Modeling Deception for Cyber Security

In the era of software-intensive, smart and connected systems, the growing power and so- phistication of cyber attacks poses increasing challenges to software security. The reactive posture of traditional security mechanisms, such as anti-virus and intrusion detection systems, has not been sufficient to combat a wide range of advanced persistent threats that currently jeopardize systems operation. To mitigate these extant threats, more ac- tive defensive approaches are necessary. Such approaches rely on the concept of actively hindering and deceiving attackers. Deceptive techniques allow for additional defense by thwarting attackers’ advances through the manipulation of their perceptions. Manipu- lation is achieved through the use of deceitful responses, feints, misdirection, and other falsehoods in a system. Of course, such deception mechanisms may result in side-effects that must be handled. Current methods for planning deception chiefly portray attempts to bridge military deception to cyber deception, providing only high-level instructions that largely ignore deception as part of the software security development life cycle. Con- sequently, little practical guidance is provided on how to engineering deception-based techniques for defense. This PhD thesis contributes with a systematic approach to specify and design cyber deception requirements, tactics, and strategies. This deception approach consists of (i) a multi-paradigm modeling for representing deception requirements, tac- tics, and strategies, (ii) a reference architecture to support the integration of deception strategies into system operation, and (iii) a method to guide engineers in deception mod- eling. A tool prototype, a case study, and an experimental evaluation show encouraging results for the application of the approach in practice. Finally, a conceptual coverage map- ping was developed to assess the expressivity of the deception modeling language created.Na era digital o crescente poder e sofisticação dos ataques cibernéticos apresenta constan- tes desafios para a segurança do software. A postura reativa dos mecanismos tradicionais de segurança, como os sistemas antivírus e de detecção de intrusão, não têm sido suficien- tes para combater a ampla gama de ameaças que comprometem a operação dos sistemas de software actuais. Para mitigar estas ameaças são necessárias abordagens ativas de defesa. Tais abordagens baseiam-se na ideia de adicionar mecanismos para enganar os adversários (do inglês deception). As técnicas de enganação (em português, "ato ou efeito de enganar, de induzir em erro; artimanha usada para iludir") contribuem para a defesa frustrando o avanço dos atacantes por manipulação das suas perceções. A manipula- ção é conseguida através de respostas enganadoras, de "fintas", ou indicações erróneas e outras falsidades adicionadas intencionalmente num sistema. É claro que esses meca- nismos de enganação podem resultar em efeitos colaterais que devem ser tratados. Os métodos atuais usados para enganar um atacante inspiram-se fundamentalmente nas técnicas da área militar, fornecendo apenas instruções de alto nível que ignoram, em grande parte, a enganação como parte do ciclo de vida do desenvolvimento de software seguro. Consequentemente, há poucas referências práticas em como gerar técnicas de defesa baseadas em enganação. Esta tese de doutoramento contribui com uma aborda- gem sistemática para especificar e desenhar requisitos, táticas e estratégias de enganação cibernéticas. Esta abordagem é composta por (i) uma modelação multi-paradigma para re- presentar requisitos, táticas e estratégias de enganação, (ii) uma arquitetura de referência para apoiar a integração de estratégias de enganação na operação dum sistema, e (iii) um método para orientar os engenheiros na modelação de enganação. Uma ferramenta protó- tipo, um estudo de caso e uma avaliação experimental mostram resultados encorajadores para a aplicação da abordagem na prática. Finalmente, a expressividade da linguagem de modelação de enganação é avaliada por um mapeamento de cobertura de conceitos

Emergent Technologies for Active Aging

Continuous advances in medicine and wellness areas have contributed to an active and enjoyable aging. The use of technology in assisting elderly community is expected to have a positive contribution to support the diversity of required services that promote independent living. Most initiatives in this area are intrinsically focused on providing health-care services to senior citizens. However, a broader perspective of the aging process is required, which is conceptually described as ”active aging”. In this paper, we present some prominent technologies based on context-awareness and Internet of Things that may assist elderly people in different needs during a productive live. We exemplify the applicability of such technologies by describing a scenario in which daily activities are performed by an elderly assisted by her son

Endobronchial solitary fibrous tumor

Solitary fibrous tumor (SFT) is a mesenchymal neoplasm that appears primarily in the pleura and rarely in intrapulmonary or endobronchial topography. The authors report the case of a 47-year-old woman who presented obstructive respiratory symptoms for 4 years. The chest computed tomography and bronchoscopy showed an obstructive polypoid lesion located between the trachea and the left main bronchus associated with distal atelectasis of the left lung. A resection of the lesion was performed and, macroscopically, the mass was oval, encapsulated, and firm, measuring 2.3 × 1.7 × 1.5 cm. Histology revealed low-grade mesenchymal spindle cell neoplasm, with alternating cellularity, myxoid areas, and mature adipose tissue outbreaks, as well as blood vessels with irregular walls. The immunohistochemical study was positive for CD34, CD99, and BCL2. The diagnosis was SFT in an unusual topography. The patient’s symptoms remitted after tumor excision, and no systemic problems were evident. SFTs primarily affect adults and often follow a benign course; however, their behavior is unpredictable. The presence of necrosis and mitotic activity may portend a poor prognosis. Endobronchial SFTs are rare but should be evaluated and monitored similar to SFTs at other sites, with a long-term follow-u

Myelolipoma of the posterior mediastinum in a patient with chronic dyserythropoietic anemia

Myelolipoma (ML) is an uncommon benign mesenchymal neoplasia composed of mature adipose and hematopoietic tissues of uncertain etiology. Less than 3% of MLs occur in the mediastinal topography. The main differential diagnosis involves extramedullary hematopoiesis; therefore, pathological evaluation is essential for the definitive diagnosis. The authors report the case of a 50-year-old man diagnosed with congenital dyserythropoiesis and secondary hemosiderosis, who presented a posterior mediastinal tumor. The tumor was resected. It was macroscopically characterized by mature fat tissue with fibrous areas and soft consistency, which was yellowish at the cut surface. Histology revealed a well-defined nodule composed of adipocytes and hematopoietic tissue represented by erythroid, granulocytic, and megakaryocytic series, which was consistent with the diagnosis of ML located in the posterior mediastinum. There was no recurrence of the lesion during the 3-year follow-up. The aim of this report is to show the diagnosis of an unusual mediastinal lesion in the context of a chronic hematologic diseas

Endobronchial solitary fibrous tumor

Solitary fibrous tumor (SFT) is a mesenchymal neoplasm that appears primarily in the pleura and rarely in intrapulmonary or endobronchial topography. The authors report the case of a 47-year-old woman who presented obstructive respiratory symptoms for 4 years. The chest computed tomography and bronchoscopy showed an obstructive polypoid lesion located between the trachea and the left main bronchus associated with distal atelectasis of the left lung. A resection of the lesion was performed and, macroscopically, the mass was oval, encapsulated, and firm, measuring 2.3 × 1.7 × 1.5 cm. Histology revealed low-grade mesenchymal spindle cell neoplasm, with alternating cellularity, myxoid areas, and mature adipose tissue outbreaks, as well as blood vessels with irregular walls. The immunohistochemical study was positive for CD34, CD99, and BCL2. The diagnosis was SFT in an unusual topography. The patient’s symptoms remitted after tumor excision, and no systemic problems were evident. SFTs primarily affect adults and often follow a benign course; however, their behavior is unpredictable. The presence of necrosis and mitotic activity may portend a poor prognosis. Endobronchial SFTs are rare but should be evaluated and monitored similar to SFTs at other sites, with a long-term follow-u

A SPL Framework for Adaptive Deception-based Defense

In cyber defense, integrated deception mechanisms have been proposed as part of the system operation to enhance security by planting fake resources. The objective is to entice attackers and confuse them in determining the legitimacy of those resources. Although several strategies exist to implement deception in a software system, developing and integrating such solutions are primarily made in an ad-hoc fashion. This hinders reuse and does not consider the operation life cycle management. Additionally, support for adaptive deception is not considered. To alleviate these problems, we propose a framework based on software product lines and aspect-oriented techniques to generate adaptive deception-based defense strategies. We illustrate the feasibility of our approach with an example from the web applications domain, by integrating honeywords into an authentication mechanism to mitigate offline password cracking attacks

Teratoma With Mediastinal Embryonic Carcinoma Concomiting Hystiocytic Sarcoma In The Bone Marrow

Background: Association of extragonadal germ cell tumors EGCT with haematological malignancies is rare with a very limited prognosis. Methods and findings: We report a case of a man, 21 years old, with progressive dyspnea, chest pain, night sweats, generalized edema, hemoptysis, pancytopenia and increased serum levels of alpha-fetoprotein (AFP), beta-fraction of the hormone chorionic gonodotrophin (beta-HCG) and lactic dehydrogenase. Chest computed tomography described a mediastinum mass measuring 11.3 x 7.3 cm whose biopsy revealed malignant germ cell neoplasia expressing positivity for cytokeratin, CD30 and AFP, indicating an embryonal carcinoma with teratoma. Bone marrow biopsy revealed interstitial infiltration by malignant neoplastic cells positive for CD68, CD163 and lysozyme, allowing the diagnosis of histiocytic sarcoma. The patient had a poor evolution, with death, sixteen days after admission. Conclusion: Histiocytic proliferations are very rare and rapidly fatal. Etiopathogenic theories for the simultaneity of these malignancies have been described based on processes of transformation from a same cellular precursor