Context-aware adaptation in DySCAS

DySCAS is a dynamically self-configuring middleware for automotive control systems. The addition of autonomic, context-aware dynamic configuration to automotive control systems brings a potential for a wide range of benefits in terms of robustness, flexibility, upgrading etc. However, the automotive systems represent a particularly challenging domain for the deployment of autonomics concepts, having a combination of real-time performance constraints, severe resource limitations, safety-critical aspects and cost pressures. For these reasons current systems are statically configured. This paper describes the dynamic run-time configuration aspects of DySCAS and focuses on the extent to which context-aware adaptation has been achieved in DySCAS, and the ways in which the various design and implementation challenges are met

DYNAMIC DATA EXFILTRATION OVER COMMON PROTOCOLS VIA SOCKET LAYER PROTOCOL CUSTOMIZATION

Obfuscated data exfiltration perpetrated by malicious actors presents a significant threat to organizations looking to protect sensitive data. Socket layer protocol customization presents the potential to enhance obfuscated data exfiltration by providing a protocol-agnostic means of embedding targeted data within application payloads of established socket connections. Fully evaluating and characterizing this technique will serve as an important step in the development of suitable mitigations. This thesis evaluated the performance of this method of data exfiltration through experimentation to determine its viability and identify its limitations. The evaluation assessed the effectiveness of exfiltration via socket layer customization with various application protocols and characterized its use to determine the most suitable protocols. Basic host-based and network-based security controls were introduced to test the exfiltration method’s ability to bypass typical security controls implemented to prevent data exfiltration. The experimentation results indicate that this exfiltration method is both viable and applicable across multiple application protocols. It proved flexible enough in its design and configuration to bypass basic host-based access controls and general network intrusion prevention system packet inspection. Deep packet inspection was identified as a potential solution; however, the required inspection and filtering granularity might make implementation infeasible.Office of Naval Research, Arlington, VA 22203-1995Outstanding ThesisPetty Officer First Class, United States NavyApproved for public release. Distribution is unlimited

Data Exfiltration via Flow Hijacking at the Socket Layer

The severity of data exfiltration attacks is well known, and operators have begun deploying elaborate host and network security controls to counter this threat. Consequently, malicious actors spare no efforts finding methods to obfuscate their attacks within common network traffic. In this paper, we expose a new type of application transparent, kernel level data exfiltration attacks. By embedding data into application messages while they are held in socket buffers outside of applications, the attacks have the flexibility to hijack flows of multiple distinct applications at a time. Furthermore, we assess the practical implications of the attacks using a testbed emulating a typical data exfiltration scenario. We first prototype required attack functionalities with existing Layer 4.5 application message customization software, and then perform flow hijacking experiments with respect to six common application protocols. The results confirm the flexibility of socket layer attacks and their ability to evade typical security controls

Customized Software in Distributed Embedded Systems: ISOBUS and the Coming Revolution in Agriculture

The electrification of agricultural equipment has been evolving for many years and in some ways is lagging behind other industries. However this strategy of following the lead of other industries now offers Ag the opportunity to move forward at a revolutionary pace. Network standards defined by the Society of Automotive Engineers (SAE) and the International Organization for Standardization (ISO) committees are the basis for defining a rulebook for this industrystandardizing worldwide electronics interoperability. ISOBUS (ISO 11783) which defines a physical standard between tractors and implements will be an important enabler for most new product definitions. The foundation of this coming revolution will be provided through software. This paper outlines the electronics hardware and software architecture for off-road vehicles that allows for implementation of customized machine control features. There are several key areas discussed. The first enabler for this revolution is a software development and delivery system that defines a design methodology for creating and delivering software modules for a distributed set of controllers. This design methodology presents two advantages that today’s modern electronic technologies can deliver: 1) Customization with commodity hardware and 2) Service without replacing hardware parts anywhere in the world. The second enabler for this machine revolution is an ‘agile’ process to develop the software. Many product ideas are being valuated through a trial and error and continuous improvement process. Software will play an important enabler for these product definitions. A comparison between the worldwide trend for software processes, the Capability Maturity Model (CMM), and what type of process would fit the offroad industry is based around the maturity of the new product ideas. The strong supply chain link between dealers and customers for off-road machines, coupled with the emerging awareness of electronic functions and controls, sets a basis for a specialized software development process. An important enabler for this ‘agile’ process is the re-use of code and incremental testing with reviews. The history of the off-road machine business has been based on proven designs and long times between model updates. However, the worldwide adoption of the ISOBUS standard is poised to change this history. ISOBUS is not only establishing an open system for interoperability, it is establishing a sequence of features for diagnostics, sequenced operations, and information management. As customers discover these capabilities, they will expect them to be further advanced and customized for their specific needs. This requires adding agility into the proven durable processes so that manufacturers can respond faster to these growing needs. Electronics, and especially well-planned software systems, offer an agile technology for meeting this coming need. This paper presents the benchmarking of various embedded software development projects relating project content, project rigor, and quality. From this, insights into maintaining quality are gained in order to include agility into a durable development project. Also, risk and rewards of leveraging low cost country software development skills are addressed to stretch resources or even develop common resources for software systems

Beyond XSPEC: Towards Highly Configurable Analysis

We present a quantitative comparison between software features of the defacto standard X-ray spectral analysis tool, XSPEC, and ISIS, the Interactive Spectral Interpretation System. Our emphasis is on customized analysis, with ISIS offered as a strong example of configurable software. While noting that XSPEC has been of immense value to astronomers, and that its scientific core is moderately extensible--most commonly via the inclusion of user contributed "local models"--we identify a series of limitations with its use beyond conventional spectral modeling. We argue that from the viewpoint of the astronomical user, the XSPEC internal structure presents a Black Box Problem, with many of its important features hidden from the top-level interface, thus discouraging user customization. Drawing from examples in custom modeling, numerical analysis, parallel computation, visualization, data management, and automated code generation, we show how a numerically scriptable, modular, and extensible analysis platform such as ISIS facilitates many forms of advanced astrophysical inquiry.Comment: Accepted by PASP, for July 2008 (15 pages

Implementation of Configurable Information Systems: Negotiations between Global Principles and Local Contexts

Among the new forms of technology that overwhelm information systems research and practice, configurable information systems refers to technologies that are built up from a range of components to meet the very specific requirements of a particular client organization. Software packages like enterprise resources planning (ERP) are good illustrations of configurable IS because they typically provide hundreds, or even thousands, of discrete features and data items that can be combined in multiple ways. They cannot be seen independently from their representations through external intermediaries (mediators), who “speak” for the technology by providing images, descriptions, policies, templates and, very often, solutions. From a critical-interpretive view, this paper proposes a new way of understanding the implementation of configurable solutions. Using seven retrospective case studies, we investigate the relationship built by clients and consultants during the configurational process, where visions of how the technology should operate are negotiated. Different degrees of dependencies are mutually constructed, maintained, and transformed in the long run, influencing the global- local negotiation and the project results. The main contribution of this research is (1) to recognize different patterns of mediation, i.e., different types of client-consultant relationships, and the different types of trajectories in terms of global-local negotiation these patterns are likely to produce; (2) to address how initial organizational decisions in terms of power and knowledge distribution between clients and consultants influence the negotiation between global principles and local contexts; and (3) to identify mediating strategies that may help organizations improve global-local negotiations and, hopefully, improve the benefit of embarking on such costly and risky projects

Active networks: an evolution of the internet

Active Networks can be seen as an evolution of the classical model of packet-switched networks. The traditional and ”passive” network model is based on a static definition of the network node behaviour. Active Networks propose an “active” model where the intermediate nodes (switches and routers) can load and execute user code contained in the data units (packets). Active Networks are a programmable network model, where bandwidth and computation are both considered shared network resources. This approach opens up new interesting research fields. This paper gives a short introduction of Active Networks, discusses the advantages they introduce and presents the research advances in this field