Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World

This report documents the program and the outcomes of GI-Dagstuhl Seminar 16394 "Software Performance Engineering in the DevOps World". The seminar addressed the problem of performance-aware DevOps. Both, DevOps and performance engineering have been growing trends over the past one to two years, in no small part due to the rise in importance of identifying performance anomalies in the operations (Ops) of cloud and big data systems and feeding these back to the development (Dev). However, so far, the research community has treated software engineering, performance engineering, and cloud computing mostly as individual research areas. We aimed to identify cross-community collaboration, and to set the path for long-lasting collaborations towards performance-aware DevOps. The main goal of the seminar was to bring together young researchers (PhD students in a later stage of their PhD, as well as PostDocs or Junior Professors) in the areas of (i) software engineering, (ii) performance engineering, and (iii) cloud computing and big data to present their current research projects, to exchange experience and expertise, to discuss research challenges, and to develop ideas for future collaborations

An Overview on the Generation and Detection of Synthetic and Manipulated Satellite Images

Due to the reduction of technological costs and the increase of satellites launches, satellite images are becoming more popular and easier to obtain. Besides serving benevolent purposes, satellite data can also be used for malicious reasons such as misinformation. As a matter of fact, satellite images can be easily manipulated relying on general image editing tools. Moreover, with the surge of Deep Neural Networks (DNNs) that can generate realistic synthetic imagery belonging to various domains, additional threats related to the diffusion of synthetically generated satellite images are emerging. In this paper, we review the State of the Art (SOTA) on the generation and manipulation of satellite images. In particular, we focus on both the generation of synthetic satellite imagery from scratch, and the semantic manipulation of satellite images by means of image-transfer technologies, including the transformation of images obtained from one type of sensor to another one. We also describe forensic detection techniques that have been researched so far to classify and detect synthetic image forgeries. While we focus mostly on forensic techniques explicitly tailored to the detection of AI-generated synthetic contents, we also review some methods designed for general splicing detection, which can in principle also be used to spot AI manipulate imagesComment: 25 pages, 17 figures, 5 tables, APSIPA 202

Characterising attacks targeting low-cost routers: a MikroTik case study (Extended)

Attacks targeting network infrastructure devices pose a threat to the security of the internet. An attack targeting such devices can affect an entire autonomous system. In recent years, malware such as VPNFilter, Navidade, and SonarDNS has been used to compromise low-cost routers and commit all sorts of cybercrimes from DDoS attacks to ransomware deployments. Routers of the type concerned are used both to provide last-mile access for home users and to manage interdomain routing (BGP). MikroTik is a particular brand of low-cost router. In our previous research, we found more than 4 million MikroTik routers available on the internet. We have shown that these devices are also popular in Internet Exchange infrastructures. Despite their popularity, these devices are known to have numerous vulnerabilities. In this paper, we extend our previous analysis by presenting a long-term investigation of MikroTik-targeted attacks. By using a highly interactive honeypot that we developed, we collected more than 44 million packets over 120 days, from sensors deployed in Australia, Brazil, China, India, the Netherlands, and the United States. The incoming traffic was classified on the basis of Common Vulnerabilities and Exposures to detect attacks targeting MikroTik devices. That enabled us to identify a wide range of activities on the system, such as cryptocurrency mining, DNS server redirection, and more than 3,000 successfully established tunnels used for eavesdropping. Although this research focuses on Mikrotik devices, both the methodology and the publicly available scripts can be easily applied to any other type of network device

Face comparison in forensics:A deep dive into deep learning and likelihood rations

This thesis explores the transformative potential of deep learning techniques in the field of forensic face recognition. It aims to address the pivotal question of how deep learning can advance this traditionally manual field, focusing on three key areas: forensic face comparison, face image quality assessment, and likelihood ratio estimation. Using a comparative analysis of open-source automated systems and forensic experts, the study finds that automated systems excel in identifying non-matches in low-quality images, but lag behind experts in high-quality settings. The thesis also investigates the role of calibration methods in estimating likelihood ratios, revealing that quality score-based and feature-based calibrations are more effective than naive methods. To enhance face image quality assessment, a multi-task explainable quality network is proposed that not only gauges image quality, but also identifies contributing factors. Additionally, a novel images-to-video recognition method is introduced to improve the estimation of likelihood ratios in surveillance settings. The study employs multiple datasets and software systems for its evaluations, aiming for a comprehensive analysis that can serve as a cornerstone for future research in forensic face recognition

Robotic vacuum evidence recovery for low yield samples overlooked post investigation

Prioritization during a criminal investigation is always the most challenging aspect for a crime scene investigator. For the purpose of not letting any biological evidence go undetected, research into different collection techniques is being investigated. Different types of collection techniques suitable for collecting all potential forensic evidence types were reviewed to determine the most efficient technique suitable at detecting minute amounts of biological material. Forensic Intelligence is also explored due to the importance of crime scene linking and the incorporation of current databases to assist criminal investigations. The main aim of this review is to demonstrate, that collecting all possible unnoticed biological material is very important, as even the most minute samples can help solve a criminal investigation. This is to be assessed using a robotic vacuum device, to ensure mass coverage of an area of interest

Impact Assessment, Detection, and Mitigation of False Data Attacks in Electrical Power Systems

The global energy market has seen a massive increase in investment and capital flow in the last few decades. This has completely transformed the way power grids operate - legacy systems are now being replaced by advanced smart grid infrastructures that attest to better connectivity and increased reliability. One popular example is the extensive deployment of phasor measurement units, which is referred to PMUs, that constantly provide time-synchronized phasor measurements at a high resolution compared to conventional meters. This enables system operators to monitor in real-time the vast electrical network spanning thousands of miles. However, a targeted cyber attack on PMUs can prompt operators to take wrong actions that can eventually jeopardize the power system reliability. Such threats originating from the cyber-space continue to increase as power grids become more dependent on PMU communication networks. Additionally, these threats are becoming increasingly efficient in remaining undetected for longer periods while gaining deep access into the power networks. An attack on the energy sector immediately impacts national defense, emergency services, and all aspects of human life. Cyber attacks against the electric grid may soon become a tactic of high-intensity warfare between nations in near future and lead to social disorder. Within this context, this dissertation investigates the cyber security of PMUs that affects critical decision-making for a reliable operation of the power grid. In particular, this dissertation focuses on false data attacks, a key vulnerability in the PMU architecture, that inject, alter, block, or delete data in devices or in communication network channels. This dissertation addresses three important cyber security aspects - (1) impact assessment, (2) detection, and (3) mitigation of false data attacks. A comprehensive background of false data attack models targeting various steady-state control blocks is first presented. By investigating inter-dependencies between the cyber and the physical layers, this dissertation then identifies possible points of ingress and categorizes risk at different levels of threats. In particular, the likelihood of cyber attacks against the steady-state power system control block causing the worst-case impacts such as cascading failures is investigated. The case study results indicate that false data attacks do not often lead to widespread blackouts, but do result in subsequent line overloads and load shedding. The impacts are magnified when attacks are coordinated with physical failures of generators, transformers, or heavily loaded lines. Further, this dissertation develops a data-driven false data attack detection method that is independent of existing in-built security mechanisms in the state estimator. It is observed that a convolutional neural network classifier can quickly detect and isolate false measurements compared to other deep learning and traditional classifiers. Finally, this dissertation develops a recovery plan that minimizes the consequence of threats when sophisticated attacks remain undetected and have already caused multiple failures. Two new controlled islanding methods are developed that minimize the impact of attacks under the lack of, or partial information on the threats. The results indicate that the system operators can successfully contain the negative impacts of cyber attacks while creating stable and observable islands. Overall, this dissertation presents a comprehensive plan for fast and effective detection and mitigation of false data attacks, improving cyber security preparedness, and enabling continuity of operations

The Investigative Factors in Whodunit Homicides: Italian Case

Gli studi sulla risolvibilità dei casi di omicidio si sono tradizionalmente focalizzati sull'esame dei fattori relativi alle caratteristiche delle vittime o degli autori oppure sulle circostanze che caratterizzano l’evento omicidiario. Vi è infatti una certa carenza di ricerche finalizzate ad accertare la potenziale influenza dei fattori legati al processo investigativo sul positivo esito delle indagini. Ciò è dovuto principalmente alle difficoltà legate all'ottenimento dei dati necessari, che non possono essere recuperati nelle banche dati di polizia su cui tali studi si basano abitualmente, ma possono essere ottenuti solo attraverso la cooperazione degli investigatori stessi. Attraverso la distribuzione di un sondaggio a quasi un centinaio di investigatori appartenenti all’Arma dei Carabinieri, questa ricerca ha identificato una serie di fattori investigativi alcuni dei quali sono risultati positivamente correlati con la soluzione dei casi di omicidio trattati. Più specificamente, i risultati emersi dall'analisi statistica descrittiva e inferenziale hanno corroborato le ipotesi di partenza, secondo cui l'implementazione di alcune buone pratiche associate ad un’efficace gestione delle risorse umane, alla scrupolosa esecuzione delle attività condotte sulla scena del crimine, nonché ad alcune specifiche strategie e tecniche investigative possono aumentare significativamente la soluzione dei casi. Il presente studio contribuisce al dibattito accademico in primo luogo introducendo un approccio olistico attraverso il quale valutare l'effetto dei fattori investigativi sulla risoluzione di quei casi di omicidio che richiedono un certo livello di sforzo investigativo da parte delle forze di polizia e, in secondo luogo, proponendo alcune innovative prospettive attraverso le quali superare i limiti della letteratura esistente.Research on homicide clearance has traditionally focussed on examining factors pertaining to the characteristics of the victims or perpetrators or the circumstances surrounding the murder. There has been a relative dearth of research addressing the potential influence of investigative factors on the positive outcomes of murder investigations. This was primarily due to the difficulties involved in obtaining the requisite data, which cannot be found in the police databases that such studies routinely rely on, but rather can only be obtained via the cooperation of detectives themselves. Through administering a survey to almost one-hundred Italian Carabinieri homicide detectives, this research identified a number of investigative factors that have been observed in previous studies, of which some were found to be positively correlated with clearance. More specifically, the findings emerging out of the descriptive and inferential statistical analysis conducted for the purposes of this research corroborated the study’s hypotheses, which posited that the implementation of certain best practices associated with human resource management, crime scene activities, investigative strategies and techniques can positively impact upon homicide clearance. The present study contributes to academic debates on homicide clearance, firstly, by introducing a holistic approach through which to evaluate the effect of investigative factors on solving those murder cases which require a certain level of investigative effort on the behalf of the police, and secondly, by presenting avenues through which to overcome the limitations in extant literature

Techniques, Taxonomy, and Challenges of Privacy Protection in the Smart Grid

As the ease with which any data are collected and transmitted increases, more privacy concerns arise leading to an increasing need to protect and preserve it. Much of the recent high-profile coverage of data mishandling and public mis- leadings about various aspects of privacy exasperates the severity. The Smart Grid (SG) is no exception with its key characteristics aimed at supporting bi-directional information flow between the consumer of electricity and the utility provider. What makes the SG privacy even more challenging and intriguing is the fact that the very success of the initiative depends on the expanded data generation, sharing, and pro- cessing. In particular, the deployment of smart meters whereby energy consumption information can easily be collected leads to major public hesitations about the tech- nology. Thus, to successfully transition from the traditional Power Grid to the SG of the future, public concerns about their privacy must be explicitly addressed and fears must be allayed. Along these lines, this chapter introduces some of the privacy issues and problems in the domain of the SG, develops a unique taxonomy of some of the recently proposed privacy protecting solutions as well as some if the future privacy challenges that must be addressed in the future.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/111644/1/Uludag2015SG-privacy_book-chapter.pd