Decentralized detector generation in cooperative intrusion detection system

We consider Cooperative Intrusion Detection System (CIDS) which is a distributed AIS-based (Artificial Immune System) IDS where nodes collaborate over a peer-to-peer overlay network. The AIS uses the negative selection algorithm for the selection of detectors (e.g., vectors of features such as CPU utilization, memory usage and network activity). For better detection performance, selection of all possible detectors for a node is desirable but it may not be feasible due to storage and computational overheads. Limiting the number of detectors on the other hand comes with the danger of missing attacks. We present a scheme for the controlled and decentralized division of detector sets where each IDS is assigned to a region of the feature space. We investigate the trade-off between scalability and robustness of detector sets. We address the problem of self-organization in CIDS so that each node generates a distinct set of the detectors to maximize the coverage of the feature space while pairs of nodes exchange their detector sets to provide a controlled level of redundancy. Our contribution is twofold. First, we use Symmetric Balanced Incomplete Block Design, Generalized Quadrangles and Ramanujan Expander Graph based deterministic techniques from combinatorial design theory and graph theory to decide how many and which detectors are exchanged between which pair of IDS nodes. Second, we use a classical epidemic model (SIR model) to show how properties from deterministic techniques can help us to reduce the attack spread rate.

Optimally increasing secure connectivity in multihop wireless ad hoc networks

We consider the problem of how to maximize secure connectivity of multi-hop wireless ad hoc networks after deployment. Two approaches, based on graph augmentation problems with nonlinear edge costs, are formulated. The first one is based on establishing a secret key using only the links that are already secured by secret keys. This problem is in NP-hard and does not accept polynomial time approximation scheme PTAS since minimum cutsets to be augmented do not admit constant costs. The second one is based of increasing the power level between a pair of nodes that has a secret key to enable them physically connect. This problem can be formulated as the optimal key establishment problem with interference constraints with bi-objectives: (i) maximizing the concurrent key establishment flow, (ii) minimizing the cost. We show that both problems are NP-hard and MAX-SNP (i.e., it is NP-hard to approximate them within a factor of 1 + e for e > 0 ) with a reduction to MAX3SAT problem. Thus, we design and implement a fully distributed algorithm for authenticated key establishment in wireless sensor networks where each sensor knows only its one- hop neighborhood. Our witness based approaches find witnesses in multi-hop neighborhood to authenticate the key establishment between two sensor nodes which do not share a key and which are not connected through a secure path.

Design and analysis of key management schemes for distributed wireless sensor networks

Secure communications in distributed Wireless Sensor Networks (WSN) operating under adversarial conditions necessitate efficient key management schemes. In the absence of a priori knowledge of post-deployment network configuration and due to limited resources at sensor nodes, key management schemes cannot be based on post-deployment computations. Instead, a list of keys, called a key-chain, is distributed to each sensor node before the deployment. For secure communication, either two nodes should have a key in common in their key-chains, or they should establish a key through a secure-path on which every link is secured with a key. We first provide a comparative survey of well known key management solutions for WSN. Probabilistic, deterministic and hybrid key management solutions are presented, and they are compared based on their security properties and re-source usage. We provide a taxonomy of solutions, and identify trade-offs in them to conclude that there is no one size-fits-all solution. Second, we design and analyze deterministic and hybrid techniques to distribute pair-wise keys to sensor nodes before the deployment. We present novel deterministic and hybrid approaches based on combinatorial design theory and graph theory for deciding how many and which keys to assign to each key-chain before the sensor network deployment. Performance and security of the proposed schemes are studied both analytically and computationally. Third, we address the key establishment problem in WSN which requires key agreement algorithms without authentication are executed over a secure-path. The length of the secure-path impacts the power consumption and the initialization delay for a WSN before it becomes operational. We formulate the key establishment problem as a constrained bi-objective optimization problem, break it into two sub-problems, and show that they are both NP-Hard and MAX-SNP-Hard. Having established inapproximability results, we focus on addressing the authentication problem that prevents key agreement algorithms to be used directly over a wireless link. We present a fully distributed algorithm where each pair of nodes can establish a key with authentication by using their neighbors as the witnesses.

Visualising security incidents through event aggregation

Extracting and aggregating the relevant event records relating to an identified security incident from the multitude of heterogeneous logs in an enterprise network is a difficult challenge. Presenting the information in a meaningful way is an additional challenge. This paper looks at solutions to this problem by first identifying three main transforms; log collection, correlation, and visual transformation. Having identified that the CEE project will address the first transform, this paper focuses on the second, while the third is left for future work. To aggregate by correlating event records we demonstrate the use of two correlation methods, simple and composite. These make use of a defined mapping schema and confidence values to dynamically query the normalised dataset and to constrain result events to within a time window. Doing so improves the quality of results, required for the iterative re-querying process being undertaken. Final results of the process are output as nodes and edges suitable for presentation as a network graph.

Complexity of increasing the secure connectivity in wireless ad hoc networks

We consider the problem of maximizing the secure connectivity in wireless ad hoc networks, and analyze complexity of the post-deployment key establishment process constrained by physical layer properties such as connectivity, energy consumption and interference. Two approaches, based on graph augmentation problems with nonlinear edge costs, are formulated. The first one is based on establishing a secret key using only the links that are already secured by shared keys. This problem is in NP-hard and does not accept polynomial time approximation scheme PTAS since minimum cutsets to be augmented do not admit constant costs. The second one extends the first problem by increasing the power level between a pair of nodes that has a secret key to enable them physically connect. This problem can be formulated as the optimal key establishment problem with interference constraints with bi-objectives: (i) maximizing the concurrent key establishment flow, (ii) minimizing the cost. We prove that both problems are NP-hard and MAX-SNP with a reduction to MAX3SAT problem.

Every One, Every Day

Creative Statement: “There are those who see Planet Earth as a gigantic living being, one that feeds and nurtures humanity and myriad other species – an entity that must be cared for. Then there are those who see it as a rock full of riches to be pilfered heedlessly in a short-term quest for over-abundance. This ‘cradle to grave’ mentality, it would seem, is taking its toll (unless you’re a virulent disbeliever in climate change). Why not, ask artists Priscilla Bracks and Gavin Sade, take a different approach? To this end they have set out on a near impossible task; to visualise the staggering quantity of carbon produced by Australia every year. Their eerie, glowing plastic cube resembles something straight out of Dr Who or The X Files. And, like the best science fiction, it has technical realities at its heart. Every One, Every Day tangibly illustrates our greenhouse gas output – its 27m3 volume is approximately the amount of green-house gas emitted per capita, daily. Every One, Every Dayis lit by an array of LED’s displaying light patterns representing energy use generated by data from the Australian Energy Market. Every One, Every Day was formed from recycled, polyethylene – used milk bottles – ‘lent’ to the artists by a Visy recycling facility. At the end of the Vivid Festival this plastic will be returned to Visy, where it will re-enter the stream of ‘technical nutrients.’ Could we make another world? One that emulates the continuing cycles of nature? One that uses our ‘technical nutrients’ such as plastic and steel in continual cycles, just like a deciduous tree dropping leaves to compost itself and keep it’s roots warm and moist?” (Ashleigh Crawford. Melbourne – April, 2013) Artistic Research Statement: The research focus of this work is on exploring how to represent complex statistics and data at a human scale, and how produce a work where a large percentage of the materials could be recycled. The surface of Every One, Every Day is clad in tiles made from polyethylene, from primarily recycled milk bottles, ‘lent’ to the artists by the Visy recycling facility in Sydney. The tiles will be returned to Visy for recycling. As such the work can be viewed as an intervention in the industrial ecology of polyethylene, and in the process demonstrates how to sustain cycles of technical materials – by taking the output of a recycling facility back to a manufacturer to produce usable materials. In terms of data visualisation, Every One, Every Day takes the form of a cube with a volume of 27 cubic meters. The annual per capita emissions figures for Australia are cited as ranging between 18 to 25 tons. Assuming the lower figure, 18tons per capital annually, the 27 cubic meters represents approximately one day per capita of CO2 emissions – where CO2 is a gas at 15C and 1 atmosphere of pressure. The work also explores real time data visualisation by using an array of 600 controllable LEDs inside the cube. Illumination patterns are derived from a real time data from the Australian Energy Market, using the dispatch interval price and demand graph for New South Wales. The two variables of demand and price are mapped to properties of the illumination - hue, brightness, movement, frequency etc. The research underpinning the project spanned industrial ecology to data visualization and public art practices. The result is that Every One, Every Day is one of the first public artworks that successfully bring together materials, physical form, and real time data representation in a unified whole.

Hydrogen bonding in two ammonium salts of 5-sulfosalicylic acid : ammonium 3-carboxy-4-hydroxybenzenesulfonate monohydrate and triammonium 3-carboxy-4-hydroxybenzenesulfonate 3-carboxylato-4-hydroxybenzenesulfonate

The structures of two ammonium salts of 3-carboxy-4-hydroxybenzenesulfonic acid (5-sulfosalicylic acid, 5-SSA) have been determined at 200 K. In the 1:1 hydrated salt, ammonium 3-carboxy-4-hydroxybenzenesulfonate monohydrate, NH4+·C7H5O6S-·H2O, (I), the 5-SSA- monoanions give two types of head-to-tail laterally linked cyclic hydrogen-bonding associations, both with graph-set R44(20). The first involves both carboxylic acid O-HOwater and water O-HOsulfonate hydrogen bonds at one end, and ammonium N-HOsulfonate and N-HOcarboxy hydrogen bonds at the other. The second association is centrosymmetric, with end linkages through water O-HOsulfonate hydrogen bonds. These conjoined units form stacks down c and are extended into a three-dimensional framework structure through N-HO and water O-HO hydrogen bonds to sulfonate O-atom acceptors. Anhydrous triammonium 3-carboxy-4-hydroxybenzenesulfonate 3-carboxylato-4-hydroxybenzenesulfonate, 3NH4+·C7H4O6S2-·C7H5O6S-, (II), is unusual, having both dianionic 5-SSA2- and monoanionic 5-SSA- species. These are linked by a carboxylic acid O-HO hydrogen bond and, together with the three ammonium cations (two on general sites and the third comprising two independent half-cations lying on crystallographic twofold rotation axes), give a pseudo-centrosymmetric asymmetric unit. Cation-anion hydrogen bonding within this layered unit involves a cyclic R33(8) association which, together with extensive peripheral N-HO hydrogen bonding involving both sulfonate and carboxy/carboxylate acceptors, gives a three-dimensional framework structure. This work further demonstrates the utility of the 5-SSA- monoanion for the generation of stable hydrogen-bonded crystalline materials, and provides the structure of a dianionic 5-SSA2- species of which there are only a few examples in the crystallographic literature.

Proton-transfer compounds with 4-amino-N-(4,6-dimethylpyrimidin-2-yl)benzenesulfonamide (sulfamethazine): the structures and hydrogen-bonding in the salts with 5-nitrosalicylic acid and picric acid

The structures of the anhydrous proton-transfer compounds of the sulfa drug sulfamethazine with 5-nitrosalicylic acid and picric acid, namely 2-(4-aminobenzenesulfonamido)-4,6-dimethylpyrimidinium 2-hydroxy-5-nitrobenzoate, C12H15N4O2S(+)·C7H4NO4(-), (I), and 2-(4-aminobenzenesulfonamido)-4,6-dimethylpyrimidinium 2,4,6-trinitrophenolate, C12H15N4O2S(+)·C6H2N3O7(-), (II), respectively, have been determined. In the asymmetric unit of (I), there are two independent but conformationally similar cation-anion heterodimer pairs which are formed through duplex intermolecular N(+)-H...Ocarboxylate and N-H...Ocarboxylate hydrogen-bond pairs, giving a cyclic motif [graph set R2(2)(8)]. These heterodimers form separate and different non-associated substructures through aniline N-H...O hydrogen bonds, one one-dimensional, involving carboxylate O-atom acceptors, the other two-dimensional, involving both carboxylate and hydroxy O-atom acceptors. The overall two-dimensional structure is stabilized by π-π interactions between the pyrimidinium ring and the 5-nitrosalicylate ring in both heterodimers [minimum ring-centroid separation = 3.4580 (8) Å]. For picrate (II), the cation-anion interaction involves a slightly asymmetric chelating N-H...O R2(1)(6) hydrogen-bonding association with the phenolate O atom, together with peripheral conjoint R1(2)(6) interactions between the same N-H groups and O atoms of the ortho-related nitro groups. An inter-unit amine N-H...Osulfone hydrogen bond gives one-dimensional chains which extend along a and inter-associate through π-π interactions between the pyrimidinium rings [centroid-centroid separation = 3.4752 (9) Å]. The two structures reported here now bring to a total of four the crystallographically characterized examples of proton-transfer salts of sulfamethazine with strong organic acids.

Sample size considerations and augmentation of computer experiments

Computer Experiments, consisting of a number of runs of a computer model with different inputs, are now common-place in scientific research. Using a simple fire model for illustration some guidelines are given for the size of a computer experiment. A graph is provided relating the error of prediction to the sample size which should be of use when designing computer experiments. Methods for augmenting computer experiments with extra runs are also described and illustrated. The simplest method involves adding one point at a time choosing that point with the maximum prediction variance. Another method that appears to work well is to choose points from a candidate set with maximum determinant of the variance covariance matrix of predictions.

Using a Bayesian network to model colonisation with Vancomycin Resistant Enterococcus (VRE)

Objective: Effective management of multi-resistant organisms is an important issue for hospitals both in Australia and overseas. This study investigates the utility of using Bayesian Network (BN) analysis to examine relationships between risk factors and colonization with Vancomycin Resistant Enterococcus (VRE). Design: Bayesian Network Analysis was performed using infection control data collected over a period of 36 months (2008-2010). Setting: Princess Alexandra Hospital (PAH), Brisbane. Outcome of interest: Number of new VRE Isolates Methods: A BN is a probabilistic graphical model that represents a set of random variables and their conditional dependencies via a directed acyclic graph (DAG). BN enables multiple interacting agents to be studied simultaneously. The initial BN model was constructed based on the infectious disease physician‟s expert knowledge and current literature. Continuous variables were dichotomised by using third quartile values of year 2008 data. BN was used to examine the probabilistic relationships between VRE isolates and risk factors; and to establish which factors were associated with an increased probability of a high number of VRE isolates. Software: Netica (version 4.16). Results: Preliminary analysis revealed that VRE transmission and VRE prevalence were the most influential factors in predicting a high number of VRE isolates. Interestingly, several factors (hand hygiene and cleaning) known through literature to be associated with VRE prevalence, did not appear to be as influential as expected in this BN model. Conclusions: This preliminary work has shown that Bayesian Network Analysis is a useful tool in examining clinical infection prevention issues, where there is often a web of factors that influence outcomes. This BN model can be restructured easily enabling various combinations of agents to be studied.

Program-level support for protecting an application from untrustworthy components

Many software applications extend their functionality by dynamically loading executable components into their allocated address space. Such components, exemplified by browser plugins and other software add-ons, not only enable reusability, but also promote programming simplicity, as they reside in the same address space as their host application, supporting easy sharing of complex data structures and pointers. However, such components are also often of unknown provenance and quality and may be riddled with accidental bugs or, in some cases, deliberately malicious code. Statistics show that such component failures account for a high percentage of software crashes and vulnerabilities. Enabling isolation of such fine-grained components is therefore necessary to increase the stability, security and resilience of computer programs. This thesis addresses this issue by showing how host applications can create isolation domains for individual components, while preserving the benefits of a single address space, via a new architecture for software isolation called LibVM. Towards this end, we define a specification which outlines the functional requirements for LibVM, identify the conditions under which these functional requirements can be met, define an abstract Application Programming Interface (API) that encompasses the general problem of isolating shared libraries, thus separating policy from mechanism, and prove its practicality with two concrete implementations based on hardware virtualization and system call interpositioning, respectively. The results demonstrate that hardware isolation minimises the difficulties encountered with software based approaches, while also reducing the size of the trusted computing base, thus increasing confidence in the solution’s correctness. This thesis concludes that, not only is it feasible to create such isolation domains for individual components, but that it should also be a fundamental operating system supported abstraction, which would lead to more stable and secure applications.

Automatic object segmentation of unstructured scenes using colour and depth maps

This study presents a segmentation pipeline that fuses colour and depth information to automatically separate objects of interest in video sequences captured from a quadcopter. Many approaches assume that cameras are static with known position, a condition which cannot be preserved in most outdoor robotic applications. In this study, the authors compute depth information and camera positions from a monocular video sequence using structure from motion and use this information as an additional cue to colour for accurate segmentation. The authors model the problem similarly to standard segmentation routines as a Markov random field and perform the segmentation using graph cuts optimisation. Manual intervention is minimised and is only required to determine pixel seeds in the first frame which are then automatically reprojected into the remaining frames of the sequence. The authors also describe an automated method to adjust the relative weights for colour and depth according to their discriminative properties in each frame. Experimental results are presented for two video sequences captured using a quadcopter. The quality of the segmentation is compared to a ground truth and other state-of-the-art methods with consistently accurate results.

GrabCutSFM : how 3D information improves unsupervised object segmentation

In this paper, we present an unsupervised graph cut based object segmentation method using 3D information provided by Structure from Motion (SFM), called Grab- CutSFM. Rather than focusing on the segmentation problem using a trained model or human intervention, our approach aims to achieve meaningful segmentation autonomously with direct application to vision based robotics. Generally, object (foreground) and background have certain discriminative geometric information in 3D space. By exploring the 3D information from multiple views, our proposed method can segment potential objects correctly and automatically compared to conventional unsupervised segmentation using only 2D visual cues. Experiments with real video data collected from indoor and outdoor environments verify the proposed approach.

Vision-only autonomous navigation using topometric maps

This paper presents a mapping and navigation system for a mobile robot, which uses vision as its sole sensor modality. The system enables the robot to navigate autonomously, plan paths and avoid obstacles using a vision based topometric map of its environment. The map consists of a globally-consistent pose-graph with a local 3D point cloud attached to each of its nodes. These point clouds are used for direction independent loop closure and to dynamically generate 2D metric maps for locally optimal path planning. Using this locally semi-continuous metric space, the robot performs shortest path planning instead of following the nodes of the graph --- as is done with most other vision-only navigation approaches. The system exploits the local accuracy of visual odometry in creating local metric maps, and uses pose graph SLAM, visual appearance-based place recognition and point clouds registration to create the topometric map. The ability of the framework to sustain vision-only navigation is validated experimentally, and the system is provided as open-source software.