Risk and trust management for online distributed system

This thesis investigated the problem of strategic manipulation of feedback attacks and proposed an approach that makes trust management systems sufficiently robust against feedback manipulation attacks. The new trust management system enables potential service consumers to determine the risk level of a service before committing to proceed with the transaction.

Who is more susceptible to phishing emails?: a Saudi Arabian study

Phishing emails cause enormous losses to both users and organisations. The goal of this study is to determine which individuals are more vulnerable to phishing emails. To gain this information an experiment has been developed which involves sending phishing email to users and collecting information about users. The detection deception model has been applied to identify users’ detection behaviour. We find that users who have less email experience and high levels of submissiveness have increased susceptibility. Among those, users who have high susceptibility levels and high openness and extraversion are more likely to carry on the harmful action embedded in phishing emails.

A serverless ultra-lightweight secure search protocol for EPC Class-1 Gen-2 UHF RFID tags

Radio Frequency Identification (RFID) is a technology that enables the non-contact, automatic and unique identification of objects using radio waves. Its use for commercial applications has recently become attractive with RFID technology seen as the replacement for the optical barcode system that is currently in widespread use. RFID has many advantages over the traditional barcode and these advantages have the potential to significantly increase the efficiency of decentralised business environments such as logistics and supply chain management. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. In order to ensure the privacy and security of the tags, the search has to be conducted in a secure fashion. To our knowledge not much work has been done in this secure search area of RFID. The limited work that has been done does not comply with the EPC Class-1 Gen-2 standards since most of them use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a serverless ultra-lightweight secure search protocol that does not use the expensive hash functions or any complex encryption schemes but achieves compliance with EPC Class-1 Gen-2 standards while meeting the required security requirements. Our protocol is based on XOR encryption and random numbers - operations that are easily implemented on low-cost RFID tags. Our protocol also provides additional protection using a blind-factor to prevent tracking attacks. Since our protocol is EPC Class-1 Gen-2 compliant it makes it possible to implement it on low-cost passive RFID tags.

Why it is hard to fight against cyber criminals?

We are witnessing numerous cyber attacks every day, however, we do not see many cyber criminals are brought to justice. One reason is that it is technically hard to identify and trace cyber criminals. One reason for this passive situation is our limited or even inappropriate understanding of the cyber space. In this paper, we survey the challenges and opportunities in this research field for interested readers. We also list promising tools and directions based on our understanding.

Effects of social characters in viral propagation seeding strategies in online social networks

Online social networks have not only become a point of aggregation and exchange of information, they have so radically rooted into our everyday behaviors that they have become the target of important network attacks. We have seen an increasing trend in Sybil based activity, such as in personification, fake profiling and attempts to maliciously subvert the community stability in order to illegally create benefits for some individuals, such as online voting, and also from more classic informatics assaults using specifically mutated worms. Not only these attacks, in the latest months, we have seen an increase in spam activities on social networks such as Facebook and RenRen, and most importantly, the first attempts at propagating worms within these communities. What differentiates these attacks from normal network attacks, is that compared to anonymous and stealthy activities, or by commonly untrusted emails, social networks regain the ability to propagate within consentient users, who willingly accept to partake. In this paper, we will demonstrate the effects of influential nodes against non-influential nodes through in simulated scenarios and provide an overview and analysis of the outcomes.

Effects of predator control on behaviour of an apex predator and indirect consequences for mesopredator suppression

1. Apex predators can benefit ecosystems through top–down control of mesopredators and herbivores. However, apex predators are often subject to lethal control aimed at minimizing attacks on livestock. Lethal control can affect both the abundance and behaviour of apex predators. These changes could in turn influence the abundance and behaviour of mesopredators.

2. We used remote camera surveys at nine pairs of large Australian rangeland properties, comparing properties that controlled dingoes Canis lupus dingo with properties that did not, to test the effects of predator control on dingo activity and to evaluate the responses of a mesopredator, the feral cat Felis catus.

3. Indices of dingo abundance were generally reduced on properties that practiced dingo control, in comparison with paired properties that did not, although the effect size of control was variable. Dingoes in uncontrolled populations were crepuscular, similar to major prey. In populations subject to control, dingoes became less active around dusk, and activity was concentrated in the period shortly before dawn.

4. Shifts in feral cat abundance indices between properties with and without dingo control were inversely related to corresponding shifts in indices of dingo abundance. There was also a negative relationship between predator visitation rates at individual camera stations, suggesting cats avoided areas where dingoes were locally common. Reduced activity by dingoes at dusk was associated with higher activity of cats at dusk.

5. Our results suggest that effective dingo control not only leads to higher abundance of feral cats, but allows them to optimize hunting behaviour when dingoes are less active. This double effect could amplify the impacts of dingo control on prey species selected by cats. In areas managed for conservation, stable dingo populations may thus contribute to management objectives by restricting feral cat access to prey populations.

6. Synthesis and applications. Predator control not only reduces indices of apex predator abundance but can also modify their behaviour. Hence, indicators other than abundance, such as behavioural patterns, should be considered when estimating a predator's capacity to effectively interact with lower trophic guilds. Changes to apex predator behaviour may relax limitations on the behaviour of mesopredators, providing enhanced access to resources and prey.

Safeguarding Australia from cyber-terrorism : a SCADA risk framework

Terrorist groups are currently using information and communication technologies (ICTs) to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of capability within the cyber-arena to coordinate cyber-based attacks. This chapter identifies that cyber-terrorism capabilities are an integral, imperative, yet under-researched component in establishing, and enhancing cyber-terrorism risk assessment models for SCADA systems. This chapter examines a cyber-terrorism SCADA risk framework that has been adopted and validated by SCADA industry practitioners. The chapter proposes a high level managerial framework, which is designed to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. The findings and results of an industry focus group are presented in support of the developed framework for SCADA industry acceptance.

Measuring the destruction of heritage and spikes of violence in Iraq

Since the invasion of 2003, Iraq has suffered an extraordinary era of both heritage destruction and devastating spikes in violence. While cases such as the 2003 attacks on the Iraq National Museum and the Iraq National Library and Archive, as well as the systematic looting of Iraq’s sensitive archaeological sites, understandably caused outrage among scholars of heritage studies across the world, little attention has been paid to the destruction of Iraq’s many significant Islamic sites – particularly during the ethno-religious sectarian violence that raged across the nation in 2006-7. This paper presents the first results of a three year project funded by the Australian Research Council which aims to empirically test the assumption that a significant relationship exists between this spike in violence and the targeting of sites of Islamic heritage (mosques, shrines, etc.). To do this, the paper will compare and contrast the information in the world’s first database of heritage destruction (created by the author) and existing measures of violence in Iraq (such as the Iraq Body Count database). This will set the precedent for studies of both heritage and violence and enable policy formation towards the minimization of heritage destruction and spikes in violence during times of conflict.

Heritage destruction and violence in Iraq : bombing mosques and ethno-religious sectarian violence, 2006-7

Since the invasion of 2003, Iraq has suffered an extraordinary era of both heritage destruction and devastating spikes in violence. While cases such as the 2003 attacks on the Iraq National Museum and the Iraq National Library and Archive, as well as the systematic looting of Iraq’s sensitive archaeological sites, understandably caused outrage among scholars of heritage studies across the world, little attention has been paid to the destruction of Iraq’s many significant Islamic sites – particularly during the ethno-religious sectarian violence that raged across the nation in 2006-7. This paper presents the first results of a three year project funded by the Australian Research Council which aims to empirically test the assumption that a significant relationship exists between this spike in violence and the targeting of sites of Islamic heritage (mosques, shrines, etc.). To do this, the paper will compare and contrast the information in the world’s first database of heritage destruction (created by the author) and existing measures of violence in Iraq (such as the Iraq Body Count database). This will set the precedent for studies of both heritage and violence and enable policy formation towards the minimization of heritage destruction and spikes in violence during times of conflict.

Culture and violence in Iraq : bombing mosques and ethno-sectarian violence, 2006

Since the invasion of 2003, Iraq has suffered an extraordinary era of both heritage destruction and devastating spikes in violence. While cases such as the 2003 attacks on the Iraq National Museum and the Iraq National Library and Archive, as well as the systematic looting of Iraq’s sensitive archaeological sites, understandably caused outrage among scholars of heritage studies across the world, little attention has been paid to the destruction of Iraq’s many significant Islamic sites – particularly during the ethno-religious sectarian violence that raged across the nation in 2006-7. This paper presents the first results of a three year project funded by the Australian Research Council which aims to empirically test the assumption that a significant relationship exists between this spike in violence and the targeting of sites of Islamic heritage (mosques, shrines, etc.). To do this, the paper will compare and contrast the information in the world’s first database of heritage destruction (created by the author) and existing measures of violence in Iraq (such as the Iraq Body Count database). This will set the precedent for studies of both heritage and violence and enable policy formation towards the minimization of heritage destruction and spikes in violence during times of conflict.

Recovering private data : a comparison of three methods

We examine a recent proposal for data privatization by testing it agalnst three well-known attacks. We show that all three attacks successfully retrieve the original datta. We compare the strengths of the three attacks. Finally, we indicate how the data privatization method examined can be modified to assist it to withstand these attacks.

Patchwork-based stereo audio watermarking against de-synchronization attack

Audio watermarking schemes using patchworkbased algorithm have good robustness against majority of the watermarking attacks. However, these watermarking schemes are vulnerable to de-synchronization attack. This paper proposes a patchwork-based watermarking scheme for stereo audio signals to address this problem. To improve the robustness, the proposed method exploits the similarities of both channels in the stereo audio signals. Given a stereo audio signal, we first compute the discrete cosine transform (DCT) of both channels, which gives two sets of DCT coefficients. Then DCT segments are formed form DCT coefficients belong to a certain frequency range. The DCT segment formation is determined by a pseudonoise (PN) sequence which acts as a secret key. Then watermark bits are embedded into DCT segments by modifying the DCT coefficients. In the decoding process the secret key is used to extract the watermark bits embedded in the DCT segments. Simulation results illustrate the effectiveness of the proposed method against de-synchronization attack, compared to latest patchwork-based audio watermarking scheme. Besides, the proposed algorithm also gives better robustness against other conventional attacks.

E-commerce trust management system reliability

Various solutions have been proposed in managing trust relationship between trading partners in eCommerce environment. Determine the reliability of trust management systems in eCommerce is most difficult issue due to highly dynamic nature of eCommerce environments. As trust management systems depend on the feedback ratings provided by the trading partners, they are fallible to strategic manipulation of the feedback ratings attacks. This paper addressed the challenges of trust management systems. The requirements of a reliable trust management are also discussed. In particular, we introduce an adaptive credibility model that distinguishes between credible feedback ratings and malicious feedback ratings by considering transaction size, frequency of ratings and majority vote to form a feedback ratings verification metric. The approach has been validated by simulation result.

A test of core assumptions of the catastrophic misinterpretation model of panic disorder

The catastrophic misinterpretation model of panic disorder proposes that spontaneous panic attacks are the result of misinterpretation of harmless autonomic arousal as precursors to physical (e.g. heart attack) or psychological (e.g. insanity) emergency. Mixed research findings to date have provided equivocal support. A modified form of the Body Sensations Interpretation Questionnaire was used to investigate core assumptions of the model amongst 38 people with panic disorder (PD), 20 with non-clinical panic, 21 with social anxiety disorder, and 34 non-anxious controls. The PD group gave more harm-related interpretations of ambiguous internal stimuli than all other groups only when anxiety-related responses (e.g. “I'm going to panic”) were scored as harm, however there was no evidence that anxiety-related interpretations were masking perceived catastrophic physical or psychological outcomes. Despite this, people with PD rated harm and anxiety outcomes as more negative than non-anxious controls. Results failed to unequivocally support core assumptions of the model.

Emerging wireless personal area networks(WPANs) : - An analysis of techniques, tools and threats

Wireless Personal Area Networks provide a pivotal role in local area network technology complementing traditional Wireless Local Area Network technologies. Bluetooth, ZigBee and NFC (Near Field Communications) have emerged as key WPAN technologies with UWB (Ultra Wide Band) standards currently evolving. They are however subject to the usual range of security vulnerabilities found in wireless LANs such as spoofing, snooping, man-in-the-middle, denial of service and other attacks. However security in WPANs is not as mature as it is in Wireless LANs and further work is needed in order to provide comparable protection. This paper examines a range of WPAN technologies and security issues and proposes protection mechanisms that can mitigate risk in each case. © 2012 IEEE.