Component modeling for SCADA network mapping

Supervisory Control and Data Acquisition systems (SCADA) are widely used to control critical infrastructure automatically. Capturing and analyzing packet-level traffic flowing through such a network is an essential requirement for problems such as legacy network mapping and fault detection. Within the framework of captured network traffic, we present a simple modeling technique, which supports the mapping of the SCADA network topology via traffic monitoring. By characterizing atomic network components in terms of their input-output topology and the relationship between their data traffic logs, we show that these modeling primitives have good compositional behaviour, which allows complex networks to be modeled. Finally, the predictions generated by our model are found to be in good agreement with experimentally obtained traffic.

The stewardship performance of forms of privatised water infrastructure

In this research Agency Theory and Stewardship Theory are used to analyse the relative performance of different forms of privitisation of water infrastructure and in doing so enriches understanding of previously underdeveloped aspects of both theories. The prior Agency Theory literature had established assumptions about the behaviour of principals and agents in contracts and these were found not to be correct in the context of contracts between modern government and private organisations. Agency theory was extended to include steward-like behaviour of an agent and Stewardship Theory was developed by the identification of factors within the contractual relationship which promote the sense of responsibility to the principal. The alliance, joint venture and Build Own Operate Transfer (BOOT) forms of privatisation were found to achieve stewardship of the infrastructure.

Real-time and interactive attacks on DNP3 critical infrastructure using Scapy

The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network.

Internet-wide scanning taxonomy and framework

Industrial control systems (ICS) have been moving from dedicated communications to switched and routed corporate networks, making it probable that these devices are being exposed to the Internet. Many ICS have been designed with poor or little security features, making them vulnerable to potential attack. Recently, several tools have been developed that can scan the internet, including ZMap, Masscan and Shodan. However, little in-depth analysis has been done to compare these Internet-wide scanning techniques, and few Internet-wide scans have been conducted targeting ICS and protocols. In this paper we present a Taxonomy of Internet-wide scanning with a comparison of three popular network scanning tools, and a framework for conducting Internet-wide scans.

BP-XACML: An authorisation policy language for business processes

XACML has become the defacto standard for enterprise- wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.

Modelling ciphersuite and version negotiation in the TLS protocol

Real-world cryptographic protocols such as the widely used Transport Layer Security (TLS) protocol support many different combinations of cryptographic algorithms (called ciphersuites) and simultaneously support different versions. Recent advances in provable security have shown that most modern TLS ciphersuites are secure authenticated and confidential channel establishment (ACCE) protocols, but these analyses generally focus on single ciphersuites in isolation. In this paper we extend the ACCE model to cover protocols with many different sub-protocols, capturing both multiple ciphersuites and multiple versions, and define a security notion for secure negotiation of the optimal sub-protocol. We give a generic theorem that shows how secure negotiation follows, with some additional conditions, from the authentication property of secure ACCE protocols. Using this framework, we analyse the security of ciphersuite and three variants of version negotiation in TLS, including a recently proposed mechanism for detecting fallback attacks.

Impulsivity-related cognition in alcohol dependence: Is it moderated by DRD2/ANKK1 gene status and executive dysfunction?

Perceived impaired control over alcohol use is a key cognitive construct in alcohol dependence that has been related prospectively to treatment outcome and may mediate the risk for problem drinking conveyed by impulsivity in non-dependent drinkers. The aim of the current study was to investigate whether perceived impaired control may mediate the association between impulsivity-related measures (derived from the Short-form Eysenck Personality Questionnaire-Revised) and alcohol-dependence severity in alcohol-dependent drinkers. Furthermore, the extent to which this hypothesized relationship was moderated by genetic risk (Taq1A polymorphism in the DRD2/ANKK1 gene cluster) and verbal fluency as an indicator of executive cognitive ability (Controlled Oral Word Association Test) was also examined. A sample of 143 alcohol-dependent inpatients provided an extensive clinical history of their alcohol use, gave 10ml of blood for DNA analysis, and completed self-report measures relating to impulsivity, impaired control and severity of dependence. As hypothesized, perceived impaired control (partially) mediated the association between impulsivity-related measures and alcohol-dependence severity. This relationship was not moderated by the DRD2/ANKK1 polymorphism or verbal fluency. These results suggest that, in alcohol dependence, perceived impaired control is a cognitive mediator of impulsivity-related constructs that may be unaffected by DRD2/ANKK1 and neurocognitive processes underlying the retrieval of verbal information

Security issues for future intelligent transport systems

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.

A large-scale analysis of genetic variants within putative miRNA binding sites in prostate cancer

Prostate cancer is the second most common malignancy among men worldwide. Genome-wide association studies have identified 100 risk variants for prostate cancer, which can explain approximately 33% of the familial risk of the disease. We hypothesized that a comprehensive analysis of genetic variations found within the 3' untranslated region of genes predicted to affect miRNA binding (miRSNP) can identify additional prostate cancer risk variants. We investigated the association between 2,169 miRSNPs and prostate cancer risk in a large-scale analysis of 22,301 cases and 22,320 controls of European ancestry from 23 participating studies. Twenty-two miRSNPs were associated (P<2.3×10(-5)) with risk of prostate cancer, 10 of which were within 7 genes previously not mapped by GWAS studies. Further, using miRNA mimics and reporter gene assays, we showed that miR-3162-5p has specific affinity for the KLK3 rs1058205 miRSNP T-allele, whereas miR-370 has greater affinity for the VAMP8 rs1010 miRSNP A-allele, validating their functional role. SIGNIFICANCE Findings from this large association study suggest that a focus on miRSNPs, including functional evaluation, can identify candidate risk loci below currently accepted statistical levels of genome-wide significance. Studies of miRNAs and their interactions with SNPs could provide further insights into the mechanisms of prostate cancer risk.

The Duet between the Author and the Translator: An Analysis of Style through Shifts in Literary Translation

The study proposes a method for identifying the personal imprint of literary translators in translated works of fiction. The initial assumption was that the style of a target text is not determined solely by the literary style of the author but also by features of its translator s idiolect. A method was developed for identifying the idiolectal features of individual translators, which were then used to describe personal translation styles. The method is not restricted to a particular language pair. To test the method and to establish the nature of the proposed personal imprint empirically, extracts from four English-language literary source texts (two novels by James Joyce and two by Ernest Hemingway) were first compared with their translations into Finnish (by four different translators) in order to identify changes, or shifts, that had taken place at the formal linguistic level in the translation process. To allow individual propensities to manifest themselves, only optional shifts in which the translators had a range of choices available to them were included in the study. In the second phase, extracts by different authors rendered into Finnish by the same translator were compared in order to gauge the extent of the potential impact of the author's style on the translator's work. In-depth analysis of the types of shifts made most frequently by the individual translators revealed further intersubjective differences, and the shifts were used to construct translation profiles for each of the translators. In order to determine the potential effects of frequently occurring shifts on the target text, some central concepts of narratology were adapted and used to establish an intermediate link between microlevel choices and macrolevel effects. In this way the propensity of an individual translator to opt for certain types of shift could be linked with the overall artistic effect of the target text.