Ben Soh

Refereed paper: Setting optimal intrusion-detection thresholds

In this paper a model is developed to study an intrusion detection process. From the model, a measure called the Secure Computation Index is proposed. This index is used to quantify the total aspect of an intrusion-safe (or intrusionresistant) system. Comparative studies based on the index can assist in making decisions on optimal strategic controls against any possible system intrusion. In this paper, we show how the model can be used to help in setting optimal intrusion-detection thresholds, which will provide the best intrusion coverage with the minimum false positive rate.

Risk in Trusted Decentralized Communications

Risk is associated with almost every activity that is undertaken on a daily life. Risk associated with Trust, Security and Privacy. Risk is associated with transactions, businesses, information systems, environments, networks, partnerships, etc. Generally speaking, risk signifies the likelihood of financial losses, human casualties, business destruction and environmental damages. Risk indicator gives early warning to the party involved and helps avoid deserters. Until now, risk has been discussed extensively in the areas of investment, finance, health, environment, daily life activities and engineering. However, there is no systematic study of risk in Decentralised communication, which involves e-business, computer networks and service oriented environment. In this paper, we define risk associated with trusted communication in e-business and e-transactions; provide risk indicator calculations and basic application areas.

Quantitative risk assessment of computer virus attacks on computer networks

This paper discusses the various types of malicious software, particularly computer viruses, which threaten computer network dependability, including such attributes as reliability, availability, safety and security of computer systems. Quantitative risk assessment of computer virus attacks on computer networks is investigated. To this end, an analytical model to study computer virus propagation in a typical network is developed and the results are presented. The model developed in this paper theoretically supports what is commonly performed in network management, where particular network resources are to be protected or preserved under hostile conditions. Some strategic controls are discussed.

Context Based Riskiness Assessment

In almost every interaction the trusting peer might fear about the likelihood of the loss in the resources involved during the transaction. This likelihood of the loss in the resources is termed as risk in the transaction. Hence analyzing the risk involved in a transaction is important to decide whether to proceed with the transaction or not. If a trusting peer is unfamiliar with a trusted peer and has not interacted with it before in a specific context, then it will ask for recommendations from other peer in order to determine the trusted peers riskiness value or reputation. In this paper we discuss the process of asking recommendations from other peers in a specific context and assimilating those recommendations according to its criteria of the interaction in order to determine the correct riskiness value of the trusted peer.

Refereed paper: System intrusion processes: a simulation model

In the past few years several break-in to computer networks and computer system have occured, and break-ins are becoming more widespread. They may be the acts of external intruders (outsiders), internal intruders (insiders) or both. More often than not, these intruders attack the system with malicious intent to affect system security attributes, namely secrecy, integrity and service availability. In our paper [1] (Computer & Security, 1995, 14, 621-631) we use a model to present an analytical study of computer system intrusions. This subsequent paper describes a fixed-increment, time-advance, discrete-event simulation study of system intrusion process. The analytical model is subsequently used to validate the simulation study.

A Hybrid TDMA protocol based Ultra-Wide Band for in-car wireless communication

The use of wireless technology for intra-vehicle communication is becoming possible in replacing in-scalable, high weight and high manufacture cost automotive wired networks. Ultra-Wide Band (UWB) is emerging as an ideal alternative for implementing an Intra-Vehicle Wireless Sensor Network (I-VWSN) due to its very high data rate and low power consumption. However, the current IEEE MAC Layer Protocol for UWB, IEEE 802.15.3a using CSMA/CA technique, cannot support real-time requirements for in-vehicle applications. This paper presents a Hybrid TDMA MAC protocol that not only guarantees the stringent latency of in-vehicle sensors information, but also allows the integration of other high consumption bandwidth devices such as passenger entertainment electronics. Each cycle of the protocol is divided into two segments: Static Segment (StS) and Dynamic Segment (DyS). The static segment consists of several equal static slots which are allocated to every node sending data periodically. Meanwhile, the dynamic segment is used for event-trigger or noncritical-time information. The channel during the DyS is competed for by nodes with different priorities.

Context and Time Based Riskiness Assessment for Decision Making

In an e-commerce interaction carried out in a Peerto- Peer environment it is rational for the trusting peer to analyze the Risk that could be involved in dealing with a trusted peer as there is a lack of central management in these type of interactions. Risk analysis can be done by assimilating recommendations from other peers if there is no previous interaction history between the trusting peer and the trusted peer. But the assimilated recommendations might be according to the criteria of the recommending peer with the trusted peer, and it is not necessary for the trusting peer to have the same criteria in its interaction with the trusted peer as that of the recommending peer even thought it is interacting in the same context. Further it might interact in a different time as that of the recommending peer. The Risk that was present in a particular context and at a particular time might not be the same at a different time. Hence in this paper we discuss the process of the trusting peer assimilating the recommendations from the recommending peers according to the context, criteria and time of its interaction in order to determine the Riskiness value of the trusted peer, which would help it considerably in decision making.

On Modelling and Analysis of Latency Problem in Fault-Tolerant Systems

The notion that a fault does not necessarily cause an immediate effective error which can lead to a system failure has long been recognized. The prevalent observation is that before a system crashes, it undergoes a period of abnormality growth — the snowball effect. In this paper, we develop an analytic model to study the effect of this snowball phenomenon on fault-tolerant systems. Some of the results of our sensitivity analysis are presented.

Predicting the Dynamic Nature of Risk

The trusting peer in order to determine the likelihood of the loss in its resources might analyze the Risk before engaging in an interaction with any trusted peer. This likelihood of the loss in the resources is termed as Risk in the interaction. Risk analysis is important in e-commerce transactions because of the vast literature that argues that the decision to buy is based on the Risk-adjusted cost-benefit analysis. If the trusting peer can determine the future Riskiness value or reputation of a trusted peer for the time period of its interaction, before engaging in an activity with it, then it can ease its decision making process of whether to interact with the trusted peer or not. In this paper we present such a novel method which predicts the dynamic nature of Risk and determines the future Riskiness value of the trusted peer, before the interaction starts, thus helping the trusting peer considerably in making its decision.

Context and Time Dependent Risk Based Decision Making

As there is a lack of central management in an e-commerce interaction carried out based on peer-to-peer architecture, it is obvious for the trusting peer to analyze the risk beforehand that could be involved in dealing with a trusted peer in these types of interactions. Another characteristic of peer-to-peer architecture interactions is that the trusting peer might have to choose a peer to interact with, from a set of possible trusted peers. It can ease its decision making process of choosing a peer to interact with by analyzing the risk that could be involved in dealing with each of the possible trusted peers. In this paper we highlight and propose a solution to this problem by which the trusting peer can decide with which peer to interact with after analyzing the risk that could be associated in dealing with each of them