Numerical encoding to tame SQL injection attacks.

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection combined with increasing volumes of web traffic from the Internet of Things (IoT), cloud-hosted and on-premise business applications have made it evident that the existing approaches of mostly static signature lack the ability to cope with novel signatures. A SQLIA detection and prevention solution can be achieved through exploring an alternative bio-inspired supervised learning approach that uses input of labelled dataset of numerical attributes in classifying true positives and negatives. We present in this paper a Numerical Encoding to Tame SQLIA (NETSQLIA) that implements a proof of concept for scalable numerical encoding of features to a dataset attributes with labelled class obtained from deep web traffic analysis. In the numerical attributes encoding: the model leverages proxy in the interception and decryption of web traffic. The intercepted web requests are then assembled for front-end SQL parsing and pattern matching by applying traditional Non-Deterministic Finite Automaton (NFA). This paper is intended for a technique of numerical attributes extraction of any size primed as an input dataset to an Artificial Neural Network (ANN) and statistical Machine Learning (ML) algorithms implemented using Two-Class Averaged Perceptron (TCAP) and Two-Class Logistic Regression (TCLR) respectively. This methodology then forms the subject of the empirical evaluation of the suitability of this model in the accurate classification of both legitimate web requests and SQLIA payloads.

Distributed and compressed MIKEY mode to secure end-to-end communications in the Internet of things.

Multimedia Internet KEYing protocol (MIKEY) aims at establishing secure credentials between two communicating entities. However, existing MIKEY modes fail to meet the requirements of low-power and low-processing devices. To address this issue, we combine two previously proposed approaches to introduce a new distributed and compressed MIKEY mode for the Internet of Things. Indeed, relying on a cooperative approach, a set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the preshared mode is used in the constrained part of network, while the public key mode is used in the unconstrained part of the network. Furthermore, to mitigate the communication cost we introduce a new header compression scheme that reduces the size of MIKEY’s header from 12 Bytes to 3 Bytes in the best compression case. Preliminary results show that our proposed mode is energy preserving whereas its security properties are preserved untouched.

Performance evaluation of the RPL Protocol in fixed and mobile sinks low-power and lossy networks.

Low-Power and Lossy-Network (LLN) are usually composed of static nodes, but the increase demand for mobility in mobile robotic and dynamic environment raises the question how a routing protocol for low-power and lossy-networks such as (RPL) would perform if a mobile sink is deployed. In this paper we investigate and evaluate the behaviour of the RPL protocol in fixed and mobile sink environments with respect to different network metrics such as latency, packet delivery ratio (PDR) and energy consumption. Extensive simulation using instant Contiki simulator show significant performance differences between fixed and mobile sink environments. Fixed sink LLNs performed better in terms of average power consumption, latency and packet delivery ratio. The results demonstrated also that RPL protocol is sensitive to mobility and it increases the number of isolated nodes.

A new distributed MIKEY mode to secure e-health applications.

Securing e-health applications in the context of Internet of Things (IoT) is challenging. Indeed, resources scarcity in such environment hinders the implementation of existing standard based protocols. Among these protocols, MIKEY (Multimedia Internet KEYing) aims at establishing security credentials between two communicating entities. However, the existing MIKEY modes fail to meet IoT specificities. In particular, the pre-shared key mode is energy efficient, but suffers from severe scalability issues. On the other hand, asymmetric modes such as the public key mode are scalable, but are highly resource consuming. To address this issue, we combine two previously proposed approaches to introduce a new hybrid MIKEY mode. Indeed, relying on a cooperative approach, a set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the pre-shared mode is used in the constrained part of the network, while the public key mode is used in the unconstrained part of the network. Preliminary results show that our proposed mode is energy preserving whereas its security properties are kept safe.

A longitudinal qualitative exploration of healthcare and informal support needs among survivors of critical illness: the RELINQUISH protocol.

Introduction and background: Survival following critical illness is associated with a significant burden of physical, emotional and psychosocial morbidity. Recovery can be protracted and incomplete, with important and sustained effects upon everyday life, including family life, social participation and return to work. In stark contrast with other critically ill patient groups (eg, those following cardiothoracic surgery), there are comparatively few interventional studies of rehabilitation among the general intensive care unit patient population. This paper outlines the protocol for a sub study of the RECOVER study: a randomised controlled trial evaluating a complex intervention of enhanced ward-based rehabilitation for patients following discharge from intensive care. Methods and analysis: The RELINQUISH study is a nested longitudinal, qualitative study of family support and perceived healthcare needs among RECOVER participants at key stages of the recovery process and at up to 1 year following hospital discharge. Its central premise is that recovery is a dynamic process wherein patients’ needs evolve over time. RELINQUISH is novel in that we will incorporate two parallel strategies into our data analysis: (1) a pragmatic health services-oriented approach, using an a priori analytical construct, the ‘Timing it Right’ framework and (2) a constructivist grounded theory approach which allows the emergence of new themes and theoretical understandings from the data. We will subsequently use Qualitative Health Needs Assessment methodology to inform the development of timely and responsive healthcare interventions throughout the recovery process. Ethics and dissemination: The protocol has been approved by the Lothian Research Ethics Committee (protocol number HSRU011). The study has been added to the UK Clinical Research Network Database (study ID. 9986). The authors will disseminate the findings in peer reviewed publications and to relevant critical care stakeholder groups.