• Dead-zone logic in autonomic systems

      Eze, Thaddeus; Anthony, Richard; University of Chester and University of Greenwich (IEEE, 2014-07-31)
      Dead-Zone logic is a mechanism to prevent autonomic managers from unnecessary, inefficient and ineffective control brevity when the system is sufficiently close to its target state. It provides a natural and powerful framework for achieving dependable self-management in autonomic systems by enabling autonomic managers to smartly carry out a change (or adapt) only when it is safe and efficient to do so-within a particular (defined) safety margin. This paper explores and evaluates the performance impact of dead-zone logic in trustworthy autonomic computing. Using two case example scenarios, we present empirical analyses that demonstrate the effectiveness of dead-zone logic in achieving stability, dependability and trustworthiness in adaptive systems. Dynamic temperature target tracking and autonomic datacentre resource request and allocation management scenarios are used. Results show that dead-zone logic can significantly enhance the trustability of autonomic systems.
    • The Evolution of Ransomware Variants

      Wood, Ashley; Eze, Thaddeus
      Abstract: This paper investigates how ransomware is continuing to evolve and adapt as time progresses to become more damaging, resilient and sophisticated from one ransomware variant to another. This involves investigating how each ransomware sample including; Petya, WannaCry and CrySiS/Dharma interacts with the underlying system to implicate on both the systems functionality and its underlying data, by utilising several static and dynamic analysis tools. Our analysis shows, whilst ransomware is undoubtedly becoming more sophisticated, fundamental problems exist with its underlying encryption processes which has shown data recovery to be possible across all three samples studied whilst varying aspects of system functionality can be preserved or restored in their entirety.
    • Policing the Cyber Threat: Exploring the threat from Cyber Crime and the ability of local Law Enforcement to respond

      Eze, Thaddeus; Hull, Matthew; Speakman, Lee; University of Chester (Proceedings of the IEEE, 2019-07-01)
      The landscape in which UK policing operates today is a dynamic one, and growing threats such as the proliferation of cyber crime are increasing the demand on police resources. The response to cyber crime by national and regional law enforcement agencies has been robust, with significant investment in mitigating against, and tackling cyber threats. However, at a local level, police forces have to deal with an unknown demand, whilst trying to come to terms with new crime types, terminology and criminal techniques which are far from traditional. This paper looks to identify the demand from cyber crime in one police force in the United Kingdom, and whether there is consistency in the recording of crime. As well as this, it looks to understand whether the force can deal with cyber crime from the point of view of the Police Officers and Police Staff in the organisation.
    • Stigmergic Interoperability for Autonomic Systems: Managing Complex Interactions in Multi-Manager Scenarios

      Eze, Thaddeus; Anthony, Richard; University of Chester; University of Greenwich (IEEE, 2016-09-01)
      The success of autonomic computing has led to its popular use in many application domains, leading to scenarios where multiple autonomic managers (AMs) coexist, but without adequate support for interoperability. This is evident, for example, in the increasing number of large datacentres with multiple managers which are independently designed. The increase in scale and size coupled with heterogeneity of services and platforms means that more AMs could be integrated to manage the arising complexity. This has led to the need for interoperability between AMs. Interoperability deals with how to manage multi-manager scenarios, to govern complex coexistence of managers and to arbitrate when conflicts arise. This paper presents an architecture-based stigmergic interoperability solution. The solution presented in this paper is based on the Trustworthy Autonomic Architecture (TAArch) and uses stigmergy (the means of indirect communication via the operating environment) to achieve indirect coordination among coexisting agents. Usually, in stigmergy-based coordination, agents may be aware of the existence of other agents. In the approach presented here in, agents (autonomic managers) do not need to be aware of the existence of others. Their design assumes that they are operating in 'isolation' and they simply respond to changes in the environment. Experimental results with a datacentre multi-manager scenario are used to analyse the proposed approach.
    • Talos: a prototype Intrusion Detection and Prevention system for profiling ransomware behaviour

      Wood, Ashley; Eze, Thaddeus; Speakman, Lee; University of Chester
      Abstract: In this paper, we profile the behaviour and functionality of multiple recent variants of WannaCry and CrySiS/Dharma, through static and dynamic malware analysis. We then analyse and detail the commonly occurring behavioural features of ransomware. These features are utilised to develop a prototype Intrusion Detection and Prevention System (IDPS) named Talos, which comprises of several detection mechanisms/components. Benchmarking is later performed to test and validate the performance of the proposed Talos IDPS system and the results discussed in detail. It is established that the Talos system can successfully detect all ransomware variants tested, in an average of 1.7 seconds and instigate remedial action in a timely manner following first detection. The paper concludes with a summarisation of our main findings and discussion of potential future works which may be carried out to allow the effective detection and prevention of ransomware on systems and networks.
    • Towards Cyber-User Awareness: Design and Evaluation

      Oyinloye, Toyosi; Eze, Thaddeus; Speakman, Lee; University of Chester
      Human reliance on interconnected devices has given rise to a massive increase in cyber activities. There are about 17 billion interconnected devices in our World of about 8 billion people. Like the physical world, the cyber world is not void of entities whose activities, malicious or not, could be detrimental to other users who remain vulnerable as a result of their existence within cyberspace. Developments such as the introduction of 5G networks which advances communication speed among interconnected devices, undoubtedly proffer solutions for human living as well as adversely impacting systems. Vulnerabilities in applications embedded in devices, hardware deficiencies, user errors, are some of the loopholes that are exploited. Studies have revealed humans as weakest links in the cyber-chain, submitting that consistent implementation of cyber awareness programs would largely impact cybersecurity. Cyber-active systems have goals that compete with the implementation of cyber awareness programs, within limited resources. It is desirable to have cyber awareness systems that can be tailored around specific needs and considerations for important factors. This paper presents a system that aims to promote user awareness through a flexible, accessible, and cost-effective design. The system implements steps in a user awareness cycle, that considers human-factor (HF) and HF related root causes of cyber-attacks. We introduce a new user testing tool, adaptable for administering cybersecurity test questions for varying levels and categories of users. The tool was implemented experimentally by engaging cyber users within UK. Schemes and online documentations by UK Cybersecurity organisations were harnessed for assessing and providing relevant recommendations to participants. Results provided us with values representing each participants’ notional level of awareness which were subjected to a paired-T test for comparison with values derived in an automated assessment. This pilot study provides valuable details for projecting the efficacy of the system towards improving human influence in cybersecurity.