14,192 research outputs found
Recommended from our members
Ensuring Access to Safe and Nutritious Food for All Through the Transformation of Food Systems
The Viability and Potential Consequences of IoT-Based Ransomware
With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested.
As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed.
For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim.
Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research
Deliberative Democracy, Perspective from Indo-Pacific Blogosphere: A Survey
Deliberation and communication within the national space have had numerous
implications on how citizens online and offline perceive government. It has
also impacted the relationship between opposition and incumbent governments in
the Indo-Pacific region. Authoritarian regimes have historically had control
over the dissemination of information, thereby controlling power and limiting
challenges from citizens who are not comfortable with the status quo. Social
media and blogs have allowed citizens of these countries to find a way to
communicate, and the exchange of information continues to rise. The quest by
both authoritarian and democratic regimes to control or influence the
discussion in the public sphere has given rise to concepts like cybertroopers,
congressional bloggers, and commentator bloggers, among others. Cybertroopers
have become the de facto online soldiers of authoritarian regimes who must
embrace democracy. While commentator and congressional bloggers have acted with
different strategies, commentator bloggers educate online citizens with
knowledgeable information to influence the citizens. Congressional bloggers are
political officeholders who use blogging to communicate their positions on
ongoing national issues. Therefore, this work has explored various concepts
synonymous with the Indo-Pacific public sphere and how it shapes elections and
democracy
Economia colaborativa
A importância de se proceder à análise dos principais desafios jurídicos que a economia colaborativa coloca – pelas implicações que as mudanças de paradigma dos modelos de negócios e dos sujeitos envolvidos suscitam − é indiscutível, correspondendo à necessidade de se fomentar a segurança jurídica destas práticas, potenciadoras de crescimento económico e bem-estar social.
O Centro de Investigação em Justiça e Governação (JusGov) constituiu uma equipa multidisciplinar que, além de juristas, integra investigadores de outras áreas, como a economia e a gestão, dos vários grupos do JusGov – embora com especial participação dos investigadores que integram o grupo E-TEC (Estado, Empresa e Tecnologia) – e de outras prestigiadas instituições nacionais e internacionais, para desenvolver um projeto neste domínio, com o objetivo de identificar os problemas jurídicos que a economia colaborativa suscita e avaliar se já existem soluções para aqueles, refletindo igualmente sobre a conveniência de serem introduzidas alterações ou se será mesmo necessário criar nova regulamentação.
O resultado desta investigação é apresentado nesta obra, com o que se pretende fomentar a continuação do debate sobre este tema.Esta obra é financiada por fundos nacionais através da FCT — Fundação para a Ciência e a Tecnologia, I.P., no âmbito do Financiamento UID/05749/202
A Design Science Research Approach to Smart and Collaborative Urban Supply Networks
Urban supply networks are facing increasing demands and challenges and thus constitute a relevant field for research and practical development. Supply chain management holds enormous potential and relevance for society and everyday life as the flow of goods and information are important economic functions. Being a heterogeneous field, the literature base of supply chain management research is difficult to manage and navigate. Disruptive digital technologies and the implementation of cross-network information analysis and sharing drive the need for new organisational and technological approaches. Practical issues are manifold and include mega trends such as digital transformation, urbanisation, and environmental awareness.
A promising approach to solving these problems is the realisation of smart and collaborative supply networks. The growth of artificial intelligence applications in recent years has led to a wide range of applications in a variety of domains. However, the potential of artificial intelligence utilisation in supply chain management has not yet been fully exploited. Similarly, value creation increasingly takes place in networked value creation cycles that have become continuously more collaborative, complex, and dynamic as interactions in business processes involving information technologies have become more intense.
Following a design science research approach this cumulative thesis comprises the development and discussion of four artefacts for the analysis and advancement of smart and collaborative urban supply networks. This thesis aims to highlight the potential of artificial intelligence-based supply networks, to advance data-driven inter-organisational collaboration, and to improve last mile supply network sustainability. Based on thorough machine learning and systematic literature reviews, reference and system dynamics modelling, simulation, and qualitative empirical research, the artefacts provide a valuable contribution to research and practice
Corporate Social Responsibility: the institutionalization of ESG
Understanding the impact of Corporate Social Responsibility (CSR) on firm performance as it relates to industries reliant on technological innovation is a complex and perpetually evolving challenge. To thoroughly investigate this topic, this dissertation will adopt an economics-based structure to address three primary hypotheses. This structure allows for each hypothesis to essentially be a standalone empirical paper, unified by an overall analysis of the nature of impact that ESG has on firm performance. The first hypothesis explores the evolution of CSR to the modern quantified iteration of ESG has led to the institutionalization and standardization of the CSR concept. The second hypothesis fills gaps in existing literature testing the relationship between firm performance and ESG by finding that the relationship is significantly positive in long-term, strategic metrics (ROA and ROIC) and that there is no correlation in short-term metrics (ROE and ROS). Finally, the third hypothesis states that if a firm has a long-term strategic ESG plan, as proxied by the publication of CSR reports, then it is more resilience to damage from controversies. This is supported by the finding that pro-ESG firms consistently fared better than their counterparts in both financial and ESG performance, even in the event of a controversy. However, firms with consistent reporting are also held to a higher standard than their nonreporting peers, suggesting a higher risk and higher reward dynamic. These findings support the theory of good management, in that long-term strategic planning is both immediately economically beneficial and serves as a means of risk management and social impact mitigation. Overall, this contributes to the literature by fillings gaps in the nature of impact that ESG has on firm performance, particularly from a management perspective
Building data management capabilities to address data protection regulations: Learnings from EU-GDPR
The European Union’s General Data Protection Regulation (EU-GDPR) has initiated a paradigm shift in data protection toward greater choice and sovereignty for individuals and more accountability for organizations. Its strict rules have inspired data protection regulations in other parts of the world. However, many organizations are facing difficulty complying with the EU-GDPR: these new types of data protection regulations cannot be addressed by an adaptation of contractual frameworks, but require a fundamental reconceptualization of how companies store and process personal data on an enterprise-wide level. In this paper, we introduce the resource-based view as a theoretical lens to explain the lengthy trajectories towards compliance and argue that these regulations require companies to build dedicated, enterprise-wide data management capabilities. Following a design science research approach, we propose a theoretically and empirically grounded capability model for the EU-GDPR that integrates the interpretation of legal texts, findings from EU-GDPR-related publications, and practical insights from focus groups with experts from 22 companies and four EU-GDPR projects. Our study advances interdisciplinary research at the intersection between IS and law: First, the proposed capability model adds to the regulatory compliance management literature by connecting abstract compliance requirements to three groups of capabilities and the resources required for their implementation, and second, it provides an enterprise-wide perspective that integrates and extends the fragmented body of research on EU-GDPR. Practitioners may use the capability model to assess their current status and set up systematic approaches toward compliance with an increasing number of data protection regulations
Establishing a Data Science for Good Ecosystem: The Case of ATLytiCS
Data science for social good (DSSG) initiatives have been championed as worthy mechanisms for transformative change and social impact. However, researchers have not fully explored the systems by which actors coordinate, access data, determine goals and communicate opportunities for change. We contribute to the information systems ecosystems and the nonprofit volunteering literatures by exploring the ways in which data science volunteers leverage their talents to address social impact goals. We use Atlanta Analytics for Community Service (ATLytiCS), an organization that aids nonprofits and government agencies, as a case study. ATLytiCS represents a rare example of a nonprofit organization (NPO) managed and run by highly-skilled volunteer data scientists within a regionally networked system of actors and institutions. Based on findings from this case, we build a DSSG ecosystem framework to describe and distinguish DSSG ecosystems from related data and entrepreneurial ecosystems
Creating an Information System with a Social Purpose - The Case of Re-Food
Project Work presented as the partial requirement for obtaining a Master's degree in Statistics and Information Management, specialization in Information Analysis and ManagementNowadays, with the evolution of technology, the strategies of information management are
constantly improving to create faster and more efficient methods of analyzing and displaying data. At
the same time, the users, considering the amount of information they access every day, search for
simpler, faster and cleaner ways to interact with information.
These strategies with simpler designs are important, now more than ever, to help social
organizations, such as Re-Food, improve their work and show to communities that they impact directly
and indirectly the importance of eco-sustainability and solidarity projects.
This project proposes to build an information system capable of structuring data from Re-Food
resources, create faster and more efficient solutions to improve the centers’ management and show
to the rest of the community the impact this organization, and the ones alike have on society
Elite perceptions of the Victorian and Edwardian past in inter-war England
It is often argued by historians that members of the cultivated Elite after 1918 rejected the pre-war past. or at least subjected it to severe denigration. This thesis sets out to challenge such a view. Above all, it argues that inter-war critics of the Victorian and Edwardian past were unable to reject it even if that was what they felt inclined to do. This was because they were tied to those periods by the affective links of memory, family, and the continually unfolding consequences of the past in the present. Even the severest critics of the pre-war world, such as Lytton Strachey, were less frequently dismissive of history than ambivalent towards it. This ambivalence, it is argued, helped to keep the past alive and often to humanise it. The thesis also explores more positive estimation of Victorian and Edwardian history between the wars. It examines nostalgia for the past, as well as instances of continuity of practice and attitude. It explores the way in which inter-war society drew upon aspects of Victorian and Edwardian history both as illuminating parallels to contemporary affairs and to understand directly why the present was shaped as it was. Again, this testifies to the enduring power of the past after 1918. There are three parts to this thesis. Part One outlines the cultural context in which writers contemplated the Victorian and Edwardian past. Part Two explores some of the ways in which history was written about and used by inter-war society. Part Three examines the ways in which biographical depictions of eminent Victorians after 1918 encouraged emotional negotiation with the pas
- …