PRECYSE: Cyber-attack Detection and Response for Industrial Control Systems

In this short paper, we present an integrated approach to detecting and mitigating cyber-attacks to modern interconnected industrial control systems. One of the primary goals of this approach is that it is cost effective, and thus whenever possible it builds on open-source security technologies and open standards, which are complemented with novel security solutions that address the specific challenges of securing critical infrastructures.

The effect of probe interval estimation on attack detection performance of a WLAN independent intrusion detection system

A new niche of densely populated, unprotected networks is becoming more prevalent in public areas such as Shopping Malls, defined here as independent open-access networks, which have attributes that make attack detection more challenging than in typical enterprise networks. To address these challenges, new detection systems which do not rely on knowledge of internal device state are investigated here. This paper shows that this lack of state information requires an additional metric (The exchange timeout window) for detection of WLAN Denial of Service Probe Flood attacks. Variability in this metric has a significant influence on the ability of a detection system to reliably detect the presence of attacks. A parameter selection method is proposed which is shown to provide reliability and repeatability in attack detection in WLANs. Results obtained from ongoing live trials are presented that demonstrate the importance of accurately estimating probe request and probe response timeouts in future Independent Intrusion Detection Systems.

Mechanism of effluent attack on Portland cement and alkali activated mortars

The alkali activation of waste products has become a widespread topic of research, mainly due to environmental benefits. Portland cement and alkali-activated mortar samples were prepared to compare their resistance to silage effluent which contains lactic acid. The mechanism of attack on each sample has also been investigated.

Neural Network Based Attack on a Masked Implementation of AES

Masked implementations of cryptographic algorithms are often used in commercial embedded cryptographic devices to increase their resistance to side channel attacks. In this work we show how neural networks can be used to both identify the mask value, and to subsequently identify the secret key value with a single attack trace with high probability. We propose the use of a pre-processing step using principal component analysis (PCA) to significantly increase the success of the attack. We have developed a classifier that can correctly identify the mask for each trace, hence removing the security provided by that mask and reducing the attack to being equivalent to an attack against an unprotected implementation. The attack is performed on the freely available differential power analysis (DPA) contest data set to allow our work to be easily reproducible. We show that neural networks allow for a robust and efficient classification in the context of side-channel attacks.

Modelling Duqu 2.0 Malware using Attack Trees with Sequential Conjunction

In this paper we identify requirements for choosing a threat modelling formalisation for modelling sophisticated malware such as Duqu 2.0. We discuss the gaps in current formalisations and propose the use of Attack Trees with Sequential Conjunction when it comes to analysing complex attacks. The paper models Duqu 2.0 based on the latest information sourced from formal and informal sources. This paper provides a well structured model which can be used for future analysis of Duqu 2.0 and related attacks.

Power Spectral Density Side-Channel Attack Overlapping Window Method

Cryptographic algorithms have been designed to be computationally secure, however it has been shown that when they are implemented in hardware, that these devices leak side channel information that can be used to mount an attack that recovers the secret encryption key. In this paper an overlapping window power spectral density (PSD) side channel attack, targeting an FPGA device running the Advanced Encryption Standard is proposed. This improves upon previous research into PSD attacks by reducing the amount of pre-processing (effort) required. It is shown that the proposed overlapping window method requires less processing effort than that of using a sliding window approach, whilst overcoming the issues of sampling boundaries. The method is shown to be effective for both aligned and misaligned data sets and is therefore recommended as an improved approach in comparison with existing time domain based correlation attacks.

Variable Window Power Spectral Density Attack

Side channel attacks permit the recovery of the secret key held within a cryptographic device. This paper presents a new EM attack in the frequency domain, using a power spectral density analysis that permits the use of variable spectral window widths for each trace of the data set and demonstrates how this attack can therefore overcome both inter-and intra-round random insertion type countermeasures. We also propose a novel re-alignment method exploiting the minimal power markers exhibited by electromagnetic emanations. The technique can be used for the extraction and re-alignment of round data in the time domain.

Lines in class The ongoing attack on mass education in England

Andrew McGettigan’s analysis of the financial transformations of higher education (‘Who Let the Dogs Out? The Privatization of Higher Education’, RP 174)is important for comprehending the complexity of the changes universities are undergoing and their implications. As he argues, ‘it is mass higher education in England’ that is now under attack and adequately responding to this requires the development of new habits and new forms of thought. It is also necessary to contextualize this attack in relation to comparable changes occurring in other educational sectors in England, not least because it is through control of the points of intersection between primary, secondary, and tertiary education that the government’s political intent is being most effectively realized. An analysis of these changes reveals the broader nature of the attack on the idea and practice of mass education itself.

The New Instantaneity: How Social Media are Helping us Privilege the (Politically) Correct over the True

The recent sacking of the eminent scientist Tim Hunt from one of the UK’s leading research institutions is only the latest in a series of cases where public individuals have been derided for comments made in jest on social media, with serious consequences for their professional and personal lives. This article discusses the case of Tim Hunt as an example of the extent to which the privileging of the correct over the true which has long pervaded media discourse is taken to the extreme by the instant-response culture of social media. It points to the emergence of a new form of instantaneity enabled by these networked forms of communication that serves to reinforce systemic inaction rather than the change widely associated with these technologies. It draws on philosophy and Critical Theory as useful conceptual frameworks for highlighting the ways in which Twitter & co. increasingly call us to action but crowd out thought, thereby passing over opportunities for real social change.

Escalation of conflict in FMCG industry: A negotiation case

This work project develops a case-study to be used in Negotiation courses, both in Masters programs and in executive education workshops. The case-study is based on a real-life negotiating situation in Belgium between Unilever, the second largest Fast Moving Consumer Goods (FMCG) company in the world, and Delhaize, one of the most important Belgium’s retailers, with a significant international presence. We also present an analysis of the negotiation based on relevant literature. First, a brief literature review is presented about how to deal with multiple-issue negotiations and how to deal with processes of escalation of conflict. These concepts are then applied to the analysis of the case-study.

PFO closure vs. medical therapy in cryptogenic stroke or transient ischemic attack: A systematic review and meta-analysis.

BACKGROUND/OBJECTIVES: This study aims to assess whether patent foramen ovale (PFO) closure is superior to medical therapy in preventing recurrence of cryptogenic ischemic stroke or transient ischemic attack (TIA). METHODS: We searched PubMed for randomized trials which compared PFO closure with medical therapy in cryptogenic stroke/TIA using the items: "stroke or cerebrovascular accident or TIA" and "patent foramen ovale or paradoxical embolism" and "trial or study". RESULTS: Among 650 potentially eligible articles, 3 were included including 2303 patients. There was no statistically significant difference between PFO-closure and medical therapy in ischemic stroke recurrence (1.91% vs. 2.94% respectively, OR: 0.64, 95%CI: 0.37-1.10), TIA (2.08% vs. 2.42% respectively, OR: 0.87, 95%CI: 0.50-1.51) and death (0.60% vs. 0.86% respectively, OR: 0.71, 95%CI: 0.28-1.82). In subgroup analysis, there was significant reduction of ischemic strokes in the AMPLATZER PFO Occluder arm vs. medical therapy (1.4% vs. 3.04% respectively, OR: 0.46, 95%CI: 0.21-0.98, relative-risk-reduction: 53.2%, absolute-risk-reduction: 1.6%, number-needed-to-treat: 61.8) but not in the STARFlex device (2.7% vs. 2.8% with medical therapy, OR: 0.93, 95%CI: 0.45-2.11). Compared to medical therapy, the number of patients with new-onset atrial fibrillation (AF) was similar in the AMPLATZER PFO Occluder arm (0.72% vs. 1.28% respectively, OR: 1.81, 95%CI: 0.60-5.42) but higher in the STARFlex device (0.64% vs. 5.14% respectively, OR: 8.30, 95%CI: 2.47-27.84). CONCLUSIONS: This meta-analysis does not support PFO closure for secondary prevention with unselected devices in cryptogenic stroke/TIA. In subgroup analysis, selected closure devices may be superior to medical therapy without increasing the risk of new-onset AF, however. This observation should be confirmed in further trials using inclusion criteria for patients with high likelihood of PFO-related stroke recurrence.