A defense system against DDoS attacks by large-scale IP traceback

In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.

High stakes principalship-sleepless nights, heart attacks and sudden death accountabilities: reading media representations of the United States principal shortage

The possible shortage of applicants for principal positions is news in both Australia and abroad. We subject a corpus of predominantly United states (US) news articles to deconstructive narrative analysis and find that the dominant media representation of principals' work is one of long hours Iow salary high stress and sudden death from high stakes accountabilities. However, reported US policy interventions focus predominantly on professional development for aspirants. We note that this will be insufficient to reverse the lack of applications and suggest that the dominant media picture of completely unattractive principals work, meant to leverage a policy solution, will perhaps paradoxically perpetuate the problem. The dominant media picture is also curiously at odds with research that reports high job satisfaction among principals. We suggest that there is a binary of victim and saviour principal in both media and policy which prevents some strategic re-thinking about how the principalship might be different.

Using mobile agents to detect node compromise in path-based DoS attacks on wireless sensor networks

Wireless sensor networks represent a new generation of real-time  embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop endto- end communication path with either replayed packets or injected spurious packets. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily.

Using mobile agents to detect and recover from node compromise in path-based DoS attacks in wireless sensor networks

Wireless sensor networks represent a new generation of real-time embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop end-to end communication path with either replayed packets or injected spurious packets. Detection and recovery from PDoS attacks have not been given much attention in the literature. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily and efficiently and recover the compromised nodes.

Decision analysis of statistically detecting distributed denial-of-service flooding attacks

There are two statistical decision making questions regarding statistically detecting sings of denial-of-service flooding attacks. One is how to represent the distributions of detection probability, false alarm probability and miss probability. The other is how to quantitatively express a decision region within which one may make a decision that has high detection probability, low false alarm probability and low miss probability. This paper gives the answers to the above questions. In addition, a case study is demonstrated.

Algebraic attacks on clock-controlled stream ciphers

We present an algebraic attack approach to a family of irregularly clock-controlled bit-based linear feedback shift register systems. In the general set-up, we assume that the output bit of one shift register controls the clocking of other registers in the system and produces a family of equations relating the output bits to the internal state bits. We then apply this general theory to four specific stream ciphers: the (strengthened) stop-and-go generator, the alternating step generator, the self-decimated generator and the step1/step2 generator. In the case of the strengthened stop-and-go generator and of the self-decimated generator, we obtain the initial state of the registers in a significantly faster time than any other known attack. In the other two situations, we do better than or as well as all attacks but the correlation attack. In all cases, we demonstrate that the degree of a functional relationship between the registers can be bounded by two. Finally, we determine the effective key length of all four systems.

Algebraic attacks on clock-controlled cascade ciphers

In this paper, we mount the first algebraic attacks against clock controlled cascade stream ciphers. We first show how to obtain relations between the internal state bits and the output bits of the Gollmann clock controlled cascade stream ciphers. We demonstrate that the initial states of the last two shift registers can be determined by the initial states of the others. An alternative attack on the Gollmann cascade is also described, which requires solving quadratic equations. We then present an algebraic analysis of Pomaranch, one of the phase two proposals to eSTREAM. A system of equations of maximum degree four that describes the full cipher is derived. We also present weaknesses in the filter functions of Pomaranch by successfully computing annihilators and low degree multiples of the functions.

Cost-effectiveness of psychological and pharmacological interventions for generalized anxiety disorder and panic disorder

Objective: To assess from a health sector perspective the incremental cost-effectiveness of interventions for generalized anxiety disorder (cognitive behavioural therapy [CBT] and serotonin and noradrenaline reuptake inhibitors [SNRIs]) and panic disorder (CBT, selective serotonin reuptake inhibitors [SSRIs] and tricyclic antidepressants [TCAs]).

Method: The health benefit is measured as a reduction in disability-adjusted life years (DALYs), based on effect size calculations from meta-analyses of randomised controlled trials. An assessment on second stage filters ('equity', 'strength of evidence', 'feasibility' and 'acceptability to stakeholders') is also undertaken to incorporate additional factors that impact on resource allocation decisions. Costs and benefits are calculated for a period of one year for the eligible population (prevalent cases of generalized anxiety disorder/panic disorder identified in the National Survey of Mental Health and Wellbeing, extrapolated to the Australian population in the year 2000 for those aged 18 years and older). Simulation modelling techniques are used to present 95% uncertainty intervals (UI) around the incremental cost-effectiveness ratios (ICERs).

Results: Compared to current practice, CBT by a psychologist on a public salary is the most cost-effective intervention for both generalized anxiety disorder (A$6900/DALY saved; 95% UI A$4000 to A$12 000) and panic disorder (A$6800/DALY saved; 95% UI A$2900 to A$15 000). Cognitive behavioural therapy results in a greater total health benefit than the drug interventions for both anxiety disorders, although equity and feasibility concerns for CBT interventions are also greater.

Conclusions: Cognitive behavioural therapy is the most effective and cost-effective intervention for generalized anxiety disorder and panic disorder. However, its implementation would require policy change to enable more widespread access to a sufficient number of trained therapists for the treatment of anxiety disorders.

High stakes principalship - sleepless nights, heart attacks and sudden death accountabilities: reading media representations of the US principal shortage

The possible shortage of applicants for principal positions is news in both Australia and abroad. We subject a corpus of predominantly US news article to deconstructive narrative analysis and find that the dominant media representation of principals' work is one of long hours, low salary, high stress and sudden death from high stakes accountabilities. However reported US policy interventions focus predominantly on professional development for aspirants. We note that this will be insufficient to reverse the lack of applications, and suggest that the dominant media picture of completely unattractive principals' work, meant to leverage a policy solution will perhaps paradoxically perpetuate the problem. This picture is also curiously at odds with research that reports high job satisfaction among principals. We suggest that there is a dominant binary of victim and saviour principal in both media and policy which prevents some strategic re-thinking about how the principalship might be different.

Mutually clock-controlled feedback shift registers provide resistance to algebraic attacks

Algebraic attacks have been applied to several types of clock-controlled stream ciphers. However, to date there are no such attacks in the literature on mutually clock-controlled ciphers. In this paper, we present a preliminary step in this direction by giving the first algebraic analysis of mutually clock-controlled feedback shift register stream ciphers: the bilateral stop-and-go generator, A5/1, Alpha 1 and the MICKEY cipher. We show that, if there are no regularly clocked shift registers included in the system, mutually clock-controlled feedback shift register ciphers appear to be highly resistant to algebraic attacks. As a demonstration of the weakness inherent in the presence of a regularly clocked shift register, we present a simple algebraic attack on Alpha 1 based on only 29 keystream bits.

Information theory based detection against network behavior mimicking DDoS attacks

DDoS is a spy-on-spy game between attackers and detectors. Attackers are mimicking network traffic patterns to disable the detection algorithms which are based on these features. It is an open problem of discriminating the mimicking DDoS attacks from massive legitimate network accessing. We observed that the zombies use controlled function(s) to pump attack packages to the victim, therefore, the attack flows to the victim are always share some properties, e.g. packages distribution behaviors, which are not possessed by legitimate flows in a short time period. Based on this observation, once there appear suspicious flows to a server, we start to calculate the distance of the package distribution behavior among the suspicious flows. If the distance is less than a given threshold, then it is a DDoS attack, otherwise, it is a legitimate accessing. Our analysis and the preliminary experiments indicate that the proposed method- can discriminate mimicking flooding attacks from legitimate accessing efficiently and effectively.

Moral panic : the old and the new

The theory of moral panics has been prominent in the sociology of deviance since the 1970s. This article uses this theory to trace the rise of the moral panic around the high number of heroin overdose deaths in Australian in the mid to late 1990s. It argues, however, that much of the panic was generated by groups not traditionally associated with moral panics, but by political progressives in the field of illicit drugs as well as victims, parent groups, and those who work with illicit drug users. In this way it was not a conventional right-wing moral crusade, but it was no less a moral panic.