Preemptive mobile code protection using spy agents

This thesis introduces 'spy agents' as a new security paradigm for evaluating trust in remote hosts in mobile code scenarios. In this security paradigm, a spy agent, i.e. a mobile agent which circulates amongst a number of remote hosts, can employ a variety of techniques in order to both appear 'normal' and suggest to a malicious host that it can 'misuse' the agent's data or code without being held accountable. A framework for the operation and deployment of such spy agents is described. Subsequently, a number of aspects of the operation of such agents within this framework are analysed in greater detail. The set of spy agent routes needs to be constructed in a manner that enables hosts to be identified from a set of detectable agent-specific outcomes. The construction of route sets that both reduce the probability of spy agent detection and support identification of the origin of a malicious act is analysed in the context of combinatorial group testing theory. Solutions to the route set design problem are proposed. A number of spy agent application scenarios are introduced and analysed, including: a) the implementation of a mobile code email honeypot system for identifying email privacy infringers, b) the design of sets of agent routes that enable malicious host detection even when hosts collude, and c) the evaluation of the credibility of host classification results in the presence of inconsistent host behaviour. Spy agents can be used in a wide range of applications, and it appears that each application creates challenging new research problems, notably in the design of appropriate agent route sets

The law of activity delays

Delays in activities completion drive human projects to schedule and cost overruns. It is believed activity delays are the consequence of multiple idiosyncrasies without specific patterns or rules. Here we show that is not the case. Using data for 180 construction project schedules, we demonstrate that activity delays satisfy a universal model that we call the law of activity delays. After we correct for delay risk factors, what remains follows a log-normal distribution.Comment: 7 pages, 4 figures, 1 tabl

Toward unified security and privacy protection for smart meter networks

The management of security and privacy protection mechanisms is one fundamental issue of future smart grid and metering networks. Designing effective and economic measures is a non-trivial task due to a) the large number of system requirements and b) the uncertainty over how the system functionalities are going to be specified and evolve. The paper explores a unified approach for addressing security and privacy of smart metering systems. In the process, we present a unified framework that entails the analysis and synthesis of security solutions associated with closely interrelated components of a typical smart metering system. Ultimately, the proposed framework can be used as a guideline for embedding cross-domain security and privacy solutions into smart grid communication systems

Smart Grid Communications: Overview of Research Challenges, Solutions, and Standardization Activities

Optimization of energy consumption in future intelligent energy networks (or Smart Grids) will be based on grid-integrated near-real-time communications between various grid elements in generation, transmission, distribution and loads. This paper discusses some of the challenges and opportunities of communications research in the areas of smart grid and smart metering. In particular, we focus on some of the key communications challenges for realizing interoperable and future-proof smart grid/metering networks, smart grid security and privacy, and how some of the existing networking technologies can be applied to energy management. Finally, we also discuss the coordinated standardization efforts in Europe to harmonize communications standards and protocols.Comment: To be published in IEEE Communications Surveys and Tutorial

Privacy and eHealth-enabled Smart Meter Informatics

Abstract-The societal need for better public healthcare calls for granular, continuous, nationwide instrumentation and data fusion technologies. However, the current trend of centralised (database) health analytics gives rise to data privacy issues. This paper proposes sensor data mining algorithms that help infer health/well-being related lifestyle patterns and anomalous (or privacy-sensitive) events. Such algorithms enable a user-centric context awareness at the network edge, which can be used for decentralised eHealth decision making and privacy protection by design. The main hypothesis of this work involves the detection of atypical behaviours from a given stream of energy consumption data recorded at eight houses over a period of a year for cooking, microwave, and TV activities. Our initial exploratory results suggest that in the case of an unemployed single resident, the dayby-day variability of TV or microwave operation, in conjunction with the variability of the absence of other cooking activity, is more significant as compared with the variability of other combinations of activities. The proposed methodology brings together appliance monitoring, privacy, and anomaly detection within a healthcare context, which is readily scalable to include other health-related sensor streams