Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

The War Against Chinese Restaurants

Chinese restaurants are a cultural fixture—as American as cherry pie. Startlingly, however, there was once a national movement to eliminate Chinese restaurants, using innovative legal methods to drive them out. Chinese restaurants were objectionable for two reasons. First, Chinese restaurants competed with “American” restaurants, thus threatening the livelihoods of white owners, cooks, and servers and motivating unions to fight them. Second, Chinese restaurants threatened white women, who were subject to seduction by Chinese men taking advantage of intrinsic female weakness and nefarious techniques such as opium addiction. The efforts were creative. Chicago used anti-Chinese zoning, Los Angeles restricted restaurant jobs to citizens, Boston authorities denied Chinese restaurants licenses, and the New York Police Department simply ordered whites out of Chinatown. Perhaps the most interesting technique was a law, endorsed by the American Federation of Labor for adoption in all jurisdictions, prohibiting white women from working in Asian restaurants. Most measures failed or were struck down. The unions, of course, did not eliminate Chinese restaurants, but Asians still lost because unions achieved their more important goal by extending the federal immigration policy of excluding Chinese immigrants to all Asian immigrants. The campaign is of more than historical interest today. As current anti-immigration sentiments and efforts show, even now the idea that white Americans should have a privileged place in the economy, or that nonwhites are culturally incongruous, persists among some

The Atacama Cosmology Telescope: The polarization-sensitive ACTPol instrument

The Atacama Cosmology Telescope (ACT) is designed to make high angular resolution measurements of anisotropies in the Cosmic Microwave Background (CMB) at millimeter wavelengths. We describe ACTPol, an upgraded receiver for ACT, which uses feedhorn-coupled, polarization-sensitive detector arrays, a 3 degree field of view, 100 mK cryogenics with continuous cooling, and meta material anti-reflection coatings. ACTPol comprises three arrays with separate cryogenic optics: two arrays at a central frequency of 148 GHz and one array operating simultaneously at both 97 GHz and 148 GHz. The combined instrument sensitivity, angular resolution, and sky coverage are optimized for measuring angular power spectra, clusters via the thermal Sunyaev-Zel'dovich and kinetic Sunyaev-Zel'dovich signals, and CMB lensing due to large scale structure. The receiver was commissioned with its first 148 GHz array in 2013, observed with both 148 GHz arrays in 2014, and has recently completed its first full season of operations with the full suite of three arrays. This paper provides an overview of the design and initial performance of the receiver and related systems

A socio-cognitive and computational model for decision making and user modelling in social phishing

Systems software quality, and system security in particular, is often compromised by phishing attacks. The latter were relatively easy to detect through phishing content filters, in the past. However, it has been increasingly difficult to stop more recent and sophisticated social phishing attacks. To protect the citizens from new types of phishing attacks, software quality engineers need to provide equally sophisticating preventive technology that models people’s reactions. The authors considered the behaviour of people on the Internet from a socio-cognitive perspective and deduced who could be more prone to be spoofed by social phishing techniques. The authors herein propose a computational and interdisciplinary metamodelling methodology, which can assist in capturing and understanding people’s interactive behaviour when they are online. Online behaviour can reveal Internet users’ knowledge, information, and beliefs in a given social context; these could also constitute significant factors for trust in social phishing circumstances which, in turn, can provide valuable insights and decision making meta-knowledge for recognition of potential victims of phishers. The proposed modelling approach is illustrated and explained using real-life phishing cases. This meta-model can i) help social computing and phishing researchers to understand users’ trust decisions from a socio-cognitive perspective, and ii) open ways to integrate artificial intelligence design techniques within software quality management practices in order to protect citizens from being spoofed by social phishing attacks. Thus, this software design quality approach will increase system security as a proactive maintenance strategy

Strategies for Searching Video Content with Text Queries or Video Examples

The large number of user-generated videos uploaded on to the Internet everyday has led to many commercial video search engines, which mainly rely on text metadata for search. However, metadata is often lacking for user-generated videos, thus these videos are unsearchable by current search engines. Therefore, content-based video retrieval (CBVR) tackles this metadata-scarcity problem by directly analyzing the visual and audio streams of each video. CBVR encompasses multiple research topics, including low-level feature design, feature fusion, semantic detector training and video search/reranking. We present novel strategies in these topics to enhance CBVR in both accuracy and speed under different query inputs, including pure textual queries and query by video examples. Our proposed strategies have been incorporated into our submission for the TRECVID 2014 Multimedia Event Detection evaluation, where our system outperformed other submissions in both text queries and video example queries, thus demonstrating the effectiveness of our proposed approaches

Alert Correlation through a Multi Components Architecture

Alert correlation is a process that analyzes the raw alerts produced by one or more intrusion detection systems, reduces nonrelevant ones, groups together alerts based on similarity and causality relationships between them and finally makes aconcise and meaningful view of occurring or attempted intrusions. Unfortunately, most correlation approaches use just a few components that aim only specific correlation issues and so cause reduction in correlation rate. This paper uses a general correlation model that has already been presented in [9] and is consisted of a comprehensive set of components. Then some changes are applied in the component that is related to multi-step attack scenario to detect them better and so to improve semantic level of alerts. The results of experiments with DARPA 2000 data set obviously show the effectiveness of the proposed approach.DOI:http://dx.doi.org/10.11591/ijece.v3i4.277

Measurement of Anti-Cancer Agent Methoxyamine in Plasma by Tandem Mass Spectrometry with On-Line Sample Extraction

In this work, we present the development and validation of a tandem mass spectrometry method for the quantitative determination of methoxyamine (CH3ONH2), a potential new chemotherapeutic agent, in human and mouse plasma. Methoxyamine together with the internal standard (I.S.) methoxyl-D3-amine was directly derivatized in plasma sample with a novel chemical agent 4-(N,N-diethylamino)benzaldehyde. The product solution was injected into an on-line Oasis® HLB extraction column ( mm) for analyte extraction. After the elution of extractives, the derivatized analytes were monitored by the positive-electrospray-ionization mass spectrometry (ESI-MS-MS). The structures of derivatized analytes were elucidated by fragmentation. Quantitation of plasma methoxyamine was carried out by the multiple reaction monitoring (MRM) mode. This method had a linear calibration range of 1.00–1000 ng/ml with a correlation coefficient of 0.9999 for methoxyamine in both human and mouse plasma. The limit of detection (LOD) and limit of quantification (LOQ) for methoxyamine in plasma were 0.150 and 0.500 ng/ml, respectively. It was demonstrated that the method had high recovery and accuracy (90.1–94.7 and 90.1–96.3%), as well as excellent intra- and inter-assay precision (2.2 and 3.7%), at three concentration levels (5.00, 50.0, 500 ng/ml). This method has been used to analyze the plasma levels of methoxyamine in samples obtained from male CD1 mice after bolus intraperitoneal injection of 2, 5 and 20 mg methoxyamine hydrochloride (CH3ONH2.HCl) per kilogram mouse

The Importance of Generalizability to Anomaly Detection

In security-related areas there is concern over novel “zero-day” attacks that penetrate system defenses and wreak havoc. The best methods for countering these threats are recognizing “nonself” as in an Artificial Immune System or recognizing “self” through clustering. For either case, the concern remains that something that appears similar to self could be missed. Given this situation, one could incorrectly assume that a preference for a tighter fit to self over generalizability is important for false positive reduction in this type of learning problem. This article confirms that in anomaly detection as in other forms of classification a tight fit, although important, does not supersede model generality. This is shown using three systems each with a different geometric bias in the decision space. The first two use spherical and ellipsoid clusters with a k-means algorithm modified to work on the one-class/blind classification problem. The third is based on wrapping the self points with a multidimensional convex hull (polytope) algorithm capable of learning disjunctive concepts via a thresholding constant. All three of these algorithms are tested using the Voting dataset from the UCI Machine Learning Repository, the MIT Lincoln Labs intrusion detection dataset, and the lossy-compressed steganalysis domain

Yours ever (well, maybe): Studies and signposts in letter writing

Electronic mail and other digital communications technologies seemingly threaten to end the era of handwritten and typed letters, now affectionately seen as part of snail mail. In this essay, I analyze a group of popular and scholarly studies about letter writing-including examples of pundits critiquing the use of e-mail, etiquette manuals advising why the handwritten letter still possesses value, historians and literary scholars studying the role of letters in the past and what it tells us about our present attitudes about digital communications technologies, and futurists predicting how we will function as personal archivists maintaining every document including e-mail. These are useful guideposts for archivists, providing both a sense of the present and the past in the role, value and nature of letters and their successors. They also provide insights into how such documents should be studied, expanding our gaze beyond the particular letters, to the tools used to create them and the traditions dictating their form and function. We also can discern a role for archivists, both for contributing to the literature about documents and in using these studies and commentaries, suggesting not a new disciplinary realm but opportunities for new interdisciplinary work. Examining a documentary form makes us more sensitive to both the innovations and traditions as it shifts from the analog to the digital; we can learn not to be caught up in hysteria or nostalgia about one form over another and archivists can learn about what they might expect in their labors to document society and its institutions. At one time, paper was part of an innovative technology, with roles very similar to the Internet and e-mail today. It may be that the shifts are far less revolutionary than is often assumed. Reading such works also suggests, finally, that archivists ought to rethink how they view their own knowledge and how it is constructed and used. © 2010 Springer Science+Business Media B.V