Data flow analysis of embedded program expressions

Data flow analysis techniques can be used to help assess threats to data confidentiality and integrity in security critical program code. However, a fundamental weakness of static analysis techniques is that they overestimate the ways in which data may propagate at run time. Discounting large numbers of these false-positive data flow paths wastes an information security evaluator's time and effort. Here we show how to automatically eliminate some false-positive data flow paths by precisely modelling how classified data is blocked by certain expressions in embedded C code. We present a library of detailed data flow models of individual expression elements and an algorithm for introducing these components into conventional data flow graphs. The resulting models can be used to accurately trace byte-level or even bit-level data flow through expressions that are normally treated as atomic. This allows us to identify expressions that safely downgrade their classified inputs and thereby eliminate false-positive data flow paths from the security evaluation process. To validate the approach we have implemented and tested it in an existing data flow analysis toolkit.

A taint marking approach to confidentiality violation detection

This article presents a novel approach to confidentiality violation detection based on taint marking. Information flows are dynamically tracked between applications and objects of the operating system such as files, processes and sockets. A confidentiality policy is defined by labelling sensitive information and defining which information may leave the local system through network exchanges. Furthermore, per application profiles can be defined to restrict the sets of information each application may access and/or send through the network. In previous works, we focused on the use of mandatory access control mechanisms for information flow tracking. In this current work, we have extended the previous information flow model to track network exchanges, and we are able to define a policy attached to network sockets. We show an example application of this extension in the context of a compromised web browser: our implementation detects a confidentiality violation when the browser attempts to leak private information to a remote host over the network.

Intrusion detection in distributed systems, an approach based on taint marking

This paper presents a new framework for distributed intrusion detection based on taint marking. Our system tracks information flows between applications of multiple hosts gathered in groups (i.e., sets of hosts sharing the same distributed information flow policy) by attaching taint labels to system objects such as files, sockets, Inter Process Communication (IPC) abstractions, and memory mappings. Labels are carried over the network by tainting network packets. A distributed information flow policy is defined for each group at the host level by labeling information and defining how users and applications can legally access, alter or transfer information towards other trusted or untrusted hosts. As opposed to existing approaches, where information is most often represented by two security levels (low/high, public/private, etc.), our model identifies each piece of information within a distributed system, and defines their legal interaction in a fine-grained manner. Hosts store and exchange security labels in a peer to peer fashion, and there is no central monitor. Our IDS is implemented in the Linux kernel as a Linux Security Module (LSM) and runs standard software on commodity hardware with no required modification. The only trusted code is our modified operating system kernel. We finally present a scenario of intrusion in a web service running on multiple hosts, and show how our distributed IDS is able to report security violations at each host level.

A Cloud-based Framework for Security Analysis of Browser Extensions

In today's internet world, web browsers are an integral part of our day-to-day activities. Therefore, web browser security is a serious concern for all of us. Browsers can be breached in different ways. Because of the over privileged access, extensions are responsible for many security issues. Browser vendors try to keep safe extensions in their official extension galleries. However, their security control measures are not always effective and adequate. The distribution of unsafe extensions through different social engineering techniques is also a very common practice. Therefore, before installation, users should thoroughly analyze the security of browser extensions. Extensions are not only available for desktop browsers, but many mobile browsers, for example, Firefox for Android and UC browser for Android, are also furnished with extension features. Mobile devices have various resource constraints in terms of computational capabilities, power, network bandwidth, etc. Hence, conventional extension security analysis techniques cannot be efficiently used by end users to examine mobile browser extension security issues. To overcome the inadequacies of the existing approaches, we propose CLOUBEX, a CLOUd-based security analysis framework for both desktop and mobile Browser EXtensions. This framework uses a client-server architecture model. In this framework, compute-intensive security analysis tasks are generally executed in a high-speed computing server hosted in a cloud environment. CLOUBEX is also enriched with a number of essential features, such as client-side analysis, requirements-driven analysis, high performance, and dynamic decision making. At present, the Firefox extension ecosystem is most susceptible to different security attacks. Hence, the framework is implemented for the security analysis of the Firefox desktop and Firefox for Android mobile browser extensions. A static taint analysis is used to identify malicious information flows in the Firefox extensions. In CLOUBEX, there are three analysis modes. A dynamic decision making algorithm assists us to select the best option based on some important parameters, such as the processing speed of a client device and network connection speed. Using the best analysis mode, performance and power consumption are improved significantly. In the future, this framework can be leveraged for the security analysis of other desktop and mobile browser extensions, too.

Potential of VIS-NIR Spectroscopy to predict perceived ‘muddy’ taint in australian farmed barramundi

Sensory analysis of food involves the measurement, interpretation and understanding of human responses to the properties of food perceived by the senses such as sight, smell, and taste (Cozzolino et al. 2005). It is important to have a quantitative means for assessing sensory properties in a reasonable way, to enable the food industry to rapidly respond to the changing demands of both consumers and the market. Aroma and flavour are among the most important properties for the consumer, and numerous studies have been performed in attempts to find correlations between sensory qualities and objective instrumental measurements. Rapid instrumental methods such as near infrared spectroscopy (NIR) might be advantageous to predict quality of different foods and agricultural products due to the speed of analysis, minimum sample preparation and low cost. The advantages of such technologies is not only to assess chemical structures but also to build an spectrum, characteristic of the sample, which behaves as a “finger print” of the sample.

Penicillium glabrum cork colonising isolates – preliminary analysis of their genomic similari

Cork stopper manufacturing process includes an operation, known as stabilisation, by which humid cork slabs are extensively colonised by fungi. The effects of fungal growth on cork are yet to be completely understood and are considered to be involved in the so called “cork taint” of bottled wine. It is essential to identify environmental constraints which define the appearance of the colonising fungal species and to trace their origin to the forest and/or as residents in the manufacturing space. The present article correlates two sets of data, from consecutive years and the same season, of systematic biologic sampling of two manufacturing units, located in the North and South of Portugal. Chrysonilia sitophila dominance was identified, followed by a high diversity of Penicillium species. Penicillium glabrum, found in all samples, was the most frequent isolated species. P. glabrum intra-species variability was investigated using DNA fingerprinting techniques revealing highly discriminative polymorphic markers in the genome. Cluster analysis of P. glabrum data was discussed in relation to the geographical location of strains, and results suggest that P. glabrum arise from predominantly the manufacturing space, although cork resident fungi can also contrib

Organic consumers' attitudes and preferences regarding alternatives to piglet castration without anaesthesia and analgesia in organic farming - an explorative analysis

In Germany and other European countries piglets are routinely castrated in order to avoid the occurrence of boar taint, an off-flavour and off-odour of pork. Sensory perception of boar taint varies; however, it is regarded as very unpleasant by many people. Surgical castration which is an effective means against boar taint has commonly been performed without anaesthesia or analgesia within the piglets’ first seven days of life. Piglet castration without anaesthesia has been heavily criticised, as the assumption that young piglets perceive less pain than older animals cannot be supported by scientific evidence. Consequently, surgical castration is only allowed with anaesthesia and/or analgesia in organic farming throughout the European Union since January 2012. Abandoning piglet castration without pain relief requires the implementation of alternative methods which improve animal welfare while maintaining sensory meat quality. There are three relevant alternatives: castration with anaesthesia and/or analgesia to reduce pain, a vaccination against boar taint (immunocastration) and the fattening of uncastrated male pigs (fattening of boars) combined with measures to reduce and detect boar taint in meat. Consumers’ attitudes and opinions regarding the alternatives are an important factor with regard to the implementation of alternatives, as they are finally supposed to buy the meat. The objective of this dissertation was to explore organic consumers’ attitudes, preferences and willingness-to-pay regarding piglet castration without pain relief and the three alternatives. Important aspects for the evaluation of the alternatives and influencing factors (e.g. information, taste) on preferences and willingness-to-pay should also be identified. In autumn 2009 nine focus group discussions were conducted each followed by a Vickrey auction including a tasting of boar salami. Overall, 89 consumers of organic pork participated in the study. Information on piglet castration and alternatives (in three variants) was provided as a basis for discussion. The focus group data were analysed using qualitative content analysis. In order to compare the focus group results with those from the auctions, an innovative approach applying an adapted scoring model to further analyse the data set was used. The majority of participants were not aware that piglets are castrated without anaesthesia in organic farming. They reacted shocked and disappointed on learning about this practice which did not fit into their image of animal welfare standards in organic farming. Overall, the results show, that for consumers of organic pork castration with anaesthesia and analgesia as well as the fattening of boars may be acceptable alternatives in organic farming. Considering the strong food safety concerns regarding immunocastration, acceptance of this alternative may be questioned. Communication regarding alternatives to piglet castration without anaesthesia and analgesia should take into account that the relevance of the aspects animal welfare, food safety, taste and costs differs between alternatives. Furthermore, it seems advisable not to address an unappetizing topic like piglet castration directly at the point of sale so as not to deter consumers from buying organic pork. The issue of piglet castration demonstrates exemplarily that it is important for the organic sector to implement and maintain high animal welfare standards and communicate them in an appropriate way, thereby trying to prevent strong discrepancies between consumers’ expectations regarding animal husbandry in organic farming and actual conditions. So, disappointment of consumers and a loss of image due to negative reports about animal welfare issues can be avoided.

Raman microscopy of formamide-intercalated kaolinites treated by controlled-rate thermal analysis technology

Raman spectroscopy of formamide-intercalated kaolinites treated using controlled-rate thermal analysis technology (CRTA), allowing the separation of adsorbed formamide from intercalated formamide in formamide-intercalated kaolinites, is reported. The Raman spectra of the CRTA-treated formamide-intercalated kaolinites are significantly different from those of the intercalated kaolinites, which display a combination of both intercalated and adsorbed formamide. An intense band is observed at 3629 cm-1, attributed to the inner surface hydroxyls hydrogen bonded to the formamide. Broad bands are observed at 3600 and 3639 cm-1, assigned to the inner surface hydroxyls, which are hydrogen bonded to the adsorbed water molecules. The hydroxyl-stretching band of the inner hydroxyl is observed at 3621 cm-1 in the Raman spectra of the CRTA-treated formamide-intercalated kaolinites. The results of thermal analysis show that the amount of intercalated formamide between the kaolinite layers is independent of the presence of water. Significant differences are observed in the CO stretching region between the adsorbed and intercalated formamide.

Detailed analysis of a conservative difference approximation for the time fractional diffusion equation

Diffusion equations that use time fractional derivatives are attractive because they describe a wealth of problems involving non-Markovian Random walks. The time fractional diffusion equation (TFDE) is obtained from the standard diffusion equation by replacing the first-order time derivative with a fractional derivative of order α ∈ (0, 1). Developing numerical methods for solving fractional partial differential equations is a new research field and the theoretical analysis of the numerical methods associated with them is not fully developed. In this paper an explicit conservative difference approximation (ECDA) for TFDE is proposed. We give a detailed analysis for this ECDA and generate discrete models of random walk suitable for simulating random variables whose spatial probability density evolves in time according to this fractional diffusion equation. The stability and convergence of the ECDA for TFDE in a bounded domain are discussed. Finally, some numerical examples are presented to show the application of the present technique.

Determination of preventive maintenance lead time using hybrid analysis

The time for conducting Preventive Maintenance (PM) on an asset is often determined using a predefined alarm limit based on trends of a hazard function. In this paper, the authors propose using both hazard and reliability functions to improve the accuracy of the prediction particularly when the failure characteristic of the asset whole life is modelled using different failure distributions for the different stages of the life of the asset. The proposed method is validated using simulations and case studies.