Break-ins at the Electric Boat Shipyard, Groton, Conn. : report of the Investigations Subcommittee of the Committee on Armed Services, House of Representatives, Ninety-seventh Congress, second session.

"December 1982."

Detecting and characterising malicious executable payloads

Buffer overflow vulnerabilities continue to prevail and the sophistication of attacks targeting these vulnerabilities is continuously increasing. As a successful attack of this type has the potential to completely compromise the integrity of the targeted host, early detection is vital. This thesis examines generic approaches for detecting executable payload attacks, without prior knowledge of the implementation of the attack, in such a way that new and previously unseen attacks are detectable. Executable payloads are analysed in detail for attacks targeting the Linux and Windows operating systems executing on an Intel IA-32 architecture. The execution flow of attack payloads are analysed and a generic model of execution is examined. A novel classification scheme for executable attack payloads is presented which allows for characterisation of executable payloads and facilitates vulnerability and threat assessments, and intrusion detection capability assessments for intrusion detection systems. An intrusion detection capability assessment may be utilised to determine whether or not a deployed system is able to detect a specific attack and to identify requirements for intrusion detection functionality for the development of new detection methods. Two novel detection methods are presented capable of detecting new and previously unseen executable attack payloads. The detection methods are capable of identifying and enumerating the executable payload’s interactions with the operating system on the targeted host at the time of compromise. The detection methods are further validated using real world data including executable payload attacks.

The power of malicious gossip

This paper focuses on malicious workplace gossip from the perspective of those targeted by this dark form of organisational communication. Findings from a large exemplarian action research project are reported that suggest malicious gossip can be an influential form of power that strongly contributes to counterproductive organisational behaviour. The discussion draws upon the emergent themes from the research to highlight the negative consequences of malicious gossip for those targeted and their organisations, and in so doing, elaborates on the phenomenon of workplace mobbing. This research highlights the importance of recognising gossip as an effective, though dark, form of power and the value of rational discourse for improving organisational communication.

Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications

In the last decade, smartphones have gained widespread usage. Since the advent of online application stores, hundreds of thousands of applications have become instantly available to millions of smart-phone users. Within the Android ecosystem, application security is governed by digital signatures and a list of coarse-grained permissions. However, this mechanism is not fine-grained enough to provide the user with a sufficient means of control of the applications' activities. Abuse of highly sensible private information such as phone numbers without users' notice is the result. We show that there is a high frequency of privacy leaks even among widely popular applications. Together with the fact that the majority of the users are not proficient in computer security, this presents a challenge to the engineers developing security solutions for the platform. Our contribution is twofold: first, we propose a service which is able to assess Android Market applications via static analysis and provide detailed, but readable reports to the user. Second, we describe a means to mitigate security and privacy threats by automated reverse-engineering and refactoring binary application packages according to the users' security preferences.

A Perspective to Adopt Continuous Dynamic Cognition for Malicious Node Detection in Heterogeneous Networks

The current day networks use Proactive networks for adaption to the dynamic scenarios. The use of cognition technique based on the Observe, Orient, Decide and Act loop (OODA) is proposed to construct proactive networks. The network performance degradation in knowledge acquisition and malicious node presence is a problem that exists. The use of continuous time dynamic neural network is considered to achieve cognition. The variance in service rates of user nodes is used to detect malicious activity in heterogeneous networks. The improved malicious node detection rates are proved through the experimental results presented in this paper. (C) 2015 The Authors. Published by Elsevier B.V.

Cut down by some cowardly miscreants’: Plant maiming, or the Malicious Cutting of Plants as an Act of Protest in Eighteenth and Nineteenth Century Rural England

Since the publication of Hobsbawm and Rudé's Captain Swing our understanding of the role(s) of covert protests in Hanoverian rural England has advanced considerably. Whilst we now know much about the dramatic practices of incendiarism and animal maiming and the voices of resistance in seemingly straightforward acquisitive acts, one major gap remains. Despite the fact that almost thirty years have passed since E. P. Thompson brought to our attention that under the notorious ‘Black Act’ the malicious cutting of trees was a capital offence, no subsequent research has been published. This paper seeks to address this major lacuna by systematically analysing the practices and patterns of malicious attacks on plants (‘plant maiming’) in the context of late eighteenth- and early nineteenth-century southern England. It is shown that not only did plant maiming take many different forms, attacking every conceivable type of flora, but also that it was universally understood and practised. In some communities plant maiming was the protestors' weapon of choice. As a social practice it therefore embodied wider community beliefs regarding the defence of plebeian livelihoods and identities.

When zero doesn't mean it and other geomathematical mischief

There is almost not a case in exploration geology, where the studied data doesn’t includes below detection limits and/or zero values, and since most of the geological data responds to lognormal distributions, these “zero data” represent a mathematical challenge for the interpretation. We need to start by recognizing that there are zero values in geology. For example the amount of quartz in a foyaite (nepheline syenite) is zero, since quartz cannot co-exists with nepheline. Another common essential zero is a North azimuth, however we can always change that zero for the value of 360°. These are known as “Essential zeros”, but what can we do with “Rounded zeros” that are the result of below the detection limit of the equipment? Amalgamation, e.g. adding Na2O and K2O, as total alkalis is a solution, but sometimes we need to differentiate between a sodic and a potassic alteration. Pre-classification into groups requires a good knowledge of the distribution of the data and the geochemical characteristics of the groups which is not always available. Considering the zero values equal to the limit of detection of the used equipment will generate spurious distributions, especially in ternary diagrams. Same situation will occur if we replace the zero values by a small amount using non-parametric or parametric techniques (imputation). The method that we are proposing takes into consideration the well known relationships between some elements. For example, in copper porphyry deposits, there is always a good direct correlation between the copper values and the molybdenum ones, but while copper will always be above the limit of detection, many of the molybdenum values will be “rounded zeros”. So, we will take the lower quartile of the real molybdenum values and establish a regression equation with copper, and then we will estimate the “rounded” zero values of molybdenum by their corresponding copper values. The method could be applied to any type of data, provided we establish first their correlation dependency. One of the main advantages of this method is that we do not obtain a fixed value for the “rounded zeros”, but one that depends on the value of the other variable. Key words: compositional data analysis, treatment of zeros, essential zeros, rounded zeros, correlation dependency

GNSS interference management techniques against malicious attacks

This thesis collects the outcomes of a Ph.D. course in Telecommunications Engineering and it is focused on the study and design of possible techniques able to counteract interference signal in Global Navigation Satellite System (GNSS) systems. The subject is the jamming threat in navigation systems, that has become a very increasingly important topic in recent years, due to the wide diffusion of GNSS-based civil applications. Detection and mitigation techniques are developed in order to fight out jamming signals, tested in different scenarios and including sophisticated signals. The thesis is organized in two main parts, which deal with management of GNSS intentional counterfeit signals. The first part deals with the interference management, focusing on the intentional interfering signal. In particular, a technique for the detection and localization of the interfering signal level in the GNSS bands in frequency domain has been proposed. In addition, an effective mitigation technique which exploits the periodic characteristics of the common jamming signals reducing interfering effects at the receiver side has been introduced. Moreover, this technique has been also tested in a different and more complicated scenario resulting still effective in mitigation and cancellation of the interfering signal, without high complexity. The second part still deals with the problem of interference management, but regarding with more sophisticated signal. The attention is focused on the detection of spoofing signal, which is the most complex among the jamming signal types. Due to this highly difficulty in detect and mitigate this kind of signal, spoofing threat is considered the most dangerous. In this work, a possible techniques able to detect this sophisticated signal has been proposed, observing and exploiting jointly the outputs of several operational block measurements of the GNSS receiver operating chain.

Socrates on the Moral Mischief of Misology

In Plato’s dialogues, the Phaedo, Laches, and Republic, Socrates warns his interlocutors about the dangers of misology. Misology is explained by analogy with misanthropy, not as the hatred of other human beings, but as the hatred of the logos or reasonable discourse. According to Socrates, misology arises when a person alternates between believing an argument to be correct, and then refuting it as false. If Socrates is right, then misanthropy is sometimes instilled when a person goes from trusting people to learning that others sometimes betray our reliance and expectations, and finally not to placing any confidence whatsoever in other people, or, in the case of misology, in the correctness or trustworthiness of arguments. A cynical indifference to the soundness of arguments generally is sometimes associated with Socrates’ polemical targets, the Sophists, at least as Plato represents Socrates’ reaction to these itinerant teachers of rhetoric, public speaking and the fashioning of arguments suitable to any occasion. Socrates’ injunctions against misology are largely moral, pronouncing it ‘shameful’ and ‘very wicked’, and something that without further justification we must ‘guard against’, maintaining that we will be less excellent persons if we come to despise argument as lacking the potential of leading to the truth. I examine Socrates’ moral objections to misology which I show to be inconclusive. I consider instead the problem of logical coherence in the motivations supposedly underlying misology, and conclude that misology as Socrates intends the concept is an emotional reaction to argumentation on the part of persons who have not acquired the logical dialectical skills or will to sort out good from bad arguments. We cannot dismiss argument as directed toward the truth unless we have a strong reason for doing so, and any such argument must itself presuppose that at least some reasoning can be justified in discovering and justifying belief in interesting truths. The relevant passages from Socrates’ discussion of the soul’s immortality in the Phaedo are discussed in detail, and set in scholarly background against Socrates’ philosophy more generally, as represented by Plato’s dialogues. I conclude by offering a suggestive list of practical remedies to avoid the alienation from argument in dialectic with which Socrates is concerned.