Passivity Framework for Modeling, Composing and Mitigating Cyber Attacks

Thesis (Ph.D.)--University of Washington, 2016-08

Personalised TV ads are the future – but is it time to panic?

TV Advertising is evolving quickly. This article examines how the popularity of viewing content on mobile platforms is changing the way we advertise. VOD and OTT media services have meant that advertisers can now automate and personalise their TV advertising. It's having a significant impact on the UK TV business model.

Numerical encoding to tame SQL injection attacks.

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection combined with increasing volumes of web traffic from the Internet of Things (IoT), cloud-hosted and on-premise business applications have made it evident that the existing approaches of mostly static signature lack the ability to cope with novel signatures. A SQLIA detection and prevention solution can be achieved through exploring an alternative bio-inspired supervised learning approach that uses input of labelled dataset of numerical attributes in classifying true positives and negatives. We present in this paper a Numerical Encoding to Tame SQLIA (NETSQLIA) that implements a proof of concept for scalable numerical encoding of features to a dataset attributes with labelled class obtained from deep web traffic analysis. In the numerical attributes encoding: the model leverages proxy in the interception and decryption of web traffic. The intercepted web requests are then assembled for front-end SQL parsing and pattern matching by applying traditional Non-Deterministic Finite Automaton (NFA). This paper is intended for a technique of numerical attributes extraction of any size primed as an input dataset to an Artificial Neural Network (ANN) and statistical Machine Learning (ML) algorithms implemented using Two-Class Averaged Perceptron (TCAP) and Two-Class Logistic Regression (TCLR) respectively. This methodology then forms the subject of the empirical evaluation of the suitability of this model in the accurate classification of both legitimate web requests and SQLIA payloads.

Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks

Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein–Podolsky–Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components.

The war of attrition in cyber-space or "cyber-attacks", "cyber-war" and "cyber-terrorism"

Nos últimos anos tornou-se óbvio que o mundo virtual das bases de dados e do software – popularmente denominado como ciberespaço – tem um lado negro. Este lado negro tem várias dimensões, nomeadamente perda de produtividade, crime financeiro, furto de propriedade intelectual, de identidade, bullying e outros. Empresas, governos e outras entidades são cada vez mais alvo de ataques de terceiros com o fim de penetrarem as suas redes de dados e sistemas de informação. Estes vão desde os adolescentes a grupos organizados e extremamente competentes, sendo existem indicações de que alguns Estados têm vindo a desenvolver “cyber armies” com capacidades defensivas e ofensivas. Legisladores, políticos e diplomatas têm procurado estabelecer conceitos e definições, mas apesar da assinatura da Convenção do Conselho da Europa sobre Cibercrime em 2001 por vários Estados, não existiram novos desenvolvimentos desde então. Este artigo explora as várias dimensões deste domínio e enfatiza os desafios que se colocam a todos aqueles que são responsáveis pela proteção diária da informação das respetivas organizações contra ataques de origem e objetivos muitas vezes desconhecidos.

Risk of Wheezing Attacks in Infants With Transient Tachypnea Newborns

Background: The most common reason of respiratory distress in the newborn is transient tachypnea of the newborn (TTN). There are some reports saying that TTN is associated with increased frequencies of wheezing attacks. Objectives: The aims of this study were to determine the risk factors associated with TTN and to determine the association between TTN and the development of wheezing syndromes in early life. Materials and Methods: In a historical cohort study, we recorded the characteristics of 70 infants born at the Shohadaye Kargar Hospital in Yazd between March 2005 and March 2009 and who were hospitalized because of TTN in the neonatal intensive-care unit. We called their parents at least four years after the infants were discharged from the hospital and asked about any wheezing attacks. Seventy other infants with no health problems during the newborn period were included in the study as the control group. Results: The rate of wheezing attacks in newborns with TTN was more than patients with no TTN diagnosis (P = 0.014). TTN was found to be an independent risk factor for later wheezing attacks (relative risk [RR] = 2.8). Conclusions: The most obvious finding of this study was that TTN was an independent risk factor for wheezing attacks. So long-term medical care is suggested for these patients who may be at risk, because TTN may not be as transient as has been previously thought.

Investigation of un-American propaganda activities in the United States : Hearings before a Special Committee on Un-American Activities, House of Representatives, Seventy-fifth Congress, third session-Seventy-eighth Congress, second session, on H. Res. 282, to investigate (1) the extent, character, and objects of un-American propaganda activities in the United States, (2) the diffusion within the United States of subversive and un-American propaganda that is instigated from foreign countries or of a domestic origin and attacks the principle of the form of government as guaranteed by our Constitution, and (3) all other questions in relation thereto that would aid Congress in any necessary remedial legislation.

Martin Dies, chairman.

Contagion in cybersecurity attacks

Systems security is essential for the efficient operation of all organizations. Indeed, most large firms employ a designated ‘Chief Information Security Officer’ to coordinate the operational aspects of the organization’s information security. Part of this role is in planning investment responses to information security threats against the firm’s corporate network infrastructure. To this end, we develop and estimate a vector equation system of threats to 10 important IP services, using industry standard SANS data on threats to various components of a firm’s information system over the period January 2003 – February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems’ defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.

A multiagent based strategy for detecting attacks in databases in a distributed mode

This paper presents a distributed hierarchical multiagent architecture for detecting SQL injection attacks against databases. It uses a novel strategy, which is supported by a Case-Based Reasoning mechanism, which provides to the classifier agents with a great capacity of learning and adaptation to face this type of attack. The architecture combines strategies of intrusion detection systems such as misuse detection and anomaly detection. It has been tested and the results are presented in this paper.

Laparoscopic Antireflux Surgery In Patients With Extra Esophageal Symptoms Related To Asthma.

Asthma, laryngitis and chronic cough are atypical symptoms of the gastroesophageal reflux disease. To analyze the efficacy of laparoscopic surgery in the remission of extra-esophageal symptoms in patients with gastroesophageal reflux, related to asthma. Were reviewed the medical records of 400 patients with gastroesophageal reflux disease submitted to laparoscopic Nissen fundoplication from 1994 to 2006, and identified 30 patients with extra-esophageal symptoms related to asthma. The variables considered were: gender, age, gastroesophageal symptoms (heartburn, acid reflux and dysphagia), time of reflux disease, treatment with proton pump inhibitor, use of specific medications, treatment and evolution, number of attacks and degree of esophagitis. Data were subjected to statistical analysis, comparing the pre- and post-surgical findings. The comparative analysis before surgery (T1) and six months after surgery (T2) showed a significant reduction on heartburn and reflux symptoms. Apart from that, there was a significant difference between the patients with daily crises of asthma (T1 versus T2, 45.83% to 16.67%, p=0.0002) and continuous crises (T1, 41.67% versus T2, 8.33%, p=0.0002). Laparoscopic Nissen fundoplication was effective in improving symptoms that are typical of reflux disease and clinical manifestations of asthma.

Trichomes Related To An Unusual Method Of Water Retention And Protection Of The Stem Apex In An Arid Zone Perennial Species.

It is well known that trichomes protect plant organs, and several studies have investigated their role in the adaptation of plants to harsh environments. Recent studies have shown that the production of hydrophilic substances by glandular trichomes and the deposition of this secretion on young organs may facilitate water retention, thus preventing desiccation and favouring organ growth until the plant develops other protective mechanisms. Lychnophora diamantinana is a species endemic to the Brazilian 'campos rupestres' (rocky fields), a region characterized by intense solar radiation and water deficits. This study sought to investigate trichomes and the origin of the substances observed on the stem apices of L. diamantinana. Samples of stem apices, young and expanded leaves were studied using standard techniques, including light microscopy and scanning and transmission electron microscopy. Histochemical tests were used to identify the major groups of metabolites present in the trichomes and the hyaline material deposited on the apices. Non-glandular trichomes and glandular trichomes were observed. The material deposited on the stem apices was hyaline, highly hydrophilic and viscous. This hyaline material primarily consists of carbohydrates that result from the partial degradation of the cell wall of uniseriate trichomes. This degradation occurs at the same time that glandular trichomes secrete terpenoids, phenolic compounds and proteins. These results suggest that the non-glandular trichomes on the leaves of L. diamantinana help protect the young organ, particularly against desiccation, by deposition of highly hydrated substances on the apices. Furthermore, the secretion of glandular trichomes probably repels herbivore and pathogen attacks.

Characterization Of Anfo Explosive By High Accuracy Esi(±)-ftms With Forensic Identification On Real Samples By Easi(-)-ms.

Ammonium nitrate fuel oil (ANFO) is an explosive used in many civil applications. In Brazil, ANFO has unfortunately also been used in criminal attacks, mainly in automated teller machine (ATM) explosions. In this paper, we describe a detailed characterization of the ANFO composition and its two main constituents (diesel and a nitrate explosive) using high resolution and accuracy mass spectrometry performed on an FT-ICR-mass spectrometer with electrospray ionization (ESI(±)-FTMS) in both the positive and negative ion modes. Via ESI(-)-MS, an ion marker for ANFO was characterized. Using a direct and simple ambient desorption/ionization technique, i.e., easy ambient sonic-spray ionization mass spectrometry (EASI-MS), in a simpler, lower accuracy but robust single quadrupole mass spectrometer, the ANFO ion marker was directly detected from the surface of banknotes collected from ATM explosion theft.