A proactive password checker

Password selection has long been a difficult issue; traditionally, passwords are either assigned by the computer or chosen by the user. When the computer does the assignment, the passwords are often hard to remember; when the user makes the selection, the passwords are often easy to guess. This paper describes a technique, and a mechanism, to allow users to select passwords which to them are easy to remember but to others would be very difficult to guess. The technique is site, user, and group compatible, and allows rapid changing of constraints imposed upon the password. Although experience with this technique is limited, it appears to have much promise

Processing Concrete and Abstract Relationships in Word Pairs

Malhi (2015) found a reverse concreteness, or abstractness, effect for word pairs in an iconicity judgment task. Per Vigliocco et al.’s (2009) theory of embodied abstract semantics, Malhi and Buchanan (2017) hypothesized that participants were taking a visualization approach (time-costly) towards the concrete word pairs and an emotional valence approach (time-efficient) towards the abstract word pairs. It was also hypothesized that the abstractness effect emerged not by considering single words in isolation but rather by considering the relationship between them. The goal of the present study was to test these hypotheses and to further investigate this reverse concreteness, or abstractness, effect. Results generally provided support for these hypotheses. An event-related potential (ERP) experiment revealed a dissociation between behavioural abstractness and neural concreteness. The results are interpreted using a proposed theory of flexible abstractness and concreteness effects (FACE)

Optimisation of John the Ripper in a clustered Linux environment

To aid system administrators in enforcing strict password policies, the use of password cracking tools such as Cisilia (C.I.S.I.ar, 2003) and John the Ripper (Solar Designer, 2002), have been employed as software utilities to look for weak passwords. John the Ripper (JtR) attempts to crack the passwords by using a dictionary, brute-force or other mode of attack. The computational intensity of cracking passwords has led to the utilisation of parallel-processing environments to increase the speed of the password-cracking task. Parallel-processing environments can consist of either single systems with multiple processors, or a collection of separate computers working together as a single, logical computer system; both of these configurations allow operations to run concurrently. This study aims to optimise and compare the execution of JtR on a pair of Beowulf clusters, which arc a collection of computers configured to run in a parallel manner. Each of the clusters will run the Rocks cluster distribution, which is a Linux RedHat based cluster-toolkit. An implementation of the Message Passing Interface (MPI), MPICH, will be used for inter-node communication, allowing the password cracker to run in a parallel manner. Experiments were performed to test the reliability of cracking a single set of password samples on both a 32-bit and 64-bit Beowulf cluster comprised of Intel Pentium and AMD64 Opteron processors respectively. These experiments were also used to test the effectiveness of the brute-force attack against the dictionary attack of JtR. The results from this thesis may provide assistance to organisations in enforcing strong password policies on user accounts through the use of computer clusters and also to examine the possibility of using JtR as a tool to reliably measure password strength

The locus of serial processing in reading aloud:Orthography-to-phonology computation or speech planning?

Dual-route theories of reading posit that a sublexical reading mechanism that operates serially and from left to right is involved in the orthography-to-phonology computation. These theories attribute the masked onset priming effect (MOPE) and the phonological Stroop effect (PSE) to the serial left-to-right operation of this mechanism. However, both effects may arise during speech planning, in the phonological encoding process, which also occurs serially and from left to right. In the present paper, we sought to determine the locus of serial processing in reading aloud by testing the contrasting predictions that the dual-route and speech planning accounts make in relation to the MOPE and the PSE. The results from three experiments that used the MOPE and the PSE paradigms in English are inconsistent with the idea that these effects arise during speech planning, and consistent with the claim that a sublexical serially operating reading mechanism is involved in the print-to-sound translation. Simulations of the empirical data on the MOPE with the dual route cascaded (DRC) and connectionist dual process (CDP++) models, which are computational implementations of the dual-route theory of reading, provide further support for the dual-route account.24 page(s

Scalable Techniques for Anomaly Detection

Computer networks are constantly being attacked by malicious entities for various reasons. Network based attacks include but are not limited to, Distributed Denial of Service (DDoS), DNS based attacks, Cross-site Scripting (XSS) etc. Such attacks have exploited either the network protocol or the end-host software vulnerabilities for perpetration. Current network traffic analysis techniques employed for detection and/or prevention of these anomalies suffer from significant delay or have only limited scalability because of their huge resource requirements. This dissertation proposes more scalable techniques for network anomaly detection. We propose using DNS analysis for detecting a wide variety of network anomalies. The use of DNS is motivated by the fact that DNS traffic comprises only 2-3% of total network traffic reducing the burden on anomaly detection resources. Our motivation additionally follows from the observation that almost any Internet activity (legitimate or otherwise) is marked by the use of DNS. We propose several techniques for DNS traffic analysis to distinguish anomalous DNS traffic patterns which in turn identify different categories of network attacks. First, we present MiND, a system to detect misdirected DNS packets arising due to poisoned name server records or due to local infections such as caused by worms like DNSChanger. MiND validates misdirected DNS packets using an externally collected database of authoritative name servers for second or third-level domains. We deploy this tool at the edge of a university campus network for evaluation. Secondly, we focus on domain-fluxing botnet detection by exploiting the high entropy inherent in the set of domains used for locating the Command and Control (C&C) server. We apply three metrics namely the Kullback-Leibler divergence, the Jaccard Index, and the Edit distance, to different groups of domain names present in Tier-1 ISP DNS traces obtained from South Asia and South America. Our evaluation successfully detects existing domain-fluxing botnets such as Conficker and also recognizes new botnets. We extend this approach by utilizing DNS failures to improve the latency of detection. Alternatively, we propose a system which uses temporal and entropy-based correlation between successful and failed DNS queries, for fluxing botnet detection. We also present an approach which computes the reputation of domains in a bipartite graph of hosts within a network, and the domains accessed by them. The inference technique utilizes belief propagation, an approximation algorithm for marginal probability estimation. The computation of reputation scores is seeded through a small fraction of domains found in black and white lists. An application of this technique, on an HTTP-proxy dataset from a large enterprise, shows a high detection rate with low false positive rates

Taxonomy for Humans or Computers? Cognitive Pragmatics for Big Data

Criticism of big data has focused on showing that more is not necessarily better, in the sense that data may lose their value when taken out of context and aggregated together. The next step is to incorporate an awareness of pitfalls for aggregation into the design of data infrastructure and institutions. A common strategy minimizes aggregation errors by increasing the precision of our conventions for identifying and classifying data. As a counterpoint, we argue that there are pragmatic trade-offs between precision and ambiguity that are key to designing effective solutions for generating big data about biodiversity. We focus on the importance of theory-dependence as a source of ambiguity in taxonomic nomenclature and hence a persistent challenge for implementing a single, long-term solution to storing and accessing meaningful sets of biological specimens. We argue that ambiguity does have a positive role to play in scientific progress as a tool for efficiently symbolizing multiple aspects of taxa and mediating between conflicting hypotheses about their nature. Pursuing a deeper understanding of the trade-offs and synthesis of precision and ambiguity as virtues of scientific language and communication systems then offers a productive next step for realizing sound, big biodiversity data services

Phonological encoding is free from orthographic influence: evidence from a picture variant of the phonological Stroop task

The phonological Stroop task, in which the participant names the color of written distractors, is being used increasingly to study the phonological encoding process in speech production. A brief review of experimental paradigms used to study the phonological encoding process indicated that currently it is not known whether the onset overlap benefit (faster color naming when the distractor shares the onset segment with the color name) in a phonological Stroop task is due to phonology or orthography. The present paper investigated this question using a picture variant of the phonological Stroop task. Participants named a small set of line drawings of animals (e.g., camel) with a pseudoword distractor printed on it. Picture naming was facilitated when the distractor shared the onset segment with the picture name regardless of orthographic overlap (CUST–camel = KUST–camel < NUST–camel). We conclude that the picture variant of the phonological Stroop task is a useful tool to study the phonological encoding process, free of orthographic influence