5,170 research outputs found

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Anuário científico da Escola Superior de Tecnologia da Saúde de Lisboa - 2021

    Get PDF
    É com grande prazer que apresentamos a mais recente edição (a 11.ª) do Anuário Científico da Escola Superior de Tecnologia da Saúde de Lisboa. Como instituição de ensino superior, temos o compromisso de promover e incentivar a pesquisa científica em todas as áreas do conhecimento que contemplam a nossa missão. Esta publicação tem como objetivo divulgar toda a produção científica desenvolvida pelos Professores, Investigadores, Estudantes e Pessoal não Docente da ESTeSL durante 2021. Este Anuário é, assim, o reflexo do trabalho árduo e dedicado da nossa comunidade, que se empenhou na produção de conteúdo científico de elevada qualidade e partilhada com a Sociedade na forma de livros, capítulos de livros, artigos publicados em revistas nacionais e internacionais, resumos de comunicações orais e pósteres, bem como resultado dos trabalhos de 1º e 2º ciclo. Com isto, o conteúdo desta publicação abrange uma ampla variedade de tópicos, desde temas mais fundamentais até estudos de aplicação prática em contextos específicos de Saúde, refletindo desta forma a pluralidade e diversidade de áreas que definem, e tornam única, a ESTeSL. Acreditamos que a investigação e pesquisa científica é um eixo fundamental para o desenvolvimento da sociedade e é por isso que incentivamos os nossos estudantes a envolverem-se em atividades de pesquisa e prática baseada na evidência desde o início dos seus estudos na ESTeSL. Esta publicação é um exemplo do sucesso desses esforços, sendo a maior de sempre, o que faz com que estejamos muito orgulhosos em partilhar os resultados e descobertas dos nossos investigadores com a comunidade científica e o público em geral. Esperamos que este Anuário inspire e motive outros estudantes, profissionais de saúde, professores e outros colaboradores a continuarem a explorar novas ideias e contribuir para o avanço da ciência e da tecnologia no corpo de conhecimento próprio das áreas que compõe a ESTeSL. Agradecemos a todos os envolvidos na produção deste anuário e desejamos uma leitura inspiradora e agradável.info:eu-repo/semantics/publishedVersio

    Towards a sociology of conspiracy theories: An investigation into conspiratorial thinking on Dönmes

    Get PDF
    This thesis investigates the social and political significance of conspiracy theories, which has been an academically neglected topic despite its historical relevance. The academic literature focuses on the methodology, social significance and political impacts of these theories in a secluded manner and lacks empirical analyses. In response, this research provides a comprehensive theoretical framework for conspiracy theories by considering their methodology, political impacts and social significance in the light of empirical data. Theoretically, the thesis uses Adorno's semi-erudition theory along with Girardian approach. It proposes that conspiracy theories are methodologically semi-erudite narratives, i.e. they are biased in favour of a belief and use reason only to prove it. It suggests that conspiracy theories appear in times of power vacuum and provide semi-erudite cognitive maps that relieve alienation and ontological insecurities of people and groups. In so doing, they enforce social control over their audience due to their essentialist, closed-to-interpretation narratives. In order to verify the theory, the study analyses empirically the social and political significance of conspiracy theories about the Dönme community in Turkey. The analysis comprises interviews with conspiracy theorists, conspiracy theory readers and political parties, alongside a frame analysis of the popular conspiracy theory books on Dönmes. These confirm the theoretical framework by showing that the conspiracy theories are fed by the ontological insecurities of Turkish society. Hence, conspiracy theorists, most readers and some political parties respond to their own ontological insecurities and political frustrations through scapegoating Dönmes. Consequently, this work shows that conspiracy theories are important symptoms of society, which, while relieving ontological insecurities, do not provide politically prolific narratives

    Annals [...].

    Get PDF
    Pedometrics: innovation in tropics; Legacy data: how turn it useful?; Advances in soil sensing; Pedometric guidelines to systematic soil surveys.Evento online. Coordenado por: Waldir de Carvalho Junior, Helena Saraiva Koenow Pinheiro, Ricardo Simão Diniz Dalmolin

    The implementation and application of the International Code for Ships Operating in Polar Waters (Polar Code): Evaluations and considerations addressing this functionbased regulation’s effect on safety and emergency preparedness concerning Arctic shipping

    Get PDF
    PhD thesis in Risk management and societal safetyPeople have sailed in polar waters for decades; more than one hundred years ago, Nansen and Amundsen explored the oceans of the Arctic and Antarctic with their expedition teams, with Amundsen leading the expedition that first reached the South Pole in 1911. A remarkable technological evolution has taken place since those days, bringing along even more astonishing innovations. Wooden ships with sail are replaced by standardized steel-constructed vessels, powered by diesel-electric engines or nuclear reactors, and highly technological satellite navigation and communication systems have replaced the sextant, chronometer, compass and surveyor’s wheel guiding the way at that time. The knowledge and experience concerning risks and hazards associated with shipping in polar waters is outstanding. However, the increase in the shipping activity of various vessels in the Arctic region during recent years has resulted in new risks; consequently, the knowledge, experience and the capacity to handle these are limited. Seen historically, major accidents and events have raised the focus on safety and forced the way for the development, innovation and design of new technology and systems. As a response to the Titanic disaster in 1912, the International Convention for the Safety of Life at Sea (SOLAS) was agreed in 1914 and suggested the minimum number of lifeboats and other emergency equipment required to be maintained by merchant ships. Today, the SOLAS Convention is considered the most important of all international treaties concerning the safety of merchant ships and specifies the minimum standards for the construction, equipment and operation of ships. During the last century, several revisions and amendments to this Convention, adopted by the International Maritime Organization (IMO) in 1960, have strengthened the regulations for ship design and operations. Consequently, the maritime industry is forced to innovate, (re)-design and construct vessels, emergency equipment and systems, to become compliant with the SOLAS Convention. In 2017, the IMO amended the SOLAS Convention, by implementing the International Code for Ships Operating in Polar Waters (Polar Code), providing mandatory rules and requirements applicable to ship operations in defined geographical areas in the waters around the Arctic and Antarctica. The Polar Code supplemented existing IMO conventions and regulations, with the goal of increasing the safety of ship operations and mitigating the impact on the people and environment in the remote, vulnerable, and potentially harsh polar waters. Ship systems and equipment addressed in the Polar Code are required to maintain at least the same performance standards referred to in the SOLAS Convention. The key principle of the regulation is founded on a risk-based approach in determining scope and a holistic approach in reducing identified risks. The Polar Code consists of function-based requirements, i.e., the regulation specifies what is to be achieved without specifying how to be in compliance with its requirements. The requirement to first carry out an operational (risk) assessment of the ship and its equipment, considering the anticipated range of operating and environmental conditions, is essential in the application of the Polar Code. This operational assessment shall guide the way in the establishment of shipspecific procedures and operational limitations, based on related risk factors in operating areas and taking into consideration the anticipated range of operating and environmental conditions: amongst others, operation in low air temperature, as this affects the working environment and human performance, maintenance and emergency preparedness tasks, material properties and equipment efficiency, survival time and performance of safety equipment and systems. The Polar Code requires that a Polar Service Temperature (PST) shall be specified for a ship intended to operate in low air temperature and that the performance standard shall be at least 10°C below the lowest Mean Daily Low Temperature (MDLT) for the intended area and season of operation in polar waters. The MDLT is the mean value of the daily low temperature for each day of the year over a minimum 10-year period. Survival systems and equipment are required by the Polar Code to be fully functional and operational at the PST during the maximum expected rescue time – i.e., the time adopted for the design of equipment and systems that shall provide survival support – which is defined in the Polar Code as never being less than five days. The overall objective of this research is to contribute to the development of new knowledge concerning the implementation and application of the Polar Code and how this function-based regulation, so far, has succeeded in achieving its goal. Two research questions were developed to support the overarching objective, concerning the Polar Code’s applicability as a regulatory instrument in Arctic shipping. The research questions were associated with: (1) the Polar Code’s contribution to enhancing safety for shipping in the Arctic Ocean, considering the risks and hazards associated with activities in these waters, and (2) the identification of key mechanisms to ensure that compliance with the stated goal of the regulation occurs in a satisfactory manner. Individual interviews are conducted with experts in the field, concerning the implementation and application of the Polar Code. Moreover, two controlled experiments are performed, to assess the risk to humans and equipment of low temperature and exposure. The implementation of new regulations can trigger the development of new products, systems and processes, even though, in the early stages, it can be unclear how the development will manifest itself. At the time of the implementation of the Polar Code in 2017 (1st January), there was a lack of guidelines or informative standards providing support to the Polar Code, and a variety of solutions on emergency equipment and systems could comply with the regulation’s function-based requirements. Although the regulation provides additional guidance (in Part II-B) to the mandatory provisions (in Part II-A), this is in many cases general and generic. The operational assessment is required to address both individual (personal survival equipment) and shared (group survival equipment) needs, which shall be provided in the event of an abandonment of ship situation. The Polar Code states that this equipment shall provide effective protection against direct wind chill, sufficient thermal insulation to maintain the core temperature of persons, and sufficient protection to prevent frostbite of all extremities. In the guidance (Part II-B) of the regulation, samples of suggested equipment for personal survival equipment and group survival kits are provided. However, many products will comply with the suggested equipment, regardless of their suitability under real conditions. The protection against wind chill to humans, to prevent frostbite (and to increases the survival time) depends on factors such as time and type of exposure, individual physiological conditions and activity level, rather than just the types of gloves or shoes chosen and their protective status. The sinking of a cruise liner is considered the ultimate challenge for the rescue capability in the Arctic region, and the passengers on cruise ships represent a vulnerable group for several reasons. The average passenger is typically older and less fit and would suffer from discomfort and hypothermia faster than younger persons, in a situation requiring evacuation to lifeboats, life rafts or directly onto ice. For shipowners and operators operating in polar waters and required to comply with the Polar Code, there can be economic incentives for neglecting or not actively taking part in the innovating process of improving and developing new systems and equipment sufficient to withstand low temperatures and the harsh polar conditions. High costs are expected in the work of developing and improving emergency equipment and systems, especially if technical and operational winterization upgrades of older vessels are necessary. Search and Rescue (SAR) exercises conducted in the waters surrounding Svalbard have revealed that the marine industry in general is reactive in the work of implementing the Polar Code’s requirements. Consequently, many vessels are equipped with insufficient survival equipment, including insufficient food and water rations. Great variations are observed in Life-Saving Appliances (LSA) and arrangements, concerning both quality and functionality, approved by flag states and classification societies. There are, unfortunately, examples of tailored operational assessments which support marginal emergency equipment and systems, as the associated cost, weight, volume and capacity puts additional strain and restrictions on shipowners and operators. With limited communication between the suppliers of the development of survival equipment, there are large variations among the functionality of such equipment in polar waters. There is lack of harmonization and standardization amongst the subject groups supposed to comply with the Polar Code, and a common understanding of the most suitable and “stateof- the-art” LSA and arrangements required for an emergency response situation in polar waters seems not to be in reach yet. [...

    Fatores críticos de sucesso na gestão do conhecimento: um estudo de caso baseado na implementação de uma academia do conhecimento

    Get PDF
    Nowadays, knowledge is considered a key resource for organizations, crucial for obtaining long-term sustainable competitive. In line with this principle, many organizations are making efforts toward the implementation of knowledge management (KM) initiatives, recognizing that their competitive foundation lies in the effective way to capture, retain, store and share knowledge. Thus, this research aims to understand how organizations can implement KM initiatives, with a comprehensive study to identify critical success factors, and based on a practical project to implement a knowledge academy in a multinational organization. In order to achieve this objective, the adopted methodology in this research first went through a systematic literature review in order to identify the critical success factors with most influence on the implementation of KM practices. Then, based on the results found with this theoretical approach, it was possible to identify and analyse, in a practical context within a multinational company, the critical factors that contributed the most to the success of a knowledge academy implementation, a project in which the author of this study was involved. The results found suggest that factors related to the organization and people, such as the definition of a clear strategy, the definition of performance measures to evaluate and monitor the strategy, the involvement of top management, or even the organizational culture itself, represent some of the factors that have the most influence on the successful implementation of KM initiatives. With this research, it is expected to contribute from a theoretical perspective to the KM area through the compilation, categorization and classification of a set of critical success factors reported in the literature and subsequently analyzed and validated in a practical context. From a practical perspective, it is expected that these results can contribute as a consultative tool to support the preparation of strategies in this area by organizations wishing to implement KM initiatives.Atualmente o conhecimento é considerado um recurso chave para as organizações, crucial na obtenção de competitividade sustentável a longo prazo. Alinhado com este princípio, muitas organizações estão a fazer esforços no sentido de implementarem iniciativas de gestão do conhecimento (GC), reconhecendo que a sua base competitiva reside na forma eficaz de captar, reter, armazenar e partilhar conhecimento. Desta forma, o presente trabalho tem por objetivo compreender como as organizações podem implementar iniciativas de GC, elencando num estudo exaustivo de identificação de fatores críticos de sucesso, e tendo por base um projeto prático de implementação de uma academia de conhecimento numa organização multinacional. Por forma a alcançar tal objetivo, a metodologia adotada neste trabalho compreendeu, em primeiro lugar, uma revisão sistemática da literatura, de forma a identificar os fatores críticos de sucesso que mais influência têm na implementação de práticas de GC. Seguidamente, e tendo por base os resultados encontrados com esta abordagem teórica, foi possível identificar e analisar, num contexto prático no âmbito de uma empresa multinacional, os fatores críticos que mais contribuíram para o sucesso da implementação de uma academia de conhecimento, projeto onde a autora deste trabalho esteve envolvida. Os resultados encontrados sugerem que fatores relacionados com a organização e com as pessoas, tais como, a definição de uma estratégia clara, a definição de medidas de performance para avaliar e acompanhar a estratégia, o envolvimento da gestão de topo, ou mesmo a própria cultura organizacional, representam alguns dos fatores que mais influência têm na implementação bemsucedida de práticas e iniciativas de GC. Espera-se, assim, com este estudo, contribuir numa perspetiva teórica para a área da GC através da compilação, categorização e classificação de um conjunto de fatores críticos de sucesso reportados na literatura e, posteriormente, analisados e validados num contexto prático. Numa perspetiva prática, espera-se que estes resultados possam contribuir com uma ferramenta consultiva de apoio à preparação de estratégias nesta área, por parte das organizações que pretendam implementar iniciativas de GC.Mestrado em Engenharia e Gestão Industria

    International Conference Shaping light for health and wellbeing in cities

    Get PDF
    The book collects contributions presented during the international conference “Shaping light for health and wellbeing in cities” organized in the framework of the H2020 ENLIGHTENme project. The conference has investigated the multifaceted consequences light has on life in cities, by adopting a multidisciplinary and integrated approach to explore the complexity of challenges urban lighting poses on health and wellbeing, urban realm and social life. Papers cover several disciplines such as clinical and biomedical sciences, ethics and Responsible Research & Innovation, urban planning and architecture, data accessibility and interoperability, as well as social sciences and economics, and provide multifaceted insights that inspire further explorations. Contributions represent a step towards the development of innovative policies for improving health and wellbeing in our cities, addressing indoor and outdoor lighting

    Walking with the Earth: Intercultural Perspectives on Ethics of Ecological Caring

    Get PDF
    It is commonly believed that considering nature different from us, human beings (qua rational, cultural, religious and social actors), is detrimental to our engagement for the preservation of nature. An obvious example is animal rights, a deep concern for all living beings, including non-human living creatures, which is understandable only if we approach nature, without fearing it, as something which should remain outside of our true home. “Walking with the earth” aims at questioning any similar preconceptions in the wide sense, including allegoric-poetic contributions. We invited 14 authors from 4 continents to express all sorts of ways of saying why caring is so important, why togetherness, being-with each others, as a spiritual but also embodied ethics is important in a divided world
    corecore