Protecting information systems from DDoS attack using multicore methodology

Previous work, in the area of defense systems has focused on developing a firewall like structure, in order to protect applications from attacks. The major drawback for implementing security in general, is that it affects the performance of the application they are trying to protect. In fact, most developers avoid implementing security at all. With the coming of new multicore systems, we might at last be able to minimize the performance issues that security places on applications. In our bodyguard framework we propose a new kind of defense that acts alongside, not in front, of applications. This means that performance issues that effect system applications are kept to a minimum, but at the same time still provide high grade security. Our experimental results demonstrate that a ten to fifteen percent speedup in performance is possible, with the potential of greater speedup.

Can the ABCD Score be dichotomised to identify high−risk patients with trainsient ischaemic attack in the emergency department?

Background: Recent evidence shows a substantial short-term risk of ischaemic stroke after transient ischaemic attack (TIA). Identification of patients with TIA with a high short-term risk of stroke is now possible through the use of the “ABCD Score”, which considers age, blood pressure, clinical features and duration of symptoms predictive of stroke.

Aim: To evaluate the ability of dichotomising the ABCD Score to predict stroke at 7 and 90 days in a population with TIA presenting to an emergency department.

Methods: A retrospective audit was conducted on all probable or definite TIAs presenting to the emergency department of a metropolitan hospital from July to December 2004. The ABCD Score was applied to 98 consecutive patients with TIA who were reviewed for subsequent strokes within 90 days. Patients obtaining an ABCD Score ≥5 were considered to be at high risk for stroke.

Results: Dichotomising the ABCD Score categorised 48 (49%) patients with TIA at high risk for stroke (ABCD Score ≥5). This high-risk group contained all four strokes that occurred within 7 days (sensitivity 100% (95% confidence interval (CI) 40% to 100%), specificity 53% (95% CI 43% to 63%), positive predictive value 8% (95% CI 3% to 21%) and negative predictive value 100% (95% CI 91% to 100%)), and six of seven occurring within 90 days (sensitivity 86% (95% CI 42% to 99%), specificity 54% (95% CI 43% to 64%), positive predictive value 12.5% (95% CI 5% to 26%) and negative predictive value 98% (95% CI 88% to 100%)). Removal of the “age” item from the ABCD Score halved the number of false-positive cases without changing its predictive value for stroke.

Conclusion: In this retrospective analysis, dichotomising the ABCD Score was overinclusive but highly predictive in identifying patients with TIA at a high short-term risk of stroke. Use of the ABCD Score in the emergency care of patients with TIA is simple, efficient and provides a unique opportunity to prevent stroke in this population of patients.

Abscisic acid regulation of plant defence responses during pathogen attack

The plant hormone, abscisic acid (ABA), has previously been shown to have an impact on the resistance or susceptibility of plants to pathogens. In this thesis, it was shown that ABA had a regulatory effect on an extensive array of plant defence responses in three different plant and pathogen interaction combinations as well as following the application of an abiotic elicitor. In unique studies using ABA deficient mutants of Arabidopsis, exogenous ABA addition or ABA biosynthesis inhibitor application and simulated drought stress, ABA was shown to have a profound effect on the outcome of interactions between plants and pathogens of differing lifestyles and from different kingdoms. The systems used included a model plant and an important agricultural species: Arabidopsis thaliana (Arabidopsis) and Peronospora parasitica (a biotrophic Oomycete pathogen), Arabidopsis and Pseudomonas syringae pathovar tomato (a biotrophic bacterial pathogen) and an unrelated plant species, soybean (Glycine max) and Phytophthora sojae (a hemibiotrophic Oomycete pathogen), Generally, a higher than basal endogenous ABA concentration within plant tissues at the time of avirulent pathogen inoculation, caused an interaction shift towards what phenotypically resembled susceptibility. Conversely, a lower than basal endogenous ABA concentration in plants inoculated with a virulent pathogen caused a shift towards resistance. An extensive suppressive effect of ABA on defence responses was revealed by a range of techniques that included histochemical, biochemical and molecular approaches. A universal effect of ABA on suppression or induction of the phenylpropanoid pathway via regulation of the key entry point gene, phenylalanine ammonia-lyase (PAL), when stimulated by biotic or abiotic elicitors was shown. ABA also influenced a wide variety of other defence-related components such as: the development of a hypersensitive response (HR), the accumulation of the reactive oxyden species, hydrogen peroxide and the cell wall strengthening compounds lignin and callose, accumulation of SA and the phytoalexin, glyceollin and the transcription of the SA-dependent pathogenesis- related gene (PR-1). The near genome-wide microarray gene expression analysis of an ABA induced susceptible interaction also revealed an yet unprecedented insight into the great diversity of defence responses that were influenced by ABA that included: disease resistance like proteins, antimicrobial proteins as well as phenylpropanoid and tryptophan pathway enzymes. Subtle differences were found in the number and type of defence responses that were regulated by ABA in each type of plant and pathogen interaction that was studied. This thesis has clearly identified in plant/pathogen interactions previously unknown and important roles for ABA in the regulation of many defence responses.

Predicting the resistance of fired clay bricks to salt attack

The salt attack of Fired Clay Bricks (FCBs) causes surface damage that is aesthetically displeasing and eventually leads to structural damage. Methods for determining the resistances of FCBs to salt weathering have mainly tried to simulate the process by using accelerating aging tests. Most research in this area has concentrated on the types of salt that can cause damage and the damage that occurs during accelerated aging tests. This approach has lead to the use of accelerated aging tests as standard methods for determining resistance. Recently, it has been acknowledged that are not the most reliable way to determine salt attack resistance for all FCBs in all environments. Few researchers have examined FCBs with the aim of determining which material and mechanical properties make a FCB resistant to salt attack. The aim of this study was to identify the properties that were significant to the resistance of FCBs to salt attack. In doing so, this study aids in the development of a better test method to assess the resistance of FCBs to salt attack. The current Australian Standard accelerated aging test was used to measure the resistance of eight FCBs to salt attack using sodium sulfate and sodium chloride. The results of these tests were compared to the water absorption properties and the total porosity of FCBs. An empirical relationship was developed between the twenty-four-hour water absorption value and the number of cycles to failure from sodium sulfate tests. The volume of sodium chloride solution was found to be proportional to the total porosity of FCBs in this study. A phenomenological discussion of results led to a new mechanism being presented to explain the derivation of stress during salt crystallisation of anhydrous and hydratable salts. The mechanical properties of FCBs were measured using compression tests. FCBs were analysed as cellular materials to find that the elastic modules of FCBs was equivalent for extruded FCBs that had been fired a similar temperatures and time. Two samples were found to have significantly different elastic moduli of the solid microstructure. One of these samples was a pressed brick that was stiffer due to the extra bond that is obtained during sintering a closely packed structure. The other sample was an extruded brick that had more firing temperature and time compared with the other samples in this study. A non-destructive method was used to measure the indentation hardness and indentation stress-strain properties of FCBs. The indentation hardness of FCBs was found to be proportional to the uniaxial compression strength. In addition, the indentation hardness had a better linear correlation to the total porosity of FCBs except for those samples that had different elastic moduli of the solid microstructure. Fractography of exfoliated particles during salt cycle tests and compression tests showed there was a similar pattern of fracture during each failure. The results indicate there were inherent properties of a FCB that determines the size and shape of fractured particles during salt attack. The microstructural variables that determined the fracture properties of FCBs were shown to be important variables to include in future models that attempt to estimate the resistance of FCBs to salt attack.

Planning for ember attack within the interface

This dissertation explores the relationship between the urban rural interface, with particular reference to air pressure, wind patterns, and the build up of hot ash deposits adjacent to combustible surfaces, in order to devise strategies relating to the design of building forms.

Reliable algorithms and attack detection schemes for network systems

Network and Information security and reliability is still a key issue in information technology. This thesis develops two algorithms to improve the reliability and stability of content delivery systems, and proposes three attack detection schemes with high effectiveness and accuracy in detecting network attacks.

Enhancing RFID tag resistance against cloning attack

In its current form, RFID system are susceptible to a range of malevolent attacks. With the rich business intelligence that RFID infrastructure could possibly carry, security is of paramount importance. In this paper, we formalise various threat models due tag cloning on the RFID system. We also present a simple but efficient and cost effect technique that strengthens the resistance of RFID tags to cloning attacks. Our techniques can even strengthen tags against cloning in environments with untrusted reading devices.

Secure localization with attack detection in wireless sensor networks

Rapid technological advances have enabled the development of low-cost sensor networks for various monitoring tasks, where it is important to estimate the positions of a number of regular sensor nodes whose locations cannot be known apriori. We address the problem of localizing the regular nodes with range-based location references obtained from certain anchor nodes referred to as beacons, particularly in an adverse environment where some of the beacons may be compromised. We propose an innovative modular solution featuring two lightweight modules that are for dedicated functionalities, respectively, but can also be closely integrated. First, we harness simple geometric triangular rules and an efficient voting technique to enable the attack detection module, which identifies and filters out malicious location references. We then develop a secure localization module that computes and clusters certain reference points, and the position of the concerned regular node is estimated with the centroid of the most valuable reference points identified. Extensive simulations show that our attack detection module can detect compromised beacons effectively, and the secure localization module can subsequently provide a dependable localization service in terms of bounded estimation error. The integrated system turns out to be tolerant of malicious attacks even in highly challenging scenarios.

Attack vectors against social networking systems : the Facebook example

Social networking systems (SNS’s) such as Facebook are an ever evolving and developing means of social interaction, which is not only being used to disseminate information to family, friends and colleagues but as a way of meeting and interacting with "strangers" through the advent of a large number of social applications. The attractiveness of such software has meant a dramatic increase in the number of frequent users of SNS’s and the threats which were once common to the Internet have now been magnified, intensified and altered as the potential for criminal behaviour on SNS’s increases. Social networking sites including Facebook contain a vast amount of personal information, that if obtained could be used for other purposes or to carry out other crimes such as identity theft. This paper will focus on the security threats posed to social networking sites and gain an understanding of these risks by using a security approach known as “attack trees”. This will allow for a greater understanding of the complexity associated with protecting Social Networking systems with a particular focus on Facebook.

Discriminating DDoS attack traffic from flash crowd through packet arrival patterns

Current DDoS attacks are carried out by attack tools, worms and botnets using different packet-transmission strategies and various forms of attack packets to beat defense systems. These problems lead to defense systems requiring various detection methods in order to identify attacks. Moreover, DDoS attacks can mix their traffics during flash crowds. By doing this, the complex defense system cannot detect the attack traffic in time. In this paper, we propose a behavior based detection that can discriminate DDoS attack traffic from traffic generated by real users. By using Pearson's correlation coefficient, our comparable detection methods can extract the repeatable features of the packet arrivals. The extensive simulations were tested for the accuracy of detection. We then performed experiments with several datasets and our results affirm that the proposed method can differentiate traffic of an attack source from legitimate traffic with a quick response. We also discuss approaches to improve our proposed methods at the conclusion of this paper.

Air pressure and wind velocity - modelling ember attack within the urban-rural interface

As population change places pressure on expanding regional and metropolitan urban boundaries, so the threat of bushfire at the rural/urban interface increases. This paper presents a range of 2D and 3D 1:40 and full scale modelling investigations. Various relationships are explored between the urban and rural interface with respect to: air pressure; changes in wind pattern; vectorial velocity; and the deposition of hot ash and firebrand deposits around single story building forms, both as standalone and within an orthogonal array and cul-de-sac relationships.

A survey on latest botnet attack and defense

A botnet is a group of compromised computers, which are remotely controlled by hackers to launch various network attacks, such as DDoS attack and information phishing. Botnet has become a popular and productive tool behind many cyber attacks. Recently, the owners of some botnets, such as storm worm, torpig and conflicker, are employing fluxing techniques to evade detection. Therefore, the understanding of their fluxing tricks is critical to the success of defending from botnet attacks. Motivated by this, we survey the latest botnet attacks and defenses in this paper. We begin with introducing the principles of fast fluxing (FF) and domain fluxing (DF), and explain how these techniques were employed by botnet owners to fly under the radar. Furthermore, we investigate the state-of-art research on fluxing detection. We also compare and evaluate those fluxing detection methods by multiple criteria. Finally, we discuss future directions on fighting against botnet based attacks.

Attack vector analysis and privacy-preserving social network data publishing

This paper addresses the problem of privacy-preserving data publishing for social network. Research on protecting the privacy of individuals and the confidentiality of data in social network has recently been receiving increasing attention. Privacy is an important issue when one wants to make use of data that involves individuals' sensitive information, especially in a time when data collection is becoming easier and sophisticated data mining techniques are becoming more efficient. In this paper, we discuss various privacy attack vectors on social networks. We present algorithms that sanitize data to make it safe for release while preserving useful information, and discuss ways of analyzing the sanitized data. This study provides a summary of the current state-of-the-art, based on which we expect to see advances in social networks data publishing for years to come.

Improvement of DDoS attack detection and web access anonymity

The thesis has covered a range of algorithms that help to improve the security of web services. The research focused on the problems of DDoS attack and traffic analysis attack against service availability and information privacy respectively. Finally, this research significantly advantaged DDoS attack detection and web access anonymity.

Trust mechanisms in wireless sensor networks : attack analysis and countermeasures

As the trust issue in wireless sensor networks is emerging as one important factor in security schemes, it is necessary to analyze how to resist attacks with a trust scheme. In this paper we categorize various types of attacks and countermeasures related to trust schemes in WSNs. Furthermore, we provide the development of trust mechanisms, give a short summarization of classical trust methodologies and emphasize the challenges of trust scheme in WSNs. An extensive literature survey is presented by summarizing state-of-the-art trust mechanisms in two categories: secure routing and secure data. Based on the analysis of attacks and the existing research, an open field and future direction with trust mechanisms in WSNs is provided.