An ownership-base message admission control mechanism for curbing spam

Unsolicited e-mail has brought much annoyance to users, thus, making e-mail less reliable as a communication tool. This has happened because current email architecture has key limitations. For instance, while it allows senders to send as many messages as they want, it does not provide adequate capability to recipients to prevent unrestricted access to their mailbox. This research develops a new approach to equip recipients with ability to control access to their mailbox.This thesis builds an ownership-based approach to control mailbox usage employing the CyberOrgs model. CyberOrgs is a model that provides facilities to control resources in multi-agent systems. We consider a mailbox to be a precious resource of its owner. Any access to the resource requires its owner's permission. Thus, we give recipients a capability to manage their valuable resource - mailbox. In our approach, message senders obtain a permission to send messages through negotiation. In this negotiation, a sender makes a proposal and the intended recipient evaluates the proposal according to their own policies. A sender's desired outcome of a negotiation is a contract, which conducts the subsequent communication between the sender and the recipient. Contracts help senders and recipients construct a long-term relationship.Besides allowing individuals to control their mailbox, we consider groups, which represent organizations in human society, in order to allow organizations to manage their resources including mailboxes, message sending allowances, and contracts.A prototype based on our approach is implemented. In the prototype, policies are separated from the mechanisms. Examples of policies are presented and a public policy interface is exposed to allow programmers to develop custom policies. Experimental results demonstrate that the system performance is policy-dependent. In other words, as long as policies are carefully designed, communication involving negotiation has minimal overhead compared to communication in which senders deliver messages to recipients directly

Adaptive Response System for Distributed Denial-of-Service Attacks

The continued prevalence and severe damaging effects of the Distributed Denial of Service (DDoS) attacks in today’s Internet raise growing security concerns and call for an immediate response to come up with better solutions to tackle DDoS attacks. The current DDoS prevention mechanisms are usually inflexible and determined attackers with knowledge of these mechanisms, could work around them. Most existing detection and response mechanisms are standalone systems which do not rely on adaptive updates to mitigate attacks. As different responses vary in their “leniency” in treating detected attack traffic, there is a need for an Adaptive Response System. We designed and implemented our DDoS Adaptive ResponsE (DARE) System, which is a distributed DDoS mitigation system capable of executing appropriate detection and mitigation responses automatically and adaptively according to the attacks. It supports easy integrations for both signature-based and anomaly-based detection modules. Additionally, the design of DARE’s individual components takes into consideration the strengths and weaknesses of existing defence mechanisms, and the characteristics and possible future mutations of DDoS attacks. These components consist of an Enhanced TCP SYN Attack Detector and Bloom-based Filter, a DDoS Flooding Attack Detector and Flow Identifier, and a Non Intrusive IP Traceback mechanism. The components work together interactively to adapt the detections and responses in accordance to the attack types. Experiments conducted on DARE show that the attack detection and mitigation are successfully completed within seconds, with about 60% to 86% of the attack traffic being dropped, while availability for legitimate and new legitimate requests is maintained. DARE is able to detect and trigger appropriate responses in accordance to the attacks being launched with high accuracy, effectiveness and efficiency. We also designed and implemented a Traffic Redirection Attack Protection System (TRAPS), a stand-alone DDoS attack detection and mitigation system for IPv6 networks. In TRAPS, the victim under attack verifies the authenticity of the source by performing virtual relocations to differentiate the legitimate traffic from the attack traffic. TRAPS requires minimal deployment effort and does not require modifications to the Internet infrastructure due to its incorporation of the Mobile IPv6 protocol. Experiments to test the feasibility of TRAPS were carried out in a testbed environment to verify that it would work with the existing Mobile IPv6 implementation. It was observed that the operations of each module were functioning correctly and TRAPS was able to successfully mitigate an attack launched with spoofed source IP addresses

A method for securing online community service: A study of selected Western Australian councils

Since the Internet was made publicly accessible, it has become increasingly popular and its deployment has been broad and global thereby facilitating a range of available online services such as Electronic Mail (email), news or bulletins, Internet Relay Chat (IRC) and World Wide Web (WWW). Progressively, other online services such as telephony, video conference, video on demand, Interactive Television (ITV) and Geographic Information System (GIS) have been integrated with the Internet and become publicly available. Presently, Internet broadband communication services incorporating both wired and wireless network technologies has seen the emergence of the concept of a digital community which has been growing and expanding rapidly around the world. Internet and the ever expanding online services to the wider digital community has raised the issue of security of these services during usage. Most local councils throughout Western Australia have resorted to delivering online services such as library, online payments and email accessibility. The provision and usage of these services have inherent security risks. Consequently, this study investigated the concept of a secure digital community in the secure provision and usage of these online services in selected local councils in Western Australia (WA). After an extensive review of existing literature, information security frameworks were derived from the adaptation of various resources, such as the OSSTMM 2.2 Section C: Internet Technology Security benchmark which was used as the main template. In addition, this template was enhanced into a framework model by incorporating other benchmarks such as NIST, CIS, ISSAF as well as other sources of information. These included information security related books, related ICT network and security websites such as CERT, CheckPoint, Cisco, GFI, Juniper, MS, NESSUS and NMAP together with journals and personal interviews. The proposed information security frameworks were developed to enhance the level of security strength of the email and online web systems as well as to increase the level of confidence in the system security within the selected local councils in WA. All the investigative studies were based upon the available selected local councils’ data and the associated analyses of the results as obtained from the testing software. In addition, the interpretive multiple-case study principles were used during the investigation to achieve or fulfil the purpose of this study. The findings from this study were then abstracted for use in a framework and made available for use as a model for possible adaptation and implementation to other similarly structured councils or organisations. As a result, the study confirmed that the proposed information security frameworks have the capability and potential to improve the level of security strength. In addition, the level of satisfaction and confidence of council staff of the selected local councils in WA in the system security would also be increased due to the application of these frameworks. Although these information security frameworks may be recommended as practical and supporting tools for local councils, the findings from this study were specific only to the selected local councils used in this study. Further research using other councils, may be necessary in order for the information security frameworks to be adopted within a wider range of councils or organisations in WA or elsewhere

The 25th Annual Precise Time and Time Interval (PTTI) Applications and Planning Meeting

Papers in the following categories are presented: recent developments in rubidium, cesium, and hydrogen-based frequency standards, and in cryogenic and trapped-ion technology; international and transnational applications of precise time and time interval (PTTI) technology with emphasis on satellite laser tracking networks, GLONASS timing, intercomparison of national time scales and international telecommunication; applications of PTTI technology to the telecommunications, power distribution, platform positioning, and geophysical survey industries; application of PTTI technology to evolving military communications and navigation systems; and dissemination of precise time and frequency by means of GPS, GLONASS, MILSTAR, LORAN, and synchronous communications satellites

Implementation and analysis of the generalised new Mersenne number transforms for encryption

PhD ThesisEncryption is very much a vast subject covering myriad techniques to conceal and safeguard data and communications. Of the techniques that are available, methodologies that incorporate the number theoretic transforms (NTTs) have gained recognition, specifically the new Mersenne number transform (NMNT). Recently, two new transforms have been introduced that extend the NMNT to a new generalised suite of transforms referred to as the generalised NMNT (GNMNT). These two new transforms are termed the odd NMNT (ONMNT) and the odd-squared NMNT (O2NMNT). Being based on the Mersenne numbers, the GNMNTs are extremely versatile with respect to vector lengths. The GNMNTs are also capable of being implemented using fast algorithms, employing multiple and combinational radices over one or more dimensions. Algorithms for both the decimation-in-time (DIT) and -frequency (DIF) methodologies using radix-2, radix-4 and split-radix are presented, including their respective complexity and performance analyses. Whilst the original NMNT has seen a significant amount of research applied to it with respect to encryption, the ONMNT and O2NMNT can utilise similar techniques that are proven to show stronger characteristics when measured using established methodologies defining diffusion. Analyses in diffusion using a small but reasonably sized vector-space with the GNMNTs will be exhaustively assessed and a comparison with the Rijndael cipher, the current advanced encryption standard (AES) algorithm, will be presented that will confirm strong diffusion characteristics. Implementation techniques using general-purpose computing on graphics processing units (GPGPU) have been applied, which are further assessed and discussed. Focus is drawn upon the future of cryptography and in particular cryptology, as a consequence of the emergence and rapid progress of GPGPU and consumer based parallel processing

Proceedings of the Second International Mobile Satellite Conference (IMSC 1990)

Presented here are the proceedings of the Second International Mobile Satellite Conference (IMSC), held June 17-20, 1990 in Ottawa, Canada. Topics covered include future mobile satellite communications concepts, aeronautical applications, modulation and coding, propagation and experimental systems, mobile terminal equipment, network architecture and control, regulatory and policy considerations, vehicle antennas, and speech compression

Proceedings of the Fifth International Mobile Satellite Conference 1997

Satellite-based mobile communications systems provide voice and data communications to users over a vast geographic area. The users may communicate via mobile or hand-held terminals, which may also provide access to terrestrial communications services. While previous International Mobile Satellite Conferences have concentrated on technical advances and the increasing worldwide commercial activities, this conference focuses on the next generation of mobile satellite services. The approximately 80 papers included here cover sessions in the following areas: networking and protocols; code division multiple access technologies; demand, economics and technology issues; current and planned systems; propagation; terminal technology; modulation and coding advances; spacecraft technology; advanced systems; and applications and experiments

Technology 2002: The Third National Technology Transfer Conference and Exposition, volume 2

Proceedings from symposia of the Technology 2002 Conference and Exposition, December 1-3, 1992, Baltimore, MD. Volume 2 features 60 papers presented during 30 concurrent sessions

Auxiliary forces for the land defence of Great Britain, 1909-1919

A number of books in recent years have analysed the reasons behind R.B.Haldane's radical decision to create a home defence auxiliary designed to replace the Militia, Yeomanry and Rifle Volunteers. Rather than cover again material which has already been extensively examined, this study concentrates on the formation of the several auxiliary bodies which were intended to assist the new Territorial Force in its defence of mainland Britain. The thesis also looks at the dynamics which, in 1914, prompted the spontaneous emergence of another, unofficial auxiliary, the Volunteer Training Corps. Regarded with disdain and contempt by the War Office, the VTC, later the Volunteer Force, was used by the political authorities as a means by which the civilian population could, without excessive government expenditure, be encouraged to take an active part in the defence of its country. The Volunteer Force developed into a recognized body of part-time auxiliary soldiers which became, in time, intimately involved with the workings of the tribunal system and with the concepts of total war and universal sacrifice. In contrast to the military authorities' distrust of the Volunteers, the Government decided that political expediency demanded it partially support and eventually fund the movement. Although awarded a post-war certificate of appreciation, the Volunteers were denied any real official recognition of their patriotism and commitment. Research into Britain's auxiliary forces of the early twentieth century has largely ignored the contribution of the National Reserve, Corps of Guides, Royal Defence Corps and the Volunteer Force: their existence has occasionally been acknowledged but there has been no adequate study of the role of these bodies in the context of what some historians regard as a nation-in-arms. An examination of government documents, the papers of individuals closely involved in home defence and, in particular, the minute books of the County Territorial Associations, has revealed a sometimes bizarre and occasionally bewildering picture of Government and War Office contradictions. By unravelling the nature and complications of the political and military difficulties involved in raising and maintaining Britain's auxiliary forces, this thesis attempts to develop recent research on the character, controversies and contribution of Britain's part-time amateur soldiers

Toxic Substances Registry System. Index of Material Safety Data Sheets

The October 1994 revision of the KSC Toxic Substances Registry System (TSRS) Material Safety Data Sheets (MSD's) is presented. The listed MSD's which were submitted to the TSRS are maintained by the Base Operations Contractors of the Biomedical Operations and Research Office of KSC. The purpose of the index is to provide a means of accessing information on the hazards associated with the toxic and otherwise hazardous chemicals stored and used at KSC. Indices are provided for manufacturers, trademarks, and stock numbers