Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE

As more businesses and users adopt cloud computing services, security vulnerabilities will be increasingly found and exploited. There are many technological and political challenges where investigation of potentially criminal incidents in the cloud are concerned. Security experts, however, must still be able to acquire and analyze data in a methodical, rigorous and forensically sound manner. This work applies the STRIDE asset-based risk assessment method to cloud computing infrastructure for the purpose of identifying and assessing an organization's ability to respond to and investigate breaches in cloud computing environments. An extension to the STRIDE risk assessment model is proposed to help organizations quickly respond to incidents while ensuring acquisition and integrity of the largest amount of digital evidence possible. Further, the proposed model allows organizations to assess the needs and capacity of their incident responders before an incident occurs.Comment: 13 pages, 3 figures, 3 tables, 5th International Conference on Digital Forensics and Cyber Crime; Digital Forensics and Cyber Crime, pp. 223-236, 201

Needs and challenges for assessing the environmental impacts of engineered nanomaterials (ENMs).

The potential environmental impact of nanomaterials is a critical concern and the ability to assess these potential impacts is top priority for the progress of sustainable nanotechnology. Risk assessment tools are needed to enable decision makers to rapidly assess the potential risks that may be imposed by engineered nanomaterials (ENMs), particularly when confronted by the reality of limited hazard or exposure data. In this review, we examine a range of available risk assessment frameworks considering the contexts in which different stakeholders may need to assess the potential environmental impacts of ENMs. Assessment frameworks and tools that are suitable for the different decision analysis scenarios are then identified. In addition, we identify the gaps that currently exist between the needs of decision makers, for a range of decision scenarios, and the abilities of present frameworks and tools to meet those needs

Forecasting Recharging Demand to Integrate Electric Vehicle Fleets in Smart Grids

Electric vehicle fleets and smart grids are two growing technologies. These technologies provided new possibilities to reduce pollution and increase energy efficiency. In this sense, electric vehicles are used as mobile loads in the power grid. A distributed charging prioritization methodology is proposed in this paper. The solution is based on the concept of virtual power plants and the usage of evolutionary computation algorithms. Additionally, the comparison of several evolutionary algorithms, genetic algorithm, genetic algorithm with evolution control, particle swarm optimization, and hybrid solution are shown in order to evaluate the proposed architecture. The proposed solution is presented to prevent the overload of the power grid

That Escalated Quickly: An ML Framework for Alert Prioritization

In place of in-house solutions, organizations are increasingly moving towards managed services for cyber defense. Security Operations Centers are specialized cybersecurity units responsible for the defense of an organization, but the large-scale centralization of threat detection is causing SOCs to endure an overwhelming amount of false positive alerts -- a phenomenon known as alert fatigue. Large collections of imprecise sensors, an inability to adapt to known false positives, evolution of the threat landscape, and inefficient use of analyst time all contribute to the alert fatigue problem. To combat these issues, we present That Escalated Quickly (TEQ), a machine learning framework that reduces alert fatigue with minimal changes to SOC workflows by predicting alert-level and incident-level actionability. On real-world data, the system is able to reduce the time it takes to respond to actionable incidents by $22.9\%$, suppress $54\%$ of false positives with a $95.1\%$ detection rate, and reduce the number of alerts an analyst needs to investigate within singular incidents by $14\%$.Comment: Submitted to Usenix Security Symposiu

Advanced Processing of Multispectral Satellite Data for Detecting and Learning Knowledge-based Features of Planetary Surface Anomalies

abstract: The marked increase in the inflow of remotely sensed data from satellites have trans- formed the Earth and Space Sciences to a data rich domain creating a rich repository for domain experts to analyze. These observations shed light on a diverse array of disciplines ranging from monitoring Earth system components to planetary explo- ration by highlighting the expected trend and patterns in the data. However, the complexity of these patterns from local to global scales, coupled with the volume of this ever-growing repository necessitates advanced techniques to sequentially process the datasets to determine the underlying trends. Such techniques essentially model the observations to learn characteristic parameters of data-generating processes and highlight anomalous planetary surface observations to help domain scientists for making informed decisions. The primary challenge in defining such models arises due to the spatio-temporal variability of these processes. This dissertation introduces models of multispectral satellite observations that sequentially learn the expected trend from the data by extracting salient features of planetary surface observations. The main objectives are to learn the temporal variability for modeling dynamic processes and to build representations of features of interest that is learned over the lifespan of an instrument. The estimated model parameters are then exploited in detecting anomalies due to changes in land surface reflectance as well as novelties in planetary surface landforms. A model switching approach is proposed that allows the selection of the best matched representation given the observations that is designed to account for rate of time-variability in land surface. The estimated parameters are exploited to design a change detector, analyze the separability of change events, and form an expert-guided representation of planetary landforms for prioritizing the retrieval of scientifically relevant observations with both onboard and post-downlink applications.Dissertation/ThesisDoctoral Dissertation Computer Engineering 201

Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World

This report documents the program and the outcomes of GI-Dagstuhl Seminar 16394 "Software Performance Engineering in the DevOps World". The seminar addressed the problem of performance-aware DevOps. Both, DevOps and performance engineering have been growing trends over the past one to two years, in no small part due to the rise in importance of identifying performance anomalies in the operations (Ops) of cloud and big data systems and feeding these back to the development (Dev). However, so far, the research community has treated software engineering, performance engineering, and cloud computing mostly as individual research areas. We aimed to identify cross-community collaboration, and to set the path for long-lasting collaborations towards performance-aware DevOps. The main goal of the seminar was to bring together young researchers (PhD students in a later stage of their PhD, as well as PostDocs or Junior Professors) in the areas of (i) software engineering, (ii) performance engineering, and (iii) cloud computing and big data to present their current research projects, to exchange experience and expertise, to discuss research challenges, and to develop ideas for future collaborations

Understanding The Decision-Making Process of Local Level Emergency Managers and Future Impacts of Social Data

During the course of a natural disaster, affected populations turn to different avenues to attempt to communicate their needs and locations while emergency managers are faced with the task of making quick decisions to aid in the response effort. The decisions that emergency managers face are affected by factors such as available resources, responder safety, and source of information. In this research, we interview emergency managers about the 2009 North American Ice Storm and a flooding event in late April of 2017 to understand the decisions made and the factors that affected these decisions. Using these interviews, a list of interview questions using the Critical Decision Method were created that could be used to more deeply understand the decisions and decision-making process of a local-level emergency manager during a disaster response event. Additionally, animations were created to illustrate the comparative effectiveness of disaster response routing plans developed with and without the consideration of social data based on data inspired by a real event