Architecture-centric support for security orchestration and automation

Security Orchestration, Automation and Response (SOAR) platforms leverage integration and orchestration technologies to (i) automate manual and repetitive labor-intensive tasks, (ii) provide a single panel of control to manage various types of security tools (e.g., intrusion detection system, antivirus and firewall) and (iii) streamline complex Incident Response Process (IRP) responses. SOAR platforms increase the operational efficiency of overwhelmed security teams in a Security Operation Centre (SOC) and accelerate the SOC’s defense and response capacity against ever-growing security incidents. Security tools, IRPs and security requirements form the underlying execution environment of SOAR platforms, which are changing rapidly due to the dynamic nature of security threats. A SOAR platform is expected to adapt continuously to these dynamic changes. Flexible integration, interpretation and interoperability of security tools are essential to ease the adaptation of a SOAR platform. However, most of the effort for designing and developing existing SOAR platforms are ad-hoc in nature, which introduces several engineering challenges and research challenges. For instance, the advancement of a SOAR platform increases its architectural complexity and makes the operation of such platforms difficult for end-users. These challenges come from a lack of a comprehensive view, design space and architectural support for SOAR platforms. This thesis aims to contribute to the growing realization that it is necessary to advance SOAR platforms by designing, implementing and evaluating architecture-centric support to address several of the existing challenges. The envisioned research and development activities require the identification of current practices and challenges of SOAR platforms; hence, a Multivocal Literature Review (MLR) has been designed, conducted and reported. The MLR identifies the functional and non-functional requirements, components and practices of a security orchestration domain, along with the open issues. This thesis advances the domain of a SOAR platform by providing a layered architecture, which considers the key functional and non-functional requirements of a SOAR platform. The proposed architecture is evaluated experimentally with a Proof of Concept (PoC) system, Security Tool Unifier (STUn), using seven security tools, a set of IRPs and playbooks. The research further identifies the need for and design of (i) an Artificial Intelligence (AI) based integration framework to interpret the activities of security tools and enable interoperability automatically, (ii) a semantic-based automated integration process to integrate security tools and (iii) AI-enabled design and generation of a declarative API from user query, namely DecOr, to hide the internal complexity of a SOAR platform from end-users. The experimental evaluation of the proposed approaches demonstrates that (i) consideration of architectural design decisions supports the development of an easy to interact with, modify and update SOAR platform, (ii) an AI-based integration framework and automated integration process provides effective and efficient integration and interpretation of security tools and IRPs and (iii) DecOr increases the usability and flexibility of a SOAR platform. This thesis is a useful resource and guideline for both practitioners and researchers who are working in the security orchestration domain. It provides an insight into how an architecture-centric approach, with incorporation of AI technologies, reduces the operational complexity of SOAR platforms.Thesis (Ph.D.) -- University of Adelaide, School of Computer Science, 202

Analyzing the Evolution of Inter-package Dependencies in Operating Systems: A Case Study of Ubuntu

An Operating System (OS) combines multiple interdependent software packages, which usually have their own independently developed architectures. When a multitude of independent packages are placed together in an OS, an implicit inter-package architecture is formed. For an evolutionary effort, designers/developers of OS can greatly benefit from fully understanding the system-wide dependency focused on individual files, specifically executable files, and dynamically loadable libraries. We propose a framework, DepEx, aimed at discovering the detailed package relations at the level of individual binary files and their associated evolutionary changes. We demonstrate the utility of DepEx by systematically investigating the evolution of a large-scale Open Source OS, Ubuntu. DepEx enabled us to systematically acquire and analyze the dependencies in different versions of Ubuntu released between 2005 (5.04) to 2023 (23.04). Our analysis revealed various evolutionary trends in package management and their implications based on the analysis of the 84 consecutive versions available for download (these include beta versions). This study has enabled us to assert that DepEx can provide researchers and practitioners with a better understanding of the implicit software dependencies in order to improve the stability, performance, and functionality of their software as well as to reduce the risk of issues arising during maintenance, updating, or migration.Comment: This paper is accepted for publication in the 17th international conference on Software Architectur

Response Surface Methodology Applied to the Optimization of Phenolic Compound Extraction from <em>Brassica</em>

The response surface methodology (RSM) is a relevant mathematical and statistical tool for process optimization. A state of the art on the optimization of the extraction of phenolic compounds from Brassica has shown that this approach is not sufficiently used. The reason for this is certainly an apparent complexity in comparison with the implementation of a one-factor-at-a-time (OFAT) optimization. The objective of this chapter is to show how one implement the response surface methodology in a didactic way on a case study: the extraction of sinapine from mustard bran. Using this approach, prediction models have been developed and validated to predict the sinapine content extracted as well as the purity of the extract in sinapine. The methodology presented in this chapter can be reproduced on any other application in the field of process engineering

Barriers and enablers to climate adaptation : evidence from rural and urban India

This work was carried out under the Collaborative Adaptation Research Initiative in Africa and Asia (CARIAA), with financial support from the UK Government’s Department for International Development (DfID) and the International Development Research Centre (IDRC), Canada.Researchers from the Indian Institute for Human Settlements (IIHS) used focus group discussions, household surveys and life history interviews to collect information at settlement, household and intra-household levels in the rural districts of Kolar and Gulbarga and the urban district of Bangalore. While the current focus on watershed development with adaptation co-benefits is positive, it must be complemented by efforts to address the growing irrigation demand. Governance is a barrier to local adaptation. More than other factors, implementation of adaptation practices is slowed by the lack of staff especially at State and district levels

Migrating to Post-Quantum Cryptography: a Framework Using Security Dependency Analysis

Quantum computing is emerging as an unprecedented threat to the current state of widely used cryptographic systems. Cryptographic methods that have been considered secure for decades will likely be broken, with enormous impact on the security of sensitive data and communications in enterprises worldwide. A plan to migrate to quantum-resistant cryptographic systems is required. However, migrating an enterprise system to ensure a quantum-safe state is a complex process. Enterprises will require systematic guidance to perform this migration to remain resilient in a post-quantum era, as many organisations do not have staff with the expertise to manage this process unaided. This paper presents a comprehensive framework designed to aid enterprises in their migration. The framework articulates key steps and technical considerations in the cryptographic migration process. It makes use of existing organisational inventories and provides a roadmap for prioritising the replacement of cryptosystems in a post-quantum context. The framework enables the efficient identification of cryptographic objects, and can be integrated with other frameworks in enterprise settings to minimise operational disruption during migration. Practical case studies are included to demonstrate the utility and efficacy of the proposed framework using graph theoretic techniques to determine and evaluate cryptographic dependencies.Comment: 21 Page

Association between progestin-only contraceptive use and cardiometabolic outcomes: A systematic review and meta-analysis.

Aims The association between progestin-only contraceptive (POC) use and the risk of various cardiometabolic outcomes has rarely been studied. We performed a systematic review and meta-analysis to determine the impact of POC use on cardiometabolic outcomes including venous thromboembolism, myocardial infarction, stroke, hypertension and diabetes. Methods and results Nineteen observational studies (seven cohort and 12 case-control) were included in this systematic review. Of those, nine studies reported the risk of venous thromboembolism, six reported the risk of myocardial infarction, six reported the risk of stroke, three reported the risk of hypertension and two studies reported the risk of developing diabetes with POC use. The pooled adjusted relative risks (RRs) for venous thromboembolism, myocardial infarction and stroke for oral POC users versus non-users based on the random effects model were 1.06 (95% confidence interval (CI) 0.70-1.62), 0.98 (95% CI 0.66-1.47) and 1.02 (95% CI 0.72-1.44), respectively. Stratified analysis by route of administration showed that injectable POC with a RR of 2.62 (95% CI 1.74-3.94), but not oral POCs (RR 1.06, 95% CI 0.7-1.62), was associated with an increased risk of venous thromboembolism. A decreased risk of venous thromboembolism in a subgroup of women using an intrauterine levonorgestrel device was observed with a RR of 0.53 (95% CI 0.32-0.89). No effect of POC use on blood pressure was found, but there was an indication for an increased risk of diabetes with injectable POCs, albeit non-significant. Conclusions This systematic review and meta-analysis suggests that oral POC use is not associated with an increased risk of developing various cardiometabolic outcomes, whereas injectable POC use might increase the risk of venous thromboembolism

Pharmacological insights and prediction of lead bioactive isolates of Dita bark through experimental and computer-aided mechanism.

Dita bark (Alstonia scholaris (L.) R. Br.) is an ethnomedicine used for the management of various ailments. This study aimed to investigate the biological properties of methanol extract of A. scholaris bark (MEAS), through in vivo, in vitro and in silico approaches alongside its phytochemical profiling. Identification and nature of the bioactive secondary metabolites were studied by the established qualitative tests and GC-MS analysis. The antidepressant activity was determined by forced swimming test (FST) and tail suspension test (TST) in mice. The anti-inflammatory and thrombolytic effect was evaluated using inhibition of protein denaturation technique and clot lysis technique, respectively. Besides, computational studies of the isolated compounds and ADME/T analysis were performed by Schrodinger-Maestro (v11.1) software, and PASS prediction was conducted through PASS online tools. The GC-MS analysis revealed the presence of several secondary metabolites in MEAS. Treatment with MEAS revealed a significant reduction of immobility time in a dose-dependent manner in FST and TST. Besides, MEAS showed substantial anti-inflammatory effects at the higher dose (400 μg/mL) as well as revealed notable clot lysis effect as compared to control. In the case of computer-aided investigation, all compounds meet the condition of Lipinski's rule of five. PASS study also predicted for all compounds, and among these safe compound furazan-3-amine showed the most spontaneous binding energy for both antidepressant and thrombolytic activities, as well as 5-dimethylamino-6 azauracil, found promising for anti-inflammatory activity. Taken together, the investigation concludes that MEAS can be a potent source of antidepressant, anti-inflammatory, and thrombolytic agents

Evaluation of Curcumin-Loaded Nanoliposomes for the Treatment and Prevention of Age-Related Macular Degeneration

Age-related macular degeneration (AMD), the most common cause of vision loss for people age 50 and over, is a disease characterized by the buildup of oxidative stress in the back of the eye. Current remedies are limited to intravitreal injections that only target the more severe ‘wet’ form; the common ‘dry’ form has no readily available pharmaceutical solution. Curcumin, a natural antioxidant found in the Indian spice turmeric, has shown potential in combating inflammatory diseases like AMD; however, the molecule also demonstrates poor bioavailability. This research aimed to create curcumin-loaded nanoliposomes (NLs) to be delivered noninvasively to potentially treat and prevent the onset of AMD. The 220 nm NLs were composed of phosphatidylcholine and cholesterol through vacuum evaporation, rehydration, and extrusion. Our curcuminloaded NLs were assessed using an in vitro oxidative stress model of ARPE-19 cells. MTT cell viability assay results show that the liposomal curcumin complex has been able to improve cell viability with respect to the untreated cells (28% more viable, p < 0.05), and cells that were damaged with peroxide (50% more viable, p < 0.05). As a preventative measure, the liposomal curcumin complex has been able to improve cell viability with respect to untreated cells (55% more viable, p < 0.05). Ex vivo modeling tested the permeability of the nanoliposomes to the posterior hemisphere of a porcine eye with a Franz diffusion cell apparatus. Qualitative fluorescence analysis shows that the nanoliposomes were able to permeate through different layers of the eye and reach the retina. In vitro studies with RPE cells show the treatment significantly reduces oxidative stress in cells while increasing cell viability, thus indicating that curcumin has potential to both treat and prevent AMD

AI is a viable alternative to high throughput screening: a 318-target study

: High throughput screening (HTS) is routinely used to identify bioactive small molecules. This requires physical compounds, which limits coverage of accessible chemical space. Computational approaches combined with vast on-demand chemical libraries can access far greater chemical space, provided that the predictive accuracy is sufficient to identify useful molecules. Through the largest and most diverse virtual HTS campaign reported to date, comprising 318 individual projects, we demonstrate that our AtomNet® convolutional neural network successfully finds novel hits across every major therapeutic area and protein class. We address historical limitations of computational screening by demonstrating success for target proteins without known binders, high-quality X-ray crystal structures, or manual cherry-picking of compounds. We show that the molecules selected by the AtomNet® model are novel drug-like scaffolds rather than minor modifications to known bioactive compounds. Our empirical results suggest that computational methods can substantially replace HTS as the first step of small-molecule drug discovery