Massive Open Online Courses and sustainability

Massive Open Online Courses (MOOCs) have become very popular among learners millions of users from around the world registered with leading platforms. There are hundreds of universities (and other organizations) offering MOOCs. However, sustainability of MOOCs is a pressing concern as MOOCs incur up front creation costs, maintenance costs to keep content relevant and on-going support costs to provide facilitation while a course is being run. At present, charging a fee for certification (for example Coursera Signature Track and FutureLearn Statement of Completion) seems a popular business model. In this paper, the authors discuss other possible business models and their pros and cons. Some business models discussed here are: Freemium model – providing content freely but charging for premium services such as course support, tutoring and proctored exams. Sponsorships – courses can be created in collaboration with industry where industry sponsorships are used to cover the costs of course production and offering. For example Teaching Computing course was offered by the University of East Anglia on the FutureLearn platform with the sponsorship from British Telecom while the UK Government sponsored the course Introduction to Cyber Security offered by the Open University on FutureLearn. Initiatives and Grants – The government, EU commission or corporations could commission the creation of courses through grants and initiatives according to the skills gap identified for the economy. For example, the UK Government’s National Cyber Security Programme has supported a course on Cyber Security. Similar initiatives could also provide funding to support relevant course development and offering. Donations – Free software, Wikipedia and early OER initiatives such as the MIT OpenCourseware accept donations from the public and this could well be used as a business model where learners could contribute (if they wish) to the maintenance and facilitation of a course. Merchandise – selling merchandise could also bring revenue to MOOCs. As many participants do not seek formal recognition (European Commission, 2014) for their completion of a MOOC, merchandise that presents their achievement in a playful way could well be attractive for them. Sale of supplementary material –supplementary course material in the form of an online or physical book or similar could be sold with the revenue being reinvested in the course delivery. Selective advertising – courses could have advertisements relevant to learners Data sharing – though a controversial topic, sharing learner data with relevant employers or similar could be another revenue model for MOOCs. Follow on events – the courses could lead to follow on summer schools, courses or other real-life or online events that are paid-for in which case a percentage of the revenue could be passed on to the MOOC for its upkeep. Though these models are all possible ways of generating revenue for MOOCs, some are more controversial and sensitive than others. Nevertheless unless appropriate business models are identified the sustainability of MOOCs would be problematic.

Analisi e riprogettazione del processo di ict risk management: un caso applicativo in Telecom Italia

Questo lavoro di tesi muove da tematiche relative alla sicurezza IT e risulta dagli otto mesi di lavoro all’interno della funzione Technical Security di Telecom Italia Information Technology. Il compito primario di questa unità di business è ridurre il rischio informatico dei sistemi di Telecom Italia per mezzo dell’attuazione del processo di ICT Risk Management, che coinvolge l’intera organizzazione ed è stato oggetto di una riprogettazione nel corso del 2012. Per estendere tale processo a tutti i sistemi informatici, nello specifico a quelli caratterizzati da non conformità, all’inizio del 2013 è stato avviato il Programma Strutturato di Sicurezza, un aggregato di quattro progetti dalla durata triennale particolarmente articolato e complesso. La pianificazione di tale Programma ha visto coinvolto, tra gli altri, il team di cui ho fatto parte, che ha collaborato con Telecom Italia assolvendo alcune delle funzioni di supporto tipiche dei Project Management Office (PMO).

Autonomous classification models in ubiquitous environments

Stream-mining approach is defined as a set of cutting-edge techniques designed to process streams of data in real time, in order to extract knowledge. In the particular case of classification, stream-mining has to adapt its behaviour to the volatile underlying data distributions, what has been called concept drift. Moreover, it is important to note that concept drift may lead to situations where predictive models become invalid and have therefore to be updated to represent the actual concepts that data poses. In this context, there is a specific type of concept drift, known as recurrent concept drift, where the concepts represented by data have already appeared in the past. In those cases the learning process could be saved or at least minimized by applying a previously trained model. This could be extremely useful in ubiquitous environments that are characterized by the existence of resource constrained devices. To deal with the aforementioned scenario, meta-models can be used in the process of enhancing the drift detection mechanisms used by data stream algorithms, by representing and predicting when the change will occur. There are some real-world situations where a concept reappears, as in the case of intrusion detection systems (IDS), where the same incidents or an adaptation of them usually reappear over time. In these environments the early prediction of drift by means of a better knowledge of past models can help to anticipate to the change, thus improving efficiency of the model regarding the training instances needed. By means of using meta-models as a recurrent drift detection mechanism, the ability to share concepts representations among different data mining processes is open. That kind of exchanges could improve the accuracy of the resultant local model as such model may benefit from patterns similar to the local concept that were observed in other scenarios, but not yet locally. This would also improve the efficiency of training instances used during the classification process, as long as the exchange of models would aid in the application of already trained recurrent models, that have been previously seen by any of the collaborative devices. Which it is to say that the scope of recurrence detection and representation is broaden. In fact the detection, representation and exchange of concept drift patterns would be extremely useful for the law enforcement activities fighting against cyber crime. Being the information exchange one of the main pillars of cooperation, national units would benefit from the experience and knowledge gained by third parties. Moreover, in the specific scope of critical infrastructures protection it is crucial to count with information exchange mechanisms, both from a strategical and technical scope. The exchange of concept drift detection schemes in cyber security environments would aid in the process of preventing, detecting and effectively responding to threads in cyber space. Furthermore, as a complement of meta-models, a mechanism to assess the similarity between classification models is also needed when dealing with recurrent concepts. In this context, when reusing a previously trained model a rough comparison between concepts is usually made, applying boolean logic. The introduction of fuzzy logic comparisons between models could lead to a better efficient reuse of previously seen concepts, by applying not just equal models, but also similar ones. This work faces the aforementioned open issues by means of: the MMPRec system, that integrates a meta-model mechanism and a fuzzy similarity function; a collaborative environment to share meta-models between different devices; a recurrent drift generator that allows to test the usefulness of recurrent drift systems, as it is the case of MMPRec. Moreover, this thesis presents an experimental validation of the proposed contributions using synthetic and real datasets.

Contribuições para a implementação de um barramento de processo segundo a norma IEC 61850-9.

Desde seu lançamento, em 2002, a Norma IEC 61850 vem evoluindo para se tornar o padrão adotado nos Sistemas de Automação de Subestações. Dentre seus vários aspectos, destacam- se os serviços de tempo real, que permitem a implementação de funções de automação e de proteção dentro da subestação através da troca de mensagens específicas entre Dispositivos Eletrônicos Inteligentes através de um barramento digital de rede de dados. O objetivo central deste trabalho é explorar algumas das questões que envolvem a implementação de uma classe de serviços de tempo real: a transmissão de valores amostrados através de Serviços SMV, definidos pela Norma IEC 61850-9. Primeiramente, apresenta-se um breve resumo das principais características da Norma IEC 61850 que possibilitam o atendimento dos três requisitos por ela estabelecidos como base: a interoperabilidade entre dispositivos de diferentes fabricantes, a versatilidade na configuração e reconfiguração do Sistema de Automação da Subestação, e a possibilidade de implementação de novas tecnologias. Em seguida, explora-se com maior profundidade todos os aspectos relevantes à implementação dos Serviços SMV. Devido à complexidade deste assunto, o autor propõe abordá-lo sob a ótica de cinco tópicos interdependentes: variações da Norma IEC 61850-9, confiabilidade do barramento de processo, sincronismo de tempo, análise da qualidade da medição e segurança cibernética. Com base nos resultados apresentados neste estudo, propõem-se duas plataformas, um protótipo de Transformador de Potencial Óptico e um protótipo de Relé de Proteção Diferencial para transformadores de potência, com o objetivo de explorar alguns dos aspectos pertinentes à implementação de um barramento de processo de acordo com a Norma IEC 61850-9. Também foram realizados testes de geração e transmissão de mensagens contendo valores de amostras de tensão/corrente do sistema elétrico (denominadas de SV Messages) com a finalidade de implementá-las de fato e avaliar as ferramentas de mercado disponíveis. Por fim foi proposto um modelo para a simulação do sistema de potência em conjunto com a rede de comunicação utilizando o programa Matlab/Simulink. O autor espera que este trabalho contribua para esclarecer os vários conceitos envolvidos na implementação do barramento de processo definido pela Norma IEC 61850-9, auxiliando na pesquisa e no desenvolvimento de novas ferramentas e dispositivos, e no aprimoramento da Norma IEC 61850.

La contribution des dynamiques internationales formelles au renforcement de la cybersécurité canadienne

La cybersécurité représente un enjeu important pour les services en charge de la sécurité canadienne à l’ère de l’expansion des Menaces Persistantes Avancées (MSP ou cybercrimes de type 1). Ces crimes se déroulent essentiellement dans le cyberespace, ce qui implique l’adoption de mesures spécifiques adéquates à l’environnement numérique, notamment à l’épreuve de son ubiquité. Le gouvernement canadien a pour sa part publié certaines mesures de défense passive et active dont la plus connue est la stratégie canadienne de cybersécurité. Puisque le cyberespace n’est pas limité territorialement, l’autorité canadienne a conclu plusieurs partenariats internationaux d’où ressortent des mesures bilatérales et multilatérales de protection et de renforcement de la cybersécurité. Toutefois, ces diverses mesures nationales et internationales ne tracent pas de cadre légal précisant la nature et le régime juridique des MSP; précisions sans lesquelles l’adoption de règles au plan national serait improductive. Considérant que l’espace numérique est international, il appelle la mise en place de mesures applicables à l’échelle universelle. Or, au plan international, il n’existe aucun texte à valeur légale spécifique à l’espèce. Ainsi, à la question de savoir, quels textes légaux pourraient s’appliquer, il s’est avéré que le jus ad bellum et la Convention européenne contre le cybercrime (Convention de Budapest) apportaient d’incontournables éléments de réponse. D’une part, le jus ad bellum permet de définir la catégorie d’acte dans laquelle peuvent être rangées les MSP, et d’autre part, la Convention de Budapest permet de définir les infractions informatiques commises par les différents acteurs en cause, les procédures d’investigation appropriées et les mécanismes utiles à la coopération internationale. Bien que les éléments ressortis de ces ententes internationales soient utiles à l’adoption d’un corps de règles internationales uniformes, les intérêts étatiques divergents constituent des obstacles de taille.

La contribution des dynamiques internationales formelles au renforcement de la cybersécurité canadienne.

La cybersécurité représente un enjeu important pour les services en charge de la sécurité canadienne à l’ère de l’expansion des Menaces Persistantes Avancées (MSP ou cybercrimes de type 1). Ces crimes se déroulent essentiellement dans le cyberespace, ce qui implique l’adoption de mesures spécifiques adéquates à l’environnement numérique, notamment à l’épreuve de son ubiquité. Le gouvernement canadien a pour sa part publié certaines mesures de défense passive et active dont la plus connue est la stratégie canadienne de cybersécurité. Puisque le cyberespace n’est pas limité territorialement, l’autorité canadienne a conclu plusieurs partenariats internationaux d’où ressortent des mesures bilatérales et multilatérales de protection et de renforcement de la cybersécurité. Toutefois, ces diverses mesures nationales et internationales ne tracent pas de cadre légal précisant la nature et le régime juridique des MSP; précisions sans lesquelles l’adoption de règles au plan national serait improductive. Considérant que l’espace numérique est international, il appelle la mise en place de mesures applicables à l’échelle universelle. Or, au plan international, il n’existe aucun texte à valeur légale spécifique à l’espèce. Ainsi, à la question de savoir, quels textes légaux pourraient s’appliquer, il s’est avéré que le jus ad bellum et la Convention européenne contre le cybercrime (Convention de Budapest) apportaient d’incontournables éléments de réponse. D’une part, le jus ad bellum permet de définir la catégorie d’acte dans laquelle peuvent être rangées les MSP, et d’autre part, la Convention de Budapest permet de définir les infractions informatiques commises par les différents acteurs en cause, les procédures d’investigation appropriées et les mécanismes utiles à la coopération internationale. Bien que les éléments ressortis de ces ententes internationales soient utiles à l’adoption d’un corps de règles internationales uniformes, les intérêts étatiques divergents constituent des obstacles de taille.

The uncertainty of identity toolset:analysing digital traces for user profiling

People manage a spectrum of identities in cyber domains. Profiling individuals and assigning them to distinct groups or classes have potential applications in targeted services, online fraud detection, extensive social sorting, and cyber-security. This paper presents the Uncertainty of Identity Toolset, a framework for the identification and profiling of users from their social media accounts and e-mail addresses. More specifically, in this paper we discuss the design and implementation of two tools of the framework. The Twitter Geographic Profiler tool builds a map of the ethno-cultural communities of a person's friends on Twitter social media service. The E-mail Address Profiler tool identifies the probable identities of individuals from their e-mail addresses and maps their geographical distribution across the UK. To this end, this paper presents a framework for profiling the digital traces of individuals.

Progettazione e prototipazione di un sistema di Data Stream Processing basato su Apache Storm

Con l’avvento di Internet, il numero di utenti con un effettivo accesso alla rete e la possibilità di condividere informazioni con tutto il mondo è, negli anni, in continua crescita. Con l’introduzione dei social media, in aggiunta, gli utenti sono portati a trasferire sul web una grande quantità di informazioni personali mettendoli a disposizione delle varie aziende. Inoltre, il mondo dell’Internet Of Things, grazie al quale i sensori e le macchine risultano essere agenti sulla rete, permette di avere, per ogni utente, un numero maggiore di dispositivi, direttamente collegati tra loro e alla rete globale. Proporzionalmente a questi fattori anche la mole di dati che vengono generati e immagazzinati sta aumentando in maniera vertiginosa dando luogo alla nascita di un nuovo concetto: i Big Data. Nasce, di conseguenza, la necessità di far ricorso a nuovi strumenti che possano sfruttare la potenza di calcolo oggi offerta dalle architetture più complesse che comprendono, sotto un unico sistema, un insieme di host utili per l’analisi. A tal merito, una quantità di dati così vasta, routine se si parla di Big Data, aggiunta ad una velocità di trasmissione e trasferimento altrettanto alta, rende la memorizzazione dei dati malagevole, tanto meno se le tecniche di storage risultano essere i tradizionali DBMS. Una soluzione relazionale classica, infatti, permetterebbe di processare dati solo su richiesta, producendo ritardi, significative latenze e inevitabile perdita di frazioni di dataset. Occorre, perciò, far ricorso a nuove tecnologie e strumenti consoni a esigenze diverse dalla classica analisi batch. In particolare, è stato preso in considerazione, come argomento di questa tesi, il Data Stream Processing progettando e prototipando un sistema bastato su Apache Storm scegliendo, come campo di applicazione, la cyber security.

La Ciberseguridad como factor crítico en la Seguridad de la Unión Europea

El ciberespacio es un escenario de conflicto altamente complejo al estar en constante evolución. Ni la Unión Europea ni ningún otro actor del sistema internacional se encuentra a salvo de las amenazas procedentes del ciberespacio. Pero los pasos dados desde la UE en el mundo de la ciberseguridad no son en absoluto suficientes. Europa necesita que su Estrategia de ciberseguridad sea realmente capaz de integrar a las diferentes Estrategias nacionales. Es urgente una mayor determinación, unos mayores recursos y unos mejores instrumentos que permitan a la Unión implementar una gestión de crisis y una prevención de ciberconflictos verdaderamente eficaz.

Threat Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and Monitoring in Smart Grid

The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.