Community-Based Security for the Internet of Things

With more and more devices becoming connectable to the internet, the number of services but also a lot of threats increases dramatically. Security is often a secondary matter behind functionality and comfort, but the problem has already been recognized. Still, with many IoT devices being deployed already, security will come step-by-step and through updates, patches and new versions of apps and IoT software. While these updates can be safely retrieved from app stores, the problems kick in via jailbroken devices and with the variety of untrusted sources arising on the internet. Since hacking is typically a community effort? these days, security could be a community goal too. The challenges are manifold, and one reason for weak or absent security on IoT devices is their weak computational power. In this chapter, we discuss a community based security mechanism in which devices mutually aid each other in secure software management. We discuss game-theoretic methods of community formation and light-weight cryptographic means to accomplish authentic software deployment inside the IoT device community

Cognitively Engineering a Virtual Collaboration Environment for Crisis Response

Crisis response situations require collaboration across many different organizations with different backgrounds, training, procedures, and goals. The Indian Ocean Tsunami in 2004 and the Hurricane Katrina relief efforts in 2005 emphasized the importance of effective communication and collaboration. In the former, the Multinational Planning Augmentation Team (MPAT) supported brokering of requests for assistance with offers of help from rapidly deployed military and humanitarian assistance facilities. In the aftermath of Hurricane Katrina, the National Guard Soldiers and active component Army Soldiers assisted other state, federal, and non-government organizations with varying degrees of efficiency and expediency. Compounding the challenges associated with collaboration during crisis situations is the distributed nature of the supporting organizations and the lack of a designated leader across these military, government, nongovernment organizations. The Army Research Laboratory is collaborating with the University of Edinburgh, University o

Preventative tele-health supported services for early stage chronic obstructive pulmonary disease: a protocol for a pragmatic randomized controlled trial pilot

Background Chronic Obstructive Pulmonary Disease (COPD) is a prevalent debilitating long term condition. It is the second most common cause of emergency admission to hospital in the UK and remains one of the most costly conditions to treat through acute care. Tele-health monitoring offers potential to reduce the rates of re-hospitalisation and emergency department visits and improve quality of life for people with COPD. However, the current evidence base to support technology adoption and implementation is limited and the resource implications for implementing tele-health in practice can be very high. This trial will employ tele-health monitoring in a preventative capacity for patients diagnosed with early stage COPD following discharge from hospital to determine whether it reduces their need for additional health service support or hospital admission and improves their quality of life. Methods/Design We describe a pilot study for a two arm, one site randomized controlled trial (RCT) to determine the effect of tele-health monitoring on self-management, quality of life and patient satisfaction. Sixty patients who have been discharged from one acute trust with a primary diagnosis of COPD and who have agreed to receive community clinical support following discharge from acute care will be randomly assigned to one of two groups: (a) Tele-health supported Community COPD Service; or (b) Usual Care. The tele-health supported service involves the patient receiving two home visits with a specialist COPD clinician (nurse or physiotherapist) then participating in daily tele-monitoring over an eight week period. Usual care consists of six home visits to the patient by specialist COPD clinicians again over eight successive weeks. Health status and quality of life data for all participants will be measured at baseline, on discharge from the service and at six months post discharge from the service. Discussion The tele-health service under study is a complex service delivered through a collaboration between local authority and health care partners. The implementation of this service demanded significant changes to established working patterns and has been a challenging process requiring considerable planning - a challenge that many providers are likely to face in the future. Trial registration Current Controlled Trials ISRCTN6885601

Privacy-Friendly Collaboration for Cyber Threat Mitigation

Sharing of security data across organizational boundaries has often been advocated as a promising way to enhance cyber threat mitigation. However, collaborative security faces a number of important challenges, including privacy, trust, and liability concerns with the potential disclosure of sensitive data. In this paper, we focus on data sharing for predictive blacklisting, i.e., forecasting attack sources based on past attack information. We propose a novel privacy-enhanced data sharing approach in which organizations estimate collaboration benefits without disclosing their datasets, organize into coalitions of allied organizations, and securely share data within these coalitions. We study how different partner selection strategies affect prediction accuracy by experimenting on a real-world dataset of 2 billion IP addresses and observe up to a 105% prediction improvement.Comment: This paper has been withdrawn as it has been superseded by arXiv:1502.0533

Psychological, social and welfare interventions for psychological health and well-being of torture survivors

This is the protocol for a review and there is no abstract. The objectives are as follows: Primary objective 1. To assess beneficial and adverse effects of psychological, social and welfare interventions versus no treatment for the reduction of psychological distress in torture survivors. Secondary objectives 2. To describe the quality and generalisability of the studies evaluating the effects of these treatment approaches on torture survivors, and specifically: • to provide an objective assessment of risk of bias in these studies; • to describe the specific populations evaluated in studies of torture survivors (including demographics, torture experiences and psychological status); • to describe the variety of interventions that have been evaluated in these populations; and • to describe the outcomes evaluated in these intervention studies

Access, accountability, and advocacy: culturally and linguistically diverse families’ participation in IEP meetings

All parents of eligible students with disabilities have the right to collaborate as equal members of educational teams developing their children’s Individualized Education Programs (IEP). However, culturally and linguistically diverse families typically experience barriers to collaboration with school professionals. In this paper, we describe findings from four focus group interviews with Chinese, Vietnamese, and Haitian immigrants examining their participation and language access in their children’s IEP meetings, as well as their perspectives on what would improve their IEP meetings. Findings revealed that meaningful engagement was hampered by families’ limited access to information, educators’ lack of accountability, and limited opportunities for families to develop as advocates. Implications of the research addressing the within-meeting and between-meeting barriers are discussed.Accepted manuscrip

TRIDEnT: Building Decentralized Incentives for Collaborative Security

Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the defenders is critical. By correlating real-time detection information (alerts) from multiple sources (collaborative intrusion detection), defenders can detect attacks and take the appropriate defensive measures in time. However, although the technical tools to facilitate collaboration exist, real-world adoption of such collaborative security mechanisms is still underwhelming. This is largely due to a lack of trust and participation incentives for companies and organizations. This paper proposes TRIDEnT, a novel collaborative platform that aims to enable and incentivize parties to exchange network alert data, thus increasing their overall detection capabilities. TRIDEnT allows parties that may be in a competitive relationship, to selectively advertise, sell and acquire security alerts in the form of (near) real-time peer-to-peer streams. To validate the basic principles behind TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is of independent interest, and show that collaboration is bound to take place infinitely often. Furthermore, to demonstrate the feasibility of our approach, we instantiate our design in a decentralized manner using Ethereum smart contracts and provide a fully functional prototype.Comment: 28 page