Blindspot: Indistinguishable Anonymous Communications

Communication anonymity is a key requirement for individuals under targeted surveillance. Practical anonymous communications also require indistinguishability - an adversary should be unable to distinguish between anonymised and non-anonymised traffic for a given user. We propose Blindspot, a design for high-latency anonymous communications that offers indistinguishability and unobservability under a (qualified) global active adversary. Blindspot creates anonymous routes between sender-receiver pairs by subliminally encoding messages within the pre-existing communication behaviour of users within a social network. Specifically, the organic image sharing behaviour of users. Thus channel bandwidth depends on the intensity of image sharing behaviour of users along a route. A major challenge we successfully overcome is that routing must be accomplished in the face of significant restrictions - channel bandwidth is stochastic. We show that conventional social network routing strategies do not work. To solve this problem, we propose a novel routing algorithm. We evaluate Blindspot using a real-world dataset. We find that it delivers reasonable results for applications requiring low-volume unobservable communication.Comment: 13 Page

Activation-Induced Cytidine Deaminase (AID)-Associated Multigene Signature to Assess Impact of AID in Etiology of Diseases with Inflammatory Component

Activation-induced cytidine deaminase (AID) is expressed in B cells within germinal centers and is critically involved in class switch recombination and somatic hypermutation of immunoglobulin loci. Functionally active AID can additionally be detected within ectopic follicular structures developed at sites of chronic inflammation. Furthermore, AID may target non-Ig genes in B- and non-B-cell background. Therefore, AID-associated effects are of increasing interest in disease areas such as allergy, inflammation, autoimmunity, and cancer

Cyberprints: Identifying Cyber Attackers by Feature Analysis

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather, store, and analyze any data relevant to an attack), omnipresence (the ability to place sensors wherever necessary regardless of jurisdiction or ownership), and \emph{a priori} positioning (ignorance of the real costs of placing sensors in speculative locations). The reality is that attribution must be able to occur with only the information available directly to a forensic analyst, gathered within the target network, using budget-conscious placement of sensors and analyzers. These assumptions require a new form of attribution. This work evaluates the use of a number of network-level features as an analog of stylistic markers in literature. We find that principal component analysis is not a useful tool in analyzing these features. We are, however, able to perform Kolmogorov-Smirnov comparisons upon the feature set distributions directly to find a subset of the examined features which hold promise for forming the foundation of a \emph{Cyberprint}. This foundation could be used to examine other potential features for discriminatory power, and to establish a new direction for network forensic analysis

Gather-and-broadcast frequency control in power systems

We propose a novel frequency control approach in between centralized and distributed architectures, that is a continuous-time feedback control version of the dual decomposition optimization method. Specifically, a convex combination of the frequency measurements is centrally aggregated, followed by an integral control and a broadcast signal, which is then optimally allocated at local generation units. We show that our gather-and-broadcast control architecture comprises many previously proposed strategies as special cases. We prove local asymptotic stability of the closed-loop equilibria of the considered power system model, which is a nonlinear differential-algebraic system that includes traditional generators, frequency-responsive devices, as well as passive loads, where the sources are already equipped with primary droop control. Our feedback control is designed such that the closed-loop equilibria of the power system solve the optimal economic dispatch problem

A Platform for Proactive, Risk-Based Slope Asset Management, Phase II

INE/AUTC 15.0

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Entity Recognition via Multimodal Sensor Fusion with Smart Phones

This thesis serves as an exploration that takes the sensors within a cell phone beyond the current state of recognition activities. Current state of the art sensor recognition processes tend to focus on recognizing user activity. Utilizing the same sensors available for user activity classification, this thesis validates the ability to gather data about entities separate from the user carrying the smart phone. With the ability to sense entities, the ability to recognize and classify a multitude of items, situations, and phenomena opens a new realm of possibilities for how devices perceive and react to their environment

Re-feedback: freedom with accountability for causing congestion in a connectionless internetwork

This dissertation concerns adding resource accountability to a simplex internetwork such as the Internet, with only necessary but sufficient constraint on freedom. That is, both freedom for applications to evolve new innovative behaviours while still responding responsibly to congestion; and freedom for network providers to structure their pricing in any way, including flat pricing. The big idea on which the research is built is a novel feedback arrangement termed ‘re-feedback’. A general form is defined, as well as a specific proposal (re-ECN) to alter the Internet protocol so that self-contained datagrams carry a metric of expected downstream congestion. Congestion is chosen because of its central economic role as the marginal cost of network usage. The aim is to ensure Internet resource allocation can be controlled either by local policies or by market selection (or indeed local lack of any control). The current Internet architecture is designed to only reveal path congestion to end-points, not networks. The collective actions of self-interested consumers and providers should drive Internet resource allocations towards maximisation of total social welfare. But without visibility of a cost-metric, network operators are violating the architecture to improve their customer’s experience. The resulting fight against the architecture is destroying the Internet’s simplicity and ability to evolve. Although accountability with freedom is the goal, the focus is the congestion metric, and whether an incentive system is possible that assures its integrity as it is passed between parties around the system, despite proposed attacks motivated by self-interest and malice. This dissertation defines the protocol and canonical examples of accountability mechanisms. Designs are all derived from carefully motivated principles. The resulting system is evaluated by analysis and simulation against the constraints and principles originally set. The mechanisms are proven to be agnostic to specific transport behaviours, but they could not be made flow-ID-oblivious