Implementation and Evaluation of A Low-Cost Intrusion Detection System For Community Wireless Mesh Networks

Rural Community Wireless Mesh Networks (WMN) can be great assets to rural communities, helping them connect to the rest of their region and beyond. However, they can be a liability in terms of security. Due to the ad-hoc nature of a WMN, and the wide variety of applications and systems that can be found in such a heterogeneous environment there are multiple points of intrusion for an attacker. An unsecured WMN can lead to privacy and legal problems for the users of the network. Due to the resource constrained environment, traditional Intrusion Detection Systems (IDS) have not been as successful in defending these wireless network environments, as they were in wired network deployments. This thesis proposes that an IDS made up of low cost, low power devices can be an acceptable base for a Wireless Mesh Network Intrusion Detection System. Because of the device's low power, cost and ease of use, such a device could be easily deployed and maintained in a rural setting such as a Community WMN. The proposed system was compared to a standard IDS solution that would not cover the entire network, but had much more computing power but also a higher capital cost as well as maintenance costs. By comparing the low cost low power IDS to a standard deployment of an open source IDS, based on network coverage and deployment costs, a determination can be made that a low power solution can be feasible in a rural deployment of a WMN

Operating policies for energy efficient large scale computing

PhD ThesisEnergy costs now dominate IT infrastructure total cost of ownership, with datacentre operators predicted to spend more on energy than hardware infrastructure in the next five years. With Western European datacentre power consumption estimated at 56 TWh/year in 2007 and projected to double by 2020, improvements in energy efficiency of IT operations is imperative. The issue is further compounded by social and political factors and strict environmental legislation governing organisations. One such example of large IT systems includes high-throughput cycle stealing distributed systems such as HTCondor and BOINC, which allow organisations to leverage spare capacity on existing infrastructure to undertake valuable computation. As a consequence of increased scrutiny of the energy impact of these systems, aggressive power management policies are often employed to reduce the energy impact of institutional clusters, but in doing so these policies severely restrict the computational resources available for high-throughput systems. These policies are often configured to quickly transition servers and end-user cluster machines into low power states after only short idle periods, further compounding the issue of reliability. In this thesis, we evaluate operating policies for energy efficiency in large-scale computing environments by means of trace-driven discrete event simulation, leveraging real-world workload traces collected within Newcastle University. The major contributions of this thesis are as follows: i) Evaluation of novel energy efficient management policies for a decentralised peer-to-peer (P2P) BitTorrent environment. ii) Introduce a novel simulation environment for the evaluation of energy efficiency of large scale high-throughput computing systems, and propose a generalisable model of energy consumption in high-throughput computing systems. iii iii) Proposal and evaluation of resource allocation strategies for energy consumption in high-throughput computing systems for a real workload. iv) Proposal and evaluation for a realworkload ofmechanisms to reduce wasted task execution within high-throughput computing systems to reduce energy consumption. v) Evaluation of the impact of fault tolerance mechanisms on energy consumption

Le contrôle de congestion dans les applications Pair-à-Pair : le cas de LEDBAT

In the last years, Internet delays are considerably growing, causing a performance deterioration of interactive applications. This phenomenon is getting worse with the increasing popularity of bandwidth-intensive applications, as video streaming, remote backup and P2P systems. The cause of these delays has been identified with the excess buffering inside the network, called “bufferbloat”. Research efforts in this direction head toward active queue management techniques and end-to-end congestion control. In this context, we investigated LEDBAT, a low-priority delay-based transport protocol introduced by BitTorrent. This protocol is designed to transfer large amount of data without affecting the delay experienced by other applications or users. First we analysed transport-level performance of LEDBAT using experimental measurement, simulation and analytical model. Specifically, we evaluated LEDBAT as is, comparing its performance to standard TCP or to other low priority protocols. We then identified a later-comer advantage and we proposed fLEDBAT, which re-introduces intra-protocol fairness maintaining the original LEDBAT objectives. Finally we studied the impact of the LEDBAT protocol on BitTorrent performance. Through simulations and real network experiments, we analysed how BitTorrent impacts on the buffer occupancy of the access node. BitTorrent performance was evaluated in terms of completion time, the main metric to assess the user quality of experience. Results showed that LEDBAT decreases the completion time with respect to standard TCP and significantly reduces the buffer occupancy, that translates in lower delays experienced by competing interactive applications.Durant ces dernières années, les délais de transmission sur Internet ont augmenté de manière considérable, causant une détérioration de performances des applications interactives. La cause de ces augmentations de délais est l’excès de mémoire tampon à l’intérieur du réseau, appelé "bufferbloat". Les efforts de recherche dans cette direction vont vers des techniques de gestion des files d’attente actives et des techniques de contrôle de congestion de bout-à-bout. Dans ce contexte, nous avons examiné LEDBAT, un protocole introduit par BitTorrent qui se base sur le délai au niveau transport, et conçu pour transférer grandes quantités de données sans affecter les délais expérimentés par d’autres applications ou utilisateurs. Nous avons analysé la performance de niveau de transport de LEDBAT avec de mesures expérimentales, de simulations et de modèles analytiques, en comparant ses performances au standard TCP ou à d’autre protocoles de failbe priorité. Nous avons ensuite identifié un problème d’iniquité, et nous avons proposé fLEDBAT, qui ré-introduit l’équité intra-protocole. Dans un deuxième temps, nous avons étudié l’impact du protocole LEDBAT sur la performance de BitTorrent. Par des simulations et des expérimentations sur réseaux réelles, nous avons analysé les effets de LEDBAT sur le remplissage des tampons des noeuds d’accès. Les performances de BitTorrent ont été évaluées en termes de temps d’exécution, qui reflète la qualité de l’expérience utilisateur. Dans les deux cas, les résultats ont montré que LEDBAT diminue le temps de traitement par rapport à TCP et réduit de manière significative l’utilisation de tampons, ce qui se traduit par une baisse des délais

The ambivalences of piracy : BitTorrent media piracy and anti-capitalism

This thesis argues that a more nuanced study of online media piracy is necessary in order to augment the dominant focus on piracy's relationship to copyright. Copyright as a frame for understanding piracy's relationship to capitalism has left potentially more crucial areas of study neglected. An approach to understanding the relationship of media piracy to anticapitalist projects must engage with forms of media piracy in their specificity and not as a homogeneous field. The thesis argues that it is possible and necessary to push beyond the constraints of copyright activism and intellectual property and in so doing opens up new areas of inquiry into online media piracy's potential to challenge logics of property and commodification. Original research is presented in the form of a highly detailed description and analysis of private BitTorrent filesharing sites. These sites are secretive and yet to receive scholarly attention in such a detailed and systematic way. This research finds both public and private variants of BitTorrent media piracy to be highly ambivalent with regards to their transformative potentials in relation to capital and thus tempers more extreme views of piracy as wholly revolutionary and emancipatory, and those that see pirate as a 'simple' form of theft. Public and private BitTorrent filesharing are theorised through the lens of Autonomist Marxism, a perspective that has a novel view of technology both as a tool of domination and a force for potential emancipation. Piracy is analysed for its capacity to refuse the valorisation of the enjoyment of music or film via the surveillance and tracking of audiences, which has become typical for contemporary legal online distribution venues. The thesis further analyses BitTorrent piracy's relationship to the 'common', the shared capacities for creating knowledge, ideas, affects. The thesis concludes that further scholarly research must move beyond concerns for creators' remuneration and its focus on reforming existing copyright policy and instead engage with the emergent institutional structures of organised media piracy. Though publicly accessible BitTorrent piracy has contributed to a broadening of awareness about issues of access to information, such an awareness often leaves in place logics of private property and capitalist accumulation. Finally, the thesis argues that the richness and complexity of private sites' organisational valences carry with them greater potential for radically destabilising capitalist social relations with regard to the distribution of cultural production

ID5.2 Roadmap for KRSM RTD

Roadmap for KRSM RTD activities.The work on this publication has been sponsored by the TENCompetence Integrated Project that is funded by the European Commission's 6th Framework Programme, priority IST/Technology Enhanced Learning. Contract 027087 [http://www.tencompetence.org

Cryptographic ransomware encryption detection: Survey

The ransomware threat has loomed over our digital life since 1989. Criminals use this type of cyber attack to lock or encrypt victims' data, often coercing them to pay exorbitant amounts in ransom. The damage ransomware causes ranges from monetary losses paid for ransom at best to endangering human lives. Cryptographic ransomware, where attackers encrypt the victim's data, stands as the predominant ransomware variant. The primary characteristics of these attacks have remained the same since the first ransomware attack. For this reason, we consider this a key factor differentiating ransomware from other cyber attacks, making it vital in tackling the threat of cryptographic ransomware. This paper proposes a cyber kill chain that describes the modern crypto-ransomware attack. The survey focuses on the Encryption phase as described in our proposed cyber kill chain and its detection techniques. We identify three main methods used in detecting encryption-related activities by ransomware, namely API and System calls, I/O monitoring, and file system activities monitoring. Machine learning (ML) is a tool used in all three identified methodologies, and some of the issues within the ML domain related to this survey are also covered as part of their respective methodologies. The survey of selected proposals is conducted through the prism of those three methodologies, showcasing the importance of detecting ransomware during pre-encryption and encryption activities and the windows of opportunity to do so. We also examine commercial crypto-ransomware protection and detection offerings and show the gap between academic research and commercial applications

DBKnot: A Transparent and Seamless, Pluggable Tamper Evident Database

Database integrity is crucial to organizations that rely on databases of important data. They suffer from the vulnerability to internal fraud. Database tampering by internal malicious employees with high technical authorization to their infrastructure or even compromised by externals is one of the important attack vectors. This thesis addresses such challenge in a class of problems where data is appended only and is immutable. Examples of operations where data does not change is a) financial institutions (banks, accounting systems, stock market, etc., b) registries and notary systems where important data is kept but is never subject to change, and c) system logs that must be kept intact for performance and forensic inspection if needed. The target of the approach is implementation seamlessness with little-or-no changes required in existing systems. Transaction tracking for tamper detection is done by utilizing a common hashtable that serially and cumulatively hashes transactions together while using an external time-stamper and signer to sign such linkages together. This allows transactions to be tracked without any of the organizations’ data leaving their premises and going to any third-party which also reduces the performance impact of tracking. This is done so by adding a tracking layer and embedding it inside the data workflow while keeping it as un-invasive as possible. DBKnot implements such features a) natively into databases, or b) embedded inside Object Relational Mapping (ORM) frameworks, and finally c) outlines a direction of implementing it as a stand-alone microservice reverse-proxy. A prototype ORM and database layer has been developed and tested for seamlessness of integration and ease of use. Additionally, different models of optimization by implementing pipelining parallelism in the hashing/signing process have been tested in order to check their impact on performance. Stock-market information was used for experimentation with DBKnot and the initial results gave a slightly less than 100% increase in transaction time by using the most basic, sequential, and synchronous version of DBKnot. Signing and hashing overhead does not show significant increase per record with the increased amount of data. A number of different alternate optimizations were done to the design that via testing have resulted in significant increase in performance

The Piratical Ethos: Textual Activity and Intellectual Property in Digital Environments

The Piratical Ethos: Textual Activity and Intellectual Property in Digital Environments examines the definition, function, and application of intellectual property in contexts of electronically mediated social production. With a focus on immaterial production - or the forms of coordinated social activity employed to produce knowledge and information in the networked information economy - this project ultimately aims to demonstrate how current intellectual property paradigms must be rearticulated for an age of digital (re)production. By considering the themes of Piracy , Intellectual Property , and Distributed Social Production this dissertation provides an overview of the current state of peer production and intellectual property in the Humanities and Writing Studies. Next, this project develops and implements a communicational-mediational research methodology to theorize how both discursive and material data lend themselves to a more nuanced understanding of the ways that technologies of communication and coordination effect attitudes toward intellectual property. After establishing both a methodology and an interdisciplinary grounding for the themes of the work, this dissertation presents a grounded theoretic analysis of piratical discourse to reveal what I call the piratical ethos , or the guiding attitudes of individuals actively contesting intellectual property in piratical acts of distributed social production. Congruently, this work also investigates the material dynamics of piratical activity by analyzing the cultural-historical activity systems wherein piratical subjectivity emerges, emphasizing the agenic capacity of interfacial technologies at the scales of user and system. Exploring the attitudes of piratical subjects and the technological genres that mediate piratical activity, I contend that the conclusions drawn from The Piratical Ethos can assist Writing Studies researchers with developing novel methodologies to study the intersections of intellectual property and distributed social production in digital worlds