Political economics and normative analysis

The approaches and opinions of economists often dominate public policy discussion. Economists have gained this privileged position partly (or perhaps mainly) because of the obvious relevance of their subject matter, but also because of the unified methodology (neo-classical economics) that the vast majority of modern economists bring to their analysis of policy problems and proposed solutions. The idea of Pareto efficiency and its potential trade-off with equity is a central idea that is understood by all economists and this common language provides the economics profession with a powerful voice in public affairs. The purpose of this paper is to review and reflect upon the way in which economists find themselves analysing and providing suggestions for social improvements and how this role has changed over roughly the last 60 years. We focus on the fundamental split in the public economics tradition between those that adhere to public finance and those that adhere to public choice. A pure public finance perspective views failures in society as failures of the market. The solutions are technical, as might be enacted by a benevolent dictator. The pure public choice view accepts (sometimes grudgingly) that markets may fail, but so, it insists, does politics. This signals institutional reforms to constrain the potential for political failure. Certain policy recommendations may be viewed as compatible with both traditions, but other policy proposals will be the opposite of that proposed within the other tradition. In recent years a political economics synthesis emerged. This accepts that institutions are very important and governments require constraints, but that some degree of benevolence on the part of policy makers should not be assumed non-existent. The implications for public policy from this approach are, however, much less clear and perhaps more piecemeal. We also discuss analyses of systematic failure, not so much on the part of markets or politicians, but by voters. Most clearly this could lead to populism and relaxing the idea that voters necessarily choose their interests. The implications for public policy are addressed. Throughout the paper we will relate the discussion to the experience of UK government policy-making.Public Finance, Public Choice, Public Economics, Political Economics, Normative Analysis

X-Secure:protecting users from big bad wolves

In 2014 over 70% of people in Great Britain accessed the Internet every day. This resource is an optimal vector for malicious attackers to penetrate home computers and as such compromised pages have been increasing in both number and complexity. This paper presents X-Secure, a novel browser plug-in designed to present and raise the awareness of inexperienced users by analysing web-pages before malicious scripts are executed by the host computer. X-Secure was able to detect over 90% of the tested attacks and provides a danger level based on cumulative analysis of the source code, the URL, and the remote server, by using a set of heuristics, hence increasing the situational awareness of users browsing the internet

Mayall:a framework for desktop JavaScript auditing and post-exploitation analysis

Writing desktop applications in JavaScript offers developers the opportunity to write cross-platform applications with cutting edge capabilities. However in doing so, they are potentially submitting their code to a number of unsanctioned modifications from malicious actors. Electron is one such JavaScript application framework which facilitates this multi-platform out-the-box paradigm and is based upon the Node.js JavaScript runtime --- an increasingly popular server-side technology. In bringing this technology to the client-side environment, previously unrealized risks are exposed to users due to the powerful system programming interface that Node.js exposes. In a concerted effort to highlight previously unexposed risks in these rapidly expanding frameworks, this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis. The paper also exposes fifteen highly popular Electron applications and demonstrates that two thirds of applications were found to be using known vulnerable elements with high CVSS scores. Moreover, this paper discloses a wide-reaching and overlooked vulnerability within the Electron Framework which is a direct byproduct of shipping the runtime unaltered with each application, allowing malicious actors to modify source code and inject covert malware inside verified and signed applications without restriction. Finally, a number of injection vectors are explored and appropriate remediations are proposed

A taxonomy of approaches for integrating attack awareness in applications

Software applications are subject to an increasing number of attacks, resulting in data breaches and financial damage. Many solutions have been considered to help mitigate these attacks, such as the integration of attack-awareness techniques. In this paper, we propose a taxonomy illustrating how existing attack awareness techniques can be integrated into applications. This work provides a guide for security researchers and developers, aiding them when choosing the approach which best fits the needs of their application

CP Violation in Bs → J/ψø decays at LHCb and sensitivity to the weak mixing phase βs

The LHCb experiment (CERN) will offer a precise hadronic probe with which to study CP violation, rare decays and possible New Physics (NP) effects occurring in the b-system. Contained within the vast physics program is a dedicated and intense effort to measure the CP violating weak mixing phase, βs. This phase, observable in the neutral Bs-system, presents a sensitive indicator to NP occurring at the TeV scale. This phase appearing through the theoretically clean ¯b → ¯cc¯s quarklevel transition, can be measured precisely using Bs → J/ψφ decays. The analysis of Bs → J/ψφ decays requires using its decay angular information to separate out the CP eigenstates. The sensitivity to βs can then be extracted from the angular differential rates for this mode. This thesis presents the selection and reconstruction of this decay channel, analysis of the background specific to this channel and the method for fitting the data to extract βs. Previous studies within the collaboration have shown the βs sensitivity using a reduced angular expression for the decay rates. By studying the full angular expression, we find both a quantitative and qualitative improvement in the precision with which βs is obtained: the precision improves by approximately 20%, from ± 0.027 to ± 0.022 radians. In addition, we find it is possible to extract the b-tagging parameter from data itself, which aids to minimise the overall systematic effect. This thesis, in preparation for data taking at the LHCb, presents this expected improvement in measuring βs

Occupational fatalities in Victoria 1990-1993 : a case for the control of damaging energy not behaviour

"The aim of the study is to analyse occupational traumatic fatalities in Victoria from the period 1990 through to 1993, to identify opportunities for prevention."Thesis (Master of Applied Science

Poster: Angry birding:evaluating application exceptions as attack canaries

Application exceptions are anomalous events occurring within the application. These can be caused by common issues such as simple programming errors; however, they can also originate from the side-effects of a trial-and-error process used in active attacks. Utilising attacker-induced exceptions as a canary for intrusion detection has been demonstrated as a feasible technique for SQL injection detection, but this has not been applied to other types of attacks. This paper proposes an approach to consider attacker-induced application exceptions as attack canaries. The work is part of an ongoing investigation on integrating detective defences into applications through established development practices

BioNAR: an integrated biological network analysis package in bioconductor

Motivation Biological function in protein complexes emerges from more than just the sum of their parts: molecules interact in a range of different sub-complexes and transfer signals/information around internal pathways. Modern proteomic techniques are excellent at producing a parts-list for such complexes, but more detailed analysis demands a network approach linking the molecules together and analysing the emergent architectural properties. Methods developed for the analysis of networks in social sciences have proven very useful for splitting biological networks into communities leading to the discovery of sub-complexes enriched with molecules associated with specific diseases or molecular functions that are not apparent from the constituent components alone. Results Here, we present the Bioconductor package BioNAR, which supports step-by-step analysis of biological/biomedical networks with the aim of quantifying and ranking each of the network’s vertices based on network topology and clustering. Examples demonstrate that while BioNAR is not restricted to proteomic networks, it can predict a protein’s impact within multiple complexes, and enables estimation of the co-occurrence of metadata, i.e. diseases and functions across the network, identifying the clusters whose components are likely to share common function and mechanisms. Availability and implementation The package is available from Bioconductor release 3.17: https://bioconductor.org/packages/release/bioc/html/BioNAR.html.journal articl