Mohamed Kaâniche

Modelling interdependencies between the electricity and information infrastructures

The aim of this paper is to provide qualitative models characterizing interdependencies related failures of two critical infrastructures: the electricity infrastructure and the associated information infrastructure. The interdependencies of these two infrastructures are increasing due to a growing connection of the power grid networks to the global information infrastructure, as a consequence of market deregulation and opening. These interdependencies increase the risk of failures. We focus on cascading, escalating and common-cause failures, which correspond to the main causes of failures due to interdependencies. We address failures in the electricity infrastructure, in combination with accidental failures in the information infrastructure, then we show briefly how malicious attacks in the information infrastructure can be addressed.

A system dependability modeling framework using AADL and GSPNs

There is disclosed a process for the aqueous polymerization of acrylamide to produce polymers of high molecular weight utilizing mixtures of water and monomer, at least one of which can be contaminated with small amounts of polymerization inhibiting components. In the process of the invention, a minimum amount of a redox pair catalyst is utilized in order to obtain the desired high molecular weight polymer. The minimum amount of catalyst is automatically provided to the polymerization mixture by adding a first member of a redox pair to the polymerization mixture and intimately combining a second member of the redox pair catalyst with an organic polymer capable of forming a colloidal dispersion in an aqueous medium and adding this intimate mixture to the mixture of water, acrylamide monomer, and a first member of the redox pair catalyst. The process disclosed provides for the slow release of one member of the redox pair catalyst from said intimate mixture into an aqueous solution or emulsion polymerization medium. As polymerization proceeds, an additional amount of catalyst is made available by the slow recess of one member of the redox pair into the aqueous polymerization medium. The polymerization process can be initiated and maintained at ambient temperatures and pressures. Thus polymerization is effected without providing additional heat or pressure to the reaction mass. Molecular weights of about 1 million to 10 million can be obtained where monomer concentrations are held between about 10 to about 50 percent by weight of the polymerization mixture.

Set-up and deployment of a high-interaction honeypot: experiment and lessons learned

This paper presents the lessons learned from an empirical analysis of attackers behaviours based on the deployment on the Internet of a high-interaction honeypot for more than 1xa0year. We focus in particular on the attacks performed via the SSH service and the activities performed by the attackers once they gain access to the system and try to progress in their intrusion. The first part of the paper describes: (a) the global architecture of the honeypot and the mechanisms used to capture the implementation details so that we can observe attackers behaviours and (b) the details of the experiment itself (duration, data captured, overview of the attackers activity). The second part presents the results of the observation of the attackers. It includes: (a) the description of the global attack process, constituted of two main steps, dictionary attacks and intrusions and (b) the detailed analysis of these two main steps.

Internet attacks monitoring with dynamic connection redirection mechanisms

High-interaction honeypots are interesting as they help understand how attacks unfold on a compromised machine. However, observations are generally limited to the operations performed by the attackers on the honeypot itself. Outgoing malicious activities carried out from the honeypot towards remote machines on the Internet are generally disallowed for legal liability reasons. It is particularly instructive, however, to observe activities initiated from the honeypot in order to monitor attacker behavior across different, possibly compromised remote machines. This paper proposes to this end a dynamic redirection mechanism of connections initiated from the honeypot. This mechanism gives the attacker the illusion of being actually connected to a remote machine whereas he is redirected to another local honeypot. The originality of the proposed redirection mechanism lies in its dynamic aspect: the redirections are made automatically on the fly. This mechanism has been implemented and tested on a Linux kernel. This paper presents the design and the implementation of this mechanism.

Modeling aircraft operational reliability

The success of an aircraft mission is subject to the fulfillment of some operational requirements before and during each flight. As these requirements depend essentially on the aircraft system components and the mission profile, the effects of failures can be very significant if they are not anticipated. Hence, one should be able to assess the aircraft operational reliability with regard to its missions in order to be able to cope with failures. This paper addresses aircraft operational reliability modeling to support maintenance planning during the mission achievement. We develop a modeling approach to represent the aircraft system operational state taking into account the mission profile as well as the maintenance facilities available at the flight stop locations involved in the mission. It is illustrated using Stochastic Activity Networks (SANs) formalism, based on an aircraft subsystem.

Dependability evaluation of a replication service for mobile applications in dynamic ad-hoc networks

In order to increase availability and reliability of stateful applications, redundancy as provided by replication in cluster solutions is a well-known and frequently utilized approach. For mobile services in dynamic ad-hoc networks, such replication mechanisms have to be adapted to deal with the frequently higher communication delays and with the intermittent connectivity. Dynamic clustering strategies in which the replica set is adjusted to the current network state can help to handle the network dynamicity. The paper develops a stochastic Petri net model (and its corresponding Markov chain representation) to analyze the resulting availability and replica consistency in such dynamic clusters. The numerical results are interpreted in the context of a vehicular (c2c) communication use-case and can be used to determine optimized cluster configuration parameters.

Message from the special issue editors

This Special Issue of the Journal of the Brazilian Computer Society features extended versions of five papers selected from The fifth Latin American Dependable Computing (LADC’2011) symposium, which took place in Sao Jose dos Campos, SP, on April 25–29, 2011. LADC is the major Latin American event that provides a forum for researchers and practitioners from all over the world to present and discuss their latest research results and developments on the dependability and security of computer systems and networks. The symposium scope spans system, software and hardware dependability, as well as security research and technological challenges, encompassing fundamental theoretical approaches and practical experimental studies. LADC’2011 received a total of 46 submissions from 12 countries. The entire process was handled electronically. A total of 159 reviews were entered, each paper received at least three reviews. The review process included a rebuttal period during which the authors had the opportunity to clarify doubts and other issues raised in the reviews of their papers. After the rebuttal period, the TPC members started the discussion phase, which resulted in the selection of the 18 papers that are included in the technical program (16 Regular Papers, and 2 Practical Experience Re-

Availability modelling of a virtual black box for automotive systems

Recent developments in automotive systems recommend storing historical information in a black box, in a manner that is similar to the avionics domain. The idea is to record relevant information about the vehicle that can be retrieved in case of a problem. However, instead of using a classical hardware based black-box that could induce a high cost, a more cost effective solution would be to use a software based mechanism that consists in storing the recorded data on a dedicated server at the fixed infrastructure. To protect the data against potential losses before an access to the fixed infrastructure is available, the data can be replicated and temporarily stored on neighbouring encountered vehicles using wireless communication technologies, before being permanently saved on the server. The aim of this paper is to analyse and evaluate the availability of the historical data recorded in the virtual black-box, (VBB) taking into account possible data replication strategies, and various mobility scenarios, using Stochastic Activity Networks (SAN).

Anomaly Detection and Diagnosis for Cloud services: Practical experiments and lessons learned

Anomaly detection system (ADS) for cloud services based on machine learning algorithms.Two diagnosis levels: anomalous VM behavior and type of error causing the anomaly.Deployment and validation of the ADS on a VMware based cloud-computing platform.Generation of complete datasets for training and validation using error emulation.Two case studies: MongoDB database and a virtual network function (VNF). The dependability of cloud computing services is a major concern of cloud providers. In particular, anomaly detection techniques are crucial to detect anomalous service behaviors that may lead to the violation of service level agreements (SLAs) drawn with users. This paper describes an anomaly detection system (ADS) designed to detect errors related to the erroneous behavior of the service, and SLA violations in cloud services. One major objective is to help providers to diagnose the anomalous virtual machines (VMs) on which a service is deployed as well as the type of error associated to the anomaly. Our ADS includes a system monitoring entity that collects software counters characterizing the cloud service, as well as a detection entity based on machine learning models. Additionally, a fault injection entity is integrated into the ADS for the training the machine learning models. This entity is also used to validate the ADS and to assess its anomaly detection and diagnosis performance. We validated our ADS with two case studies deployments: a NoSQL database, and a virtual IP Multimedia Subsystem developed implementing a virtual network function. Experimental results show that our ADS can achieve a high detection and diagnosis performance.

Smart-TV security: risk analysis and experiments on Smart-TV communication channels

This paper focuses on the security threats related to smart-TV communication channels. A risk analysis is carried out to have a global view of potential risks that need to be addressed in the context of Smart-TV communication links. The feasibility of several identified risks is investigated experimentally. The experiments show some relevant security-related vulnerabilities on Smart-TV communications channels. Countermeasures to address these vulnerabilities are also investigated.