DCDIDP: A Distributed, Collaborative, and Data-driven IDP Framework for the Cloud

Recent advances in distributed computing, grid computing, virtualization mechanisms, and utility computing led into Cloud Computing as one of the industry buzz words of our decade. As the popularity of the services provided in the cloud environment grows exponentially, the exploitation of possible vulnerabilities grows with the same pace. Intrusion Detection and Prevention Systems (IDPSs) are one of the most popular tools among the front line fundamental tools to defend the computation and communication infrastructures from the intruders. In this poster, we propose a distributed, collaborative, and data-driven IDP (DCDIDP) framework for cloud computing environments. Both cloud providers and cloud customers will benefit significantly from DCDIDP that dynamically evolves and gradually mobilizes the resources in the cloud as suspicion about attacks increases. Such system will provide homogeneous IDPS for all the cloud providers that collaborate distributively. It will respond to the attacks, by collaborating with other peers and in a distributed manner, as near as possible to attack sources and at different levels of operations (e.g. network, host, VM). We present the DCDIDP framework and explain its components. However, further explanation is part of our ongoing work

Ontology-based access control for social network systems

As the information flowing around in social network systems is mainly related or can be attributed to their users, controlling access to such information by individual users becomes a crucial requirement. The intricate semantic relations among data objects, different users, and between data objects and users further add to the complexity of access control needs. In this paper, we propose an access control model based on semantic web technologies that takes into account the above mentioned complex relations. The proposed model enables expressing much more fine-grained access control policies on a social network knowledge base than the existing models. We demonstrate the applicability of our approach by implementing a proof-of-concept prototype of the proposed access control framework and evaluating its performance

Analysing security and privacy issues of using e-mail address as identity

Nowadays, many websites allow or require users to use their e-mail addresses either as identity or for other purposes. Although username-based identity problems resulting from users’ behaviours have been a research focus for quite some time, the serious issues of using e-mail address as identity and the associated online behaviours of users have not been well investigated. In this paper, we discuss and analyse security and privacy problems resulting from using e-mail address as identity via well-designed user behaviour survey and by investigating websites’ design schemes. Our results illustrate that using e-mail address as identity poses high security and privacy risks. This is mainly because of the multiple usages of e-mail addresses and users’ improper online habits. Moreover, we discuss drawbacks of existing solutions for e-mail address as identity and related password problems, and present potential solutions that may be used to secure online identity management systems in future

Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE

As more businesses and users adopt cloud computing services, security vulnerabilities will be increasingly found and exploited. There are many technological and political challenges where investigation of potentially criminal incidents in the cloud are concerned. Security experts, however, must still be able to acquire and analyze data in a methodical, rigorous and forensically sound manner. This work applies the STRIDE asset-based risk assessment method to cloud computing infrastructure for the purpose of identifying and assessing an organization's ability to respond to and investigate breaches in cloud computing environments. An extension to the STRIDE risk assessment model is proposed to help organizations quickly respond to incidents while ensuring acquisition and integrity of the largest amount of digital evidence possible. Further, the proposed model allows organizations to assess the needs and capacity of their incident responders before an incident occurs.Comment: 13 pages, 3 figures, 3 tables, 5th International Conference on Digital Forensics and Cyber Crime; Digital Forensics and Cyber Crime, pp. 223-236, 201

The diagnostic accuracy of a single CEA blood test in detecting colorectal cancer recurrence: Results from the FACS trial

Objective: To evaluate the diagnostic accuracy of a single CEA (carcinoembryonic antigen) blood test in detecting colorectal cancer recurrence. Background: Patients who have undergone curative resection for primary colorectal cancer are typically followed up with scheduled CEA testing for 5 years. Decisions to investigate further (usually by CT imaging) are based on single test results, reflecting international guidelines. Methods: A secondary analysis was undertaken of data from the FACS trial (two arms included CEA testing). The composite reference standard applied included CT-CAP imaging, clinical assessment and colonoscopy. Accuracy in detecting recurrence was evaluated in terms of sensitivity, specificity, likelihood ratios, predictive values, time-dependent area under the ROC curves, and operational performance when used prospectively in clinical practice are reported. Results: Of 582 patients, 104 (17.9%) developed recurrence during the 5 year follow-up period. Applying the recommended threshold of 5µg/L achieves at best 50.0% sensitivity (95% CI: 40.1-59.9%); in prospective use in clinical practice it would lead to 56 missed recurrences (53.8%; 95% CI: 44.2-64.4%) and 89 false alarms (56.7% of 157 patients referred for investigation). Applying a lower threshold of 2.5µg/L would reduce the number of missed recurrences to 36.5% (95% CI: 26.5-46.5%) but would increase the false alarms to 84.2% (924/1097 referred). Some patients are more prone to false alarms than others – at the 5µg/L threshold, the 89 episodes of unnecessary investigation were clustered in 29 individuals. Conclusion: Our results demonstrated very low sensitivity for CEA, bringing to question whether it could ever be used as an independent triage test. It is not feasible to improve the diagnostic performance of a single test result by reducing the recommended action threshold because of the workload and false alarms generated. Current national and international guidelines merit re-evaluation and options to improve performance, such as making clinical decisions on the basis of CEA trend, should be further assessed

Security in Dynamic Spectrum Access Systems: A Survey

Dynamic Spectrum Access (DSA) systems are being developed to improve spectrum utilization. Most of the research on DSA systems assumes that the participants involved are honest, cooperative, and that no malicious adversaries will attack or exploit the network. Some recent research efforts have focused on studying security issues in cognitive radios but there are still significant security challenges in the implementation of DSA systems that have not been addressed. In this paper we focus on security issues in DSA. We identify various attacks (e.g., DoS attacks, system penetration, repudiation, spoofing, authorization violation, malware infection, data modification, etc.) and suggest various approaches to address them. We show that significant security issues exist that should be addressed by the research community if DSA is to find its way into production systems. We also show that, in many cases, existing approaches to securing IT systems can be applied to DSA and identify other DSA specific security challenges where additional research will be required

Can clinical audits be enhanced by pathway simulation and machine learning? An example from the acute stroke pathway

OBJECTIVE: To evaluate the application of clinical pathway simulation in machine learning, using clinical audit data, in order to identify key drivers for improving use and speed of thrombolysis at individual hospitals

Validating child vaccination status in a demographic surveillance system using data from a clinical cohort study: evidence from rural South Africa

<p><b>Background:</b> Childhood vaccination coverage can be estimated from a range of sources. This study aims to validate vaccination data from a longitudinal population-based demographic surveillance system (DSS) against data from a clinical cohort study.</p> <p><b>Methods:</b> The sample includes 821 children in the Vertical Transmission cohort Study (VTS), who were born between December 2001 and April 2005, and were matched to the Africa Centre DSS, in northern KwaZulu-Natal. Vaccination information in the surveillance was collected retrospectively, using standardized questionnaires during bi-annual household visits, when the child was 12 to 23 months of age. DSS vaccination information was based on extraction from a vaccination card or, if the card was not available, on maternal recall. In the VTS, vaccination data was collected at scheduled maternal and child clinic visits when a study nurse administered child vaccinations. We estimated the sensitivity of the surveillance in detecting vaccinations conducted as part of the VTS during these clinic visits.</p> <p><b>Results:</b> Vaccination data in matched children in the DSS was based on the vaccination card in about two-thirds of the cases and on maternal recall in about one-third. The sensitivity of the vaccination variables in the surveillance was high for all vaccines based on either information from a South African Road-to-Health (RTH) card (0.94-0.97) or maternal recall (0.94-0.98). Addition of maternal recall to the RTH card information had little effect on the sensitivity of the surveillance variable (0.95-0.97). The estimates of sensitivity did not vary significantly, when we stratified the analyses by maternal antenatal HIV status. Addition of maternal recall of vaccination status of the child to the RTH card information significantly increased the proportion of children known to be vaccinated across all vaccines in the DSS.</p> <p><b>Conclusion:</b> Maternal recall performs well in identifying vaccinated children aged 12-23 months (both in HIV-infected and HIV-uninfected mothers), with sensitivity similar to information extracted from vaccination cards. Information based on both maternal recall and vaccination cards should be used if the aim is to use surveillance data to identify children who received a vaccination.</p&gt

Effects of Grassland Management Practices on Ant Functional Groups in Central North America

Tallgrass prairies of central North America have experienced disturbances including fire and grazing for millennia. Little is known about the effects of these disturbances on prairie ants, even though ants are thought to play major roles in ecosystem maintenance. We implemented three management treatments on remnant and restored grassland tracts in the central U.S., and compared the effects of treatment on abundance of ant functional groups. Management treatments were: (1) patch-burn graze—rotational burning of three spatially distinct patches within a fenced tract, and growing-season cattle grazing; (2) graze-and-burn—burning entire tract every 3 years, and growing-season cattle grazing, and (3) burn-only—burning entire tract every 3 years, but no cattle grazing. Ant species were classified into one of four functional groups. Opportunist ants and the dominant ant species, Formica montana, were more abundant in burn-only tracts than tracts managed with either of the grazing treatments. Generalists were more abundant in graze-and-burn tracts than in burn-only tracts. Abundance of F. montana was negatively associated with pre-treatment time since fire, whereas generalist ant abundance was positively associated. F. montanawere more abundant in restored tracts than remnants, whereas the opposite was true for subdominants and opportunists. In summary, abundance of the dominant F. montana increased in response to intense disturbances that were followed by quick recovery of plant biomass. Generalist ant abundance decreased in response to those disturbances, which we attribute to the effects of competitive dominance of F. montana upon the generalists

Propanil Exposure Induces Delayed but Sustained Abrogation of Cell-Mediated Immunity through Direct Interference with Cytotoxic T-Lymphocyte Effectors

The postemergent herbicide propanil (PRN; also known as 3,4-dichloropropionanilide) is used on rice and wheat crops and has well-known immunotoxic effects on various compartments of the immune system, including T-helper lymphocytes, B lymphocytes, and macrophages. It is unclear, however, whether PRN also adversely affects cytotoxic T lymphocytes (CTLs), the primary (1°) effectors of cell-mediated immunity. In this study we examined both the direct and indirect effects of PRN exposure on CTL activation and effector cell function to gauge its likely impact on cell-mediated immunity. Initial experiments addressed whether PRN alters the class I major histocompatibility complex (MHC) pathway for antigen processing and presentation by antigen-presenting cells (APCs), thereby indirectly affecting effector function. These experiments demonstrated that PRN does not impair the activation of CTLs by PRN-treated APCs. Subsequent experiments addressed whether PRN treatment of CTLs directly inhibits their activation and revealed that 1° alloreactive CTLs exposed to PRN are unimpaired in their proliferative response and only marginally inhibited in their lytic activity. Surprisingly, secondary stimulation of these alloreactive CTL effectors, however, even in the absence of further PRN exposure, resulted in complete abrogation of CTL lytic function and a delayed but significant long-term effect on CTL responsiveness. These findings may have important implications for the diagnosis and clinical management of anomalies of cell-mediated immunity resulting from environmental exposure to various herbicides and other pesticides