Trade-off associated with selection for increased ability to resist parasitoid attack in Drosophila melanogaster

Costs of resistance are widely assumed to be important in the evolution of parasite and pathogen defence in animals, but they have been demonstrated experimentally on very few occasions. Endoparasitoids are insects whose larvae develop inside the bodies of other insects where they defend themselves from attack by their hosts' immune systems (especially cellular encapsulation). Working with Drosophila melanogaster and its endoparasitoid Leptopilina boulardi, we selected for increased resistance in four replicate populations of flies. The percentage of flies surviving attack increased from about 0.5% to between 40% and 50% in five generations, revealing substantial additive genetic variation in resistance in the field population from which our culture was established. In comparison with four control lines, flies from selected lines suffered from lower larval survival under conditions of moderate to severe intraspecific competition.

New dimensions in early flood warning across the globe using grand-ensemble weather predictions

Early and effective flood warning is essential to initiate timely measures to reduce loss of life and economic damage. The availability of several global ensemble weather prediction systems through the “THORPEX Interactive Grand Global Ensemble” (TIGGE) archive provides an opportunity to explore new dimensions in early flood forecasting and warning. TIGGE data has been used as meteorological input to the European Flood Alert System (EFAS) for a case study of a flood event in Romania in October 2007. Results illustrate that awareness for this case of flooding could have been raised as early as 8 days before the event and how the subsequent forecasts provide increasing insight into the range of possible flood conditions. This first assessment of one flood event illustrates the potential value of the TIGGE archive and the grand-ensembles approach to raise preparedness and thus to reduce the socio-economic impact of floods.

Towards anomaly detection for increased security in multibiometric systems: spoofing-resistant 1-median fusion eliminating outliers

Multibiometrics aims at improving biometric security in presence of spoofing attempts, but exposes a larger availability of points of attack. Standard fusion rules have been shown to be highly sensitive to spoofing attempts – even in case of a single fake instance only. This paper presents a novel spoofing-resistant fusion scheme proposing the detection and elimination of anomalous fusion input in an ensemble of evidence with liveness information. This approach aims at making multibiometric systems more resistant to presentation attacks by modeling the typical behaviour of human surveillance operators detecting anomalies as employed in many decision support systems. It is shown to improve security, while retaining the high accuracy level of standard fusion approaches on the latest Fingerprint Liveness Detection Competition (LivDet) 2013 dataset.

An attack signature model to computer security intrusion detection

Internal and external computer network attacks or security threats occur according to standards and follow a set of subsequent steps, allowing to establish profiles or patterns. This well-known behavior is the basis of signature analysis intrusion detection systems. This work presents a new attack signature model to be applied on network-based intrusion detection systems engines. The AISF (ACME! Intrusion Signature Format) model is built upon XML technology and works on intrusion signatures handling and analysis, from storage to manipulation. Using this new model, the process of storing and analyzing information about intrusion signatures for further use by an IDS become a less difficult and standardized process.

Ticagrelor Versus Clopidogrel in Patients With Acute Coronary Syndromes and a History of Stroke or Transient Ischemic Attack

Background-Patients with acute coronary syndromes and history of stroke or transient ischemic attack (TIA) have an increased rate of recurrent cardiac events and intracranial hemorrhages. Methods and Results-We evaluated treatment effects of ticagrelor versus clopidogrel in patients with acute coronary syndrome with and without a history of prior stroke or TIA in the PLATelet inhibition and patient Outcomes (PLATO) trial. Of the 18 624 randomized patients, 1152 (6.2%) had a history of stroke or TIA. Such patients had higher rates of myocardial infarction (11.5% versus 6.0%), death (10.5% versus 4.9%), stroke (3.4% versus 1.2%), and intracranial bleeding (0.8% versus 0.2%) than patients without prior stroke or TIA. Among patients with a history of stroke or TIA, the reduction of the primary composite outcome and total mortality at 1 year with ticagrelor versus clopidogrel was consistent with the overall trial results: 19.0% versus 20.8% (hazard ratio, 0.87; 95% confidence interval, 0.66-1.13; interaction P=0.84) and 7.9% versus 13.0% (hazard ratio, 0.62; 95% confidence interval, 0.42-0.91). The overall PLATO-defined bleeding rates were similar: 14.6% versus 14.9% (hazard ratio, 0.99; 95% confidence interval, 0.71-1.37), and intracranial bleeding occurred infrequently (4 versus 4 cases, respectively). Conclusions-Patients with acute coronary syndrome with a prior history of ischemic stroke or TIA had higher rates of clinical outcomes than patients without prior stroke or TIA. However, the efficacy and bleeding results of ticagrelor in these high-risk patients were consistent with the overall trial population, with a favorable clinical net benefit and associated impact on mortality.

Timing attack di Paul C. Kocher: attacco al sistema di sicurezza RSA mediante strumenti di statistica

In questa tesi ho voluto descrivere il Timing Attack al sistema crittografico RSA, il suo funzionamento, la teoria su cui si basa, i suoi punti di forza e i punti deboli. Questo particolare tipo di attacco informatico fu presentato per la prima volta da Paul C. Kocher nel 1996 all’“RSA Data Security and CRYPTO conferences”. Nel suo articolo “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems” l’autore svela una nuova possibile falla nel sistema RSA, che non dipende da debolezze del crittosistema puramente matematiche, ma da un aspetto su cui nessuno prima di allora si era mai soffermato: il tempo di esecuzione delle operazioni crittografiche. Il concetto è tanto semplice quanto geniale: ogni operazione in un computer ha una certa durata. Le variazioni dei tempi impiegati per svolgere le operazioni dal computer infatti, necessariamente dipendono dal tipo di algoritmo e quindi dalle chiavi private e dal particolare input che si è fornito. In questo modo, misurando le variazioni di tempo e usando solamente strumenti statistici, Kocher mostra che è possibile ottenere informazioni sull’implementazione del crittosistema e quindi forzare RSA e altri sistemi di sicurezza, senza neppure andare a toccare l’aspetto matematico dell’algoritmo. Di centrale importanza per questa teoria diventa quindi la statistica. Questo perché entrano in gioco molte variabili che possono influire sul tempo di calcolo nella fase di decifrazione: - La progettazione del sistema crittografico - Quanto impiega la CPU ad eseguire il processo - L’algoritmo utilizzato e il tipo di implementazione - La precisione delle misurazioni - Ecc. Per avere più possibilità di successo nell’attaccare il sistema occorre quindi fare prove ripetute utilizzando la stessa chiave e input differenti per effettuare analisi di correlazione statistica delle informazioni di temporizzazione, fino al punto di recuperare completamente la chiave privata. Ecco cosa asserisce Kocher: “Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext.”, cioè, contro sistemi vulnerabili, l’attacco è computazionalmente poco costoso e spesso richiede solo di conoscere testi cifrati e di ottenere i tempi necessari per la loro decifrazione.

Attacks on German public figures, 1968-2004: warning behaviors, potentially lethal and non-lethal acts, psychiatric status, and motivations

Fourteen non-terrorist attackers of public figures in Germany between 1968 and 2004 were intensively studied, with a particular focus on warning behaviors, attack behaviors, and the relationship between psychiatric diagnosis, symptoms, and motivations for the assault. A large proportion of the attackers were severely mentally ill, and most likely to be in the potentially lethal rather than the non-lethal group. A new typology of seven warning behaviors was applied to the data, and all were present, most frequently fixation and pathway warning behavior, and least frequently a direct threat. Psychiatric diagnosis could be closely linked to motivation when analyzed at the level of symptom and content of thought, often delusional. Most of the attacks were directed at political figures, and the majority occurred after 1995.

Distribution of quality adjusted life expectancy: A systems approach

Statistical methods are developed which assess survival data for two attributes; (1) prolongation of life, (2) quality of life. Health state transition probabilities correspond to prolongation of life and are modeled as a discrete-time semi-Markov process. Imbedded within the sojourn time of a particular health state are the quality of life transitions. They reflect events which differentiate perceptions of pain and suffering over a fixed time period. Quality of life transition probabilities are derived from the assumptions of a simple Markov process. These probabilities depend on the health state currently occupied and the next health state to which a transition is made. Utilizing the two forms of attributes the model has the capability to estimate the distribution of expected quality adjusted life years (in addition to the distribution of expected survival times). The expected quality of life can also be estimated within the health state sojourn time making more flexible the assessment of utility preferences. The methods are demonstrated on a subset of follow-up data from the Beta Blocker Heart Attack Trial (BHAT). This model contains the structure necessary to make inferences when assessing a general survival problem with a two dimensional outcome. ^

The role of secretion systems and small molecules in soft-rot enterobacteriaceae pathogenicity

Soft-rot Enterobacteriaceae (SRE), which belong to the genera Pectobacterium and Dickeya, consist mainly of broad host-range pathogens that cause wilt, rot, and blackleg diseases on a wide range of plants. They are found in plants, insects, soil, and water in agricultural regions worldwide. SRE encode all six known protein secretion systems present in gram-negative bacteria, and these systems are involved in attacking host plants and competing bacteria. They also produce and detect multiple types of small molecules to coordinate pathogenesis, modify the plant environment, attack competing microbes, and perhaps to attract insect vectors. This review integrates new information about the role protein secretion and detection and production of ions and small molecules play in soft-rot pathogenicity.

RECLAMO: virtual and collaborative honeynets based on trust management and autonomous systems applied to intrusion management

Security intrusions in large systems is a problem due to its lack of scalability with the current IDS-based approaches. This paper describes the RECLAMO project, where an architecture for an Automated Intrusion Response System (AIRS) is being proposed. This system will infer the most appropriate response for a given attack, taking into account the attack type, context information, and the trust and reputation of the reporting IDSs. RECLAMO is proposing a novel approach: diverting the attack to a specific honeynet that has been dynamically built based on the attack information. Among all components forming the RECLAMO's architecture, this paper is mainly focused on defining a trust and reputation management model, essential to recognize if IDSs are exposing an honest behavior in order to accept their alerts as true. Experimental results confirm that our model helps to encourage or discourage the launch of the automatic reaction process.

A fuzzy approach to risk analysis in information systems

Assets are interrelated in risk analysis methodologies for information systems promoted by international standards. This means that an attack on one asset can be propagated through the network and threaten an organization's most valuable assets. It is necessary to valuate all assets, the direct and indirect asset dependencies, as well as the probability of threats and the resulting asset degradation. These methodologies do not, however, consider uncertain valuations and use precise values on different scales, usually percentages. Linguistic terms are used by the experts to represent assets values, dependencies and frequency and asset degradation associated with possible threats. Computations are based on the trapezoidal fuzzy numbers associated with these linguistic terms.

Detecting false testimonies in reputation systems using self-organizing maps

It has been demonstrated that rating trust and reputation of individual nodes is an effective approach in distributed environments in order to improve security, support decision-making and promote node collaboration. Nevertheless, these systems are vulnerable to deliberate false or unfair testimonies. In one scenario, the attackers collude to give negative feedback on the victim in order to lower or destroy its reputation. This attack is known as bad mouthing attack. In another scenario, a number of entities agree to give positive feedback on an entity (often with adversarial intentions). This attack is known as ballot stuffing. Both attack types can significantly deteriorate the performances of the network. The existing solutions for coping with these attacks are mainly concentrated on prevention techniques. In this work, we propose a solution that detects and isolates the abovementioned attackers, impeding them in this way to further spread their malicious activity. The approach is based on detecting outliers using clustering, in this case self-organizing maps. An important advantage of this approach is that we have no restrictions on training data, and thus there is no need for any data pre-processing. Testing results demonstrate the capability of the approach in detecting both bad mouthing and ballot stuffing attack in various scenarios.

Determination of Maximum Mechanical Energy Efficiency in Energy Galloping Systems

Transverse galloping is a type of aeroelastic instability characterized by large amplitude, low frequency, normal to wind oscillations that appear in some elastic two-dimensional bluff bodies when subjected to a fluid flow, provided that the flow velocity exceeds a threshold critical value. Such an oscillatory motion is explained because of the energy transfer from the flow to the two-dimensional bluff body. The 7 amount of energy that can be extracted depends on the cross section of the galloping prism. Assuming that the Glauert-Den Hartog quasistatic criterion for galloping instability is satisfied in a first approximation, the suitability of a given cross section for energy harvesting is evaluated by analyzing the lateral aerodynamic force coefficient, fitting a function with a power series in tan a (a being the angle of attack) to 10 available experimental data. In this paper, a fairly large number of simple prisms (triangle, ellipse, biconvex, and rhombus cross sections, as well 11 as D-shaped bodies) is analyzed for suitability as energy harvesters. The influence of the fitting process in the energy harvesting efficiency evaluation is also demonstrated. The analysis shows that the more promising bodies are those with isosceles or approximate isosceles cross sections.

A Dynamically Adaptable Bus Architecture for Trading-Off Among Performance, Consumption and Dependability in Cyber-Physical Systems

Cyber-Physical Systems need to handle increasingly complex tasks, which additionally, may have variable operating conditions over time. Therefore, dynamic resource management to adapt the system to different needs is required. In this paper, a new bus-based architecture, called ARTICo3, which by means of Dynamic Partial Reconfiguration, allows the replication of hardware tasks to support module redundancy, multi-thread operation or dual-rail solutions for enhanced side-channel attack protection is presented. A configuration-aware data transaction unit permits data dispatching to more than one module in parallel, or provide coalesced data dispatching among different units to maximize the advantages of burst transactions. The selection of a given configuration is application independent but context-aware, which may be achieved by the combination of a multi-thread model similar to the CUDA kernel model specification, combined with a dynamic thread/task/kernel scheduler. A multi-kernel application for face recognition is used as an application example to show one scenario of the ARTICo3 architecture.