Qld floods inquest : stories of courage, sacrifice in emotional replay

"The last acts of courage and sacrifice by parents desperately trying to save their children as a deadly flash flood ripped through south-east Queensland in January fell like repeated emotional hammer-blows on survivors in the public gallery of the Brisbane Coroners Court yesterday. The speed with which the disaster tore lives and homes apart on January 10 was replicated by the speed at which police summarised the circumstances of the deaths for the coroner. After months of investigation by hundreds of police, the final desperate minutes of 14 people’s lives were summed up for the court before the morning tea break, in as little as three minutes each."

A network forensics tool for precise data packet capture and replay in cyber-physical systems

Network data packet capture and replay capabilities are basic requirements for forensic analysis of faults and security-related anomalies, as well as for testing and development. Cyber-physical networks, in which data packets are used to monitor and control physical devices, must operate within strict timing constraints, in order to match the hardware devices' characteristics. Standard network monitoring tools are unsuitable for such systems because they cannot guarantee to capture all data packets, may introduce their own traffic into the network, and cannot reliably reproduce the original timing of data packets. Here we present a high-speed network forensics tool specifically designed for capturing and replaying data traffic in Supervisory Control and Data Acquisition systems. Unlike general-purpose "packet capture" tools it does not affect the observed network's data traffic and guarantees that the original packet ordering is preserved. Most importantly, it allows replay of network traffic precisely matching its original timing. The tool was implemented by developing novel user interface and back-end software for a special-purpose network interface card. Experimental results show a clear improvement in data capture and replay capabilities over standard network monitoring methods and general-purpose forensics solutions.

A tool for replay and analysis of gaze-enhanced multiparty sessions captured in immersive collaborative environments

A desktop tool for replay and analysis of gaze-enhanced multiparty virtual collaborative sessions is described. We linked three CAVE (TM)-like environments, creating a multiparty collaborative virtual space where avatars are animated with 3D gaze as well as head and hand motions in real time. Log files are recorded for subsequent playback and analysis Using the proposed software tool. During replaying the user can rotate the viewpoint and navigate in the simulated 3D scene. The playback mechanism relies on multiple distributed log files captured at every site. This structure enables an observer to experience latencies of movement and information transfer for every site as this is important fir conversation analysis. Playback uses an event-replay algorithm, modified to allow fast traversal of the scene by selective rendering of nodes, and to simulate fast random access. The tool's is analysis module can show each participant's 3D gaze points and areas where gaze has been concentrated.

On Handling Replay Attacks in Intrusion Detection Systems

We propose a method for detecting and analyzing the so-called replay attacks in intrusion detection systems, when an intruder contributes a small amount of hostile actions to a recorded session of a legitimate user or process, and replays this session back to the system. The proposed approach can be applied if an automata-based model is used to describe behavior of active entities in a computer system.

A two-step mutual authentication protocol based on randomized hash-lock for small RFID networks

RFID has been widely used in today's commercial and supply chain industry, due to the significant advantages it offers and the relatively low production cost. However, this ubiquitous technology has inherent problems in security and privacy. This calls for the development of simple, efficient and cost effective mechanisms against a variety of security threats. This paper proposes a two-step authentication protocol based on the randomized hash-lock scheme proposed by S. Weis in 2003. By introducing additional measures during the authentication process, this new protocol proves to enhance the security of RFID significantly, and protects the passive tags from almost all major attacks, including tag cloning, replay, full-disclosure, tracking, and eavesdropping. Furthermore, no significant changes to the tags is required to implement this protocol, and the low complexity level of the randomized hash-lock algorithm is retained.

“That you would post such a thing implies that you are a despicable human being”: spectatorship, social media, & the struggle for meaning in disability performance

Artists with disabilities working in Live Art paradigms often present performances which replay the social attitudes they are subject to in daily life as guerilla theatre in public spaces – including online spaces. In doing so, these artists draw spectators’ attention to the way their responses to disabled people contribute to the social construction of disability. They provide different theatrical, architectural or technological devices to encourage spectators to articulate their response to themselves and others. But – the use of exaggeration, comedy and confrontation in these practices notwithstanding – their blurry boundaries mean some spectators experience confusion as to whether they are responding to real life or a representation of it. This results in conflicted responses which reveal as much about the politics of disability as the performances themselves. In this paper, I examine how these conflicted responses play out in online forums. I discuss diverse examples, from blog comments on Liz Crow’s Resistance on the Plinth on YouTube, to Aaron Williamson and Katherine Araneillo’s Disabled Avant-Garde clips on YouTube, to Ju Gosling’s Letter Writing Project on her website, to segments of UK Channel 4’s mock reality show Cast Offs on YouTube. I demonstrate how online forums become a place not just for recording memories of an original performance (which posters may not have seen), but for a new performance, which goes well beyond re-membering/remediating the original. I identify trends in the way experience, memory and meaningmaking play out in these performative forums – moving from clarification of the original act’s parameters, to claims of disgust, insult or offense, to counter-claims confirming the comic or political efficacy of the act, often linked disclosure of personal memory or experience of disability. I examine the way these encounters at the interstices of live and/or online performance, memory, technology and public/private history negotiate ideas about disability, and what they tell us about the ethics and efficacy of the specific modes of performance and spectatorship these artists with disabilities are invoking.

Robust performance analysis on YAWL process models with advanced constructs

The importance of actively managing and analyzing business processes is acknowledged more than ever in organizations nowadays. Business processes form an essential part of an organization and their ap-plication areas are manifold. Most organizations keep records of various activities that have been carried out for auditing purposes, but they are rarely used for analysis purposes. This paper describes the design and implementation of a process analysis tool that replays, analyzes and visualizes a variety of performance metrics using a process definition and its execution logs. Performing performance analysis on existing and planned process models offers a great way for organizations to detect bottlenecks within their processes and allow them to make more effective process improvement decisions. Our technique is applied to processes modeled in the YAWL language. Execution logs of process instances are compared against the corresponding YAWL process model and replayed in a robust manner, taking into account any noise in the logs. Finally, performance characteristics, obtained from replaying the log in the model, are projected onto the model.

CHURNs : freshness assurance for humans

We present CHURNs, a method for providing freshness and authentication assurances to human users. In computer-to-computer protocols, it has long been accepted that assurances of freshness such as random nonces are required to prevent replay attacks. Typically, no such assurance of freshness is presented to a human in a human-and-computer protocol. A Computer–HUman Recognisable Nonce (CHURN) is a computer-aided random sequence that the human has a measure of control over and input into. Our approach overcomes limitations such as ‘humans cannot do random’ and that humans will follow the easiest path. Our findings show that CHURNs are significantly more random than values produced by unaided humans; that humans may be used as a second source of randomness, and we give measurements as to how much randomness can be gained from humans using our approach; and that our CHURN-generator makes the user feel more in control, thus removing the need for complete trust in devices and underlying protocols. We give an example of how a CHURN may be used to provide assurances of freshness and authentication for humans in a widely used protocol.

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.

Analysis of Business Process Variants in Apromore

In this paper we illustrate a set of features of the Apromore process model repository for analyzing business process variants. Two types of analysis are provided: one is static and based on differences on the process control flow, the other is dynamic and based on differences in the process behavior between the variants. These features combine techniques for the management of large process model collections with those for mining process knowledge from process execution logs. The tool demonstration will be useful for researchers and practitioners working on large process model collections and process execution logs, and specifically for those with an interest in understanding, managing and consolidating business process variants both within and across organizational boundaries.