Experiences in Passively Detecting Session Hijacking Attacks in IEEE 802.11 Networks

Current IEEE 802.11 wireless networks are vulnerable to session hijacking attacks as the existing standards fail to address the lack of authentication of management frames and network card addresses, and rely on loosely coupled state machines. Even the new WLAN security standard - IEEE 802.11i does not address these issues. In our previous work, we proposed two new techniques for improving detection of session hijacking attacks that are passive, computationally inexpensive, reliable, and have minimal impact on network performance. These techniques utilise unspoofable characteristics from the MAC protocol and the physical layer to enhance confidence in the intrusion detection process. This paper extends our earlier work and explores usability, robustness and accuracy of these intrusion detection techniques by applying them to eight distinct test scenarios. A correlation engine has also been introduced to maintain the false positives and false negatives at a manageable level. We also explore the process of selecting optimum thresholds for both detection techniques. For the purposes of our experiments, Snort-Wireless open source wireless intrusion detection system was extended to implement these new techniques and the correlation engine. Absence of any false negatives and low number of false positives in all eight test scenarios successfully demonstrated the effectiveness of the correlation engine and the accuracy of the detection techniques.

Children's Fiction About 9/11: Ethnic, Heroic and National Identities

In this study, Lampert examines how cultural identities are constructed within fictional texts for young people written about the attacks on the Twin Towers. It identifi es three significant identity categories encoded in 9/11 books for children:ethnic identities, national identities, and heroic identities,arguing that the identities formed within the selected children’s texts are in flux, privileging performances of identities that are contingent on post-9/11 politics. Looking at texts including picture books, young adult fiction, and a selection of DC Comics, Lampert finds in post-9/11 children’s literature a co-mingling of xenophobia and tolerance; a binaried competition between good and evil and global harmony and national insularity; and a lauding of both the commonplace hero and the super-human. The shifting identities evident in texts that are being produced for children about 9/11 offer implicit and explicit accounts of what constitutes good citizenship, loyalty to nation and community, and desirable attributes in a Western post-9/11 context. This book makes an original contribution to the field of children’s literature by providing a focused and sustained analysis of how texts for children about 9/11 contribute to formations of identity in these complex times of cultural unease and global unrest.

Discovery and characterization of IGFBP-mediated endocytosis in the human retinal pigment epithelial cell line ARPE-19

Insulin-like growth factor binding proteins (IGFBPs) are prime regulators of IGF-action in numerous cell types including the retinal pigment epithelium (RPE). The RPE performs several functions essential for vision, including growth factor secretion and waste removal via a phagocytic process mediated in part by vitronectin (Vn). In the course of studying the effects of IGFBPs on IGF-mediated VEGF secretion and Vn-mediated phagocytosis in the RPE cell line ARPE-19, we have discovered that these cells avidly ingest synthetic microspheres (2.0 μm diameter) coated with IGFBPs. Given the novelty of this finding and the established role for endocytosis in mediating IGFBP actions in other cell types, we have explored the potential role of candidate cell surface receptors. Moreover, we have examined the role of key IGFBP structural motifs, by comparing responses to three members of the IGFBP family (IGFBP-3, IGFBP-4 and IGFBP-5) which display overlapping variations in primary structure and glycosylation status. Coating of microspheres (FluoSpheres®, sulfate modified polystyrene filled with a fluorophore) was conducted at 37 °C for 1 h using 20 μg/mL of test protein, followed by extensive washing. Binding of proteins was confirmed using a microBCA assay. The negative control consisted of microspheres treated with 0.1% bovine serum albumin (BSA), and all test samples were post-treated with BSA in an effort to coat any remaining free protein binding sites, which might otherwise encourage non-specific interactions with the cell surface. Serum-starved cultures of ARPE-19 cells were incubated with microspheres for 24 h, using a ratio of approximately 100 microspheres per cell. Uptake of microspheres was quantified using a fluorometer and was confirmed visually by confocal fluorescence microscopy. The ARPE-19 cells displayed little affinity for BSA-treated microspheres, but avidly ingested large quantities of those pre-treated with Vn (ANOVA; p < 0.001). Strong responses were also observed towards recombinant formulations of non-glycosylated IGFBP-3, glycosylated IGFBP-3 and glycosylated IGFBP-5 (all p < 0.001), while glycosylated IGFBP-4 induced a relatively minor response (p < 0.05). The response to IGFBP-3 was unaffected in the presence of excess soluble IGFBP-3, IGF-I or Vn. Likewise, soluble IGFBP-3 did not induce uptake of BSA-treated microspheres. Antibodies to either the transferrin receptor or type 1 IGF-receptor displayed slight inhibitory effects on responses to IGFBPs and Vn. Heparin abolished responses to Vn, IGFBP-5 and non-glycosylated IGFBP-3, but only partially inhibited the response to glycosylated IGFBP-3. Our results demonstrate for the first time IGFBP-mediated endocytosis in ARPE-19 cells and suggest roles for the IGFBP-heparin-binding domain and glycosylation status. These findings have important implications for understanding the mechanisms of IGFBP actions on the RPE, and in particular suggest a role for IGFBP-endocytosis.

Beyond September 11 : an anthology of dissent

This tome really is what it says it is: An anthology of dissent. For many of us frustrated at the lack of critical analysis, annoyed by the repetitive, albeit spectacular, images of the falling world trade towers and sickened by the absence of any reflection whatsoever upon ‘America’s Jihad’, this book provides some intellectual solace at long last. It contains 35 short pieces composed by an impressive list of prominent lawyers, academics, human rights activists and journalists. Six of the pieces are re-publications of articles that appeared in the print media commentary soon after 11 September, the other 29 are solicited pieces on a range of topics and angles.

Securing IEEE 802.11 wireless LANs

As the acceptance and popularity of wireless networking technologies has proliferated, the security of the IEEE 802.11 wireless local area network (WLAN) has advanced in leaps and bounds. From tenuous beginnings, where the only safe way to deploy a WLAN was to assume it was hostile and employ higherlayer information security controls, to the current state of the art, all manner of improvements have been conceived and many implemented. This work investigates some of the remaining issues surrounding IEEE 802.11 WLAN operation. While the inherent issues in WLAN deployments and the problems of the original Wired Equivalent Privacy (WEP) provisions are well known and widely documented, there still exist a number of unresolved security issues. These include the security of management and control frames and the data link layer protocols themselves. This research introduces a novel proposal to enhance security at the link layer of IEEE 802.11 WLANs and then conducts detailed theoretical and empirical investigation and analysis of the eects of such proposals. This thesis �rst de�nes the state of the art in WLAN technology and deployment, including an overview of the current and emerging standards, the various threats, numerous vulnerabilities and current exploits. The IEEE 802.11i MAC security enhancements are discussed in detail, along with the likely outcomes of the IEEE 802.11 Task Group W1, looking into protected management frames. The problems of the remaining unprotected management frames, the unprotected control frames and the unprotected link layer headers are reviewed and a solution is hypothesised, to encrypt the entire MAC Protocol Data Unit (MPDU), including the MAC headers, not just the MAC Service Data Unit (MSDU) commonly performed by existing protocols. The proposal is not just to encrypt a copy of the headers while still using cleartext addresses to deliver the frame, as used by some existing protocols to support the integrity and authenticity of the headers, but to pass the entire MPDU only as ciphertext to also support the con�dentiality of the frame header information. This necessitates the decryption of every received frame using every available key before a station can determine if it is the intended recipient. As such, this raises serious concerns as to the viability of any such proposal due to the likely impact on throughput and scalability. The bulk of the research investigates the impacts of such proposals on the current WLAN protocols. Some possible variations to the proposal are also provided to enhance both utility and speed. The viability this proposal with respect to the eect on network throughput is then tested using a well known and respected network simulation tool, along with a number of analysis tools developed speci�cally for the data generated here. The simulator's operation is �rst validated against recognised test outputs, before a comprehensive set of control data is established, and then the proposal is tested and and compared against the controls. This detailed analysis of the various simulations should be of bene�t to other researchers who need to validate simulation results. The analysis of these tests indicate areas of immediate improvement and so the protocols are adjusted and a further series of experiments conducted. These �nal results are again analysed in detail and �nal appraisals provided.

Markov modelling of the IEEE 802.11 DCF for real-time applications with periodic traffic

Popular wireless network standards, such as IEEE 802.11/15/16, are increasingly adopted in real-time control systems. However, they are not designed for real-time applications. Therefore, the performance of such wireless networks needs to be carefully evaluated before the systems are implemented and deployed. While efforts have been made to model general wireless networks with completely random traffic generation, there is a lack of theoretical investigations into the modelling of wireless networks with periodic real-time traffic. Considering the widely used IEEE 802.11 standard, with the focus on its distributed coordination function (DCF), for soft-real-time control applications, this paper develops an analytical Markov model to quantitatively evaluate the network quality-of-service (QoS) performance in periodic real-time traffic environments. Performance indices to be evaluated include throughput capacity, transmission delay and packet loss ratio, which are crucial for real-time QoS guarantee in real-time control applications. They are derived under the critical real-time traffic condition, which is formally defined in this paper to characterize the marginal satisfaction of real-time performance constraints.

Performance analysis of IEEE 802.11 DCF based WNCS networks

Wireless network technologies, such as IEEE 802.11 based wireless local area networks (WLANs), have been adopted in wireless networked control systems (WNCS) for real-time applications. Distributed real-time control requires satisfaction of (soft) real-time performance from the underlying networks for delivery of real-time traffic. However, IEEE 802.11 networks are not designed for WNCS applications. They neither inherently provide quality-of-service (QoS) support, nor explicitly consider the characteristics of the real-time traffic on networked control systems (NCS), i.e., periodic round-trip traffic. Therefore, the adoption of 802.11 networks in real-time WNCSs causes challenging problems for network design and performance analysis. Theoretical methodologies are yet to be developed for computing the best achievable WNCS network performance under the constraints of real-time control requirements. Focusing on IEEE 802.11 distributed coordination function (DCF) based WNCSs, this paper analyses several important NCS network performance indices, such as throughput capacity, round trip time and packet loss ratio under the periodic round trip traffic pattern, a unique feature of typical NCSs. Considering periodic round trip traffic, an analytical model based on Markov chain theory is developed for deriving these performance indices under a critical real-time traffic condition, at which the real-time performance constraints are marginally satisfied. Case studies are also carried out to validate the theoretical development.

Self-defence against terrorism in the post 9/11 world

In 1986 the then United States Secretary of State George Shultz asserted that: It is absurd to argue that international law prohibits us from capturing terrorists in international waters or airspace; from attacking them on the soil of other nations, even for the purpose of rescuing hostages; or from using force against states that support, train and harbor terrorists or guerrillas. At that time the United States’ claim of a right to use military force in self-defence against terrorism2 received little support from other states.3 The predominant view then was that terrorist attacks committed by private or non-state actors were a form of criminal activity to be combated through domestic and international criminal justice mechanisms. The notion that such terrorist acts should be treated as ‘armed attacks’ triggering a victim state’s right of self-defence was not accepted by the majority of states. To suggest, as Shultz had done, that a state not directly responsible for terrorist acts could have its territorial integrity violated by military action targeting terrorists located within that state, was a controversial proposition in 1986. However, some fifteen years later, when the United States and a coalition of allies launched a military campaign in Afghanistan following the 11 September 2001 (hereafter ‘9/11’) terrorist attacks, there was virtually unanimous international support for the use of force.

Modelling and performance evaluation of the IEEE 802.11 DCF for real-time control

Popular wireless networks, such as IEEE 802.11/15/16, are not designed for real-time applications. Thus, supporting real-time quality of service (QoS) in wireless real-time control is challenging. This paper adopts the widely used IEEE 802.11, with the focus on its distributed coordination function (DCF), for soft-real-time control systems. The concept of the critical real-time traffic condition is introduced to characterize the marginal satisfaction of real-time requirements. Then, mathematical models are developed to describe the dynamics of DCF based real-time control networks with periodic traffic, a unique feature of control systems. Performance indices such as throughput and packet delay are evaluated using the developed models, particularly under the critical real-time traffic condition. Finally, the proposed modelling is applied to traffic rate control for cross-layer networked control system design.