FEs and other benign traffic traces, and monitoring their effects on the target. Using only modest hardware resources, the proposed framework, consisting of a customised software traffic generator, ‘Botloader’, is capable of generating a configurable mix of two-way traffic, for emulating either large-scale DDoS attacks, FEs or benign traffic traces that are experimentally reproducible. Botloader uses IP-aliasing, a well-known technique available on most computing platforms, to create thousands of interactive UDP/TCP endpoints on a single computer, each bound to a unique IP-address, to emulate large numbers of simultaneous attackers or benign clients.

Forgery attacks on ++AE authenticated encryption mode

In this paper, we analyse a block cipher mode of operation submitted in 2014 to the cryptographic competition for authenticated encryption (CAESAR). This mode is designed by Recacha and called ++AE (plus-plus-ae). We propose a chosen plaintext forgery attack on ++AE that requires only a single chosen message query to allow an attacker to construct multiple forged messages. Our attack is deterministic and guaranteed to pass ++AE integrity check. We demonstrate the forgery attack using 128-bit AES as the underlying block cipher. Hence, ++AE is insecure as an authenticated encryption mode of operation.

A geometric approach to stationary defect solutions in one space dimension

In this manuscript, we consider the impact of a small jump-type spatial heterogeneity on the existence of stationary localized patterns in a system of partial dierential equations in one spatial dimension...

Using coloured petri nets to simulate DoS-resistant protocols

In this work, we examine unbalanced computation between an initiator and a responder that leads to resource exhaustion attacks in key exchange protocols. We construct models for two cryp-tographic protocols; one is the well-known Internet protocol named Secure Socket Layer (SSL) protocol, and the other one is the Host Identity Protocol (HIP) which has built-in DoS-resistant mechanisms. To examine such protocols, we develop a formal framework based on Timed Coloured Petri Nets (Timed CPNs) and use a simulation approach provided in CPN Tools to achieve a formal analysis. By adopting the key idea of Meadows' cost-based framework and re¯ning the de¯nition of operational costs during the protocol execution, our simulation provides an accurate cost estimate of protocol execution compar- ing among principals, as well as the percentage of successful connections from legitimate users, under four di®erent strategies of DoS attack.

SKMA - A Key Management Architecture for SCADA Systems

Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.

Characterization of expiration air jets and droplet size distributions immediately at the mouth opening

Size distributions of expiratory droplets expelled during coughing and speaking and the velocities of the expiration air jets of healthy volunteers were measured. Droplet size was measured using the Interferometric Mie imaging (IMI) technique while the Particle Image Velocimetry (PIV) technique was used for measuring air velocity. These techniques allowed measurements in close proximity to the mouth and avoided air sampling losses. The average expiration air velocity was 11.7 m/s for coughing and 3.9 m/s for speaking. Under the experimental setting, evaporation and condensation effects had negligible impact on the measured droplet size. The geometric mean diameter of droplets from coughing was 13.5m and it was 16.0m for speaking (counting 1 to 100). The estimated total number of droplets expelled ranged from 947 – 2085 per cough and 112 – 6720 for speaking. The estimated droplet concentrations for coughing ranged from 2.4 - 5.2cm-3 per cough and 0.004 – 0.223 cm-3 for speaking.

Response and damage evaluation of reinforced concrete frames subjected to blast loading

Bomb attacks carried out by terrorists, targeting high occupancy buildings, have become increasingly common in recent times. Large numbers of casualties and property damage result from overpressure of the blast followed by failing of structural elements. Understanding the blast response of multi-storey buildings and evaluating their remaining life have therefore become important. Response and damage analysis of single structural components, such as columns or slabs, to explosive loads have been examined in the literature, but the studies on blast response and damage analysis of structural frames in multi-storey buildings is limited and this is necessary for assessing the vulnerability of them. This paper investigates the blast response and damage evaluation of reinforced concrete (RC) frames, designed for normal gravity loads, in order to evaluate their remaining life. Numerical modelling and analysis were carried out using the explicit finite element software, LS DYNA. The modelling and analysis takes into consideration reinforcement details together and material performance under higher strain rates. Damage indices for columns are calculated based on their residual and original capacities. Numerical results generated in the can be used to identify relationships between the blast load parameters and the column damage. Damage index curve will provide a simple means for assessing the damage to a typical multi-storey building RC frame under an external bomb circumstance.

From concept to embodiment : challenge and strategy

Facing with the difficulty in information propagation and synthesizing from conceptual to embodiment design, this paper introduces a function-oriented, axiom based conceptual modeling scheme. Default logic reasoning is exploited for recognition and reconstitution of conceptual product geometric and topological information. The proposed product modeling system and reasoning approach testify a methodology of "structural variation design", which is verified in the implementation of a GPAL (Green Product All Life-cycle) CAD system. The GPAL system includes major enhancement modules of a mechanism layout sketching method based on fuzzy logic, a knowledge-based function-to-form mapping mechanism and conceptual form reconstitution paradigm based on default geometric reasoning. A mechanical hand design example shows a more than 20 times increase in design efficacy with these enhancement modules in the GPAL system on a general 3D CAD platform.

Children's Fiction About 9/11: Ethnic, Heroic and National Identities

In this study, Lampert examines how cultural identities are constructed within fictional texts for young people written about the attacks on the Twin Towers. It identifi es three significant identity categories encoded in 9/11 books for children:ethnic identities, national identities, and heroic identities,arguing that the identities formed within the selected children’s texts are in flux, privileging performances of identities that are contingent on post-9/11 politics. Looking at texts including picture books, young adult fiction, and a selection of DC Comics, Lampert finds in post-9/11 children’s literature a co-mingling of xenophobia and tolerance; a binaried competition between good and evil and global harmony and national insularity; and a lauding of both the commonplace hero and the super-human. The shifting identities evident in texts that are being produced for children about 9/11 offer implicit and explicit accounts of what constitutes good citizenship, loyalty to nation and community, and desirable attributes in a Western post-9/11 context. This book makes an original contribution to the field of children’s literature by providing a focused and sustained analysis of how texts for children about 9/11 contribute to formations of identity in these complex times of cultural unease and global unrest.

Universally composable contributory group key exchange

We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.

Pedestrians Effects on Indoor MIMO-OFDM Channel Capacity

Temporal variations caused by pedestrian movement can significantly affect the channel capacity of indoor MIMOOFDM wireless systems. This paper compares systematic measurements of MIMO-OFDM channel capacity in presence of pedestrians with predicted MIMO-OFDM channel capacity values using geometric optics-based ray tracing techniques. Capacity results are presented for a single room environment using 5.2 GHz with 2x2, 3x3 and 4x4 arrays as well as a 2.45 GHz narrowband 8x8 MIMO array. The analysis shows an increase of up to 2 b/s/Hz on instant channel capacity with up to 3 pedestrians. There is an increase of up to 1 b/s/Hz in the average capacity of the 4x4 MIMO-OFDM channel when the number of pedestrians goes from 1 to 3. Additionally, an increment of up to 2.5 b/s/Hz in MIMO-OFDM channel capacity was measured for a 4x4 array compared to a 2x2 array in presence of pedestrians. Channel capacity values derived from this analysis are important in terms of understanding the limitations and possibilities for MIMO-OFDM systems in indoor populated environments.

Effect of Pedestrian Movement on MIMO-OFDM Channel Capacity in an Indoor Environment

Effects of pedestrian movement on multiple-input multiple-output orthogonal frequency division multiplexing (MIMO-OFDM) channel capacity have been investigated using experiment and simulation. The experiment was conducted at 5.2 GHz by a MIMO-OFDM packet transmission demonstrator using four transmitters and four receivers built in-house. Geometric optics based ray tracing technique was used to simulate the experimental scenarios. Changes in the channel capacity dynamic range have been analysed for different number of pedestrian (0-3) and antennas (2-4). Measurement and simulation results show that the dynamic range increases with the number of pedestrian and the number of antennas on the transmitter and receiver array.

SELinux policy management framework for HIS

Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.