On the complexity of collaborative cyber crime investigations

This article considers the challenges faced by digital evidence specialists when collaborating with other specialists and agencies in other jurisdictions when investigating cyber crime. The opportunities, operational environment and modus operandi of a cyber criminal are considered, with a view to developing the skills and procedural support that investigators might usefully consider in order to respond more effectively to the investigation of cyber crimes across State boundaries

MobileTrust: Secure Knowledge Integration in VANETs

Vehicular Ad hoc NETworks (VANET) are becoming popular due to the emergence of the Internet of Things and ambient intelligence applications. In such networks, secure resource sharing functionality is accomplished by incorporating trust schemes. Current solutions adopt peer-to-peer technologies that can cover the large operational area. However, these systems fail to capture some inherent properties of VANETs, such as fast and ephemeral interaction, making robust trust evaluation of crowdsourcing challenging. In this article, we propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal is a breakthrough in centralized trust computing that utilizes cloud and upcoming 5G technologies to provide robust trust establishment with global scalability. The ad hoc communication is energy-efficient and protects the system against threats that are not countered by the current settings. To evaluate its performance and effectiveness, MobileTrust is modelled in the SUMO simulator and tested on the traffic features of the small-size German city of Eichstatt. Similar schemes are implemented in the same platform to provide a fair comparison. Moreover, MobileTrust is deployed on a typical embedded system platform and applied on a real smart car installation for monitoring traffic and road-state parameters of an urban application. The proposed system is developed under the EU-founded THREAT-ARREST project, to provide security, privacy, and trust in an intelligent and energy-aware transportation scenario, bringing closer the vision of sustainable circular economy

A Location Privacy Extension for DVB-RCS

In this paper we studied the DVB-RCS (Return Channel through Satellite) standard from a privacy perspective and proposed an approach to incorporate a location privacy enhancing mechanism into the standard. Offering location based privacy in DVB-RCS communication is a challenge as the location of a satellite terminal must be revealed to the network operator of the DVB-RCS network for technical and administrative reasons. We proposed an approach of cloaking the location by intentionally compromising its accuracy whilst maintaining the operability and integrity of the communications system. In addition we implemented a proof of concept technique utilizing the theoretical findings of this work on a real DVB-RCS system, presenting the methodology along with the tools used and the experimental results

Real time DDoS detection using fuzzy estimators

We propose a method for DDoS detection by constructing a fuzzy estimator on the mean packet inter arrival times. We divided the problem into two challenges, the first being the actual detection of the DDoS event taking place and the second being the identification of the offending IP addresses. We have imposed strict real time constraints for the first challenge and more relaxed constraints for the identification of addresses. Through empirical evaluation we confirmed that the detection can be completed within improved real time limits and that by using fuzzy estimators instead of crisp statistical descriptors we can avoid the shortcomings posed by assumptions on the model distribution of the traffic. In addition we managed to obtain results under a 3 sec detection window. © 2012 Elsevier Ltd. All rights reserved

Systems Analysis: Exploring the Spectrum of Diversity

Complex problem spaces, such as those addressed by knowledge management or systems analysis projects, call for complex methods of inquiry. A phenomenon in contextual analysis means that there is a need to go beyond consensus and recognized ‘best practice’. As part of a complex method, for contextual analysis, inter-analysis may be conducted, in which individuals explore one another’s perspectives by discussing individually-created narratives. The purpose is not to seek consensus, but to focus on diversity in viewpoints among participants. In this paper, the authors present an approach in which multiple modelling of problem experiences can bring about shifts of perspectives, create new insights and help deepened understandings to emerge. Techniques are presented that support participants to keep an overview of diversity of in-depth inquiries, while not suffocating under information overload due to the large number of narratives. Participants identify clusters of similar/dissimilar narratives in order to limit the number, but not the range of alternative perspectives. The techniques presented are formally described to promote development of decision support systems

Efficient Intrusion Detection in P2P IoT Networks

We study efficient and lightweight Intrusion Detection Systems for Ad-Hoc networks via the prism of IPv6- enabled Wireless Sensor Networks. These networks consist of highly constrained devices organised in mesh networks following ad-hoc architectures, and as such carry specific characteristics that are not efficiently addressed by current state-of-the-art. In this work we first identify a trade-off between the communication and energy overhead of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine tune this trade-off, we first model such networks with the use of Random Geometric Graphs as this is a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel architectural approach for IDS by having only a subset of the nodes acting as IDS agents. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols such as RPL. Our detailed experimental evaluation demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates

An Architecture for Resilient Intrusion Detection in IoT Networks

We introduce a lightweight architecture of Intrusion Detection Systems (IDS) for ad-hoc IoT networks. Current state-of-the-art IDS have been designed based on assumptions holding from conventional computer networks, and therefore, do not properly address the nature of IoT networks. In this work, we first identify the correlation between the communication overheads and the placement of an IDS (as captured by proper placement of active IDS agents in the network). We model such networks as Random Geometric Graphs. We then introduce a novel IDS architectural approach by having only a minimum subset of the nodes acting as IDS agents. These nodes are able to monitor the network and detect attacks at the networking layer in a collaborative manner by monitoring 1-hop network information provided by routing protocols such as RPL. Conducted experiments show that our proposed IDS architecture is resilient and robust against frequent topology changes due to node failures. Our detailed experimental evaluation demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates

Automated Mortality Prediction in Critically-ill Patients with Thrombosis using Machine Learning

Venous thromboembolism (VTE) is the third most common cardiovascular condition. Some high risk patients diagnosed with VTE need immediate treatment and monitoring in intensive care units (ICU) as the mortality rate is high. Most of the published predictive models for ICU mortality give information on in-hospital mortality using data recorded in the first day of ICU admission. The purpose of the current study is to predict in-hospital and after-discharge mortality in patients with VTE admitted to ICU using a machine learning (ML) framework. We studied 2,468 patients from the Medical Information Mart for Intensive Care (MIMIC-III) database, admitted to ICU with a diagnosis of VTE. We formed ML classification tasks for early and late mortality prediction. In total, 1,471 features were extracted for each patient, grouped in seven categories each representing a different type of medical assessment. We used an automated ML platform, JADBIO, as well as a class balancing combined with a Random Forest classifier, in order to evaluate the importance of class imbalance. Both methods showed significant ability in prediction of early mortality (AUC=0.92). Nevertheless, the task of predicting late mortality was less efficient (AUC=0.82). To the best of our knowledge, this is the first study in which ML is used to predict short-term and long-term mortality for ICU patients with VTE based on a multitude of clinical features collected over time