Second CLIPS Conference Proceedings, volume 1

Topics covered at the 2nd CLIPS Conference held at the Johnson Space Center, September 23-25, 1991 are given. Topics include rule groupings, fault detection using expert systems, decision making using expert systems, knowledge representation, computer aided design and debugging expert systems

Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses

As the convergence between our physical and digital worlds continue at a rapid pace, securing our digital information is vital to our prosperity. Most current typical computer systems are unwittingly helpful to attackers through their predictable responses. In everyday security, deception plays a prominent role in our lives and digital security is no different. The use of deception has been a cornerstone technique in many successful computer breaches. Phishing, social engineering, and drive-by-downloads are some prime examples. The work in this dissertation is structured to enhance the security of computer systems by using means of deception and deceit

SAGA: A project to automate the management of software production systems

The Software Automation, Generation and Administration (SAGA) project is investigating the design and construction of practical software engineering environments for developing and maintaining aerospace systems and applications software. The research includes the practical organization of the software lifecycle, configuration management, software requirements specifications, executable specifications, design methodologies, programming, verification, validation and testing, version control, maintenance, the reuse of software, software libraries, documentation, and automated management

NASA space station automation: AI-based technology review

Research and Development projects in automation for the Space Station are discussed. Artificial Intelligence (AI) based automation technologies are planned to enhance crew safety through reduced need for EVA, increase crew productivity through the reduction of routine operations, increase space station autonomy, and augment space station capability through the use of teleoperation and robotics. AI technology will also be developed for the servicing of satellites at the Space Station, system monitoring and diagnosis, space manufacturing, and the assembly of large space structures

Migration from Windows to Linux for a small engineering firm A&G Associates

The primary objectives of this paper are to complete a Masters Degree in Information Technology as required by Rochester Institute of Technology, Rochester, New York, and to assist a small engineering firm in evaluating the possibilities of migrating from Microsoft Windows to a Linux Operating System. A recent announcement that Microsoft will limit support on some of their existing commonly used operating systems, along with their monopoly in the marketplace, will continue to allow them to sell licenses at high prices. These factors could force many companies to consider transiting to other operating systems which offer more support services and less expensive products. Although there are several such providers, the low cost of Linux, its non-rigorous licensing agreements, high level of security, stability, and usability makes it the best non-Microsoft operating system option. A 2004 survey of 85 North American firms conducted by Forrester Research, Inc., confirms that the transition has begun. The survey showed that low acquisition cost was the primary reason why firms moved to Linux, followed by low total cost of ownership, and then by low hardware cost. As of today the number of users or potential users of Linux are summarized below Pie Chart: No Plans, 39% Using Today, 46% Plan to Use, 14% Many firms are concerned about transitioning to Linux due to the fact that Linux is an open-source technology that has greater risks than Windows which the owner has to mitigate somehow. In reality there are many emerging companies which are providing 24/7 support to Linux just like Microsoft. The figure below presents the main concerns of firms planning to move to Linux. Bar Graph: We don’t have skills, 55% lack of support, 53% lack of applications, 42% Product immaturity, 35% Fear the OS community will disappear, 25% Security, 20% Unexpected license cost, 20% Other risk, 20% Don’t know, 9% Fear of getting sued over copyrights, 7% None, 2% The practical case used for evaluating transitioning from Windows to Linux is A&G Associates. The firm specializes in the design and construction management of water and wastewater treatment facilities. The firm\u27s current local area network configuration consists of 4 servers and 50 workstations. Since being established in early 2000, the firm has used a Windows 98 environment for workstations and Windows NT for servers. Today the firm is facing the challenge whether to upgrade their system in the Windows environment which entails choosing Windows XP for workstations and Windows Advance Server 2000 for servers or transitioning to a different operating system such as Linux. The most important reason for A&G Associates to move to Linux will come from a cost savings opportunity between the Windows and Linux operating systems. Since Linux can be downloaded for free or a licensed CD can be bought for less than $200 dollars, it can be used on multiple computers, and it offers many free applications, the most cost-effective solution seems to be to purchase Linux. The cost savings opportunities were based on three alternatives: 1. Full Transition from the existing Windows environment into the newest version of Windows for workstations and servers; or 2. Transition from an existing Windows environment to a Linux environment for workstations and servers. 3. Partial Transitioning (Option 5) from existing Windows environment to a new Linux environment for servers and majority of the workstations (35) and to upgraded Windows for 15 workstations Partial Transition Option 5 takes care of the issue of running engineering applications on some Windows workstations and changing the majority of the workstations and all servers to Linux in order to obtain the maximum cost savings benefit. In this option, 15 workstations are upgraded to the new Windows XP Platform and all four servers and the remaining 35 workstations are migrated to a Linux Platform. The total cost for partial transitioning under option 5 is$131,807. The total cost for transitioning the firm from Windows to Linux for A&G or a small firm with 50 to 250 employees and the associated total cost for full-transitioning to a new Windows version, a Linux platform, or to a hybrid environment such as Option 5 . The results is presented below Graph: 50 Users: Cost to Transition: Full Transition to Windows: $189,323 Full Transition to Linux:$116,462 Hybrid Environment: $131,807 100 Users: Cost to Transition: Full Transition to Windows:$331,700 Full Transition to Linux: $219,415 Hybrid Environment:$250,105 250 Users: Cost to Transition: Full Transition to Windows: $758,831 Full Transition to Linux:$528,274 Hybrid Environment: $604,999 Based on the results of the study, the following conclusions were drawn that would help the firm make informed decisions: - Making a full transition to Linux would limit the availability of engineering software compatible with Linux. - The total cost of transitioning under the partial transition, Option 5, would be approximately$132,000, with approximately $12,000 in software costs and$98,000 for hardware; the remaining cost is associated with operating the system. - Total cost savings of transitioning to Linux under the partial transition, Option 5, compared to a full Windows transition is approximately 58,000. The following are the recommendations for A&G: - The firm should consider transitioning to Linux but upgrade some workstations to the Windows XP environment in order to maintain the ability to run engineering applications, in accordance with partial transition, Option 5. - Implementation of partial transition, Option 5, would provide cost savings of approximately 58,000 during the transition to the new operating system. As Linux continues to provide its operating system at a more reasonable price, as more applications become available, and services such as 24/7 assistance and security become more reliable, the possibility that firms will move away from Windows toward Linux is inevitable. However, in the meantime, a partial transition can provide firms with greater flexibility and costs savings when compared to making a full transition to either the Windows or Linux environment

Internet... the final frontier: an ethnographic account: exploring the cultural space of the Net from the inside

The research project The Internet as a space for interaction, which completed its mission in Autumn 1998, studied the constitutive features of network culture and network organisation. Special emphasis was given to the dynamic interplay of technical and social conventions regarding both the Net’s organisation as well as its change. The ethnographic perspective chosen studied the Internet from the inside. Research concentrated upon three fields of study: the hegemonial operating technology of net nodes (UNIX) the network’s basic transmission technology (the Internet Protocol IP) and a popular communication service (Usenet). The project’s final report includes the results of the three branches explored. Drawing upon the development in the three fields it is shown that changes that come about on the Net are neither anarchic nor arbitrary. Instead, the decentrally organised Internet is based upon technically and organisationally distributed forms of coordination within which individual preferences collectively attain the power of developing into definitive standards. --

A supportive environment for the management of software testing

This dissertation describes research undertaken on the management of software testing. A support environment for the management of software testing, entitled SEMST, is presented. The research approach involves the investigation of software configuration management and its application to the testing process; the study of software testing techniques and methods; the exploration of the significance of software testing management; a survey of related work; the development and analysis of the requirements for SEMST; its implementation and an assessment. The current version of SEMST is a prototype built on the top of Unix and RCS on a Sun workstation. It is able to maintain all versions of specifications, test cases and programs, as well as to manage the relationships between these components

Performance Metrics for Network Intrusion Systems

Intrusion systems have been the subject of considerable research during the past 33 years, since the original work of Anderson. Much has been published attempting to improve their performance using advanced data processing techniques including neural nets, statistical pattern recognition and genetic algorithms. Whilst some significant improvements have been achieved they are often the result of assumptions that are difficult to justify and comparing performance between different research groups is difficult. The thesis develops a new approach to defining performance focussed on comparing intrusion systems and technologies. A new taxonomy is proposed in which the type of output and the data scale over which an intrusion system operates is used for classification. The inconsistencies and inadequacies of existing definitions of detection are examined and five new intrusion levels are proposed from analogy with other detection-based technologies. These levels are known as detection, recognition, identification, confirmation and prosecution, each representing an increase in the information output from, and functionality of, the intrusion system. These levels are contrasted over four physical data scales, from application/host through to enterprise networks, introducing and developing the concept of a footprint as a pictorial representation of the scope of an intrusion system. An intrusion is now defined as “an activity that leads to the violation of the security policy of a computer system”. Five different intrusion technologies are illustrated using the footprint with current challenges also shown to stimulate further research. Integrity in the presence of mixed trust data streams at the highest intrusion level is identified as particularly challenging. Two metrics new to intrusion systems are defined to quantify performance and further aid comparison. Sensitivity is introduced to define basic detectability of an attack in terms of a single parameter, rather than the usual four currently in use. Selectivity is used to describe the ability of an intrusion system to discriminate between attack types. These metrics are quantified experimentally for network intrusion using the DARPA 1999 dataset and SNORT. Only nine of the 58 attack types present were detected with sensitivities in excess of 12dB indicating that detection performance of the attack types present in this dataset remains a challenge. The measured selectivity was also poor indicting that only three of the attack types could be confidently distinguished. The highest value of selectivity was 3.52, significantly lower than the theoretical limit of 5.83 for the evaluated system. Options for improving selectivity and sensitivity through additional measurements are examined.Stochastic Systems Lt