Comparison of Empirical Data from Two Honeynets and a Distributed Honeypot Network

In this paper we present empirical results and speculative analysis based on observations collected over a two month period from studies with two high interaction honeynets, deployed in a corporate and an SME (small to medium enterprise) environment, and a distributed honeypots deployment. All three networks contain a mixture of Windows and Linux hosts. We detail the architecture of the deployment and results of comparing the observations from the three environments. We analyze in detail the times between attacks on different hosts, operating systems, networks or geographical location. Even though results from honeynet deployments are reported often in the literature, this paper provides novel results analyzing traffic from three different types of networks and some initial exploratory models. This research aims to contribute to endeavours in the wider security research community to build methods, grounded on strong empirical work, for assessment of the robustness of computer-based systems in hostile environments

Spatiotemporal Patterns and Predictability of Cyberattacks

Y.C.L. was supported by Air Force Office of Scientific Research (AFOSR) under grant no. FA9550-10-1-0083 and Army Research Office (ARO) under grant no. W911NF-14-1-0504. S.X. was supported by Army Research Office (ARO) under grant no. W911NF-13-1-0141. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Peer reviewedPublisher PD

Spatiotemporal patterns and predictability of cyberattacks

A relatively unexplored issue in cybersecurity science and engineering is whether there exist intrinsic patterns of cyberattacks. Conventional wisdom favors absence of such patterns due to the overwhelming complexity of the modern cyberspace. Surprisingly, through a detailed analysis of an extensive data set that records the time-dependent frequencies of attacks over a relatively wide range of consecutive IP addresses, we successfully uncover intrinsic spatiotemporal patterns underlying cyberattacks, where the term "spatio" refers to the IP address space. In particular, we focus on analyzing {\em macroscopic} properties of the attack traffic flows and identify two main patterns with distinct spatiotemporal characteristics: deterministic and stochastic. Strikingly, there are very few sets of major attackers committing almost all the attacks, since their attack "fingerprints" and target selection scheme can be unequivocally identified according to the very limited number of unique spatiotemporal characteristics, each of which only exists on a consecutive IP region and differs significantly from the others. We utilize a number of quantitative measures, including the flux-fluctuation law, the Markov state transition probability matrix, and predictability measures, to characterize the attack patterns in a comprehensive manner. A general finding is that the attack patterns possess high degrees of predictability, potentially paving the way to anticipating and, consequently, mitigating or even preventing large-scale cyberattacks using macroscopic approaches

Review and Comparison of Intelligent Optimization Modelling Techniques for Energy Forecasting and Condition-Based Maintenance in PV Plants

Within the field of soft computing, intelligent optimization modelling techniques include various major techniques in artificial intelligence. These techniques pretend to generate new business knowledge transforming sets of "raw data" into business value. One of the principal applications of these techniques is related to the design of predictive analytics for the improvement of advanced CBM (condition-based maintenance) strategies and energy production forecasting. These advanced techniques can be used to transform control system data, operational data and maintenance event data to failure diagnostic and prognostic knowledge and, ultimately, to derive expected energy generation. One of the systems where these techniques can be applied with massive potential impact are the legacy monitoring systems existing in solar PV energy generation plants. These systems produce a great amount of data over time, while at the same time they demand an important e ort in order to increase their performance through the use of more accurate predictive analytics to reduce production losses having a direct impact on ROI. How to choose the most suitable techniques to apply is one of the problems to address. This paper presents a review and a comparative analysis of six intelligent optimization modelling techniques, which have been applied on a PV plant case study, using the energy production forecast as the decision variable. The methodology proposed not only pretends to elicit the most accurate solution but also validates the results, in comparison with the di erent outputs for the di erent techniques

When Things Matter: A Data-Centric View of the Internet of Things

With the recent advances in radio-frequency identification (RFID), low-cost wireless sensor devices, and Web technologies, the Internet of Things (IoT) approach has gained momentum in connecting everyday objects to the Internet and facilitating machine-to-human and machine-to-machine communication with the physical world. While IoT offers the capability to connect and integrate both digital and physical entities, enabling a whole new class of applications and services, several significant challenges need to be addressed before these applications and services can be fully realized. A fundamental challenge centers around managing IoT data, typically produced in dynamic and volatile environments, which is not only extremely large in scale and volume, but also noisy, and continuous. This article surveys the main techniques and state-of-the-art research efforts in IoT from data-centric perspectives, including data stream processing, data storage models, complex event processing, and searching in IoT. Open research issues for IoT data management are also discussed

Correlation between Gamma-Ray bursts and Gravitational Waves

The cosmological origin of $\gamma$-ray bursts (GRBs) is now commonly accepted and, according to several models for the central engine, GRB sources should also emit at the same time gravitational waves bursts (GWBs). We have performed two correlation searches between the data of the resonant gravitational wave detector AURIGA and GRB arrival times collected in the BATSE 4B catalog. No correlation was found and an upper limit \bbox{$h_{\text{RMS}} \leq 1.5 \times 10^{-18}$} on the averaged amplitude of gravitational waves associated with $\gamma$-ray bursts has been set for the first time.Comment: 7 pages, 3 figures, submitted to Phys. Rev.

The Big Occulting Steerable Satellite (BOSS)

Natural (such as lunar) occultations have long been used to study sources on small angular scales, while coronographs have been used to study high contrast sources. We propose launching the Big Occulting Steerable Satellite (BOSS), a large steerable occulting satellite to combine both of these techniques. BOSS will have several advantages over standard occulting bodies. BOSS would block all but about 4e-5 of the light at 1 micron in the region of interest around the star for planet detections. Because the occultation occurs outside the telescope, scattering inside the telescope does not degrade this performance. BOSS could be combined with a space telescope at the Earth-Sun L2 point to yield very long integration times, in excess of 3000 seconds. If placed in Earth orbit, integration times of 160--1600 seconds can be achieved from most major telescope sites for objects in over 90% of the sky. Applications for BOSS include direct imaging of planets around nearby stars. Planets separated by as little as 0.1--0.25 arcseconds from the star they orbit could be seen down to a relative intensity as little as 1e-9 around a magnitude 8 (or brighter) star. Other applications include ultra-high resolution imaging of compound sources, such as microlensed stars and quasars, down to a resolution as little as 0.1 milliarcseconds.Comment: 25pages, 4 figures, uses aaspp4, rotate, and epsfig. Submitted to the Astrophysical Journal. For more details see http://erebus.phys.cwru.edu/~boss

Resource Letter: The Standard Model and Beyond

This Resource Letter provides a guide to literature on the Standard Model of elementary particles and possible extensions. In the successful theory of quarks and leptons and their interactions, important questions remain, such as the mechanism of electroweak symmetry breaking, the origin of quark and lepton masses, the source of the baryon asymmetry of the Universe, and the makeup of its matter and energy density. References are cited for quarks and leptons, gauge theories, color and chromodynamics, weak interactions, electroweak unification, CP violation, dynamics of heavy quarks, Higgs bosons, precision electroweak measurements, supersymmetry, dynamical electroweak symmetry breaking, composite quarks and leptons, grand unification and extended gauge groups, string theories, large extra dimensions, neutrino masses, cosmic microwave background radiation, dark matter, dark energy, accelerator facilities, and non-accelerator experiments.Comment: 43 pages, LaTeX, no figures, to be published in Am. J. Phys. References further updated to January 200