Interdomain Route Leak Mitigation: A Pragmatic Approach

The Internet has grown to support many vital functions, but it is not administered by any central authority. Rather, the many smaller networks that make up the Internet - called Autonomous Systems (ASes) - independently manage their own distinct host address space and routing policy. Routers at the borders between ASes exchange information about how to reach remote IP prefixes with neighboring networks over the control plane with the Border Gateway Protocol (BGP). This inter-AS communication connects hosts across AS boundaries to build the illusion of one large, unified global network - the Internet. Unfortunately, BGP is a dated protocol that allows ASes to inject virtually any routing information into the control plane. The Internet’s decentralized administrative structure means that ASes lack visibility of the relationships and policies of other networks, and have little means of vetting the information they receive. Routes are global, connecting hosts around the world, but AS operators can only see routes exchanged between their own network and directly connected neighbor networks. This mismatch between global route scope and local network operator visibility gives rise to adverse routing events like route leaks, which occur when an AS advertises a route that should have been kept within its own network by mistake. In this work, we explore our thesis: that malicious and unintentional route leaks threaten Internet availability, but pragmatic solutions can mitigate their impact. Leaks effectively reroute traffic meant for the leak destination along the leak path. This diversion of flows onto unexpected paths can cause broad disruption for hosts attempting to reach the leak destination, as well as obstruct the normal traffic on the leak path. These events are usually due to misconfiguration and not malicious activity, but we show in our initial work that vrouting-capable adversaries can weaponize route leaks and fraudulent path advertisements to enhance data plane attacks on Internet infrastructure and services. Existing solutions like Internet Routing Registry (IRR) filtering have not succeeded in solving the route leak problem, as globally disruptive route leaks still periodically interrupt the normal functioning of the Internet. We examine one relatively new solution - Peerlocking or defensive AS PATH filtering - where ASes exchange toplogical information to secure their networks. Our measurements reveal that Peerlock is already deployed in defense of the largest ASes, but has found little purchase elsewhere. We conclude by introducing a novel leak defense system, Corelock, designed to provide Peerlock-like protection without the scalability concerns that have limited Peerlock’s scope. Corelock builds meaningful route leak filters from globally distributed route collectors and can be deployed without cooperation from other network

The CASPER user-centric approach for advanced service provisioning in mobile networks

Abstract This paper presents an overview of the project CASPER, 1 a 4-year Marie Curie Research and Innovation Staff Exchange (RISE) project running between 2016 and 2020, describing its objectives, approach, architecture, tools and key achievements. CASPER combines academic and industrial forces towards leveraging the expected benefits of Quality of Experience (QoE) exploitation in future networks. In order to achieve that, a QoE orchestrator has been proposed which implements the basic functionalities of QoE monitoring, estimation and management. With means of simulation and testbed emulation, CASPER has managed to develop a proprietary SDN Controller, which implements QoE-based traffic rerouting for the challenging scenario of HTTP adaptive video streaming, leading to more stable and higher QoE scores compared to a state-of-the-art SDN Controller implementation

Third CLIPS Conference Proceedings, volume 1

Expert systems are computed programs which emulate human expertise in well defined problem domains. The potential payoff from expert systems is high: valuable expertise can be captured and preserved, repetitive and/or mundane tasks requiring human expertise can be automated, and uniformity can be applied in decision making processes. The C Language Integrated Production Systems (CLIPS) is an expert system building tool, developed at the Johnson Space Center, which provides a complete environment for the development and delivery of rule and/or object based expert systems. CLIPS was specifically designed to provide a low cost option for developing and deploying expert system applications across a wide range of hardware platforms. The development of CLIPS has helped to improve the ability to deliver expert systems technology throughout the public and private sectors for a wide range of applications and diverse computing environments

Information Seeking from Web-Based Resources: Sensemaking Strategies and Implications for Interaction Design

The internet has made an enormous volume of information available, and there has been substantial research into how users look for information. However, there has been much less research about how they make sense of what they find, and how sensemaking is shaped by the tasks they are trying to achieve. This research addresses that gap, with empirical studies of sensemaking during web-based information tasks. Two main studies are presented, which aimed to expose the relationship between information seeking and information comprehension and use. The first study explored the actions of experienced information processors (in this case, doctoral students) as they undertook research-related web-based tasks related to their own work. The second study observed experienced users as they undertook an unfamiliar topic comprehension task. In both studies participants were encouraged to ‘think-aloud’ as they completed web-based tasks. Audio-recording was used in Study-1 with video-recording in Study-2. In addition to the task session, background questionnaires and sample interviews were applied. A detailed, iterative inductive analysis was undertaken for each study. The analysis produced a framework that models the users’ process in terms of five categories of information interactions: seeking, evaluating for selection, evaluating for use, compilation, and planning. A range of visual representations were developed to capture the user sessions, expressing facets such as how resources were used over time and in combination, and the sequences of user behaviours. Attention was given to the use of representation throughout this process. Sensemaking goals and strategies were inferred from users’ behaviours and utterances, and were related to their activity and output. The intertwined nature of information seeking and sensemaking activity was revealed, and planning (not addressed in previous literature) was identified as a significant behaviour that drives strategy and binds the other behaviours to the task-in-hand. These findings have implications for interaction design and for tools to support sensemaking

Developing the scales on evaluation beliefs of student teachers

The purpose of the study reported in this paper was to investigate the validity and the reliability of a newly developed questionnaire named ‘Teacher Evaluation Beliefs’ (TEB). The framework for developing items was provided by the two models. The first model focuses on Student-Centered and Teacher-Centered beliefs about evaluation while the other centers on five dimensions (what/ who/ when/ why/ how). The validity and reliability of the new instrument was investigated using both exploratory and confirmatory factor analysis study (n=446). Overall results indicate that the two-factor structure is more reasonable than the five-factor one. Further research needs additional items about the latent dimensions “what” ”who” ”when” ”why” “how” for each existing factor based on Student-centered and Teacher-centered approaches

The Role of Information Security Awareness for Promoting Information Security Policy Compliance in Banks

Banks rely heavily on information security (IS) by preserving confidentiality, integrity, and availability of information. A key layer for ensuring information security is the employees, who need to be aware of possible information security issues and behave accordingly. Banks introduce information security policies (ISP) to establish required rules for IS behavior and implement information security awareness (ISA) programs, which are systematically planned ISA interventions such as structured campaigns using intranet messages or posters to educate employees and enhance their ISA. According to previous conceptual research, the most cost-effective method to prevent IS incidents is fostering ISA. The purpose of this dissertation is to explore the role of ISA for promoting employees' ISP compliance. The four stages of this dissertation project focus on organizational efforts such as ISA programs to improve employees' compliant IS behavior and identifying predecessors for explaining employees' ISP compliance based on established scientific theories. A developmental mixed methods approach is conducted through these four stages of analysis. Primary data were collected in each stage to investigate banks operating in countries such as Austria, Germany, Czech Republic, Hungary, Slovakia, and Rumania. In the first research stage, semi-structured expert interviews were conducted with operational risk and IS managers to explore banks' efforts to counteract IS incidents. The considered banks primarily use online methods such as intranet articles and conventional methods such as posters for building ISA. Second, the findings from stage one were incorporated in research stage two, in which a positivistic case study was conducted to test the Theory of Reasoned Action, Neutralization Theory, as well as the Knowledge-Attitude-Behavior model. The data were analyzed by utilizing partial least squares structural equation modeling (PLS-SEM). In addition to several qualitative interviews and an online survey at the headquarters of the case bank, data such as internal ISA materials (e.g., posters or IS intranet messages) were also analyzed. The second research stage provided empirical evidence that ISA program components affect employees' ISA, which further positively affects employees' attitudes and social norms toward compliance with ISPs, but negatively affects the use of neutralization techniques. All of these effects should eventually positively influence IS. This is shown in the chain of subsequent factors. The employees' attitudes and social norms positively affect the intention for compliant IS behavior, which is negatively affected by the use of neutralization techniques. In the third research stage, the influence of employees' perception of ISA programs on the Protection Motivation Theory was examined by conducting an online survey among German bank employees. It is demonstrated that employees' perception of ISA programs positively affects perceived severity as well as their coping mechanisms, which play the most important role in positively affecting the intention for compliant IS behavior. Surprisingly, employees' perception of ISA programs negatively affect perceived vulnerability. Moreover, perceived monitoring has a positive moderation effect on the intention-behavior link. Finally, the fourth research stage consists of a qualitative study to analyze the efforts of IS managers to enhance IS and examine how these efforts are perceived by users. Further, the inductive part of the study uncovers factors that influence the compliant IS behavior of users. Therefore, semi-structured interviews with IS managers were carried out to discover ISA program designs and categorize them according to design recommendations gained from current literature. In addition, this stage shows that individual ISP compliance seems to be connected with individual perceptions centering on IS risks, responsibilities, ISP importance and knowledge, and neutralization behaviors. To conclude, this dissertation provides several practical as well as theoretical contributions. From an academic perspective, the findings highlight the importance of attitudes, social norms, neutralization techniques, as well as coping mechanisms for employees' intentions to comply with their ISP. Future research might extend the findings by establishing and characterizing IS enhancing social norms and exploring methods of counteracting the common use of neutralization techniques. For practitioners, analysis of the design practices of ISA programs provides a better understanding of effectively using ISA interventions in the context of banks. (author's abstract

Engineering the System and Technical Integration

Approximately 80% of the problems encountered in aerospace systems have been due to a breakdown in technical integration and/or systems engineering. One of the major challenges we face in designing, building, and operating space systems is: how is adequate integration achieved for the systems various functions, parts, and infrastructure? This Contractor Report (CR) deals with part of the problem of how we engineer the total system in order to achieve the best balanced design. We will discuss a key aspect of this question - the principle of Technical Integration and its components, along with management and decision making. The CR will first provide an introduction with a discussion of the Challenges in Space System Design and meeting the challenges. Next is an overview of Engineering the System including Technical Integration. Engineering the System is expanded to include key aspects of the Design Process, Lifecycle Considerations, etc. The basic information and figures used in this CR were presented in a NASA training program for Program and Project Managers Development (PPMD) in classes at Georgia Tech and at Marshall Space Flight Center (MSFC). Many of the principles and illustrations are extracted from the courses we teach for MSFC