71,351 research outputs found
Run-time risk management in adaptive ICT systems
We will present results of the SERSCIS project related to risk management and mitigation strategies in adaptive multi-stakeholder ICT systems. The SERSCIS approach involves using semantic threat models to support automated design-time threat identification and mitigation analysis. The focus of this paper is the use of these models at run-time for automated threat detection and diagnosis. This is based on a combination of semantic reasoning and Bayesian inference applied to run-time system monitoring data. The resulting dynamic risk management approach is compared to a conventional ISO 27000 type approach, and validation test results presented from an Airport Collaborative Decision Making (A-CDM) scenario involving data exchange between multiple airport service providers
Empirical exploration of air traffic and human dynamics in terminal airspaces
Air traffic is widely known as a complex, task-critical techno-social system,
with numerous interactions between airspace, procedures, aircraft and air
traffic controllers. In order to develop and deploy high-level operational
concepts and automation systems scientifically and effectively, it is essential
to conduct an in-depth investigation on the intrinsic traffic-human dynamics
and characteristics, which is not widely seen in the literature. To fill this
gap, we propose a multi-layer network to model and analyze air traffic systems.
A Route-based Airspace Network (RAN) and Flight Trajectory Network (FTN)
encapsulate critical physical and operational characteristics; an Integrated
Flow-Driven Network (IFDN) and Interrelated Conflict-Communication Network
(ICCN) are formulated to represent air traffic flow transmissions and
intervention from air traffic controllers, respectively. Furthermore, a set of
analytical metrics including network variables, complex network attributes,
controllers' cognitive complexity, and chaotic metrics are introduced and
applied in a case study of Guangzhou terminal airspace. Empirical results show
the existence of fundamental diagram and macroscopic fundamental diagram at the
route, sector and terminal levels. Moreover, the dynamics and underlying
mechanisms of "ATCOs-flow" interactions are revealed and interpreted by
adaptive meta-cognition strategies based on network analysis of the ICCN.
Finally, at the system level, chaos is identified in conflict system and human
behavioral system when traffic switch to the semi-stable or congested phase.
This study offers analytical tools for understanding the complex human-flow
interactions at potentially a broad range of air traffic systems, and underpins
future developments and automation of intelligent air traffic management
systems.Comment: 30 pages, 28 figures, currently under revie
Seeing the invisible: from imagined to virtual urban landscapes
Urban ecosystems consist of infrastructure features working together to provide services for inhabitants. Infrastructure functions akin to an ecosystem, having dynamic relationships and interdependencies. However, with age, urban infrastructure can deteriorate and stop functioning. Additional pressures on infrastructure include urbanizing populations and a changing climate that exposes vulnerabilities. To manage the urban infrastructure ecosystem in a modernizing world, urban planners need to integrate a coordinated management plan for these co-located and dependent infrastructure features. To implement such a management practice, an improved method for communicating how these infrastructure features interact is needed. This study aims to define urban infrastructure as a system, identify the systematic barriers preventing implementation of a more coordinated management model, and develop a virtual reality tool to provide visualization of the spatial system dynamics of urban infrastructure. Data was collected from a stakeholder workshop that highlighted a lack of appreciation for the system dynamics of urban infrastructure. An urban ecology VR model was created to highlight the interconnectedness of infrastructure features. VR proved to be useful for communicating spatial information to urban stakeholders about the complexities of infrastructure ecology and the interactions between infrastructure features.https://doi.org/10.1016/j.cities.2019.102559Published versio
Who you gonna call? Analyzing Web Requests in Android Applications
Relying on ubiquitous Internet connectivity, applications on mobile devices
frequently perform web requests during their execution. They fetch data for
users to interact with, invoke remote functionalities, or send user-generated
content or meta-data. These requests collectively reveal common practices of
mobile application development, like what external services are used and how,
and they point to possible negative effects like security and privacy
violations, or impacts on battery life. In this paper, we assess different ways
to analyze what web requests Android applications make. We start by presenting
dynamic data collected from running 20 randomly selected Android applications
and observing their network activity. Next, we present a static analysis tool,
Stringoid, that analyzes string concatenations in Android applications to
estimate constructed URL strings. Using Stringoid, we extract URLs from 30, 000
Android applications, and compare the performance with a simpler constant
extraction analysis. Finally, we present a discussion of the advantages and
limitations of dynamic and static analyses when extracting URLs, as we compare
the data extracted by Stringoid from the same 20 applications with the
dynamically collected data
Uncovering Vulnerable Industrial Control Systems from the Internet Core
Industrial control systems (ICS) are managed remotely with the help of
dedicated protocols that were originally designed to work in walled gardens.
Many of these protocols have been adapted to Internet transport and support
wide-area communication. ICS now exchange insecure traffic on an inter-domain
level, putting at risk not only common critical infrastructure but also the
Internet ecosystem (e.g., DRDoS~attacks).
In this paper, we uncover unprotected inter-domain ICS traffic at two central
Internet vantage points, an IXP and an ISP. This traffic analysis is correlated
with data from honeypots and Internet-wide scans to separate industrial from
non-industrial ICS traffic. We provide an in-depth view on Internet-wide ICS
communication. Our results can be used i) to create precise filters for
potentially harmful non-industrial ICS traffic, and ii) to detect ICS sending
unprotected inter-domain ICS traffic, being vulnerable to eavesdropping and
traffic manipulation attacks
On the Reverse Engineering of the Citadel Botnet
Citadel is an advanced information-stealing malware which targets financial
information. This malware poses a real threat against the confidentiality and
integrity of personal and business data. A joint operation was recently
conducted by the FBI and the Microsoft Digital Crimes Unit in order to take
down Citadel command-and-control servers. The operation caused some disruption
in the botnet but has not stopped it completely. Due to the complex structure
and advanced anti-reverse engineering techniques, the Citadel malware analysis
process is both challenging and time-consuming. This allows cyber criminals to
carry on with their attacks while the analysis is still in progress. In this
paper, we present the results of the Citadel reverse engineering and provide
additional insight into the functionality, inner workings, and open source
components of the malware. In order to accelerate the reverse engineering
process, we propose a clone-based analysis methodology. Citadel is an offspring
of a previously analyzed malware called Zeus; thus, using the former as a
reference, we can measure and quantify the similarities and differences of the
new variant. Two types of code analysis techniques are provided in the
methodology, namely assembly to source code matching and binary clone
detection. The methodology can help reduce the number of functions requiring
manual analysis. The analysis results prove that the approach is promising in
Citadel malware analysis. Furthermore, the same approach is applicable to
similar malware analysis scenarios.Comment: 10 pages, 17 figures. This is an updated / edited version of a paper
appeared in FPS 201
Recommended from our members
Stacking-based visualization of trajectory attribute data
Visualizing trajectory attribute data is challenging because it involves showing the trajectories in their spatio-temporal context as well as the attribute values associated with the individual points of trajectories. Previous work on trajectory visualization addresses selected aspects of this problem, but not all of them. We present a novel approach to visualizing trajectory attribute data. Our solution covers space, time, and attribute values. Based on an analysis of relevant visualization tasks, we designed the visualization solution around the principle of stacking trajectory bands. The core of our approach is a hybrid 2D/3D display. A 2D map serves as a reference for the spatial context, and the trajectories are visualized as stacked 3D trajectory bands along which attribute values are encoded by color. Time is integrated through appropriate ordering of bands and through a dynamic query mechanism that feeds temporally aggregated information to a circular time display. An additional 2D time graph shows temporal information in full detail by stacking 2D trajectory bands. Our solution is equipped with analytical and interactive mechanisms for selecting and ordering of trajectories, and adjusting the color mapping, as well as coordinated highlighting and dedicated 3D navigation. We demonstrate the usefulness of our novel visualization by three examples related to radiation surveillance, traffic analysis, and maritime navigation. User feedback obtained in a small experiment indicates that our hybrid 2D/3D solution can be operated quite well
- …