Forensisk undersökning av Amazon Kindle

Detta arbete har genomförts i samarbete med Försvarsmakten och behandlar vilka möjligheter som finns för forensiska undersökningar av e-boksläsaren Amazon Kindle. I arbetets litteraturstudie beskrivs hur tidigare forskning inom ämnet är kraftigt begränsad. Arbetet syftar därför till att besvara hur data kan extraheras från en Kindle, vilka data av forensiskt intresse en Kindle kan innehålla, var denna information lagras och om detta skiljer sig åt mellan olika modeller och firmware-versioner samt om det är nog att undersöka endast den del av minnet som är tillgänglig för användaren eller om ytterligare privilegier för att komma åt hela minnesarean bör införskaffas. För att göra detta fylls tre olika modeller av Kindles med information. Därefter tas avbilder på dem, dels på endast användarpartitionen och dels på dess fullständiga minnesarea efter att en privilegie-eskalering har utförts. Inhämtad data analyseras och resultatet presenteras. Resultatet visar att information av forensiskt intresse så som anteckningar, besökta webbsidor och dokument kan återfinnas, varför det finns ett värde i att utföra forensiska undersökningar på Amazon Kindles. Skillnader råder mellan vilken information som kan återfinnas och var den lagras på de olika enheterna. Enheterna har fyra partitioner varav endast en kan kommas åt utan privilegie-eskalering, varför det finns en fördel med att inhämta avbilder av hela minnesarean. Utöver ovanstående presenteras en metod för att förbipassera en enhets kodlås och därigenom få fullständig åtkomst till den även om den är låst.

The epistemology that maintains white race privilege, power and control of Indigenous Studies and Indigenous peoples' participation in universities

This paper represents my attempt to turn the gaze and demonstrate how Indigenous Studies is controlled in some Australian universities in ways that witness Indigenous peoples being further marginalised, denigrated and exploited. I have endeavoured to do this through sharing an experience as a case study. I have opted to write about it as a way of exposing the problematic nature of racism, systemic marginalisation, white race privilege and radicalised subjectivity played out within an Australian higher education institution and because I am dissatisfied with the on-going status quo. In bringing forth analysis to this case study, I reveal the relationships between oppression, white race privilege and institutional privilege and the epistemology that maintains them. In moving from the position of being silent on this experience to speaking about it, I am able to move from the position of object to subject and to gain a form of liberated voice (hooks 1989:9). Furthermore, I am hopeful that it will encourage others to examine their own practices within universities and to challenge the domination that continues to subjugate Indigenous peoples.

Bit-pattern based integral attack

Integral attacks are well-known to be effective against byte-based block ciphers. In this document, we outline how to launch integral attacks against bit-based block ciphers. This new type of integral attack traces the propagation of the plaintext structure at bit-level by incorporating bit-pattern based notations. The new notation gives the attacker more details about the properties of a structure of cipher blocks. The main difference from ordinary integral attacks is that we look at the pattern the bits in a specific position in the cipher block has through the structure. The bit-pattern based integral attack is applied to Noekeon, Serpent and present reduced up to 5, 6 and 7 rounds, respectively. This includes the first attacks on Noekeon and present using integral cryptanalysis. All attacks manage to recover the full subkey of the final round.

Use of IP addresses for high rate flooding attack detection

High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.

Attack of the creationist reverberators! Or: the end of the world (as we know it)

This special issue of Popular Communication examines the impact of the global financial crisis and recession on differnt aspects of global and regional media and the cultural industries, changing practices of media production, as well as media consumption, and the interplay of economic challenges and technological change.

A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

Parametric differences between a real-world distributed denial-of-service attack and a flash event

Distributed Denial-of-Service (DDoS) attacks continue to be one of the most pernicious threats to the delivery of services over the Internet. Not only are DDoS attacks present in many guises, they are also continuously evolving as new vulnerabilities are exploited. Hence accurate detection of these attacks still remains a challenging problem and a necessity for ensuring high-end network security. An intrinsic challenge in addressing this problem is to effectively distinguish these Denial-of-Service attacks from similar looking Flash Events (FEs) created by legitimate clients. A considerable overlap between the general characteristics of FEs and DDoS attacks makes it difficult to precisely separate these two classes of Internet activity. In this paper we propose parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate our proposal. Our analysis shows that even though FEs appear very similar to DDoS attacks, there are several subtle dissimilarities which can be exploited to separate these two classes of events.

Where not to have a Heart Attack in Australia!: The Cardiac ARIA Index

Background/aims: Access to appropriate health care following an acute cardiac event is important for positive outcomes. The aim of the Cardiac ARIA index was to derive an objective, comparable, geographic measure reflecting access to cardiac services across Australia. Methods: Geographic Information Systems (GIS) were used to model a numeric-alpha index based on acute management from onset of symptoms to return to the community. Acute time frames have been calculated to include time for ambulance to arrive, assess and load patient, and travel to facility by road 40–80 kph. Results: The acute phase of the index was modelled into five categories: 1 [24/7 percutaneous cardiac intervention (PCI) ≤1 h]; 2 [24/7 PCI 1–3 h, and PCI less than an additional hour to nearest accident and emergency room (A&E)]: 3 [Nearest A&E ≤3 h (no 24/7 PCI within an extra hour)]: 4 [Nearest A&E 3–12 h (no 24/7 PCI within an extra hour)]: 5 [Nearest A&E 12–24 h (no 24/7 PCI within an extra hour)]. Discharge care was modelled into three categories based on time to a cardiac rehabilitation program, retail pharmacy, pathology services, hospital, GP or remote clinic: (A) all services ≤30 min; (B) >30 min and ≤60 min; (C) >60 min. Examples of the index indicate that the majority of population locations within capital cities were category 1A; Alice Springs and Byron Bay were 3A; and the Northern Territory town of Maningrida had minimal access to cardiac services with an index ranking of 5C. Conclusion: The Cardiac ARIA index provides an invaluable tool to inform appropriate strategies for the use of scarce cardiac resources.

An attack on Iran: the legal basis, or lack thereof

Talk of a possible Israeli strike on Iran’s nuclear facilities has re-ignited debate over the right of self-defence under international law. Some academics, including Anthony D'Amato and Alan Dershowitz, have claimed that an attack on Iran would be a permissible act of self-defence. Others, such as Kevin Jon Heller, argue that such action would be a clear breach of international law. So, who is correct? Would military action against Iran be legal or illegal?

The Attack on Political Correctness: Islamophobia and the Erosion of Multiculturalism In Australia Under the Howard Regime

This article reports on civil society in Australia between 1996 and 2007 related to former Prime Minister John Howard. The article discusses Howard's neo-conservative ideology and Liberal-National coalition, noting his views on political correctness. Howard's administration is also discussed in terms of immigration, multiculturalism, indigenous land rights, othering, and Islamaphobia. Information on the effect of Islamaphobia on Australian perceptions and the treatment of Muslims is also provided

Pleading for privilege : Denials and non-admissions under the UCPR

The decision in ASIC v Managed Investments Ltd No 3 [2012] QSC 74 provides practitioners with useful guidance on the relationship between the privileges against self-incrimination and exposure to a penalty, and the UCPR requirements for denials and non-admissions.