Model selection for prognostic time-to-event gene signature discovery with applications in early breast cancer data

Model selection between competing models is a key consideration in the discovery of prognostic multigene signatures. The use of appropriate statistical performance measures as well as verification of biological significance of the signatures is imperative to maximise the chance of external validation of the generated signatures. Current approaches in time-to-event studies often use only a single measure of performance in model selection, such as logrank test p-values, or dichotomise the follow-up times at some phase of the study to facilitate signature discovery. In this study we improve the prognostic signature discovery process through the application of the multivariate partial Cox model combined with the concordance index, hazard ratio of predictions, independence from available clinical covariates and biological enrichment as measures of signature performance. The proposed framework was applied to discover prognostic multigene signatures from early breast cancer data. The partial Cox model combined with the multiple performance measures were used in both guiding the selection of the optimal panel of prognostic genes and prediction of risk within cross validation without dichotomising the follow-up times at any stage. The signatures were successfully externally cross validated in independent breast cancer datasets, yielding a hazard ratio of 2.55 [1.44, 4.51] for the top ranking signature.

Strong designated verifier signature in a multi-user setting

The security of strong designated verifier (SDV) signature schemes has thus far been analyzed only in a two-user setting. We observe that security in a two-user setting does not necessarily imply the same in a multi-user setting for SDV signatures. Moreover, we show that existing security notions do not adequately model the security of SDV signatures even in a two-user setting. We then propose revised notions of security in a multi-user setting and show that no existing scheme satisfies these notions. A new SDV signature scheme is then presented and proven secure under the revised notions in the standard model. For the purpose of constructing the SDV signature scheme, we propose a one-pass key establishment protocol in the standard model, which is of independent interest in itself.

Abstracting and correlating heterogeneous events to detect complex scenarios

The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.

A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

Integrated Acquisition Engineering Model for acquiring heavy engineering assets

In asset intensive industries such as mining, oil & gas, utilities etc. most of the capital expenditure happens on acquiring engineering assets. Process of acquiring assets is called as “Procurement” or “Acquisition”. An asset procurement decision should be taken in consideration with the installation, commissioning, operational, maintenance and disposal needs of an asset or spare. However, such cross-functional collaboration and communication does not appear to happen between engineering, maintenance, warehousing and procurement functions in many asset intensive industries. Acquisition planning and execution are two distinct parts of asset acquisition process. Acquisition planning or procurement planning is responsible for determining exactly what is required to be purchased. It is important that an asset acquisition decision is the result of cross-functional decision making process. An acquisition decision leads to a formal purchase order. Most costly asset decisions occur even before they are acquired. Therefore, acquisition decision should be an outcome of an integrated planning & decision making process. Asset intensive organizations both, Government and non Government in Australia spent AUD 102.5 Billion on asset acquisition in year 2008-09. There is widespread evidence of many assets and spare not being used or utilized and in the end are written off. This clearly shows that many organizations end up buying assets or spares which were not required or non-conforming to the needs of user functions. It is due the fact that strategic and software driven procurement process do not consider all the requirements from various functions within the organization which contribute to the operation and maintenance of the asset over its life cycle. There is a lot of research done on how to implement an effective procurement process. There are numerous software solutions available for executing a procurement process. However, not much research is done on how to arrive at a cross functional procurement planning process. It is also important to link procurement planning process to procurement execution process. This research will discuss ““Acquisition Engineering Model” (AEM) framework, which aims at assisting acquisition decision making based on various criteria to satisfy cross-functional organizational requirements. Acquisition Engineering Model (AEM) will consider inputs from corporate asset management strategy, production management, maintenance management, warehousing, finance and HSE. Therefore, it is essential that the multi-criteria driven acquisition planning process is carried out and its output is fed to the asset acquisition (procurement execution) process. An effective procurement decision making framework to perform acquisition planning which considers various functional criteria will be discussed in this paper.

Where not to have a Heart Attack in Australia!: The Cardiac ARIA Index

Background/aims: Access to appropriate health care following an acute cardiac event is important for positive outcomes. The aim of the Cardiac ARIA index was to derive an objective, comparable, geographic measure reflecting access to cardiac services across Australia. Methods: Geographic Information Systems (GIS) were used to model a numeric-alpha index based on acute management from onset of symptoms to return to the community. Acute time frames have been calculated to include time for ambulance to arrive, assess and load patient, and travel to facility by road 40–80 kph. Results: The acute phase of the index was modelled into five categories: 1 [24/7 percutaneous cardiac intervention (PCI) ≤1 h]; 2 [24/7 PCI 1–3 h, and PCI less than an additional hour to nearest accident and emergency room (A&E)]: 3 [Nearest A&E ≤3 h (no 24/7 PCI within an extra hour)]: 4 [Nearest A&E 3–12 h (no 24/7 PCI within an extra hour)]: 5 [Nearest A&E 12–24 h (no 24/7 PCI within an extra hour)]. Discharge care was modelled into three categories based on time to a cardiac rehabilitation program, retail pharmacy, pathology services, hospital, GP or remote clinic: (A) all services ≤30 min; (B) >30 min and ≤60 min; (C) >60 min. Examples of the index indicate that the majority of population locations within capital cities were category 1A; Alice Springs and Byron Bay were 3A; and the Northern Territory town of Maningrida had minimal access to cardiac services with an index ranking of 5C. Conclusion: The Cardiac ARIA index provides an invaluable tool to inform appropriate strategies for the use of scarce cardiac resources.

Generation and characterisation of Cisplatin-resistant non-small cell lung cancer cell lines displaying a stem-like signature

Introduction: Inherent and acquired cisplatin resistance reduces the effectiveness of this agent in the management of non-small cell lung cancer (NSCLC). Understanding the molecular mechanisms underlying this process may result in the development of novel agents to enhance the sensitivity of cisplatin. Methods: An isogenic model of cisplatin resistance was generated in a panel of NSCLC cell lines (A549, SKMES-1, MOR, H460). Over a period of twelve months, cisplatin resistant (CisR) cell lines were derived from original, age-matched parent cells (PT) and subsequently characterized. Proliferation (MTT) and clonogenic survival assays (crystal violet) were carried out between PT and CisR cells. Cellular response to cisplatin-induced apoptosis and cell cycle distribution were examined by FACS analysis. A panel of cancer stem cell and pluripotent markers was examined in addition to the EMT proteins, c-Met and β-catenin. Cisplatin-DNA adduct formation, DNA damage (γH2AX) and cellular platinum uptake (ICP-MS) was also assessed. Results: Characterisation studies demonstrated a decreased proliferative capacity of lung tumour cells in response to cisplatin, increased resistance to cisplatin-induced cell death, accumulation of resistant cells in the G0/G1 phase of the cell cycle and enhanced clonogenic survival ability. Moreover, resistant cells displayed a putative stem-like signature with increased expression of CD133+/CD44+cells and increased ALDH activity relative to their corresponding parental cells. The stem cell markers, Nanog, Oct-4 and SOX-2, were significantly upregulated as were the EMT markers, c-Met and β-catenin. While resistant sublines demonstrated decreased uptake of cisplatin in response to treatment, reduced cisplatin-GpG DNA adduct formation and significantly decreased γH2AX foci were observed compared to parental cell lines. Conclusion: Our results identified cisplatin resistant subpopulations of NSCLC cells with a putative stem-like signature, providing a further understanding of the cellular events associated with the cisplatin resistance phenotype in lung cancer. © 2013 Barr et al.

A lightweight biometric signature scheme for user authentication over networks

We introduce a lightweight biometric solution for user authentication over networks using online handwritten signatures. The algorithm proposed is based on a modified Hausdorff distance and has favorable characteristics such as low computational cost and minimal training requirements. Furthermore, we investigate an information theoretic model for capacity and performance analysis for biometric authentication which brings additional theoretical insights to the problem. A fully functional proof-of-concept prototype that relies on commonly available off-the-shelf hardware is developed as a client-server system that supports Web services. Initial experimental results show that the algorithm performs well despite its low computational requirements and is resilient against over-the-shoulder attacks.

An envirogenomic signature is associated with risk of IBD-related surgery in a population-based Crohn’s Disease cohort

BACKGROUND AND AIMS: Crohn's disease (CD) is an inflammatory bowel disease (IBD) caused by a combination of genetic, clinical, and environmental factors. Identification of CD patients at high risk of requiring surgery may assist clinicians to decide on a top-down or step-up treatment approach. METHODS: We conducted a retrospective case-control analysis of a population-based cohort of 503 CD patients. A regression-based data reduction approach was used to systematically analyse 63 genomic, clinical and environmental factors for association with IBD-related surgery as the primary outcome variable. RESULTS: A multi-factor model was identified that yielded the highest predictive accuracy for need for surgery. The factors included in the model were the NOD2 genotype (OR = 1.607, P = 2.3 × 10(-5)), having ever had perianal disease (OR = 2.847, P = 4 × 10(-6)), being post-diagnosis smokers (OR = 6.312, P = 7.4 × 10(-3)), being an ex-smoker at diagnosis (OR = 2.405, P = 1.1 × 10(-3)) and age (OR = 1.012, P = 4.4 × 10(-3)). Diagnostic testing for this multi-factor model produced an area under the curve of 0.681 (P = 1 × 10(-4)) and an odds ratio of 3.169, (95 % CI P = 1 × 10(-4)) which was higher than any factor considered independently. CONCLUSIONS: The results of this study require validation in other populations but represent a step forward in the development of more accurate prognostic tests for clinicians to prescribe the most optimal treatment approach for complicated CD patients.

Practical Modbus flooding attack and detection

The Modicon Communication Bus (Modbus) protocol is one of the most commonly used protocols in industrial control systems. Modbus was not designed to provide security. This paper confirms that the Modbus protocol is vulnerable to flooding attacks. These attacks involve injection of commands that result in disrupting the normal operation of the control system. This paper describes a set of experiments that shows that an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks. In comparing these intrusion detection techniques, we find that the signature-based detection requires a carefully selected threshold value, and that the anomaly-based change detection algorithm may have a short delay before detecting the attacks depending on the parameters used. In addition, we also generate a network traffic dataset of flooding attacks on the Modbus control system protocol.

Adapting Lyubashevsky's signature schemes to the ring signature setting

Basing signature schemes on strong lattice problems has been a long standing open issue. Today, two families of lattice-based signature schemes are known: the ones based on the hash-and-sign construction of Gentry et al.; and Lyubashevsky’s schemes, which are based on the Fiat-Shamir framework. In this paper we show for the first time how to adapt the schemes of Lyubashevsky to the ring signature setting. In particular we transform the scheme of ASIACRYPT 2009 into a ring signature scheme that provides strong properties of security under the random oracle model. Anonymity is ensured in the sense that signatures of different users are within negligible statistical distance even under full key exposure. In fact, the scheme satisfies a notion which is stronger than the classical full key exposure setting as even if the keypair of the signing user is adversarially chosen, the statistical distance between signatures of different users remains negligible. Considering unforgeability, the best lattice-based ring signature schemes provide either unforgeability against arbitrary chosen subring attacks or insider corruption in log-sized rings. In this paper we present two variants of our scheme. In the basic one, unforgeability is ensured in those two settings. Increasing signature and key sizes by a factor k (typically 80 − 100), we provide a variant in which unforgeability is ensured against insider corruption attacks for arbitrary rings. The technique used is pretty general and can be adapted to other existing schemes.

Multiple-time signature schemes against adaptive chosen message attacks

Multiple-time signatures are digital signature schemes where the signer is able to sign a predetermined number of messages. They are interesting cryptographic primitives because they allow to solve many important cryptographic problems, and at the same time offer substantial efficiency advantage over ordinary digital signature schemes like RSA. Multiple-time signature schemes have found numerous applications, in ordinary, on-line/off-line, forward-secure signatures, and multicast/stream authentication. We propose a multiple-time signature scheme with very efficient signing and verifying. Our construction is based on a combination of one-way functions and cover-free families, and it is secure against the adaptive chosen-message attack.

NTRUCCA : how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model

NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.

Security analysis of the non-aggressive challenge response of the DNP3 Protocol using a CPN Model

Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.