Baseline and stress-induced levels of corticosterone in male and female Afrotropical and European temperate stonechats during breeding

Background: Latitudinal variation in avian life histories falls along a slow-fast pace of life continuum: tropical species produce small clutches, but have a high survival probability, while in temperate species the opposite pattern is found. This study investigated whether differential investment into reproduction and survival of tropical and temperate species is paralleled by differences in the secretion of the vertebrate hormone corticosterone (CORT). Depending on circulating concentrations, CORT can both act as a metabolic (low to medium levels) and a stress hormone (high levels) and, thereby, influence reproductive decisions. Baseline and stress-induced CORT was measured across sequential stages of the breeding season in males and females of closely related taxa of stonechats (Saxicola spp) from a wide distribution area. We compared stonechats from 13 sites, representing Canary Islands, European temperate and East African tropical areas. Stonechats are highly seasonal breeders at all these sites, but vary between tropical and temperate regions with regard to reproductive investment and presumably also survival. Results: In accordance with life-history theory, during parental stages, post-capture (baseline) CORT was overall lower in tropical than in temperate stonechats. However, during mating stages, tropical males had elevated post-capture (baseline) CORT concentrations, which did not differ from those of temperate males. Female and male mates of a pair showed correlated levels of post-capture CORT when sampled after simulated territorial intrusions. In contrast to the hypothesis that species with low reproduction and high annual survival should be more risk-sensitive, tropical stonechats had lower stress-induced CORT concentrations than temperate stonechats. We also found relatively high post-capture (baseline) and stress-induced CORT concentrations, in slow-paced Canary Islands stonechats. Conclusions: Our data support and refine the view that baseline CORT facilitates energetically demanding activities in males and females and reflects investment into reproduction. Low parental workload was associated with lower post-capture (baseline) CORT as expected for a slow pace of life in tropical species. On a finer resolution, however, this tropical-temperate contrast did not generally hold. Post-capture (baseline) CORT was higher during mating stages in particular in tropical males, possibly to support the energetic needs of mate-guarding. Counter to predictions based on life history theory, our data do not confirm the hypothesis that long-lived tropical populations have higher stress-induced CORT concentrations than short-lived temperate populations. Instead, in the predator-rich tropical environments of African stonechats, a dampened stress response during parental stages may increase survival probabilities of young. Overall our data further support an association between life history and baseline CORT, but challenge the role of stress-induced CORT as a mediator of tropical-temperate variation in life history

Security risk assessment and protection in the chemical and process industry

This article describes a security risk assessment and protection methodology that was developed for use in the chemical- and process industry in Belgium. The approach of the method follows a risk-based approach that follows desing principles for chemical safety. That approach is beneficial for workers in the chemical industry because they recognize the steps in this model from familiar safety models .The model combines the rings-of-protection approach with generic security practices including: management and procedures, security technology (e.g. CCTV, fences, and access control), and human interactions (pro-active as well as re-active). The method is illustrated in a case-study where a practical protection plan was developed for an existing chemical company. This chapter demonstrates that the method is useful for similar chemical- and process industrial activities far beyond the Belgian borders, as well as for cross-industrial security protection. This chapter offers an insight into how the chemical sector protects itself on the one hand, and an insight into how security risk management can be practiced on the other hand

An Artificial Neural Network-based Decision-Support System for Integrated Network Security

As large-scale Cyber attacks become more sophisticated, local network defenders should employ strength-in-numbers to achieve mission success. Group collaboration reduces individual efforts to analyze and assess network traffic. Network defenders must evolve from an isolated defense in sector policy and move toward a collaborative strength-in-numbers defense policy that rethinks traditional network boundaries. Such a policy incorporates a network watch ap-proach to global threat defense, where local defenders share the occurrence of local threats in real-time across network security boundaries, increases Cyber Situation Awareness (CSA) and provides localized decision-support. A single layer feed forward artificial neural network (ANN) is employed as a global threat event recommender system (GTERS) that learns expert-based threat mitigation decisions. The system combines the occurrence of local threat events into a unified global event situation, forming a global policy that allows the flexibility of various local policy interpretations of the global event. Such flexibility enables a Linux based network defender to ignore windows-specific threats while focusing on Linux threats in real-time. In this thesis, the GTERS is shown to effectively encode an arbitrary policy with 99.7% accuracy based on five threat-severity levels and achieves a generalization accuracy of 96.35% using four distinct participants and 9-fold cross-validation

Reduction of False Positives in Intrusion Detection Based on Extreme Learning Machine with Situation Awareness

Protecting computer networks from intrusions is more important than ever for our privacy, economy, and national security. Seemingly a month does not pass without news of a major data breach involving sensitive personal identity, financial, medical, trade secret, or national security data. Democratic processes can now be potentially compromised through breaches of electronic voting systems. As ever more devices, including medical machines, automobiles, and control systems for critical infrastructure are increasingly networked, human life is also more at risk from cyber-attacks. Research into Intrusion Detection Systems (IDSs) began several decades ago and IDSs are still a mainstay of computer and network protection and continue to evolve. However, detecting previously unseen, or zero-day, threats is still an elusive goal. Many commercial IDS deployments still use misuse detection based on known threat signatures. Systems utilizing anomaly detection have shown great promise to detect previously unseen threats in academic research. But their success has been limited in large part due to the excessive number of false positives that they produce. This research demonstrates that false positives can be better minimized, while maintaining detection accuracy, by combining Extreme Learning Machine (ELM) and Hidden Markov Models (HMM) as classifiers within the context of a situation awareness framework. This research was performed using the University of New South Wales - Network Based 2015 (UNSW-NB15) data set which is more representative of contemporary cyber-attack and normal network traffic than older data sets typically used in IDS research. It is shown that this approach provides better results than either HMM or ELM alone and with a lower False Positive Rate (FPR) than other comparable approaches that also used the UNSW-NB15 data set

The Australian Cyber Security Centre threat report 2015

Introduction: The number, type and sophistication of cyber security threats to Australia and Australians are increasing. Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries. This first unclassified report by the ACSC describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. This report also offers mitigation advice on how organisations can defend against these activities. The ACSC’s ability to detect and defend against sophisticated cyber threats continues to improve. But cyber adversaries are constantly improving their tradecraft in their attempts to defeat our network defences and exploit the new technologies we embrace. There are gaps in our understanding of the extent and nature of malicious activity, particularly against the business sector. The ACSC is reaching out to industry to build partnerships to improve our collective understanding. Future iterations of the Threat Report will benefit from these partnerships and help to close gaps in our knowledge

Towards a Threat Intelligence Informed Digital Forensics Readiness Framework

Digital Forensic Readiness (DFR) has received little attention by the research community, when compared to the core digital forensic investigation processes. DFR was primarily about logging of security events to be leveraged by the forensic analysis phase. However, the increasing number of security incidents and the overwhelming volumes of data produced mandate the development of more effective and efficient DFR approaches. We propose a DFR framework focusing on the prioritisation, triaging and selection of Indicators of Compromise (IoC) to be used in investigations of security incidents. A core component of the framework is the contextualisation of the IoCs to the underlying organisation, which can be achieved with the use of clustering and classification algoriihms and a local IoC database

Are You Ready? A Proposed Framework For The Assessment Of Digital Forensic Readiness

This dissertation develops a framework to assess Digital Forensic Readiness (DFR) in organizations. DFR is the state of preparedness to obtain, understand, and present digital evidence when needed. This research collects indicators of digital forensic readiness from a systematic literature review. More than one thousand indicators were found and semantically analyzed to identify the dimensions to where they belong. These dimensions were subjected to a q-sort test and validated using association rules, producing a preliminary framework of DFR for practitioners. By classifying these indicators into dimensions, it was possible to distill them into 71 variables further classified into either extant or perceptual variables. Factor analysis was used to identify latent factors within the two groups of variables. A statistically-based framework to assess DFR is presented, wherein the extant indicators are used as a proxy of the real DFR status and the perceptual factors as the perception of this status

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor