WICSPIT 2017 Abstracts

Full Papers
Paper Nr: 5

Analysis of Measures to Achieve Resilience during Virtual Machine Interruptions in IaaS Cloud Service


Priya Vedhanayagam, Subha S., Balamurugan Balusamy, P. Vijayakumar and Victor Chang

Abstract: In cloud computing era, the resilience issues faced by cloud computing services may be high. And therefore, the best alternative to reckon with the effects on the Quality-of-Service is to preserve resilience of Cloud computing service. To address this issue, an analytical model is proposed to study queueing system to handle various virtual machine interruptions. The proposed model recommends a secondary virtual machine to redeem the primary virtual machine during a probable halt. The work highlights the innovation employed for analysing the measures to achieve resilience during virtual machine interruptions in IaaS cloud service, the main objective of this research. The model is simulated using SHARPE and the results declare guaranteed performance for the IaaS clients to achieve high availability of service as the response time never deflate during VM interruptions.

Short Papers
Paper Nr: 2

A Hands-on Approach on Botnets for Behavior Exploration


João Pedro Dias, José Pedro Pinto and José Magalhães Cruz

Abstract: A botnet consists of a network of computers that run a special software that allows a third-party to remotely control them. This characteristic presents a major issue regarding security in the Internet. Although common malicious software infect the network with almost immediate visible consequences, there are cases where that software acts stealthy without direct visible effects on the host machine. This is the normal case of botnets. However, not always the bot software is created and used for illicit purposes. There is a need for further exploring the concepts behind botnets and network security. For this purpose, this paper presents and discusses an educational tool that consists of an open-source botnet software kit with built-in functionalities. The tool enables anyone with some computer technical knowledge, to experiment and find out how botnets work and can be changed and adapted to a variety of useful applications, such as introducing and exemplifying security and distributed systems’ concepts.

Paper Nr: 3

Towards Firmware Analysis of Industrial Internet of Things (IIoT) - Applying Symbolic Analysis to IIoT Firmware Vetting


Geancarlo Palavicini Jr, Josiah Bryan, Eaven Sheets, Megan Kline and John San Miguel

Abstract: Embedded systems and Industrial Internet of Things (IIoT) devices are rapidly increasing in number and complexity. The subset IIoT refers to Internet of Things (IoT) devices that are used in manufacturing and industrial control systems actively being connected to larger networks and the public internet. As a result, cyber-physical attacks are becoming an increasingly common tactic employed to cause economic and physical damage. This work aims to perform near automated firmware analysis on embedded systems, Industrial Control Systems (focusing on Programmable Logic Controllers), Industrial Internet of Things devices, and other cyber-physical systems in search of malicious functionality. This paper explores the use of binary analysis tools such as angr, the cyber reasoning system (CRS) ’Mechanical Phish’, American Fuzzy Lop (AFL), as well as virtualization tools such as OpenPLC, firmadyne, and QEMU to uncover hidden vulnerabilities, find ways to mitigate those vulnerabilities, and enhance the security posture of the Industrial Internet of Things.

Paper Nr: 4

An Integrated Model to Investigate an Individual’s Behavioural Towards using Cloud Computing


Nouf Alkhater, Gary Wills and Robert Walters

Abstract: Cloud computing technology can bring benefits at both individual level and organisational level, for example, flexibility and cost saving. However, there is a lack of empirical studies that examine the usage of cloud computing technology from an individual’s perspective. In fact, the adoption of cloud services in Middle Eastern counties like Saudi Arabia is still low compared with developed countries. Therefore, this study aims to investigate the end users' behavioural towards using cloud computing services in Saudi Arabia. In this paper, we propose an integrated model in an attempt to understand individuals’ attitudes and to identify the key factors that might impact on their behaviour to use cloud technology services. The proposed model integrates the critical factors from technology adoption theories Technology Acceptance Model (TAM) and Unified Theory of Acceptance and Use of Technology (UTAUT), along with other factors to examine the effect of these variables on end users’ behaviour.