Detecting collusive fraud in enterprise resource planning systems

In today's technological age, fraud has become more complicated, and increasingly more difficult to detect, especially when it is collusive in nature. Different fraud surveys showed that the median loss from collusive fraud is much greater than fraud perpetrated by a single person. Despite its prevalence and potentially devastating effects, collusion is commonly overlooked as an organizational risk. Internal auditors often fail to proactively consider collusion in their fraud assessment and detection efforts. In this paper, we consider fraud scenarios with collusion. We present six potentially collusive fraudulent behaviors and show their detection process in an ERP system. We have enhanced our fraud detection framework to utilize aggregation of different sources of logs in order to detect communication and have further enhanced it to render it system-agnostic thus achieving portability and making it generally applicable to all ERP systems.

Minority activism : trends informing political participation across Australian communities

In the late 1990’s, intense and vigorous debate surrounded the impact of minority communities on Australia’s mainstream society. The rise of far-right populism took the stage with the introduction to the political landscape of Pauline Hanson and her One Nation party, whilst John Howard’s Liberal-National Coalition Government took the fore on debate over immigration issues corresponding with an influx of irregular arrivals. In 2001, following the September 11 terrorist attacks in the United States of America and subsequent attacks on western targets globally, many of these issues continued to be debated through the security posturing that followed. In recent years, much effort has been afforded to countering the threat of terrorism from home grown assailants. The Government has introduced stringent legislative responses whilst researchers have studied social movements and trends within Australian communities, particularly with respect to minorities. In 2008, the Scanlon Foundation, in association with Monash University and various government entities, released its findings into its survey approach to mapping social cohesion in Australia. It identified a number of spheres of exploration which it believed were essential to measuring cohesiveness of Australian communities generally including, economic, political and socio-cultural factors (Markus and Dharmalingam, 2008). This doctoral project report will explore the political sphere as identified in the Mapping Social Cohesion project and apply it to identified minority ethnic communities. The Scanlon Foundation project identified political participation as one of a number of true indicators of social cohesion. This project acknowledges that democracy in Australia is represented predominantly by two political entities representing a vast majority of constituents under a compulsory voting regime. This essay will identify the levels of political activism achieved by minority ethnic communities and access to democratic participation within the Australian political structure. It will define a ten year period from 1999 to 2009, identifying trends and issues within minority communities that have proactively and reactively promoted engagement in achieving a political voice, framed within a mainstream-dominated political system. It will research social movements and other influential factors over that period to enrich existing knowledge in relation to political participation rates across Australian communities.

An integrated approach to cryptographic mitigation of denial-of-service attacks

Gradual authentication is a principle proposed by Meadows as a way to tackle denial-of-service attacks on network protocols by gradually increasing the confidence in clients before the server commits resources. In this paper, we propose an efficient method that allows a defending server to authenticate its clients gradually with the help of some fast-to-verify measures. Our method integrates hash-based client puzzles along with a special class of digital signatures supporting fast verification. Our hash-based client puzzle provides finer granularity of difficulty and is proven secure in the puzzle difficulty model of Chen et al. (2009). We integrate this with the fast-verification digital signature scheme proposed by Bernstein (2000, 2008). These schemes can be up to 20 times faster for client authentication compared to RSA-based schemes. Our experimental results show that, in the Secure Sockets Layer (SSL) protocol, fast verification digital signatures can provide a 7% increase in connections per second compared to RSA signatures, and our integration of client puzzles with client authentication imposes no performance penalty on the server since puzzle verification is a part of signature verification.

Fast content-based file type identification

Digital forensic examiners often need to identify the type of a file or file fragment based only on the content of the file. Content-based file type identification schemes typically use a byte frequency distribution with statistical machine learning to classify file types. Most algorithms analyze the entire file content to obtain the byte frequency distribution, a technique that is inefficient and time consuming. This paper proposes two techniques for reducing the classification time. The first technique selects a subset of features based on the frequency of occurrence. The second speeds classification by sampling several blocks from the file. Experimental results demonstrate that up to a fifteen-fold reduction in file size analysis time can be achieved with limited impact on accuracy.

The Canadian ‘Model Forest’ approach : a way forward for Tasmania?

Forest policy and forestry management in Tasmania have undergone a number of changes in the last thirty years, many explicitly aimed at improving industry sustainability, job security, and forest biodiversity conservation. Yet forestry remains a contentious issue in Tasmania, due to a number of interacting factors, most significant of which is the prevalence of a ‘command and control’ governance approach by policymakers and managers. New approaches such as multiple-stakeholder decision-making, adaptive management, and direct public participation in policymaking are needed. Such an approach has been attempted in Canada in the last decade, through the Canadian Model Forest Program, and may be suitable for Tasmania. This paper seeks to describe what the Canadian Model Forest approach is, how it may be implemented in Tasmania, and what role it may play in the shift to a new forestry paradigm. Until such a paradigm shift occurs contentions and confrontations are likely to continue.

A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

Information security management : a case study of an information security culture

This thesis argues that in order to establish a sound information security culture it is necessary to look at organisation's information security systems in a socio- technical context. The motivation for this research stems from the continuing concern of ineffective information security in organisations, leading to potentially significant monetary losses. It is important to address both technical and non- technical aspects when dealing with information security management. Culture has been identified as an underlying determinant of individuals' behaviour and this extends to information security culture, particularly in developing countries. This research investigates information security culture in the Saudi Arabia context. The theoretical foundation for the study is based on organisational and national culture theories. A conceptual framework for this study was constructed based on Peterson and Smith's (1997) model of national culture. This framework guides the study of national, organisational and technological values and their relationships to the development of information security culture. Further, the study seeks to better understand how these values might affect the development and deployment of an organisation's information security culture. Drawing on evidence from three exploratory case studies, an emergent conceptual framework was developed from the traditional human behaviour and the social environment perspectives used in social work, This framework contributes to in- formation security management by identifying behaviours related to four modes of information security practice. These modes provide a sound basis that can be used to evaluate individual organisational members' behaviour and the adequacy of ex- isting security measures. The results confirm the plausibility of the four modes of practice. Furthermore, a final framework was developed by integrating the four modes framework into the research framework. The outcomes of the three case stud- ies demonstrate that some of the national, organisational and technological values have clear impacts on the development and deployment of organisations' informa- tion security culture. This research, by providing an understanding the in uence of national, organi- sational and technological values on individuals' information security behaviour, contributes to building a theory of information security culture development within an organisational context. The research reports on the development of an inte- grated information security culture model that highlights recommendations for developing an information security culture. The research framework, introduced by this research, is put forward as a robust starting point for further related work in this area.

Security analysis and enhancement of one-way hash based low-cost authentication protocol (OHLCAP)

Choi et al. recently proposed an efficient RFID authentication protocol for a ubiquitous computing environment, OHLCAP(One-Way Hash based Low-Cost Authentication Protocol). However, this paper reveals that the protocol has several security weaknesses : 1) traceability based on the leakage of counter information, 2) vulnerability to an impersonation attack by maliciously updating a random number, and 3) traceability based on a physically-attacked tag. Finally, a security enhanced group-based authentication protocol is presented.

Self-defence against terrorism in the post 9/11 world

In 1986 the then United States Secretary of State George Shultz asserted that: It is absurd to argue that international law prohibits us from capturing terrorists in international waters or airspace; from attacking them on the soil of other nations, even for the purpose of rescuing hostages; or from using force against states that support, train and harbor terrorists or guerrillas. At that time the United States’ claim of a right to use military force in self-defence against terrorism2 received little support from other states.3 The predominant view then was that terrorist attacks committed by private or non-state actors were a form of criminal activity to be combated through domestic and international criminal justice mechanisms. The notion that such terrorist acts should be treated as ‘armed attacks’ triggering a victim state’s right of self-defence was not accepted by the majority of states. To suggest, as Shultz had done, that a state not directly responsible for terrorist acts could have its territorial integrity violated by military action targeting terrorists located within that state, was a controversial proposition in 1986. However, some fifteen years later, when the United States and a coalition of allies launched a military campaign in Afghanistan following the 11 September 2001 (hereafter ‘9/11’) terrorist attacks, there was virtually unanimous international support for the use of force.

Automated proofs for Diffie–Hellman–based key exchanges

We present an automated verification method for security of Diffie–Hellman–based key exchange protocols. The method includes a Hoare-style logic and syntactic checking. The method is applied to protocols in a simplified version of the Bellare–Rogaway–Pointcheval model (2000). The security of the protocol in the complete model can be established automatically by a modular proof technique of Kudla and Paterson (2005).