Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such, there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the cornerstone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016+-0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.Comment: 26 page

Proactive threat detection for connected cars using recursive Bayesian estimation

Upcoming disruptive technologies around autonomous driving of connected cars have not yet been matched with appropriate security by design principles and lack approaches to incorporate proactive preventative measures in the wake of increased cyber-threats against such systems. In this paper, we introduce proactive anomaly detection to a use-case of hijacked connected cars to improve cyber-resilience. First, we manifest the opportunity of behavioral profiling for connected cars from recent literature covering related underpinning technologies. Then, we design and utilize a new data set file for connected cars influenced by the automatic dependent surveillance-broadcast surveillance technology used in the aerospace industry to facilitate data collection and sharing. Finally, we simulate the analysis of travel routes in real time to predict anomalies using predictive modeling. Simulations show the applicability of a Bayesian estimation technique, namely, Kalman filter. With the analysis of future state predictions based on the previous behavior, cyber-threats can be addressed with a vastly increased time window for a reaction when encountering anomalies. We discuss that detecting real-time deviations for malicious intent with the predictive profiling and behavioral algorithms can be superior in effectiveness than the retrospective comparison of known-good/known-bad behavior. When quicker action can be taken while connected cars encounter cyberattacks, more effective engagement or interception of command and control will be achieved

Assessing the Development of Mathematics Curricula in Jordan During the Period 1964-1999 : A Historical Study

Introduction This study aims to investigate the changes and developments in mathematics curricula, which approved by the Ministry of Education for teaching mathematics during the period (1964-1999). It also aims at highlighting the feature of every period of development and to review the reasons that lead to such development. The study has the aim to answer the following questions: 1.What are the developments that the learning objectives of mathematics curricula in Jordan have witnessed during the period (1964-1999) ? 2.What are the developments that the mathematical content of mathematics curricula in Jordan have witnessed during the period (1964-1999) ? 3.What are the developments that the instruction methods of mathematics curricula in Jordan have witnessed during the period (1964-1999)? 4.What are the developments that the evaluation methods of mathematics curricula in Jordan have witnessed during the period (1964 –1999)? The first chapter of the study describes some facts about Jordan, the educational system, and instructional plans for teaching mathematics, which was approved by MOE during the period (1964-1999), the need for developing mathematics curricula, and statement and significance of the study with the questions mentioned above, and includes the limitation of the study. The second Chapter includes on a review of literature through display the international development of mathematics curriculum and relative studies, the development of mathematics education in Germany, and the development of mathematics curriculum and relative studies in the Arab World, especially in Jordan. Chapter three describes the methodology and procedures which are used: the analysis method, (analysis procedures of content mathematics curricula, analysis tool), and the interview: (sample, interview procedures, tool, and procedures of interview analysis). Chapter four: contains the findings of the study represented with the analysis results of mathematics curriculum according to the study questions, the results of content analysis of Mathematics curricula according to the “Principles and Standards for School Mathematics” which issued by NCTM, the response and opinion of interview sample to the items of a study tool (questionnaire). Chapter five: Include discussion of the findings and the results of the study according to the study question, and investigate the characteristics and the reasons behind the development witnessed by the curricula of mathematics in Jordan during the period (1964-1999). The main analysis results of mathematics curriculum which approved by MOE in Jordan, and the opinions of the interview sample are concentrated on discussion and investigation the development characteristics of learning objectives of teaching mathematics, mathematical content, instructional and evaluation methods of teaching mathematics, according to the “Principles and Standards for School Mathematics”, and through division the whole period into three sub-periods. The curriculum documents (in English translation), the NCTM standards, and other data with additional information – among other things the results of the interviews – are arranged as appendix 1 to appendix 10. This study is significant as being one of the rare attempts in Jordan to explore the development of mathematics curricula. The study is also unique in the length of the period it has chosen, 1964-1999. As such, it can be referred to as a historical source for the evolution of mathematics curricula in Jordan, so that scholars benefit from its analysis and historical documentation of the period of the development of these curricula. It is also beneficial to the writers of school textbooks since it provides a list of universal standards used to analyze the mathematical content of curricula. These are attached in a short section as “recommendations”

A spin-coherent semiconductor photo-detector for quantum communication

We describe how quantum information may be transferred from photon polarization to electron spin in a semiconductor device. The transfer of quantum information relies on selection rules for optical transitions, such that two superposed photon polarizations excite two superposed spin states. Entanglement of the electron spin state with the spin state of the remaining hole is prevented by using a single, non-degenerate initial valence band. The degeneracy of the valence band is lifted by the combination of strain and a static magnetic field. We give a detailed description of a semiconductor structure that transfers photon polarization to electron spin coherently, and allows electron spins to be stored and to be made available for quantum information processing.Comment: To be published in the proceedings of the 11th International Winterschool on New Developments in Solid State Physics, 21 - 25 February, 2000, Mauterndorf, Austria (Physica E, Sept. 2000). 5 pages, 4 figures Revised with updated work on light-hole/heavy-hole selection rule

A raw deal

Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/99657/1/jhm2055.pd

Arabic text classification methods: Systematic literature review of primary studies

Recent research on Big Data proposed and evaluated a number of advanced techniques to gain meaningful information from the complex and large volume of data available on the World Wide Web. To achieve accurate text analysis, a process is usually initiated with a Text Classification (TC) method. Reviewing the very recent literature in this area shows that most studies are focused on English (and other scripts) while attempts on classifying Arabic texts remain relatively very limited. Hence, we intend to contribute the first Systematic Literature Review (SLR) utilizing a search protocol strictly to summarize key characteristics of the different TC techniques and methods used to classify Arabic text, this work also aims to identify and share a scientific evidence of the gap in current literature to help suggesting areas for further research. Our SLR explicitly investigates empirical evidence as a decision factor to include studies, then conclude which classifier produced more accurate results. Further, our findings identify the lack of standardized corpuses for Arabic text; authors compile their own, and most of the work is focused on Modern Arabic with very little done on Colloquial Arabic despite its wide use in Social Media Networks such as Twitter. In total, 1464 papers were surveyed from which 48 primary studies were included and analyzed

Novel Framework for Hidden Data in the Image Page within Executable File Using Computation between Advanced Encryption Standard and Distortion Techniques

The hurried development of multimedia and internet allows for wide distribution of digital media data. It becomes much easier to edit, modify and duplicate digital information. In additional, digital document is also easy to copy and distribute, therefore it may face many threats. It became necessary to find an appropriate protection due to the significance, accuracy and sensitivity of the information. Furthermore, there is no formal method to be followed to discover a hidden data. In this paper, a new information hiding framework is presented.The proposed framework aim is implementation of framework computation between advance encryption standard (AES) and distortion technique (DT) which embeds information in image page within executable file (EXE file) to find a secure solution to cover file without change the size of cover file. The framework includes two main functions; first is the hiding of the information in the image page of EXE file, through the execution of four process (specify the cover file, specify the information file, encryption of the information, and hiding the information) and the second function is the extraction of the hiding information through three process (specify the stego file, extract the information, and decryption of the information).Comment: 6 Pages IEEE Format, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.42