Bit-pattern based integral attack

Integral attacks are well-known to be effective against byte-based block ciphers. In this document, we outline how to launch integral attacks against bit-based block ciphers. This new type of integral attack traces the propagation of the plaintext structure at bit-level by incorporating bit-pattern based notations. The new notation gives the attacker more details about the properties of a structure of cipher blocks. The main difference from ordinary integral attacks is that we look at the pattern the bits in a specific position in the cipher block has through the structure. The bit-pattern based integral attack is applied to Noekeon, Serpent and present reduced up to 5, 6 and 7 rounds, respectively. This includes the first attacks on Noekeon and present using integral cryptanalysis. All attacks manage to recover the full subkey of the final round.

An adaptable framework for the teaching and assessment of software development across year levels

Few frameworks exist for the teaching and assessment of programming subjects that are coherent and logical. Nor are they sufficiently generic and adaptable to be used outside the particular tertiary institutions in which they were developed. This paper presents the Teaching and Assessment of Software Development (TASD) frame-work. We describe its development and implementation at an Australian university and demonstrate, with examples, how it has been used, with supporting data. Extracts of criteria sheets (grading rubrics) for a variety of assessment tasks are included. The numerous advantages of this new framework are discussed with comparisons made to those reported in the published literature.

Computer profiling for forensic purposes

Computer forensics is the process of gathering and analysing evidence from computer systems to aid in the investigation of a crime. Typically, such investigations are undertaken by human forensic examiners using purpose-built software to discover evidence from a computer disk. This process is a manual one, and the time it takes for a forensic examiner to conduct such an investigation is proportional to the storage capacity of the computer's disk drives. The heterogeneity and complexity of various data formats stored on modern computer systems compounds the problems posed by the sheer volume of data. The decision to undertake a computer forensic examination of a computer system is a decision to commit significant quantities of a human examiner's time. Where there is no prior knowledge of the information contained on a computer system, this commitment of time and energy occurs with little idea of the potential benefit to the investigation. The key contribution of this research is the design and development of an automated process to describe a computer system and its activity for the purposes of a computer forensic investigation. The term proposed for this process is computer profiling. A model of a computer system and its activity has been developed over the course of this research. Using this model a computer system, which is the subj ect of investigation, can be automatically described in terms useful to a forensic investigator. The computer profiling process IS resilient to attempts to disguise malicious computer activity. This resilience is achieved by detecting inconsistencies in the information used to infer the apparent activity of the computer. The practicality of the computer profiling process has been demonstrated by a proof-of concept software implementation. The model and the prototype implementation utilising the model were tested with data from real computer systems. The resilience of the process to attempts to disguise malicious activity has also been demonstrated with practical experiments conducted with the same prototype software implementation.

Groundwater Visualisation System (GVS): a software framework for developing low-end, scalable and robust software for 3D visualisation and animation of groundwater conceptual models

Effective management of groundwater requires stakeholders to have a realistic conceptual understanding of the groundwater systems and hydrological processes.However, groundwater data can be complex, confusing and often difficult for people to comprehend..A powerful way to communicate understanding of groundwater processes, complex subsurface geology and their relationships is through the use of visualisation techniques to create 3D conceptual groundwater models. In addition, the ability to animate, interrogate and interact with 3D models can encourage a higher level of understanding than static images alone. While there are increasing numbers of software tools available for developing and visualising groundwater conceptual models, these packages are often very expensive and are not readily accessible to majority people due to complexity. .The Groundwater Visualisation System (GVS) is a software framework that can be used to develop groundwater visualisation tools aimed specifically at non-technical computer users and those who are not groundwater domain experts. A primary aim of GVS is to provide management support for agencies, and enhancecommunity understanding.

Approach to developing a 3D conceptual hydrogeology model, in a system with multiple bore logs, Howard East, Darwin, using in-house software (GVS)

The Howard East rural area has experienced a rapid growth of small block subdivisions and horticulture over the last 40 years, which has been based on groundwater supply. Early bores in the area provide part of the water supply for Darwin City and are maintained and monitored by NT Power & Water Corporation. The Territory government (NRETAS) has established a monitoring network, and now 48 bores are monitored. However, in the area there are over 2700 private bores that are unregulated.Although NRETAS has both FDM and FEM simulations for the region, community support for potential regulation is sought. To improve stakeholder understanding of the resource QUT was retained by the TRaCKconsortium to develop a 3D visualisation of the groundwater system.

Security of employee entitlements : corporate governance issues

Following the collapse across the last decade of a number of large organizations such as Enron in the USA and several domestic organizations including Ansett Airlines, HIH Insurance and One.Tel, much discussion has ensued about the need to secure employee entitlements. However, tangible improvements in this area are elusive. Good corporate governance policies would suggest that deferred obligations as well as current debts should not be neglected and that appropriate arrangements be put in place to adequately fund employee entitlements. In this paper we consider recent Australian attempts to introduce better governance of employee entitlements.

Designing spatial story-telling software

What does it mean when we design for accessibility, inclusivity and "dissolving boundaries" -- particularly those boundaries between the design philosophy, the software/interface actuality and the stated goals? This paper is about the principles underlying a research project called 'The Little Grey Cat engine' or greyCat. GreyCat has grown out of our experience in using commercial game engines as production environments for the transmission of culture and experience through the telling of individual stories. The key to this endeavour is the potential of the greyCat software to visualize worlds and the manner in which non-formal stories are intertwined with place. The apparently simple dictum of "show, don't tell" and the use of 3D game engines as a medium disguise an interesting nexus of problematic issues and questions, particularly in the ramifications for cultural dimensions and participatory interaction design. The engine is currently in alpha and the following paper is its background story. In this paper we discuss the problematic, thrown into sharp relief by a particular project, and we continue to unpack concepts and early designs behind the greyCat itself.

Modelling sustainable and optimal solutions for building services integration in early architectural design : confronting the software and professional interoperability deficit

Decisions made in the earliest stage of architectural design have the greatest impact on the construction, lifecycle cost and environmental footprint of buildings. Yet the building services, one of the largest contributors to cost, complexity, and environmental impact, are rarely considered as an influence on the design at this crucial stage. In order for efficient and environmentally sensitive built environment outcomes to be achieved, a closer collaboration between architects and services engineers is required at the outset of projects. However, in practice, there are a variety of obstacles impeding this transition towards an integrated design approach. This paper firstly presents a critical review of the existing barriers to multidisciplinary design. It then examines current examples of best practice in the building industry to highlight the collaborative strategies being employed and their benefits to the design process. Finally, it discusses a case study project to identify directions for further research.

Community food security gaps in surveillance and monitoring

This paper describes the gaps in monitoring and surveillance identified while conducting Community Food Security assessments in three geographical areas located in south-east Queensland, Australia

Fraud detection in ERP systems using scenario matching

ERP systems generally implement controls to prevent certain common kinds of fraud. In addition however, there is an imperative need for detection of more sophisticated patterns of fraudulent activity as evidenced by the legal requirement for company audits and the common incidence of fraud. This paper describes the design and implementation of a framework for detecting patterns of fraudulent activity in ERP systems. We include the description of six fraud scenarios and the process of specifying and detecting the occurrence of those scenarios in ERP user log data using the prototype software which we have developed. The test results for detecting these scenarios in log data have been verified and confirm the success of our approach which can be generalized to ERP systems in general.

The implementation of a novel, bio-inspired, robotic security system

The implementation of a robotic security solution generally requires one algorithm to route the robot around the environment and another algorithm to perform anomaly detection. Solutions to the routing problem require the robot to have a good estimate of its own pose. We present a novel security system that uses metrics generated by the localisation algorithm to perform adaptive anomaly detection. The localisation algorithm is a vision-based SLAM solution called RatSLAM, based on mechanisms within the hippocampus. The anomaly detection algorithm is based on the mechanisms used by the immune system to identify threats to the body. The system is explored using data gathered within an unmodified office environment. It is shown that the algorithm successfully reacts to the presence of people and objects in areas where they are not usually present and is tolerised against the presence of people in environments that are usually dynamic.