Strengthening the security of cognitive packet networks

Route selection in cognitive packet networks (CPNs) occurs continuously for active flows and is driven by the users' choice of a quality of service (QoS) goal. Because routing occurs concurrently to packet forwarding, CPN flows are able to better deal with unexpected variations in network status, while still achieving the desired QoS. Random neural networks (RNNs) play a key role in CPN routing and are responsible to the next-hop decision making of CPN packets. By using reinforcement learning, RNNs' weights are continuously updated based on expected QoS goals and information that is collected by packets as they travel on the network experiencing the current network conditions. CPN's QoS performance had been extensively investigated for a variety of operating conditions. Its dynamic and self-adaptive properties make them suitable for withstanding availability attacks, such as those caused by worm propagation and denial-of-service attacks. However, security weaknesses related to confidentiality and integrity attacks have not been previously examined. Here, we look at related network security threats and propose mechanisms that could enhance the resilience of CPN to confidentiality, integrity and availability attacks

Capacity Based Evacuation with Dynamic Exit Signs

Exit paths in buildings are designed to minimise evacuation time when the building is at full capacity. We present an evacuation support system which does this regardless of the number of evacuees. The core concept is to even-out congestion in the building by diverting evacuees to less-congested paths in order to make maximal usage of all accessible routes throughout the entire evacuation process. The system issues a set of flow-optimal routes using a capacity-constrained routing algorithm which anticipates evolutions in path metrics using the concept of "future capacity reservation". In order to direct evacuees in an intuitive manner whilst implementing the routing algorithm's scheme, we use dynamic exit signs, i.e. whose pointing direction can be controlled. To make this system practical and minimise reliance on sensors during the evacuation, we use an evacuee mobility model and make several assumptions on the characteristics of the evacuee flow. We validate this concept using simulations, and show how the underpinning assumptions may limit the system's performance, especially in low-headcount evacuations

Intelligent multi-agent system for intrusion detection and countermeasures

Intelligent mobile agent systems offer a new approach to implementing intrusion detection systems (IDS). The prototype intrusion detection system, MAIDS, demonstrates the benefits of an agent-based IDS, including distributing the computational effort, reducing the amount of information sent over the network, platform independence, asynchronous operation, and modularity offering ease of updates. Anomaly detection agents use machine learning techniques to detect intrusions; one such agent processes streams of system calls from privileged processes. Misuse detection agents match known problems and correlate events to detect intrusions. Agents report intrusions to other agents and to the system administrator through the graphical user interface (GUI);A sound basis has been created for the intrusion detection system. Intrusions have been modeled using the Software Fault Tree Analysis (SFTA) technique; when augmented with constraint nodes describing trust, contextual, and temporal relationships, the SFTA forms a basis for stating the requirements of the intrusion detection system. Colored Petri Nets (CPN) have been created to model the design of the Intrusion Detection System. Algorithmic transformations are used to create CPN templates from augmented SFT and to create implementation templates from CPNs. The implementation maintains the CPN semantics in the distributed agent-based intrusion detection system

Performance evaluation of the Cognitive Packet Network in the presence of network worms

Reliable networks that provide good service quality are expected to become more crucial in every aspect of communication, especially as the information transferred between network users gets more complex and demanding and as malicious users try to deliberately degrade or altogether deny legitimate network service. The Cognitive Packet Network (CPN) routing protocol provides Quality of Service (QoS) driven routing and performs self-improvement in a distributed manner, by learning from the experience of special packets, which gather on-line QoS measurements and discover new routes. Although CPN is generally very resilient to network changes, it may suffer worse performance during node failures caused by network threats, such as network worms. Here we evaluate the performance of CPN in such crises and compare it with the Open Shortest Path First (OSPF) routing protocol, an industry standard and widely used in Internet Protocol networks. We also improve it by introducing a failure detection element that reduces packet loss and delay during failures. Our experiments were performed in a real networking testbed

Automatic detection of DoS vulnerabilities of cryptographic protocols

In this article the subject of DoS vulnerabilities of cryptographic key establishment and authentication protocols is discussed. The system for computer-aided DoS protocol resistance analysis, which employs the Petri nets formalism and Spin model-checker, is presented

Perspectives on the Intracellular Bacterium Chlamydia pneumoniae in Late-Onset Dementia

Purpose of Review Chronic diseases remain a daunting challenge for clinicians and researchers alike. While difficult to completely understand, most chronic diseases, including late-onset dementias, are thought to arise as an interplay between host genetic factors and environmental insults. One of the most diverse and ubiquitous environmental insults centers on infectious agents. Associations of infectious agents with late-onset dementia have taken on heightened importance, including our investigations of infection by the intracellular respiratory bacterium, Chlamydia pneumoniae (Cpn), in late-onset dementia of the Alzheimer’s type. Recent Findings Over the last two decades, the relationship of this infection to pathogenesis in late-onset dementia has become much clearer. This clarity has resulted from applying contemporary molecular genetic, biochemical, immunochemical, and cell culture techniques to analysis of human brains, animal models, and relevant in vitro cell culture systems. Data from these studies, taken in aggregate form, now can be applied to evaluation of proof of concept for causation of this infection with late-onset disease. In this evaluation, modifications to the original Koch postulates can be useful for elucidating causation. Summary All such relevant studies are outlined and summarized in this review, and they demonstrate the utility of applying modified Koch postulates to the etiology of late-onset dementia of the Alzheimer’s type. Regardless, it is clear that even with strong observational evidence, in combination with application of modifications of Koch’s postulates, we will not be able to conclusively state that Cpn infection is causative for disease pathogenesis in late-onset dementia. Moreover, this conclusion obtains as well for the putative causation of this condition by other pathogens, including herpes simplex virus type 1, Borrelia burgdorferi, and Porphyromonas gingivalis

A model to study cyber attack mechanics and denial-of-service exploits over the internet\u27s router infrastructure using colored petri nets

The Internet‟s router infrastructure, a scale-free computer network, is vulnerable to targeted denial-of-service (DoS) attacks. Protecting this infrastructure‟s stability is a vital national interest because of the dependence of economic and national security transactions on the Internet. Current defensive countermeasures that rely on monitoring specific router traffic have been shown to be costly, inefficient, impractical, and reactive rather than anticipatory. To address these issues, this research investigation considers a new paradigm that relies on the systemic changes that occur during a cyber attack, rather than individual router traffic anomalies. It has been hypothesized in the literature that systemic knowledge of cyber attack mechanics can be used to infer the existence of an exploit in its formative stages, before severe network degradation occurs. The study described here targeted DoS attacks against large-scale computer networks. To determine whether this new paradigm can be expressed though the study of subtle changes in the physical characteristics of the Internet‟s connectivity environment, this research developed a first of its kind Colored Petri Net (CPN) model of the United States AT&T router connectivity topology. By simulating the systemic affects of a DoS attack over this infrastructure, the objectives of this research were to (1) determine whether it is possible to detect small subtle changes in the connectivity environment of the Internet‟s router connectivity infrastructure that occur during a cyber attack; and (2) if the first premise is valid, to ascertain the feasibility of using these changes as a means for (a) early infrastructure attack detection and (b) router infrastructure protection strategy development against these attacks. Using CPN simulations, this study determined that systemic network changes can be detected in the early stages of a cyber attack. Specifically, this research has provided evidence that using knowledge of the Internet‟s connectivity topology and its physical characteristics to protect the router infrastructure from targeted DoS attacks is feasible. In addition, it is plausible to use these techniques to detect targeted DoS attacks and may lead to new network security tools

Genome-wide analysis of ivermectin response by Onchocerca volvulus reveals that genetic drift and soft selective sweeps contribute to loss of drug sensitivity

Treatment of onchocerciasis using mass ivermectin administration has reduced morbidity and transmission throughout Africa and Central/South America. Mass drug administration is likely to exert selection pressure on parasites, and phenotypic and genetic changes in several Onchocerca volvulus populations from Cameroon and Ghana-exposed to more than a decade of regular ivermectin treatment-have raised concern that sub-optimal responses to ivermectin's anti-fecundity effect are becoming more frequent and may spread.Pooled next generation sequencing (Pool-seq) was used to characterise genetic diversity within and between 108 adult female worms differing in ivermectin treatment history and response. Genome-wide analyses revealed genetic variation that significantly differentiated good responder (GR) and sub-optimal responder (SOR) parasites. These variants were not randomly distributed but clustered in ~31 quantitative trait loci (QTLs), with little overlap in putative QTL position and gene content between the two countries. Published candidate ivermectin SOR genes were largely absent in these regions; QTLs differentiating GR and SOR worms were enriched for genes in molecular pathways associated with neurotransmission, development, and stress responses. Finally, single worm genotyping demonstrated that geographic isolation and genetic change over time (in the presence of drug exposure) had a significantly greater role in shaping genetic diversity than the evolution of SOR.This study is one of the first genome-wide association analyses in a parasitic nematode, and provides insight into the genomics of ivermectin response and population structure of O. volvulus. We argue that ivermectin response is a polygenically-determined quantitative trait (QT) whereby identical or related molecular pathways but not necessarily individual genes are likely to determine the extent of ivermectin response in different parasite populations. Furthermore, we propose that genetic drift rather than genetic selection of SOR is the underlying driver of population differentiation, which has significant implications for the emergence and potential spread of SOR within and between these parasite populations