Government preparedness: Using simulation to prepare for a terrorist attack

The heightened threat of terrorism has caused governments worldwide to plan for responding to large-scale catastrophic incidents. In England the New Dimension Programme supplies equipment, procedures and training to the Fire and Rescue Service to ensure the country's preparedness to respond to a range of major critical incidents. The Fire and Rescue Service is involved partly by virtue of being able to very quickly mobilize a large skilled workforce and specialist equipment. This paper discusses the use of discrete event simulation modeling to understand how a fire and rescue service might position its resources before an incident takes place, to best respond to a combination of different incidents at different locations if they happen. Two models are built for this purpose. The first model deals with mass decontamination of a population following a release of a hazardous substance—aiming to study resource requirements (vehicles, equipment and manpower) necessary to meet performance targets. The second model deals with the allocation of resources across regions—aiming to study cover level and response times, analyzing different allocations of resources, both centralized and decentralized. Contributions to theory and practice in other contexts (e.g. the aftermath of natural disasters such as earthquakes) are outlined.     

FedDAA: a robust federated learning framework to protect privacy and defend against adversarial attack

Federated learning (FL) has emerged to break data-silo and protect clients’ privacy in the field of artificial intelligence. However, deep leakage from gradient (DLG) attack can fully reconstruct clients’ data from the submitted gradient, which threatens the fundamental privacy of FL. Although cryptology and differential privacy prevent privacy leakage from gradient, they bring negative effect on communication overhead or model performance. Moreover, the original distribution of local gradient has been changed in these schemes, which makes it difficult to defend against adversarial attack. In this paper, we propose a novel federated learning framework with model decomposition, aggregation and assembling (FedDAA), along with a training algorithm, to train federated model, where local gradient is decomposed into multiple blocks and sent to different proxy servers to complete aggregation. To bring better privacy protection performance to FedDAA, an indicator is designed based on image structural similarity to measure privacy leakage under DLG attack and an optimization method is given to protect privacy with the least proxy servers. In addition, we give defense schemes against adversarial attack in FedDAA and design an algorithm to verify the correctness of aggregated results. Experimental results demonstrate that FedDAA can reduce the structural similarity between the reconstructed image and the original image to 0.014 and remain model convergence accuracy as 0.952, thus having the best privacy protection performance and model training effect. More importantly, defense schemes against adversarial attack are compatible with privacy protection in FedDAA and the defense effects are not weaker than those in the traditional FL. Moreover, verification algorithm of aggregation results brings about negligible overhead to FedDAA.     

USBWall: A novel security mechanism to protect against maliciously reprogrammed USB devices

Universal Serial Bus (USB) is a popular choice of interfacing computer systems with peripherals. With the increasing support of modern operating systems, it is now truly plug-and-play for most USB devices. However, this great convenience comes with a risk that can allow a device to perform arbitrary actions at any time while it is connected. Researchers have confirmed that a simple USB device such as a mass storage device can be disguised to have an additional functionality such as a keyboard. An unauthorized keyboard attachment can compromise the security of the host by allowing arbitrary keystrokes to enter the host. This undetectable threat differs from traditional virus that spreads via USB devices due to the location where it is stored and the way it behaves. We propose a novel way to protect the host via a software/hardware solution we named a USBWall. USBWall uses BeagleBone Black (BBB), a low-cost open-source computer, to act as a middleware to enumerate the devices on behalf of the host. We developed a program to assist the user to identify the risk of a device. We present a simulated USB device with malicious firmware to the USBWall. Based on the results, we confirm that using the USBWall to enumerate USB devices on behalf of the host eliminates risks to the hosts.     

ACSP: A novel security protocol against counting attack for UHF RFID systems

Current research on UHF RFID system security mainly focus on protecting communication safety and information privacy between a pair of specific tags and its corresponding interrogation reader. However, instead of stealing detailed private information of tags, adversaries may just want to estimate the cardinality of tags, which is named counting attack. Unfortunately, most existing protocols are vulnerable to counting attack. To defend against this attack, in this paper we propose ACSP, a novel Anti-Counting Security Protocol. ACSP employs session identifier and provides a corresponding authentication metric to verify the commands sent by the reader. To handle counting attack, ACSP periodically updates the session identifier, and securely identifies tags with encryption. We evaluate the performance of ACSP through theoretical analysis and qualitative comparison. Results show that ACSP can efficiently withstand counting attack as well as defending against regular security threats as existing protocols.     

Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value

Radio Frequency IDentification (RFID ) system is a contactless automatic identification system using small, low-cost RFID tags. It enables recognition of the tag information via radio frequency communication, by attaching an RFID tag to an animate or inanimate object. Since an RFID system has the advantage of simultaneously recognizing massive amounts of information, it is expected to replace the bar-code system. The most important problem with an RFID system is that an adversary can access the tag information, which gives rise to privacy and forgery problems. This paper presents a hash-based mutual authentication protocol as a solution. The proposed protocol is designed to send a random number generated by a tag to a back-end server without disclosure. Moreover it substitutes a random number with a secret value, which is employed in a response message. The properties of the proposed protocol enable constant creation of distinct response messages without interferences from intended or meaningless requests generated by an adversary, while the secret value is not directly transmitted. Our proposed protocol make is difficult for an attacker to launch successful brute-force attacks against our approach.     

ADTLang: a programming language approach to attack defense trees

International Journal on Software Tools for Technology Transfer - The Attack Defense Tree framework was developed to facilitate abstract reasoning about security issues of complex systems. As such,...     

A pattern-based approach to protocol mediation for web services composition

ContextWith the increasing popularity of Service Oriented Architecture (SOA), service composition is gaining momentum as the potential silver bullet for application integration. However, services are not always perfectly compatible and therefore cannot be directly composed. Service mediation, roughly classified into signature and protocol ones, thus becomes one key working area in SOA.ObjectiveAs a challenging problem, protocol mediation is still open and existing approaches only provide partial solutions. Further investigation on a systematic approach is needed.MethodsIn this paper, an approach based on mediator patterns is proposed to generate executable mediators and glue partially compatible services together. The mediation process and its main steps are introduced. By utilizing message mapping, a heuristic technique for identifying protocol mismatches and selecting appropriate mediator patterns is presented. The corresponding BPEL templates of these patterns are also developed.ResultsA prototype system, namely Service Mediation Toolkit (SMT), has been implemented to validate the feasibility and effectiveness of the proposed approach.ConclusionThe approach along with the prototype system facilitate the existing practice of protocol mediation for Web services composition.     

A semantic approach to improving machine readability of a large-scale attack graph

Automation in cyber security can be achieved by using attack graphs. Attack graphs allow us to model possible paths that a potential attacker can use to intrude into a target network. In particular, graph representation is often used to increase visibility of information, but it is not effective when a large-scale attack graph is produced. However, it is inevitable that such a voluminous attack graph is generated by modeling a variety of data from an increasing number of network hosts. Therefore, we need more intelligent ways of inferring the knowledge required to harden network security from the attack graph, beyond getting information such as possible attack paths. Ontology technology enables a machine to understand information and makes it easier to infer knowledge based on relational facts from big data. Constructing ontology in the domain of attack graph generation is a prerequisite for increasing machine intelligence and implementing an automated process. In this paper, we propose a semantic approach to make a large-scale attack graph machine readable. The approach provides several benefits. First, users can obtain relational facts based on reasoning from a large-scale attack graph, and the semantics of an attack graph can provide intuition to users. In addition, intelligence-based security assessment can be possible using the obtained ontological structures. By improving the machine readability of an attack graph, our approach could lead to automated assessment of network security.

     

适用于多密级环境的移动存储设备互认证与密钥协商协议

针对多密级环境特点,提出一个能够离线认证、可识别密级的移动存储设备、主机终端互认证与密钥协商协议。协议基于TTP（trusted third party）的数字签名不可伪造特性和计算离散对数问题(discrete logarithm problem)的困难性,通过验证协商密钥加密所得密文的正确性实现移动存储设备和主机终端的互认证。对协议进行非形式化和形式化分析,分析结果表明与同类协议相比,协议安全性较高,存储开销小,预共享认证参数次数少,实用性强。协议能够有效解决多密级环境下移动存储设备密级识别、身份认证问题,对移动存储设备安全管理具有重要意义。     

Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags

Internet of Things (IoT) is an evolving architecture which connects multiple devices to Internet for communication or receiving updates from a cloud or a server. In future, the number of these connected devices will increase immensely making them an indistinguishable part of our daily lives. Although these devices make our lives more comfortable, they also put our personal information at risk. Therefore, security of these devices is also a major concern today. In this paper, we propose an ultra-lightweight mutual authentication protocol which uses only bitwise operation and thus is very efficient in terms of storage and communication cost. In addition, the computation overhead is very low. We have also compared our proposed work with the existing ones which verifies the strength of our protocol, as obtained results are promising. A brief cryptanalysis of our protocol that ensures untraceability is also presented.     

Communication protocol for monitoring a large number of remotely distributed hazardous material detection devices

Modern wireless communication technologies opened up new avenues of data collection from remotely distributed environmental sensors. Global Mobile Communications (GSM) and satellite telephone services currently cover almost all parts of the world. With this development, it became feasible to place and collect data from remote sensors at locations which were previously inaccessible due to distance or extremely restrictive conditions. Although data collection through wireless devices is becoming popular by the day, there is no unified protocol for sending and receiving information from remote devices. In this study, a communication protocol is developed for monitoring a large number of remotely distributed environmental devices. The protocol is being implemented as a part of a project which aims to place a large number of environmental monitoring devices throughout the United Arab Emirates (UAE).     

A software coupling approach to assess low-cost soil conservation strategies for highland agriculture in Vietnam

Soil degradation is an environmental process mainly caused by land use decision-makers that has substantial feedback effects on livelihoods and the environment. To capture these feedback effects and the resulting human-environment interactions, we used an agent-based modeling approach to couple two software packages that simulate soil, water and plant dynamics (LUCIA), and farm decision-making (MP-MAS). We show that such a software coupling approach has advantages over hard-coded model integration as applied by most other comparable studies, as it facilitates combining of increasingly sophisticated individual models and can achieve a well-balanced representation of agricultural systems. Using a numerical application for a small mountainous watershed in northwest Vietnam we show the challenges in model coupling, calibration and partial validation, and explore the properties of the coupled model system. Scenario analysis covering the introduction of low-cost soil conservation techniques indicates that some of these techniques would have an impact on soil erosion, maize productivity and household income levels in the study catchment area under current conditions. However, maize yields and the adoption of soil conservation appear to be sensitive to the price of mineral fertilizers, with lower fertilizer prices impeding the adoption of soil conservation measures. The software coupling approach was able to capture interactions between decision-makers and natural resources, as well as the level of spatial variability, in more detail than the individual models. Still, the greater number of endogenous variables and thus degrees of freedom increased the importance of validation and testing parameter sensitivity of the results.     

Challenges to complexity shields that are supposed to protect elections against manipulation and control: a survey

In the context of voting, manipulation and control refer to attempts to influence the outcome of elections by either setting some of the votes strategically (i.e., by reporting untruthful preferences) or by altering the structure of elections via adding, deleting, or partitioning either candidates or voters. Since by the celebrated Gibbard–Satterthwaite theorem (and other results expanding its scope) all reasonable voting systems are manipulable in principle and since many voting systems are in principle susceptible to many control types modeling natural control scenarios, much work has been done to use computational complexity as a shield to protect elections against manipulation and control. However, most of this work has merely yielded NP-hardness results, showing that certain voting systems resist certain types of manipulation or control only in the worst case. Various approaches, including studies of the typical case (where votes are given according to some natural distribution), pose serious challenges to such worst-case complexity results and might allow successful manipulation or control attempts, despite the NP-hardness of the corresponding problems. We survey and discuss some recent results on these challenges to complexity results for manipulation and control, including typical-case analyses and experiments, fixed-parameter tractability, domain restrictions (single-peakedness), and approximability.     

Flexinet: a token bus protocol for local area networks interconnecting low cost data communicating devices

Local area network technology has to date generally focused on the problems of interconnecting high speed computing devices. Thus, where the connection of (primarily) low speed devices to a network is required, this has to be achieved by means of a star wired concentrator.The LAN protocol described in this paper is designed to exploit the topological advantages of direct connection to the net without incurring the high costs associated with direct connection to one of the established IEEE standard design.The protocol, Flexinet, employs token passing for medium access control on a bus. Advantage is taken of the short data frames involved in terminal interaction to minimise the hardware and software costs of the access units. A prototype version of the network has been built using simple 8 bit microprocessors and support chips.     

Motion marking menus: An eyes-free approach to motion input for handheld devices

The increasing complexity of applications on handheld devices requires the development of rich new interaction methods specifically designed for resource-limited mobile use contexts. One appealingly convenient approach to this problem is to use device motions as input, a paradigm in which the currently dominant interaction metaphors are gesture recognition and visually mediated scrolling. However, neither is ideal. The former suffers from fundamental problems in the learning and communication of gestural patterns, while the latter requires continual visual monitoring of the mobile device, a task that is undesirable in many mobile contexts and also inherently in conflict with the act of moving a device to control it. This paper proposes an alternate approach: a gestural menu technique inspired by marking menus and designed specifically for the characteristics of motion input. It uses rotations between targets occupying large portions of angular space and emphasizes kinesthetic, eyes-free interaction. Three evaluations are presented, two featuring an abstract user interface (UI) and focusing on how user performance changes when the basic system parameters of number, size and depth of targets are manipulated. These studies show that a version of the menu system containing 19 commands yields optimal performance, compares well against data from the previous literature and can be used effectively eyes free (without graphical feedback). The final study uses a full graphical UI and untrained users to demonstrate that the system can be rapidly learnt. Together, these three studies rigorously validate the system design and suggest promising new directions for handheld motion-based UIs.     

An efficient framework for counting pedestrians crossing a line using low-cost devices: the benefits of distilling the knowledge in a neural network

Multimedia Tools and Applications - In this paper, an efficient framework for counting pedestrians crossing a line of interest is proposed. Nowadays, the convolutional neural networks have very...     

A lightweight authentication and key agreement protocol for heterogeneous IoT with special attention to sensing devices and gateway

Focusing specifically on sensing devices with restricted resources, heterogeneous internet of things (HIoT) is an attractive scenario for IoT networks. Nonetheless, the very nature of wireless channels in these networks has given rise to a series of security challenges, which need to be considered while developing authentication protocols. Here, we scrutinized Yu and Park’s, Kumari et al.’s, and Ostad-sharif et al.'s protocols and illustrated their weaknesses against key compromise attacks, insider attacks, and violation of anonymity. Furthermore, for heterogeneous IoT contexts, a lightweight and secure authentication and key agreement protocol for heterogeneous IoT environments is presented. Concerning the restricted resources of sensing devices, an attempt is made to provide an efficient HIoT-based authentication protocol to enhance network security and performance. The gateway as a trusted authority with the maximum workload and sensing devices with the highest restrictions on resources are considered in the suggested protocol. As a result, the user bears the brunt of the workload in the individual session. The Burrows–Abadi–Needham (BAN) logic is used to validate the proposed protocol, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is utilized to demonstrate resilience to existing active attacks. Simulation findings and performance assessment revealed that our protocol improved communication overheads by up to 110%, computation overheads by up to 83%, and sensing device maximum storage capacity by up to 51%.

     

A unified approach to autofocus and alignment for pattern localization using hybrid weighted Hausdorff distance

Pattern localization is a fundamental task in machine vision, and autofocus is a requirement for any automated inspection system by allowing greater variation in the distance from the camera to the object being imaged. In this paper, we propose a unified approach to simultaneous autofocus and alignment for pattern localization by extending the idea of image reference approach. Under the least trimmed squares (LTS) scheme, the proposed hybrid weighted Hausdorff distance (HWHD) is a robust similarity metric that combines the Hausdorff distance (HD) with the edge-amplitude normalized gradient (EANG) matching. The EANG is designed to characterize the different degrees of blur at the edge points for focus cues, immune to illumination variations between the reference and the target image. We experimentally illustrate its performance on simulated as well as real data.     

A method for assigning a value to a communication protocol test case

One of the main problems in industrial testing is the enormous number of test cases derived from any complex communication protocol. Due to budget constraints and tight schedule, the number of test cases has to be within a certain limit. However, by having a limit on the number of test cases, it raises some issues. For instances, what criteria should be used for selecting the test cases? How can we ensure that important test cases have not been excluded? We are proposing that assigning a value to each of the test cases of a test suite can provide a solution. By doing so, the relative importance of each of the test cases can be ranked and an optimal test suite can then be designed. The value of a test case is to be measured in economic terms, which could be based on the probability that a particular case will occur, and the probability that an error is likely to be uncovered. This paper presents a method for assigning a value to a test case of a communication protocol; it is based on sensitivity analysis, which involves execution, infection and propagation probabilities. To illustrate the method, the results of applying it to the INRES protocol are presented.