Physical Sciences and Mathematics Commons^™

Cyber Security Incidents On Critical Infrastructure And Industrial Networks, Robert Ighodaro Ogie

SMART Infrastructure Facility - Papers

National critical infrastructure and industrial processes are heavily reliant on automation, monitoring and control technologies, including the widely used Supervisory Control and Data Acquisition (SCADA) systems. The growing interconnection of these systems with corporate networks exposes them to cyber attacks, with several security incidents reported over the last few decades. This study provides a classification scheme for categorising security incidents related to critical infrastructure and industrial control systems. The classification scheme is applied to analyse 242 security incidents on critical infrastructure and industrial control networks, which were reported between 1982 and 2014. The results show interesting patterns, with key points …

Big Data: New Opportunities And New Challenges, Katina Michael, Keith Miller

Associate Professor Katina Michael

We can live with many of the uncertainties of big data for now, with the hope that its benefits will outweigh its harms, but we shouldn't blind ourselves to the possible irreversibility of changes—whether good or bad—to society.

It's no secret that both private enterprise and government seek greater insights into people's behaviors and sentiments. Organizations use various analytical techniques—from crowdsourcing to genetic algorithms to neural networks to sentiment analysis—to study both structured and unstructured forms of data that can aid product and process discovery, productivity, and policy-making. This data is collected from numerous sources including sensor networks, government data …

Privacy Issues And Solutions In Social Network Sites, Xi Chen, Katina Michael

Associate Professor Katina Michael

The boom of the internet and the explosion of new technologies have brought with them new challenges and thus new connotations of privacy. Clearly, when people deal with e-government and e-business, they do not only need the right to be let alone, but also to be let in secret. Not only do they need freedom of movement, but also to be assured of the secrecy of their information. Solove [6] has critiqued traditional definitions of privacy and argued that they do not address privacy issues created by new online technologies. Austin [7] also asserts: “[w]e do need to sharpen and …

Book Review: Securing The Cloud: Cloud Computer Security Techniques And Tactics, Katina Michael

Associate Professor Katina Michael

With so much buzz around Cloud Computing, books like this one written by Winkler are much in demand. Winkler’s experience in the computing business shines through and as readers we are spoiled with a great deal of useful strategic information- a jam packed almost 300 page volume on securing the cloud.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Human Rights, Regulation, And National Security (Introduction), Simon Bronitt, Katina Michael

Faculty of Informatics - Papers (Archive)

Law disciplines technology, though it does so in a partial and incomplete way. This fact is refl ected in the old adage that technology outstrips the capacity of law to regulate it. The rise of new technologies poses a signifi cant threat to human rights. The pervasive use of closedcircuit television (CCTV), as well as mobile CCTV, telecommunications interception, and low-cost audiovisual recording and tracking devices (some of these discreetly wearable), extend the power of the state and corporations to signifi cantly intrude into the lives of citizens.

Improving Security Of Q-Sdh Based Digital Signatures, Fuchun Guo, Yi Mu, Willy Susilo

Faculty of Informatics - Papers (Archive)

In Eurocrypt 2009, Hohenberger and Waters pointed out that a complexity assumption, which restricts the adversary to a single correct response, seems inherently more reliable than their flexible counterparts. The q-SDH assumption is less reliable than standard assumptions because its solution allows exponential answers. On the other hand, the q-SDH assumption exhibits the nice feature of tight reduction in security proof. In this paper, we propose a variant of the q-SDH assumption, so that its correct answers are polynomial and no longer exponentially many. The new assumption is much more reliable and weaker than the original q-SDH assumption. We propose …

Social-Technical Issues Facing The Humancentric Rfid Implantee Sub-Culture Through The Eyes Of Amal Graafstra, Amal Graafstra, K. Michael, M.G. Michael

Associate Professor Katina Michael

Radio-frequency identification (RFID) tags and transponders have traditionally been used to identify domesticated animals so that they can be reunited with their owners in the event that they stray. In the late 1990s, industry started to investigate the benefits of using RFID to identifying non-living things throughout the supply chain toward new efficiencies in business operations. Not long after, people began to consider the possibilities of getting RFID tag or transponder implants for themselves. Mr Amal Graafstra of the United States is one of the first, and probably most well-known ‘do it yourselfer’ (DIY) implantees, who enjoys building customized projects …

Data Security And Information Privacy For Pda Accessible Clinical-Log For Medical Education In Problem-Based Learning (Pbl) Approach, Rattiporn Luanrattana, Khin Than Win, John A. Fulcher

Faculty of Informatics - Papers (Archive)

Data security and information privacy are the important aspects to consider for the use of mobile technology for recording clinical experience and encounter in medical education. Objective: This study aims to address the qualitative findings of the appropriate data security and information privacy for PDA accessible clinical-log in problem-based learning (PBL) approach in medical education. Method: The semi-structured interviews were conducted with the medical faculty members, honorary clinical academics and medical education technology specialists. Results: Data security and information access plan were determined for managing clinical-log data. The results directed the guideline for the future development and implementation of clinical-log …

The Social Impact Of National Security Technologies: Epassports, E911 And Mobile Alerts, Holly Tootell

Faculty of Informatics - Papers (Archive)

This paper explores the adoption of emerging technologies for the purposes of national security. The three technologies chosen were ePassports, E911 and mobile alerts. The study uses a content analysis methodology drawing on popular media documentation to extract the major social and technological impacts of the technologies on citizens as they were reported. The find i ngs of the study indicate that reactions to the three technologies differed. ePassports were considered vastly different to E911 and mobile alerting predominantly because they were seen to be a controlling technology, whereas E911 and mobile alerting were viewed to be about safety and …

National Security And The Misology-Misanthropy Paradox Of Technology, George M. Mickhail

Faculty of Informatics - Papers (Archive)

The evolution of computing did not only result in the disengagement of thepopulace from its technological complexity, but also their submission to thedivine ability of 'scientists', who understand the mathematical complexityof information technologies. Socrates argued that both 'misanthropy' and'misology' stem from 'faith' placed in unreliable people and unsoundarguments. Such misplaced faith in surveillance technologies and theirprotractors, for example, often results in disengagement from debate, whichto Socrates was the antithesis to truth and wisdom. This paper explores howsociety is opting out of debate through the machinations of a neoconservativecredo that purports reason. Under the guise of freedom and democracy, suchdogma often …

The Benefits & Concerns Of Public Data Availability In Australia: A Survey Of Security Experts, Roba Abbas

Faculty of Informatics - Papers (Archive)

This paper gauges the attitudes of security experts in Australia with regards to public data availability on critical infrastructure protection (CIP). A qualitative survey was distributed to a individuals considered experts in CIP-related research in Australia, in order to address the censorship versus open access debate concerning public data. The intention of the study was to gain an insight into the perceived benefits and threats of public data availability by security experts, and to provide the basis for a security solution to be utilised by the Australian Government sector (at all levels). The findings however can also be applied to …

Modelling Mas-Specific Security Features, Ghassan Beydoun, Graham C. Low, Haralambos Mouratidis, Brian Henderson-Sellers

Faculty of Informatics - Papers (Archive)

In this paper, we pursue a modelling approach to address security requirements for multi-agent systems (MAS). This will allow developers to account for both the system and agent-specific security requirements of a MAS during the requirements phase and throughout the whole Software Development Lifecycle of the system. We focus on autonomy, mobility and cooperation of individual agents and how these create additional security vulnerabilities to the system. In proposing a set of generic modelling primitives for these engendered requirements in the analysis of the MAS, we extend our recently proposed MAS metamodel.

Rfid-Based Anti-Theft Auto Security System With An Immobilizer, Geeth Jayendra, Sisil Kumarawadu, Lasantha Meegahapola

Faculty of Informatics - Papers (Archive)

This paper presents a novel radio frequency identification (RFID) based vehicle immobilizer system, which features low hacking probability while preserving the safety of the passengers of the hijacked vehicle. The immobilizer uses the active RFID technology where the tag is generated with comparatively large character sets. The receiving unit is intelligently integrated into three control circuits in the vehicle, namely, ignition circuit, power control unit, and automatic gear changing system, enabling it to bring the vehicle speed down to zero in a safe step by step manner. The anti-theft auto security system proposed here was tested under different weather conditions …

The Importance Of Scenarios In Evaluating The Socio-Ethical Implications Of Location-Based Services, L. Perusco, Katina Michael

Faculty of Informatics - Papers (Archive)

Location-based services (LBS) are those applications that utilize the position of an end-user, animal or thing based on a given device (handheld, wearable, interwoven into fabric or implanted), executed for a particular purpose. LBS applications range from those that are mission-critical to those that are used for convenience, from those that are mandatory to those that are voluntary, from those that are targeted at the mass market to those that cater for the needs of a niche market. Location services can be implemented using a variety of access mediums including global positioning systems and radio-frequency identification, rendering approximate or precise …

National Security: The Social Implications Of The Politics Of Transparency, M G. Michael, Katina Michael

Faculty of Informatics - Papers (Archive)

This special issue of Prometheus is dedicated to the theme of the Social Implications of National Security Measures on Citizens and Business. National security measures can be defined as those technical and non-technical measures that have been initiated as a means to curb breaches in national security, irrespective of whether these might occur by nationals or aliens in or from outside the sovereign state. National security includes such government priorities as maintaining border control, safeguarding against pandemic outbreaks, preventing acts of terror, and even discovering and eliminating identification fraud. Governments worldwide are beginning to implement information and communication security techniques …

Location-Based Services And The Privacy-Security Dichotomy, Katina Michael, L. Perusco, M G. Michael

Faculty of Informatics - Papers (Archive)

Location-based services (LBS) rely on knowledge of a user’s location to provide tailored services or information by means of a wireless device. LBS applications have wide-ranging implications for society, particularly in the context of tracking and monitoring groups of individuals such as children, invalids, and parolees. Despite a great deal of attention paid to technical and commercial aspects of LBS technologies, consideration of the legal, ethical, social and technology momentum issues involved has been wanting. This paper examines some of the more pressing issues that are expected to arise from the widespread use of LBS. The outcome of this paper …

Using Scenario Planning In The Evaluation Of Information Security Applications, Laura Perusco

Faculty of Informatics - Papers (Archive)

This paper provides a broad overview of the scenario approach as it relates to the evaluation of location based services (LBS) technologies and their appl ication. A scenario is a plausible vision of the future, based around a particular technology or application and developed via a scenario planning methodology. The main worth of the scenario planning approach is that it allows an application to be evaluated in terms of potential social impacts as well as technical merit and commercial viability. A sample scenario is presented within the paper to illustrate how the scenario planning methodology can be used. This scenario …

New Applications Of Modulated Digital Images In Document Security, Robert A. Lee, Patrick W. Leech, Lawrey D. Mccarthy, Gerhard F. Swiegers

Faculty of Science - Papers (Archive)

In previous work we have demonstrated that selective masking, or modulation, of digital images can be used to create documents and transparent media containing covert or optically variable, overt images. In the present work we describe new applications and techniques of such "modulated digital images" (MDI's) in document security. In particular, we demonstrate that multiple hidden images can be imperceptibly concealed within visible, host images by incorporating them as a new, half-tone, printing screen. Half-toned hidden images of this type may contain a variety of novel features that hinder unauthorized copying, including concealed multiple images, and microprinted-, color-, and various …

Security Analysis Of Michael: The Ieee 802.11i Message Integrity Code, Jianyong Huang, Jennifer Seberry, Willy Susilo, Martin W. Bunder

Faculty of Informatics - Papers (Archive)

The latest IEEE 802.11i uses a keyed hash function, called Michael, as the message integrity code. This paper describes some properties and weaknesses of Michael. We provide a necessary and sufficient condition for finding collisions of Michael. Our observation reveals that the collision status of Michael only depends on the second last block message and the output of the block function in the third last round. We show that Michael is not collision-free by providing a method to find collisions of this keyed hash function. Moreover, we develop a method to find fixed points of Michael. If the output …