Blindspot: Indistinguishable Anonymous Communications

Communication anonymity is a key requirement for individuals under targeted surveillance. Practical anonymous communications also require indistinguishability - an adversary should be unable to distinguish between anonymised and non-anonymised traffic for a given user. We propose Blindspot, a design for high-latency anonymous communications that offers indistinguishability and unobservability under a (qualified) global active adversary. Blindspot creates anonymous routes between sender-receiver pairs by subliminally encoding messages within the pre-existing communication behaviour of users within a social network. Specifically, the organic image sharing behaviour of users. Thus channel bandwidth depends on the intensity of image sharing behaviour of users along a route. A major challenge we successfully overcome is that routing must be accomplished in the face of significant restrictions - channel bandwidth is stochastic. We show that conventional social network routing strategies do not work. To solve this problem, we propose a novel routing algorithm. We evaluate Blindspot using a real-world dataset. We find that it delivers reasonable results for applications requiring low-volume unobservable communication.Comment: 13 Page

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Estimating medical costs from a transition model

Nonparametric estimators of the mean total cost have been proposed in a variety of settings. In clinical trials it is generally impractical to follow up patients until all have responded, and therefore censoring of patient outcomes and total cost will occur in practice. We describe a general longitudinal framework in which costs emanate from two streams, during sojourn in health states and in transition from one health state to another. We consider estimation of net present value for expenditures incurred over a finite time horizon from medical cost data that might be incompletely ascertained in some patients. Because patient specific demographic and clinical characteristics would influence total cost, we use a regression model to incorporate covariates. We discuss similarities and differences between our net present value estimator and other widely used estimators of total medical costs. Our model can accommodate heteroscedasticity, skewness and censoring in cost data and provides a flexible approach to analyses of health care cost.Comment: Published in at http://dx.doi.org/10.1214/193940307000000266 the IMS Collections (http://www.imstat.org/publications/imscollections.htm) by the Institute of Mathematical Statistics (http://www.imstat.org

The construction of an alpha chamber

Thesis (M.A.)--Boston University, 1948. This item was digitized by the Internet Archive

Technical Report: Gone in 20 Seconds -- Overview of a Password Vulnerability in Siemens HMIs

Siemens produce a range of industrial human machine interface (HMI) screens which allow operators to both view information about and control physical processes. For scenarios where an operator cannot physically access the screen, Siemens provide the SM@rtServer features on HMIs, which when activated provides remote access either through their own Sm@rtClient application, or through third party VNC client software. Through analysing this server, we discovered a lack of protection against brute-force password attacks on basic devices. On advanced devices which include a brute-force protection mechanism, we discovered an attacker strategy that is able to evade the mechanism allowing for unlimited password guess attempts with minimal effect on the guess rate. This vulnerability has been assigned two CVEs - CVE-2020-15786 and CVE-2020-157867. In this report, we provide an overview of this vulnerability, discuss the impact of a successful exploitation and propose mitigations to provide protection against this vulnerability. This report accompanies a demo presented at CPSIoTSec 2020.Comment: 7 page

On the security of machine learning in malware C & C detection:a survey

One of the main challenges in security today is defending against malware attacks. As trends and anecdotal evidence show, preventing these attacks, regardless of their indiscriminate or targeted nature, has proven difficult: intrusions happen and devices get compromised, even at security-conscious organizations. As a consequence, an alternative line of work has focused on detecting and disrupting the individual steps that follow an initial compromise and are essential for the successful progression of the attack. In particular, several approaches and techniques have been proposed to identify the command and control (C&C) channel that a compromised system establishes to communicate with its controller. A major oversight of many of these detection techniques is the design's resilience to evasion attempts by the well-motivated attacker. C&C detection techniques make widespread use of a machine learning (ML) component. Therefore, to analyze the evasion resilience of these detection techniques, we first systematize works in the field of C&C detection and then, using existing models from the literature, go on to systematize attacks against the ML components used in these approaches

Mktg

A new approach to learning the principles of marketing, MKTG is the Asia–Pacific edition of a proven, innovative solution to enhance the students' learning experience. Concise, yet complete, coverage supported by a suite of online learning aids equips students with the tools required to successfully undertake an introductory marketing course. Paving a new way to both teaching and learning, MKTG is designed to truly connect with today's busy tech-savy student. Students have access to online interactive quizzing, videos, podcasts, flashcards, marketing plans, games and more. An accessible, easy-to-read text along with tear out review cards complete a package which helps students to learn important concepts faster

A superconducting microwave multivibrator produced by coherent feedback

We investigate a coherent nonlinear feedback circuit constructed from pre-existing superconducting microwave devices. The network exhibits emergent bistable and astable states, and we demonstrate its operation as a latch and the frequency locking of its oscillations. While the network is tedious to model by hand, our observations agree quite well with the semiclassical dynamical model produced by a new software package [N. Tezak et al., arXiv:1111.3081v1] that systematically interpreted an idealized schematic of the system as a quantum optic feedback network.Comment: 9 double-spaced pages, 5 figures and supplement. To appear in Phys. Rev. Let

Old MacDonald had a smart farm: Building a testbed to study cybersecurity in smart dairy farming

With the advent of modern smart farming and agritech technology, farms are increasingly becoming an example of a cyber-physical system (CPS). For example, a modern dairy farm will feature internet-of-things (IoT) devices for monitoring animals and fully automated milking parlors. When considering the cyber security of CPS, we often talk about critical national infrastructure (CNI) with a focus on heavy industries such as energy generation, water treatment, and manufacturing, which all have a long history of digitization. Food supply is also considered part of CNI, so it is essential to consider it. A cyber attack on a farm can impact food supply, reduce revenue for farmers, and impact animal welfare. The security of smart farming has not been widely explored, and there is a lack of realistic testbeds that evaluate the security of agritech devices. This paper discusses the design of such a testbed, focusing on the dairy farming sector. We provide an overview of the testbed and discuss the challenges and lessons learned during the design and build process. We also present some early results from our analysis of the devices and software within the testbed and discuss future research directions