Characterizing a Meta-CDN

CDNs have reshaped the Internet architecture at large. They operate (globally) distributed networks of servers to reduce latencies as well as to increase availability for content and to handle large traffic bursts. Traditionally, content providers were mostly limited to a single CDN operator. However, in recent years, more and more content providers employ multiple CDNs to serve the same content and provide the same services. Thus, switching between CDNs, which can be beneficial to reduce costs or to select CDNs by optimal performance in different geographic regions or to overcome CDN-specific outages, becomes an important task. Services that tackle this task emerged, also known as CDN broker, Multi-CDN selectors, or Meta-CDNs. Despite their existence, little is known about Meta-CDN operation in the wild. In this paper, we thus shed light on this topic by dissecting a major Meta-CDN. Our analysis provides insights into its infrastructure, its operation in practice, and its usage by Internet sites. We leverage PlanetLab and Ripe Atlas as distributed infrastructures to study how a Meta-CDN impacts the web latency

IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems

The increasing interconnection of industrial networks exposes them to an ever-growing risk of cyber attacks. To reveal such attacks early and prevent any damage, industrial intrusion detection searches for anomalies in otherwise predictable communication or process behavior. However, current efforts mostly focus on specific domains and protocols, leading to a research landscape broken up into isolated silos. Thus, existing approaches cannot be applied to other industries that would equally benefit from powerful detection. To better understand this issue, we survey 53 detection systems and find no fundamental reason for their narrow focus. Although they are often coupled to specific industrial protocols in practice, many approaches could generalize to new industrial scenarios in theory. To unlock this potential, we propose IPAL, our industrial protocol abstraction layer, to decouple intrusion detection from domain-specific industrial protocols. After proving IPAL's correctness in a reproducibility study of related work, we showcase its unique benefits by studying the generalizability of existing approaches to new datasets and conclude that they are indeed not restricted to specific domains or protocols and can perform outside their restricted silos

IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems

The increasing interconnection of industrial networks exposes them to an ever-growing risk of cyber attacks. To reveal such attacks early and prevent any damage, industrial intrusion detection searches for anomalies in otherwise predictable communication or process behavior. However, current efforts mostly focus on specific domains and protocols, leading to a research landscape broken up into isolated silos. Thus, existing approaches cannot be applied to other industries that would equally benefit from powerful detection. To better understand this issue, we survey 53 detection systems and find no fundamental reason for their narrow focus. Although they are often coupled to specific industrial protocols in practice, many approaches could generalize to new industrial scenarios in theory. To unlock this potential, we propose IPAL, our industrial protocol abstraction layer, to decouple intrusion detection from domain-specific industrial protocols. After proving IPAL's correctness in a reproducibility study of related work, we showcase its unique benefits by studying the generalizability of existing approaches to new datasets and conclude that they are indeed not restricted to specific domains or protocols and can perform outside their restricted silos

Makna Shajarah Dalam Alqur’an Qs. Al-Baqarah: 35 (Studi Komparatif Tafsir Al-Tabari Dan Hamka)

Sebab diturunkannya Nabi Adam ke bumi, dikalangan mufasir masih menjadi pertanyaan, dan diantara pertanyaan yang muncul, benarkah Adam melakukan salah? lupa? ataukah memang rencana besar Tuhan kepada Adam agar Adam menjadi manusia yang sempurna. Selain itu, yang menjadi perbincangan mufasir adalah mengenai pohon yang didekati oleh Nabi Adam. Apakah pohon tersebut hanya merupakan sifat, pohon layaknya di dunia, ataukah hanya Tuhan yang mengerti mengenai makna pohon tersebut? Selanjutnya, skripsi ini membahas penafsiran al-Tabari dan Hamka dalam menafsirkan shajarah QS. al-Baqarah:35, sekaligus menjelaskan metode yang digunakan dalam menafsirkan ayat tersebut. Meski dikalangan mufasir, menyebutkan bahwa bukan merupakan hal yang penting mengetahui pohon tersebut, tetapi setidaknya akan memberikan wahana baru bagi penulis ataupun pembaca yang dalam kaitannya dengan pemaknaan shajarah dalam QS. al-Baqarah:35. Kedua mufasir tersebut, mempunyai karakteristik yang berbeda, selain berbeda dalam segi corak, juga berbeda dalam produk penafsirannya, yang tentunya dipengaruhi oleh kondisi sosial saat itu, dan masalah zaman menjadi faktor utama yang menyebabkan produk tafsir tersebut berubah. Hamka dan Al-Tabari mempunyai kesamaan dalam memberikan penjelasan mengani ayat shajarah tersebut, yakni sama-sama tidak menganggap penting. Hanya saja, bedanya jika Hamka sejak awal memang tidak menafsirakan shajarah tersebut, sedangkan Al-T{abari sedikit menjelaskan mengenai pohon tersebut sesuai kondisi Arab. Meski pada akhirnya tidak menganggap penting

PowerDuck: A GOOSE Data Set of Cyberattacks in Substations

Power grids worldwide are increasingly victims of cyberattacks, where attackers can cause immense damage to critical infrastructure. The growing digitalization and networking in power grids combined with insufficient protection against cyberattacks further exacerbate this trend. Hence, security engineers and researchers must counter these new risks by continuously improving security measures. Data sets of real network traffic during cyberattacks play a decisive role in analyzing and understanding such attacks. Therefore, this paper presents PowerDuck, a publicly available security data set containing network traces of GOOSE communication in a physical substation testbed. The data set includes recordings of various scenarios with and without the presence of attacks. Furthermore, all network packets originating from the attacker are clearly labeled to facilitate their identification. We thus envision PowerDuck improving and complementing existing data sets of substations, which are often generated synthetically, thus enhancing the security of power grids

Cybersecurity and information assurance in Information Science curricula

As a newly emerging and one of the fastest growing fields of study, cybersecurity/information assurance has plenty to offer in terms of teaching and research. If Library and Information Science (LIS) schools are to take advantage of this fast growth in the field by expanding their program and/or course offerings, thereby increasing their enrollments, and, indeed, provide their students with opportunities to be able to take advantage of the demand for skilled manpower in cybersecurity/information assurance, it is imperative for them to systematically approach the inclusion of courses and/or programs to their curricula. A component of this systematic approach is a closer examination of programs, concentrations, and courses in cybersecurity/information assurance currently offered at similar or peer LIS schools in order to identify best practices and gaps. The study reported here is a small but important part of this effort

Anomaly Detection in Maritime AIS Tracks: A Review of Recent Approaches

The automatic identification system (AIS) was introduced in the maritime domain to increase the safety of sea traffic. AIS messages are transmitted as broadcasts to nearby ships and contain, among others, information about the identification, position, speed, and course of the sending vessels. AIS can thus serve as a tool to avoid collisions and increase onboard situational awareness. In recent years, AIS has been utilized in more and more applications since it enables worldwide surveillance of virtually any larger vessel and has the potential to greatly support vessel traffic services and collision risk assessment. Anomalies in AIS tracks can indicate events that are relevant in terms of safety and also security. With a plethora of accessible AIS data nowadays, there is a growing need for the automatic detection of anomalous AIS data. In this paper, we survey 44 research articles on anomaly detection of maritime AIS tracks. We identify the tackled AIS anomaly types, assess their potential use cases, and closely examine the landscape of recent AIS anomaly research as well as their limitations

Characterizing a Meta-CDN

CDNs have reshaped the Internet architecture at large. They operate (globally) distributed networks of servers to reduce latencies as well as to increase availability for content and to handle large traffic bursts. Traditionally, content providers were mostly limited to a single CDN operator. However, in recent years, more and more content providers employ multiple CDNs to serve the same content and provide the same services. Thus, switching between CDNs, which can be beneficial to reduce costs or to select CDNs by optimal performance in different geographic regions or to overcome CDN-specific outages, becomes an important task. Services that tackle this task emerged, also known as CDN broker, Multi-CDN selectors, or Meta-CDNs. Despite their existence, little is known about Meta-CDN operation in the wild. In this paper, we thus shed light on this topic by dissecting a major Meta-CDN. Our analysis provides insights into its infrastructure, its operation in practice, and its usage by Internet sites. We leverage PlanetLab and Ripe Atlas as distributed infrastructures to study how a Meta-CDN impacts the web latency