Attacks by “Anonymous” WikiLeaks Proponents not Anonymous

On November 28, 2010, the world started watching the whistle blower website WikiLeaks to begin publishing part of the 250,000 US Embassy Diplomatic cables. These confidential cables provide an insight on U.S. international affairs from 274 different embassies, covering topics such as analysis of host countries and leaders and even requests for spying out United Nations leaders.\ud The release of these cables has caused reactions not only in the real world, but also on the Internet. In fact, a cyberwar started just before the initial release. Wikileaks has reported that their servers were experiencing distributed denial-of-service attacks (DDoS). A DDoS attack consists of many computers trying to overload a server by firing a high number of requests, leading ultimately to service disruption. In this case, the goal was to avoid the release of the embassy cables.\ud After the initial cable release, several companies started severed ties with WikiLeaks. One of the first was Amazon.com, that removed the WikiLeaks web- site from their servers. Next, EveryDNS, a company in which the domain wikileaks.org was registered, dropped the domain entries from its servers. On December 4th, PayPal cancelled the account that WikiLeaks was using to receive on-line donations. On the 6th, Swiss bank PostFinance froze the WikiLeaks assets and Mastercard stopped receiving payments to the WikiLeaks account. Visa followed Mastercard on December 7th.\ud These reactions caused a group of Internet activists (or “hacktivists”) named Anonymous to start a retaliation against PostFinance, PayPay, MasterCard, Visa, Moneybrookers.com and Amazon.com, named “Operation Payback”. The retaliation was performed as DDoS attacks to the websites of those companies, disrupting their activities (except for the case of Amazon.com) for different periods of time.\ud The Anonymous group consists of volunteers that use a stress testing tool to perform the attacks. This tool, named LOIC (Low Orbit Ion Cannon), can be found both as a desktop application and as a Web page.\ud Even though the group behind the attacks claims to be anonymous, the tools they provide do not offer any security services, such as anonymization. As a consequence, a hacktivist that volunteers to take part in such attacks, can be traced back easily. This is the case for both current versions of the LOIC tool. Therefore, the goal of this report is to present an analysis of privacy issues in the context of these attacks, and raise awareness on the risks of taking part in them

SSHCure: a flow-based SSH intrusion detection system

SSH attacks are a main area of concern for network managers, due to the danger associated with a successful compromise. Detecting these attacks, and possibly compromised victims, is therefore a crucial activity. Most existing network intrusion detection systems designed for this purpose rely on the inspection of individual packets and, hence, do not scale to today's high-speed networks. To overcome this issue, this paper proposes SSHCure, a flow-based intrusion detection system for SSH attacks. It employs an efficient algorithm for the real-time detection of ongoing attacks and allows identification of compromised attack targets. A prototype implementation of the algorithm, including a graphical user interface, is implemented as a plugin for the popular NfSen monitoring tool. Finally, the detection performance of the system is validated with empirical traffic data

Ethernet Flow Monitoring with IPFIX

The increasing amount of network traffic and the huge bandwidth needed to carry it requires managers to use scalable solutions to monitor their networks. Nowadays, flow-based techniques, such as Cisco’s NetFlow, provide aggregated network data and an overview of network activity at the IP layer. However, several backbone network operators are considering the deployment of (Carrier) Ethernet in their Next-Generation Network. In this scenario we need a scalable monitoring technology for the Ethernet-layer. IPFIX, which is based on Cisco’s NetFlow and allows the selection of flow keys and records, could be used for that. Due to these flexible key selections, flows can be defined based on Ethernet header fields. The deployment of IPFIX is still at an early stage, which means that experience and insights need to be gained with this new type of flow data. The poster will highlight several use cases of Ethernet flow monitoring, to show the applicability of this new technology

Indexing and efficient instance-based retrieval of process models using untanglings

Process-Aware Information Systems (PAISs) support executions of operational processes that involve people, resources, and software applications on the basis of process models. Process models describe vast, often infinite, amounts of process instances, i.e., workflows supported by the systems. With the increasing adoption of PAISs, large process model repositories emerged in companies and public organizations. These repositories constitute significant information resources. Accurate and efficient retrieval of process models and/or process instances from such repositories is interesting for multiple reasons, e.g., searching for similar models/instances, filtering, reuse, standardization, process compliance checking, verification of formal properties, etc. This paper proposes a technique for indexing process models that relies on their alternative representations, called untanglings. We show the use of untanglings for retrieval of process models based on process instances that they specify via a solution to the total executability problem. Experiments with industrial process models testify that the proposed retrieval approach is up to three orders of magnitude faster than the state of the art

Reaching across continents : engaging students through virtual collaborations

Business schools have the responsibility of preparing students for work in multicultural organizations and global markets. This paper examines a situated learning experience for undergraduates through a virtual collaboration between a UK university and a Brazilian university. This facilitated remote communication using social media and smart devices, allowing students from both institutions to enhance their cross-cultural management competencies. A qualitative approach was used for the research, drawing on the reflections of the tutors from both institutions, and feedback received from students in the UK and Brazil. This paper provides empirical observations regarding the use of this innovative pedagogic approach, generating discussion of the implications for teaching, thus contributing to the literature on international collaborations in cross-cultural management education

Culture, Burnout, and Engagement: A Meta-Analysis on National Cultural Values as Moderators in JD-R Theory

Despite prominence and increasing application of the Job Demands‐Resources (JD‐R) theory across national contexts, the role of culture has not yet been systematically explored. We conducted a meta‐analysis of 132 independent samples from 120 studies across 5 global regions (total N = 101,073) to fill this void. Our paper responds to long‐standing concerns around neglecting differences in the relationships of workplace factors with burnout and engagement across national cultures by testing for a moderating role within JD‐R theory. Results suggest strong support for the direct job demands‐burnout and job resources‐engagement pathways. Regarding the role of culture, our study reveals moderating roles for five out of six cultural dimensions using Hofstede’s framework. Interestingly, these cultural dimensions present a moderating impact towards relationships with either job demands or job resources, yet not both. Our findings offer a valuable starting point for further theoretical developments that can impact international business and global mobility. While these insights suggest a role of national cultural context in JD‐R studies, sensitivity analyses showed that the findings were only partly stable

Multi-lingual and multi-cultural information literacy; perspectives, models and good practice

Purpose This paper reviews current approaches to, and good practice, in information literacy development in multi-lingual and multi-cultural settings, with particular emphasis on provision for international students. Design/methodology/approach A selective and critical review of published literature is extended by evaluation of examples of multi-lingual information literacy tutorials and MOOCs. Findings Multi-lingual and multi-cultural information literacy are umbrella terms covering a variety of situations and issues. This provision is of increasing importance in an increasingly mobile and multi-cultural world. This article evaluates current approaches and good practice, focusing on issues of culture vis a vis language, the balance between individual and group needs, specific and generic information literacy instruction, and models for information literacy, pedagogy and culture. Recommendations for good practice and for further research are given, Originality/value This is one of very few articles critically reviewing how information literacy development is affected by linguistic and cultural factors

Linking Distributive and Procedural Justice to Employee Engagement Through Social Exchange: A Field Study in India

Research linking justice perceptions to employee outcomes has referred to social exchange as its central theoretical premise. We tested a conceptual model linking distributive and procedural justice to employee engagement through social exchange mediators, namely, perceived organizational support and psychological contract, among 238 managers and executives from manufacturing and service sector firms in India. Findings suggest that perceived organizational support mediated the relationship between distributive justice and employee engagement, and both perceived organizational support and psychological contract mediated the relationship between procedural justice and employee engagement. Theoretical and practical implications with respect to organizational functions are discussed