5,911 research outputs found

    Configuration Management of Distributed Systems over Unreliable and Hostile Networks

    Get PDF
    Economic incentives of large criminal profits and the threat of legal consequences have pushed criminals to continuously improve their malware, especially command and control channels. This thesis applied concepts from successful malware command and control to explore the survivability and resilience of benign configuration management systems. This work expands on existing stage models of malware life cycle to contribute a new model for identifying malware concepts applicable to benign configuration management. The Hidden Master architecture is a contribution to master-agent network communication. In the Hidden Master architecture, communication between master and agent is asynchronous and can operate trough intermediate nodes. This protects the master secret key, which gives full control of all computers participating in configuration management. Multiple improvements to idempotent configuration were proposed, including the definition of the minimal base resource dependency model, simplified resource revalidation and the use of imperative general purpose language for defining idempotent configuration. Following the constructive research approach, the improvements to configuration management were designed into two prototypes. This allowed validation in laboratory testing, in two case studies and in expert interviews. In laboratory testing, the Hidden Master prototype was more resilient than leading configuration management tools in high load and low memory conditions, and against packet loss and corruption. Only the research prototype was adaptable to a network without stable topology due to the asynchronous nature of the Hidden Master architecture. The main case study used the research prototype in a complex environment to deploy a multi-room, authenticated audiovisual system for a client of an organization deploying the configuration. The case studies indicated that imperative general purpose language can be used for idempotent configuration in real life, for defining new configurations in unexpected situations using the base resources, and abstracting those using standard language features; and that such a system seems easy to learn. Potential business benefits were identified and evaluated using individual semistructured expert interviews. Respondents agreed that the models and the Hidden Master architecture could reduce costs and risks, improve developer productivity and allow faster time-to-market. Protection of master secret keys and the reduced need for incident response were seen as key drivers for improved security. Low-cost geographic scaling and leveraging file serving capabilities of commodity servers were seen to improve scaling and resiliency. Respondents identified jurisdictional legal limitations to encryption and requirements for cloud operator auditing as factors potentially limiting the full use of some concepts

    A Trust Management Framework for Vehicular Ad Hoc Networks

    Get PDF
    The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a user’s trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driver’s future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These “untrue attacks” are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driver’s truthfulness is influenced by their trust score and trust state. For each trust state, the driver’s likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers

    Natural and Technological Hazards in Urban Areas

    Get PDF
    Natural hazard events and technological accidents are separate causes of environmental impacts. Natural hazards are physical phenomena active in geological times, whereas technological hazards result from actions or facilities created by humans. In our time, combined natural and man-made hazards have been induced. Overpopulation and urban development in areas prone to natural hazards increase the impact of natural disasters worldwide. Additionally, urban areas are frequently characterized by intense industrial activity and rapid, poorly planned growth that threatens the environment and degrades the quality of life. Therefore, proper urban planning is crucial to minimize fatalities and reduce the environmental and economic impacts that accompany both natural and technological hazardous events

    Prospects for Nuclear Microreactors: A Review of the Technology, Economics, and Regulatory Considerations

    Get PDF
    The nuclear energy sector is actively developing a new class of very small advanced reactors, called microreactors. This technology has disruptive potential as an alternative to carbon-intensive energy technologies based on its mobility and transportability, resilience, and independence from the grid, as well as its capacity for long refueling intervals and low-carbon emissions. Microreactors may extend nuclear energy to a new set of international customers, many of which are located where energy is at a price premium and/or limited to fossil sources. Developers are creating designs geared toward factory production where quality and costs may be optimized. This paper reviews the existing literature on the technology, potential markets, economic viability, and regulatory and institutional challenges of nuclear microreactors. The technological characteristics are reviewed to describe the wide range of microreactor designs and to distinguish them from large nuclear power plants and small modular reactor (SMR) designs. The expanding literature on the cost competitiveness of SMRs relative to other nuclear and nonnuclear technologies is also reviewed, with an emphasis on understanding the challenges of making microreactors economically viable. A major part of this study focuses on the deployment potential of microreactors across global markets. Previous work on SMR market assessment is reviewed, and the adaptation of these studies to the deployment of microreactors is more fully examined. Characteristics that differentiate microreactors from SMRs and other energy technologies may make microreactors suitable for unique and localized applications if they can be economically competitive with other energy technologies, as well as meet regulatory and other societal requirements. Recent research on global markets for microreactors is evaluated and extended in this paper to a previously unevaluated use case in which microreactors can play a role in grid resiliency and integration with renewables. Further challenges associated with the commercialization of microreactors, in addition to cost competitiveness, are explored by examining the regulatory and safety challenges of microreactor deployment

    Digital Innovations for a Circular Plastic Economy in Africa

    Get PDF
    Plastic pollution is one of the biggest challenges of the twenty-first century that requires innovative and varied solutions. Focusing on sub-Saharan Africa, this book brings together interdisciplinary, multi-sectoral and multi-stakeholder perspectives exploring challenges and opportunities for utilising digital innovations to manage and accelerate the transition to a circular plastic economy (CPE). This book is organised into three sections bringing together discussion of environmental conditions, operational dimensions and country case studies of digital transformation towards the circular plastic economy. It explores the environment for digitisation in the circular economy, bringing together perspectives from practitioners in academia, innovation, policy, civil society and government agencies. The book also highlights specific country case studies in relation to the development and implementation of different innovative ideas to drive the circular plastic economy across the three sub-Saharan African regions. Finally, the book interrogates the policy dimensions and practitioner perspectives towards a digitally enabled circular plastic economy. Written for a wide range of readers across academia, policy and practice, including researchers, students, small and medium enterprises (SMEs), digital entrepreneurs, non-governmental organisations (NGOs) and multilateral agencies, policymakers and public officials, this book offers unique insights into complex, multilayered issues relating to the production and management of plastic waste and highlights how digital innovations can drive the transition to the circular plastic economy in Africa. The Open Access version of this book, available at https://www.taylorfrancis.com, has been made available under a Creative Commons Attribution-Non Commercial-No Derivatives (CC-BY-NC-ND) 4.0 license

    Opportunities and Challenges from Major Disasters Lessons Learned of Long-Term Recovery Group Members

    Get PDF
    Natural hazards caused by the alteration of weather patterns expose populations at risk, with an outcome of economic loss, property damage, personal injury, and loss of life. The unpredictability of disasters is a topic of concern to most governments. Disaster policies need more attention in aligning mitigation opportunities with disaster housing recovery (DHR). The effect of flooding, which primarily impacts housing in coastal areas, is one of the most serious issues associated with natural hazard. Flooding has a variety of causes and implications, especially for vulnerable populations who are exposed to it. DHR is complex, involving the need for effective coordination of resources, and labor. Understanding how the relationship between the build back better philosophy (i.e.: wherein the rebuild is intended to reduce future risk), the quality of the houses, and the income of the householder’s works is beneficial to prepare a resilient housing recovery plan. What are the main sources of obstacles experienced in the DHR process? How might outcomes be improved? This study attempts to answer those questions using data collection from Long-Term Recovery Group (LTRG) members in disaster areas. The analysis of LTRG member experiences provides a valuable perspective with the potential to improve the DHR process and mitigate future impacts. The goal is to understand and create awareness of factors impeding the recovery from previous disasters using the information obtained from the LTRG members to analyzed with various content analysis software to ascertain best practices to inform disaster policies for potential improvement of the recovery process. Using a content analysis technique provides a big picture of the main issues affecting the recovery. The key lessons learned from the LTRG members are that three major delay factors: planning, governance, and communication are impeding the improvement of the DHR process. It is essential to have an LTRG running before a disaster occurs -including a disaster plan focused on funding, labor, and resilient recovery. A more transparent governance – with some decentralization of the process, and more up-to-date disaster policies. A direct line of communication to overcome gaps including lack of communication and trusting in the process

    A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack Detection

    Full text link
    Enterprise networks that host valuable assets and services are popular and frequent targets of distributed network attacks. In order to cope with the ever-increasing threats, industrial and research communities develop systems and methods to monitor the behaviors of their assets and protect them from critical attacks. In this paper, we systematically survey related research articles and industrial systems to highlight the current status of this arms race in enterprise network security. First, we discuss the taxonomy of distributed network attacks on enterprise assets, including distributed denial-of-service (DDoS) and reconnaissance attacks. Second, we review existing methods in monitoring and classifying network behavior of enterprise hosts to verify their benign activities and isolate potential anomalies. Third, state-of-the-art detection methods for distributed network attacks sourced from external attackers are elaborated, highlighting their merits and bottlenecks. Fourth, as programmable networks and machine learning (ML) techniques are increasingly becoming adopted by the community, their current applications in network security are discussed. Finally, we highlight several research gaps on enterprise network security to inspire future research.Comment: Journal paper submitted to Elseive

    Securing the Internet of Things: A Study on Machine Learning-Based Solutions for IoT Security and Privacy Challenges

    Get PDF
    The Internet of Things (IoT) is a rapidly growing technology that connects and integrates billions of smart devices, generating vast volumes of data and impacting various aspects of daily life and industrial systems. However, the inherent characteristics of IoT devices, including limited battery life, universal connectivity, resource-constrained design, and mobility, make them highly vulnerable to cybersecurity attacks, which are increasing at an alarming rate. As a result, IoT security and privacy have gained significant research attention, with a particular focus on developing anomaly detection systems. In recent years, machine learning (ML) has made remarkable progress, evolving from a lab novelty to a powerful tool in critical applications. ML has been proposed as a promising solution for addressing IoT security and privacy challenges. In this article, we conducted a study of the existing security and privacy challenges in the IoT environment. Subsequently, we present the latest ML-based models and solutions to address these challenges, summarizing them in a table that highlights the key parameters of each proposed model. Additionally, we thoroughly studied available datasets related to IoT technology. Through this article, readers will gain a detailed understanding of IoT architecture, security attacks, and countermeasures using ML techniques, utilizing available datasets. We also discuss future research directions for ML-based IoT security and privacy. Our aim is to provide valuable insights into the current state of research in this field and contribute to the advancement of IoT security and privacy
    • …
    corecore