John N. Whitley

Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method

Distributed Denial of Service (DDoS) is a serious computer network attack which can cause extreme performance degradation on the victim server. This paper presents a formal and methodical way of modeling DDoS attack by the method of Augmented Attack Tree (AAT), and presents an AAT-based attack detection algorithm. This modeling explicitly captures the particular subtle incidents triggered by DDoS and the corresponding state transitions from the view of the network traffic transmission on the primary victim server. Two major contributions are given in this paper: (1) an AAT-based DDoS model (ADDoSAT) is developed to assess the potential threat from the malicious packets transmission on the primary victim server and to facilitate the detection of such attacks; (2) an AAT-based bottom-up detection algorithm is proposed to detect all kinds of attacks based on AAT modeling.

Augmented attack tree modeling of SQL injection attacks

The SQL injection attacks (SQLIAs) vulnerability is extremely widespread and poses a serious security threat to web applications with built-in access to databases. The SQLIA adversary intelligently exploits the SQL statement parsing operation by web servers via specially constructed SQL statements that subtly lead to non-explicit executions or modifications of corresponding database tables. In this paper, we present a formal and methodical way of modeling SQLIAs by way of augmented attack trees. This modeling explicitly captures the particular subtle incidents triggered by SQLIA adversaries and corresponding state transitions. To the best of our knowledge, this is the first known attack tree modelling of SQL injection attacks.

Technical Communication: Attribution of attack trees

An attack tree is a useful analytical technique to model security threats and/or risks, and hence model attacks as actual realizations of the former. Research on attack trees have focused either on applying such trees to model various ranges of security systems, or on advancements to this technique in itself. In this paper, we revisit the notion of attack tree attribution, i.e. how explicit attribute values of child nodes are aggregated to form the attribute of the parent node, and propose a novel attribution approach. We then show using this approach within the context of analyzing the weakest links of security systems, how the weakest link may not necessarily always be so, but instead it depends on the existence of other stronger links within the system.

Maximise unsafe path routing protocol for forest fire monitoring system using Wireless Sensor Networks

Wireless Sensor Networks are an emerging technology with wide potential to be used in many applications. One such application is the detection and prevention of disasters in scenarios such as forest fires, floods and earthquakes. In these disaster situations, the events being monitored have the potential to destroy the sensing devices, for example, they can be burnt in a fire, sunk in a flood, melted in volcano lava, short-circuited in harmful chemicals, etc. In this paper, a novel energy-efficient routing protocol called Maximise Unsafe Path (MUP) Routing using IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) is presented. The protocol aims to extend network lifetime by adapting the routes accordingly based on node destruction threat. MUP uses a routing technique that maximises the energy utilisation of nodes that are going to fail sooner, in order to save the energy of the other nodes. MUP is implemented as an extension to the RPL protocol for IPv6-based WSNs. The performance of the presented routing is evaluated with simulations and compared with the standard RPL in the same scenarios.

Techno-economic optimization of sustainable power for telecommunications facilities using a systems approach

Telecommunications network operators face the dual challenges of powering remote equipment while controlling both operating costs and energy consumption. As a means to help meet these challenges, this paper describes the functionality and performance of an Alternative Power Analyzer tool specially made for remote base station applications which models the outputs of renewably generated power based on location and user inputs. It combines these results with economic inputs to produce a business plan for the implementation of the preferred system. An important factor affecting economic viability is the various incentives for sustainable power generation. These can vary greatly by value, duration, equipment eligibility, location, and other constraints. To manage these complex datasets, a dynamic ontological information framework has been developed which is designed to iteratively interface with the APA tool. The outputs of the work indicate that a techno-economic systems approach can be applied both to assess the viability of location-specific system configurations under current incentives frameworks and to inform policy makers in terms of future incentives optimization.

FlowStats: An ontology based network management tool

One of the problems that hinders large scale network management tasks is the number of possible heterogeneous data sources that provide network information and how to focus on a desired network segment without requiring a deep knowledge of the network structure. This work investigates how to intelligently and efficiently refine and manage a vast amount of network monitoring data sources, by using artificial intelligent reasoning through an intuitive user interface. We aim to minimise the user interaction and required user knowledge when searching for the desired network monitoring information by refining the presented information based on user choices. The concept of Ontology is utilised to create a knowledge base of multiple different aspects of our testbed: Internal Management structure, Physical Location of data sources, and network switch meta-data.

Fooling a liveness-detecting capacitive fingerprint scanner

Biometrics are increasingly being deployed as solutions to the security problems of authentication, identification and to some extent, non-repudiation. Biometrics are also publicized by proponents to be more secure than conventional mechanisms such as passwords and tokens, while also being more convenient too since there is no need to remember passwords nor carry anything around. Yet the security of biometrics lies on the assumption that biometric traits are unique to an individual and are unforgeable; once this assumption is invalidated, the security of biometrics collapses. Therefore, it is crucial to ensure that biometric traits are indeed unforgeable. In scientific literature, proponents have invented different ways for liveness detection, in order to differentiate forged traits from real ones, based on the premise that forged traits should not have liveness. In this paper, we show that a celebrated capacitive fingerprint scanner with liveness detection claims, can be fooled by fake fingers produced by amateurs from cheap commercially available materials. This brings into question that a gap may exist between what scientific literature has proposed for liveness detection and the actual robustness of liveness-detecting fingerprint scanners available in the market against fake fingers.

Adversarial security: getting to the root of the problem

This paper revisits the conventional notion of security, and champions a paradigm shift in the way that security should be viewed: we argue that the fundamental notion of security should naturally be one that actively aims for the root of the security problem: the malicious (human-terminated) adversary. To that end, we propose the notion of adversarial security where non-malicious parties and the security mechanism are allowed more activeness; we discuss framework ideas based on factors affecting the (human) adversary, and motivate approaches to designing adversarial security systems. Indeed, while security research has in recent years begun to focus on human elements of the legitimate user as part of the security systems design e.g. the notion of ceremonies; our adversarial security notion approaches general security design by considering the human elements of the malicious adversary.

Evidential notions of defensibility and admissibility with property preservation

For security-emphasizing fields that deal with evidential data acquisition, processing, communication, storage and presentation, for instance network forensics, border security and enforcement surveillance, ultimately the outcome is not the technical output but rather physical prosecutions in court (e.g. of hackers, terrorists, law offenders) or counter-attack measures against the malicious adversaries. The aim of this paper is to motivate the research direction of formally linking these technical fields with the legal field. Notably, deriving technical representations of evidential data such that they are useful as evidences in court; while aiming that the legal parties understand the technical representations in better light. More precisely, we design the security notions of evidence processing and acquisition, guided by the evidential requirements from the legal perspective; and discuss example relations to forensics investigations.

Evidential structures and metrics for network forensics

Evaluation of forensics evidence is an essential step in proving the malicious intents of an attacker or adversary and the severity of the damages caused to any network. This paper takes a step forward showing how security metrics can be used to sustain a sense of credibility to network evidence gathered as an elaboration and extension to an embedded feature of network forensic readiness (NFR) – redress that is defined as holding intruders responsible. We propose a procedure of evidence acquisition in network forensics where we then analyse sample of packet data in order to extract useful information as evidence through a formalised intuitive model, based on capturing adversarial behaviour and layer analysis. We also discuss the evidential structure and corresponding database design. We then apply the common vulnerability scoring system (CVSS) metrics to show that a forensics metrics system could assess the severity of network attacks committed, thus giving a degree of credibility to the evidence gathered. This way, hard evidence could be objectively collected to lend support to the resource-intensive process of investigation and litigation, leading to successful conviction, while reducing effort expended on the process.