The Need to Support of Data Flow Graph Visualization of Forensic Lucid Programs, Forensic Evidence, and their Evaluation by GIPSY

Lucid programs are data-flow programs and can be visually represented as data flow graphs (DFGs) and composed visually. Forensic Lucid, a Lucid dialect, is a language to specify and reason about cyberforensic cases. It includes the encoding of the evidence (representing the context of evaluation) and the crime scene modeling in order to validate claims against the model and perform event reconstruction, potentially within large swaths of digital evidence. To aid investigators to model the scene and evaluate it, instead of typing a Forensic Lucid program, we propose to expand the design and implementation of the Lucid DFG programming onto Forensic Lucid case modeling and specification to enhance the usability of the language and the system and its behavior. We briefly discuss the related work on visual programming an DFG modeling in an attempt to define and select one approach or a composition of approaches for Forensic Lucid based on various criteria such as previous implementation, wide use, formal backing in terms of semantics and translation. In the end, we solicit the readers' constructive, opinions, feedback, comments, and recommendations within the context of this short discussion.Comment: 11 pages, 7 figures, index; extended abstract presented at VizSec'10 at http://www.vizsec2010.org/posters ; short paper accepted at PST'1

Fingerprinting Internet DNS Amplification DDoS Activities

This work proposes a novel approach to infer and characterize Internet-scale DNS amplification DDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring Distributed Denial of Service (DDoS) activities using darknet, this work shows that we can extract DDoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DNS Amplification DDoS activities such as detection period, attack duration, intensity, packet size, rate and geo-location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks. We empirically evaluate the proposed approach using 720 GB of real darknet data collected from a /13 address space during a recent three months period. Our analysis reveals that the approach was successful in inferring significant DNS amplification DDoS activities including the recent prominent attack that targeted one of the largest anti-spam organizations. Moreover, the analysis disclosed the mechanism of such DNS amplification DDoS attacks. Further, the results uncover high-speed and stealthy attempts that were never previously documented. The case study of the largest DDoS attack in history lead to a better understanding of the nature and scale of this threat and can generate inferences that could contribute in detecting, preventing, assessing, mitigating and even attributing of DNS amplification DDoS activities.Comment: 5 pages, 2 figure

Towards the Correctness of Security Protocols

AbstractIn [19], the authors presented a type-theoretic approach to the verification of security protocols. In this approach, a universal type system is proposed to capture in a finite way all the possible computations (internal actions or protocol instrumentations) that could be performed by a smart malicious intruder. This reduces the verification of cryptographic protocols to a typing problem where types are attack scenarios. In this paper, we recall this type system and we prove its completeness i.e. if the intruder can learn a message from a given protocol instrumentation, then this message could be infered from the type system. A significant result of this paper is the presentation of a new transformation that allows us to abstract a non-terminating type inference system into a terminating deductive proof system. We demonstrate how these results could be used to establish the security of cryptographic protocols from the secrecy standpoint. Finally, the usefulness and the efficiency of the whole approach is illustrated by proving the correctness of a new version of the Needham-Shoreder protocol with respect to the secrecy property

Modelling and experimental investigation of mechanical performances of braided polyamide sutures

This work aims at predicting the braiding parameters which can lead to sutures having optimal mechanical performances for specific surgical intervention. The braiding parameters include yarn count and machine settings. Effects of yarns characteristics and machine parameters on a polyamide braid mechanical properties have also been studied. Yarn count and sheet yarn number are proven to be the most significant factors. Predictive models of the suture mechanical responses based on yarn characteristics and machine parameters have been developed and it shows very significant level. Using simultaneous contours plots, manufacturing conditions permitting to obtain optimal mechanical properties meeting the requirements of the US Pharmacopeia for the diameter and tensile strength are determined for sutures having USP number from 3-0 to 2

Nanocrystalline Hydroxyapatite-Bisphosphonate Composites

The direct synthesis of hydroxyapatite─1,8-octan-bisphosphonic acid (HAp─BISPH) nanocrystals has been carried out in presence of increasing amounts of BISPH in solution, by hydrothermal method at 120 °C for 15 h. XRD, IR, NMR-MAS (31P, 1H and 13C), TEM, AFM, TGA and chemical analysis were used to characterize the structure, morphology and composition of the products. X-ray powder diffraction patterns show that the incorporation of bisphosphonate moieties induces a significant loss of the material crystallin-ity and a clear decrease of the crystallite size. TEM and AFM images show that the precipitated apatite particles prepared in the presence of this bisphosphonic acid are nanosized. The IR and NMR-MAS 1H spectroscopy show that the BISPH can replace the OH− groups of the apatitic structure. When you are citing the document, use the following link http://essuir.sumdu.edu.ua/handle/123456789/3519

BinGold: Towards robust binary analysis by extracting the semantics of binary code as semantic flow graphs (SFGs)

AbstractBinary analysis is useful in many practical applications, such as the detection of malware or vulnerable software components. However, our survey of the literature shows that most existing binary analysis tools and frameworks rely on assumptions about specific compilers and compilation settings. It is well known that techniques such as refactoring and light obfuscation can significantly alter the structure of code, even for simple programs. Applying such techniques or changing the compiler and compilation settings can significantly affect the accuracy of available binary analysis tools, which severely limits their practicability, especially when applied to malware. To address these issues, we propose a novel technique that extracts the semantics of binary code in terms of both data and control flow. Our technique allows more robust binary analysis because the extracted semantics of the binary code is generally immune from light obfuscation, refactoring, and varying the compilers or compilation settings. Specifically, we apply data-flow analysis to extract the semantic flow of the registers as well as the semantic components of the control flow graph, which are then synthesized into a novel representation called the semantic flow graph (SFG). Subsequently, various properties, such as reflexive, symmetric, antisymmetric, and transitive relations, are extracted from the SFG and applied to binary analysis. We implement our system in a tool called BinGold and evaluate it against thirty binary code applications. Our evaluation shows that BinGold successfully determines the similarity between binaries, yielding results that are highly robust against light obfuscation and refactoring. In addition, we demonstrate the application of BinGold to two important binary analysis tasks: binary code authorship attribution, and the detection of clone components across program executables. The promising results suggest that BinGold can be used to enhance existing techniques, making them more robust and practical

Symmetrically-private database search in cloud computing

Database outsourcing has gained importance in the past few years due to the emergence of the cloud computing. In Database-as-a-Service (DaaS), which is a category of cloud computing services, the database owner outsources both databases and querying services to a cloud server and clients issue queries over the database to the cloud server. In this context, privacy is a primary challenge and it is necessary to fulfill main privacy requirements of database owners and clients. This paper presents protocols for executing keyword search and aggregate SQL queries that preserve the privacy of both the client and the database owner. Client privacy is preserved such that the database owner and the cloud server cannot infer the constants contained in the query predicates. Database owner privacy is preserved such that the client cannot obtain any additional information beyond the query result. The primitives that are utilized in designing these protocols include symmetric private information retrieval and private integer comparison. We experimentally evaluate the performance of the proposed protocols and report on the experimental results. © 2013 IEEE

An Exploratory Insight into Young Tunisian Consumers Perception of Sustainable Diet

Sustainable diets are defined as diets with low environmental impacts which contribute to food and nutrition security and to healthy life for present and future generations. The objective of this research was to investigate attitudes and behaviors of young Tunisian consumers toward sustainable diet. A sample of 309 Tunisian consumers aged between 20-30 years old was surveyed online. Respondents were asked about their demographic characteristics, their diet, and their concerns about environment and sustainability. Results showed that 91.6%25 of respondents expressed their interest to environmental issues. For 70.6%25 whenever it is possible, they declared adopting a sustainable diet. However, 17.8 %25 of respondents believed that a sustainable diet is expensive and this is dedicated to consumers with financial resources%253A this highlighted a misunderstanding related to different dimensions of sustainable diet. In this context, further efforts through education and communication need to be conducte