Automated Implementation of Windows-related Security-Configuration Guides

Hardening is the process of configuring IT systems to ensure the security of the systems' components and data they process or store. The complexity of contemporary IT infrastructures, however, renders manual security hardening and maintenance a daunting task. In many organizations, security-configuration guides expressed in the SCAP (Security Content Automation Protocol) are used as a basis for hardening, but these guides by themselves provide no means for automatically implementing the required configurations. In this paper, we propose an approach to automatically extract the relevant information from publicly available security-configuration guides for Windows operating systems using natural language processing. In a second step, the extracted information is verified using the information of available settings stored in the Windows Administrative Template files, in which the majority of Windows configuration settings is defined. We show that our implementation of this approach can extract and implement 83% of the rules without any manual effort and 96% with minimal manual effort. Furthermore, we conduct a study with 12 state-of-the-art guides consisting of 2014 rules with automatic checks and show that our tooling can implement at least 97% of them correctly. We have thus significantly reduced the effort of securing systems based on existing security-configuration guides

Twittering by Cuckoo – Decentralized and Socio-Aware Online Microblogging Services

Online microblogging services, as exemplified by Twitter, have become immensely popular during the latest years. However, current microblogging systems severely suffer from performance bottlenecks and malicious attacks due to the centralized architecture. As a result, centralized microblogging systems may threaten the scalability, reliability as well as availability of the offered services, not to mention the high operational and maintenance cost. This demo presents a decentralized, socio-aware microblogging system named Cuckoo. The key aspects of Cuckoo’s design is to take advantage of the inherent social relations while leveraging peer-to-peer (P2P) techniques in order to provide scalable, reliable microblogging services. The demo will show these aspects of Cuckoo and provide insights on the performance gain that decentralization and socio-awareness can bring for microblogging systems

Trend and Attribution Analysis of Runoff Changes in the Weihe River Basin in the Last 50 Years

In recent years, the Weihe River basin has experienced dramatic changes and a sharp decrease in runoff, which has constrained the sustainable development of the local society, economy, and ecology. Quantitative attribution analysis of runoff changes in the Weihe River basin can help to illustrate reasons for dramatic runoff changes and to understand its complex hydrological response. In this paper, the trends of hydrological elements in the Weihe River basin from 1970 to 2019 were systematically analyzed using the M–K analysis method, and the effects of meteorological elements and underlying surface changes on runoff were quantitatively analyzed using the Budyko theoretical framework. The results show that potential evapotranspiration and precipitation in the Weihe River basin have no significant change in 1970–2019; runoff depth has an abrupt change around 1990 and then decrease significantly. The study period is divided into the base period (1970–1989), PΙ (1990–2009), and PII (2010–2019). Compared with the base period, the elasticity coefficients (absolute values) of each element show an increasing trend in PΙ and PII. The sensitivity of runoff to these coefficients is increasing. The sensitivity of the precipitation is the highest (2.72~3.17), followed by that of the underlying surface parameter (−2.01~−2.35); the sensitivity of the potential evapotranspiration is the weakest (−1.72~−2.17). In the PΙ period, the runoff depth decreased significantly due to the combination effects of precipitation and underlying surface with the values of 6.18 mm and 13.92 mm, respectively. In the PII period, rainfall turned to an increasing trend, contributing to the increase in runoff by 11.80 mm; the further increase in underlying surface parameters was the main reason for the decrease in runoff by 22.19 mm. The significant increase in runoff by 8.54 mm because of the increased rainfall, compared with the PΙ periods. Overall, the increasing underlying surface parameter makes the largest contribution to the runoff changes while the precipitation change is also an important factor

Exploring the upper particle size limit for field flow fractionation online with ICP-MS to address the challenges of water samples from the Taihu Lake

Regular algal blooms are occurring in Taihu lake, which may be triggered by resuspension of sediments containing relevant amounts of phosphorus. Therefore, our study aims at quantification of phosphorus concentrations bound to suspended particulate matter in Taihu water samples to investigate this hypothesis. A field flow fractionation (FFF) method online with ICP-MS detection was developed to achieve an overview on particulate fractions of phosphorus and related elements including Fe, Al and C from the low nanometer to the low micrometer size range. Mass balance of dissolved and particulate elemental contents was established for quality control purpose and indicated low recovery of Fe, Al and P. Complementary determination of volume based particle size distribution by dynamic imaging analysis showed a majority of particle volume and thus mass in particles with size >5 μm. In order to address this challenge, the upper particle size limit of FFF online with ICP-MS was for the first time investigated in detail using well characterised monodisperse latex particles as model for organic matter in the low micrometer size range including microalgae. The effect of pre-filtration of the sample as well as the contribution of sample introduction via three different interfaces including micromist nebuliser/spray chamber, direct injection nebulisation and APEX with heated spray chamber and solvent removal by condensation on the particulate carbon recovery was studied by ICP-MS detection. The same instrumental setup was also applied for the characterisation of particulate elemental contents in the Taihu water samples as far as possible. Significant improvement of the detected particulate fraction in Taihu water samples was achieved by increasing the membrane pore size for pre-filtration and by using the APEX for introduction of the eluate from FFF into ICP-M