Strengthening Privacy and Cybersecurity through Anonymization and Big Data

L'abstract è presente nell'allegato / the abstract is in the attachmen

Harmful grandiose delusions: developing a cognitive model

Background Grandiose delusions are inaccurate beliefs about having special powers, wealth, mission, or identity. They are a common psychotic experience, but neglected as a specific focus of research. There is no evidence-based theoretically driven psychological intervention for harmful grandiose delusions. Aims The thesis aimed i) to determine the extent to which patients identify harmful consequences occurring as a result of grandiose delusions and whether they want help with these harms, and ii) to develop a theoretical causal model of grandiose delusions and conduct preliminary tests of the model. Method A qualitative study is reported in which fifteen patients with experiences of grandiose delusions were interviewed. Thematic analysis and grounded theory were used to analyse the data (Chapter 2). Analyses are also reported from cross-sectional questionnaire data collected from two non-clinical cohorts (n=13,323) and a clinical cohort of 798 patients with a psychosis diagnosis, 375 of whom had grandiose delusions (Chapters 3-5). Results More than three-quarters of patients with grandiose delusions identified grandiose-related harms occurring in the past six months. Over half of patients wanted help with these difficulties. Six putative maintenance factors for grandiose delusions were identified. Tests of association found that in the clinical group, the meaning of grandiose delusions, repetitive thinking about the grandiose belief, immersion behaviours, and daydreaming accounted for 53.5%, 20.4%, 39.5%, and 19.1% of the variance in grandiosity severity respectively. Conclusions Most patients with grandiose delusions identify difficulties arising from their grandiose delusions, which may provide a route for engagement in treatment. Potential maintenance mechanisms that may be suitable targets for intervention include the meaning of the grandiose delusions, immersion behaviours, perseverative thinking, and pleasant daydreams. If these findings are verified by further longitudinal and experimental research, this would enable the development of a specific cognitive-behavioural intervention for people with harmful grandiose beliefs

Self-adaptive Authorisation Infrastructures

Traditional approaches in access control rely on immutable criteria in which to decide and award access. These approaches are limited, notably when handling changes in an organisation’s protected resources, resulting in the inability to accommodate the dynamic aspects of risk at runtime. An example of such risk is a user abusing their privileged access to perform insider attacks. This thesis proposes self-adaptive authorisation, an approach that enables dynamic access control. A framework for developing self-adaptive authorisation is defined, where autonomic controllers are deployed within legacy based authorisation infrastructures to enable the runtime management of access control. Essential to the approach is the use of models and model driven engineering (MDE). Models enable a controller to abstract from the authorisation infrastructure it seeks to control, reason about state, and provide assurances over change to access. For example, a modelled state of access may represent an active access control policy. Given the diverse nature in implementations of authorisation infrastructures, MDE enables the creation and transformation of such models, whereby assets (e.g., policies) can be automatically generated and deployed at runtime. A prototype of the framework was developed, whereby management of access control is focused on the mitigation of abuse of access rights. The prototype implements a feedback loop to monitor an authorisation infrastructure in terms of modelling the state of access control and user behaviour, analyse potential solutions for handling malicious behaviour, and act upon the infrastructure to control future access control decisions. The framework was evaluated against mitigation of simulated insider attacks, involving the abuse of access rights governed by access control methodologies. In addition, to investigate the framework’s approach in a diverse and unpredictable environment, a live experiment was conducted. This evaluated the mitigation of abuse performed by real users as well as demonstrating the consequence of self-adaptation through observation of user response

Analysing and detecting twitter spam

Through in-depth data-drive analysis, we provide insights on deceptive information in Twitter spam, spammers\u27 behaviours and emerging spamming strategies. We also firstly identify and solve the &quot;spam drift&quot; problem. Online social network providers can adopt our findings and proposed scheme to re-design their detection system to improve its efficiency and accuracy.<br /

Air Quality Monitoring, Assessment and Management

Human beings need to breathe oxygen diluted in certain quantity of inert gas for living. In the atmosphere, there is a gas mixture of, mainly, oxygen and nitrogen, in appropriate proportions. However, the air also contains other gases, vapours and aerosols that humans incorporate when breathing and whose composition and concentration vary spatially. Some of these are physiologically inert. Air pollution has become a problem of major concern in the last few decades as it has caused negative effects on human health, nature and properties. This book presents the results of research studies carried out by international researchers in seventeen chapters which can be grouped into two main sections: a) air quality monitoring and b) air quality assessment and management, and serves as a source of material for all those involved in the field, whether as a student, scientific researcher, industrialist, consultant, or government agency with responsibility in this area

A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment.

Recent research has indicated that although security systems are developing, illegal intrusion to computers is on the rise. The research conducted here illustrates that improving intrusion detection and prevention methods is fundamental for improving the overall security of systems. This research includes the design of a novel Intrusion Detection System (IDS) which identifies four levels of visibility of attacks. Two major areas of security concern were identified: speed and volume of attacks; and complexity of multistage attacks. Hence, the Multistage Intrusion Detection and Prevention System (MIDaPS) that is designed here is made of two fundamental elements: a multistage attack engine that heavily depends on attack trees and a Denial of Service Engine. MIDaPS were tested and found to improve current intrusion detection and processing performances. After an intensive literature review, over 25 GB of data was collected on honeynets. This was then used to analyse the complexity of attacks in a series of experiments. Statistical and analytic methods were used to design the novel MIDaPS. Key findings indicate that an attack needs to be protected at 4 different levels. Hence, MIDaPS is built with 4 levels of protection. As, recent attack vectors use legitimate actions, MIDaPS uses a novel approach of attack trees to trace the attacker¿s actions. MIDaPS was tested and results suggest an improvement to current system performance by 84% whilst detecting DDOS attacks within 10 minutes

Identity construction by Aotearoa/New Zealand entrepreneurial professionals on LinkedIn : a tensional approach : a thesis presented in partial fulfilment of the requirements for the degree of Doctor of Philosophy in Organisational Communication at Massey University, Albany, New Zealand

This study explores if, and how, the business social media site, LinkedIn, is providing for Aotearoa/New Zealand entrepreneurial professionals an alternative site for the construction of identity. The two foci of this study are; firstly, a shift to where we increasingly live our lives, the world of social media; and secondly, the tensions that this shift creates for identity and identity construction, or the basic human need to know ‘who we are’ and ‘how we fit in the social world’. The study began with the observation of family, friends and acquaintances, who had taken up self-employment, and were becoming involved in a virtual world of work-related social media through LinkedIn. The researcher’s interest was in if, and how, this virtual world acts as a site for construction of this new work identity, for an entrepreneur or small-business person. The definition of this identity was widened to include ‘professional’ when participants in the study repeatedly referred to themselves as ‘professionals’; thus, the study became a study of a hybrid identity, i.e. the entrepreneurial professional. The specific group identified was Aotearoa/New Zealand entrepreneurial professionals who engaged on LinkedIn. This research therefore is boundary spanning in that it spans the disciplines of: organisational communication and new forms of organisation; ICT and social media use; identity and identity construction, entrepreneurial, professional and digital; and globalisation, by juxtaposing the globalising effect of social media with local discourse. The research approach was from a social/constructionist paradigm, utilising a qualitative methodology. This methodology was considered appropriate as it emphasises an inductive relationship between theory and research that is consistent with the assumptions of the interpretive/ constructionist paradigm, by foregrounding the ways in which individuals interpret their social world, and embodying a view of social reality that is constantly shifting and emergent (Tracy, 2013). As this was an exploratory interpretive study, the researcher was concerned not to predict or pre-empt the findings. Accordingly, the exploration of the participants’ experience on LinkedIn was not organised around predicted or possible themes, but three interrelated communicative processes on LinkedIn identified by Putnam, Phillips, & Chapman, (1996) as three metaphors of communication itself. These were; ‘engagement’ in general terms, with an emphasis on the participants’ engaging in and making sense of the context of social media, secondly, ‘connecting’ or ‘networking,’ and thirdly, ‘interacting’. All three align with an overarching constructionist approach, but each highlight certain features that other two perspectives neglected and provide important and interrelated insights into identity construction on LinkedIn. Twenty-five in-depth semi-structured interviews were conducted with those who responded to a request, on NZ SME groups on LinkedIn, to be participants. The interview transcripts analysed through thematic analysis. In the process of analysis, tensions, contradictions and paradoxes emerged as a dominant concern. Tensions, such as identity tensions, have long been identified a part of organisational experience (Trethewey & Ashcraft, 2004), and a growing body of literature posits that irrationality is a normal condition of organisational life, and is reflected in the tensions evident in the discourses around the construction of identity in organisations (C. A. Clarke, Brown, & Hailey, 2009; Larson & Gill, 2017; Tracy & Trethewey, 2005; Trethewey & Ashcraft, 2004).These tensions have increased as work increasingly moves to alternative or “less predictable settings of organizing”(Cheney & Ashcraft, 2007, p. 161). The participants’ discourses revealed evidence that LinkedIn was in fact being utilised as a necessary, and for many a normal, site for the construction of entrepreneurial professional identity, yet one fraught with tensions. The identified tensions were complex and interrelated and were interpreted through the analysis as occurring in different levels and dimensions. Tensions at the first level were: two tensions around engagement in the virtual context of identity construction, four tensions around networking and making connections, and finally, five identity construction tensions around interacting and relationship-building on LinkedIn. Further interpretation of these tensions indicated underlying and overlaying tensions, or meta tensions, woven through the participants’ discourses in two dimensions One dimension identifies the tensions specific to the contexts of LinkedIn, Aotearoa/ New Zealand, and entrepreneurial professionals. This dimension of analysis accords with the advice of Cheney and Ashcraft (2007) to pay “particular sensitivity to institutional and contextual variation” (p.161) when researching identity construction in unpredictable organisational settings. The second dimension of analysis identified meta-tensions or overlaying tensional themes around identity work in organisations, that have taken on a different emphasis and character when experienced in the LinkedIn context. These tensions in two dimensions are presented as an integrated framework of identity construction tensions. For each individual these tensions will intersect at different points, illustrating that identity resides not in the person themselves, but in the context, in the broadest sense, in which they engage. The study makes several contributions. Firstly, it identifies the tensions inherent in engaging in LinkedIn and constructing a digital identity there. Secondly, it provides evidence that LinkedIn has, in fact, become, or at least was in the process of becoming, an alternative organisational site, and thus a site for organisational identity construction. Thirdly, it presents in a multi-level and two-dimensional framework for analysis of identity construction in this context. In one dimension it suggests that identity construction on LinkedIn needs to be understood, in the context of personal work situation of the individual, of a local yet global site of communication, and in the context the unique features of a virtual social world. In another dimension, the identity construction can be understood as the tensions likely in an organisational setting. Lastly it suggests utilising the lenses of three different metaphors of communication to explore communication on LinkedIn, engagement, networking, and interaction, and to analyse identity construction on LinkedIn. The study concludes with a discussion of how an understanding of managing these tensions can be utilised in tertiary education courses and to inform small business owners about LinkedIn use

Proceedings of The Multi-Agent Logics, Languages, and Organisations Federated Workshops (MALLOW 2010)

http://ceur-ws.org/Vol-627/allproceedings.pdfInternational audienceMALLOW-2010 is a third edition of a series initiated in 2007 in Durham, and pursued in 2009 in Turin. The objective, as initially stated, is to "provide a venue where: the cost of participation was minimum; participants were able to attend various workshops, so fostering collaboration and cross-fertilization; there was a friendly atmosphere and plenty of time for networking, by maximizing the time participants spent together"

Towards a systematic security evaluation of the automotive Bluetooth interface

In-cabin connectivity and its enabling technologies have increased dramatically in recent years. Security was not considered an essential property, a mind-set that has shifted significantly due to the appearance of demonstrated vulnerabilities in these connected vehicles. Connectivity allows the possibility that an external attacker may compromise the security - and therefore the safety - of the vehicle. Many exploits have already been demonstrated in literature. One of the most pervasive connective technologies is Bluetooth, a short-range wireless communication technology. Security issues with this technology are well-documented, albeit in other domains. A threat intelligence study was carried out to substantiate this motivation and finds that while the general trend is towards increasing (relative) security in automotive Bluetooth implementations, there is still significant technological lag when compared to more traditional computing systems. The main contribution of this thesis is a framework for the systematic security evaluation of the automotive Bluetooth interface from a black-box perspective (as technical specifications were loose or absent). Tests were performed through both the vehicle’s native connection and through Bluetoothenabled aftermarket devices attached to the vehicle. This framework is supported through the use of attack trees and principles as outlined in the Penetration Testing Execution Standard. Furthermore, a proof-of-concept tool was developed to implement this framework in a semi-automated manner, to carry out testing on real-world vehicles. The tool also allows for severity classification of the results acquired, as outlined in the SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems. Results of the severity classification are validated through domain expert review. Finally, how formal methods could be integrated into the framework and tool to improve confidence and rigour, and to demonstrate how future iterations of design could be improved is also explored. In conclusion, there is a need for systematic security testing, based on the findings of the threat intelligence study. The systematic evaluation and the developed tool successfully found weaknesses in both the automotive Bluetooth interface and in the vehicle itself through Bluetooth-enabled aftermarket devices. Furthermore, the results of applying this framework provide a focus for counter-measure development and could be used as evidence in a security assurance case. The systematic evaluation framework also allows for formal methods to be introduced for added rigour and confidence. Demonstrations of how this might be performed (with case studies) were presented. Future recommendations include using this framework with more test vehicles and expanding on the existing attack trees that form the heart of the evaluation. Further work on the tool chain would also be desirable. This would enable further accuracy of any testing or modelling required, and would also take automation of the entire process further

Correlation of influenza infection with glycan array

Poster Presentation: SPB1 / SPB2 - Virus Host Interaction/Pathogensis/Transmission: abstract no. B109PINTRODUCTION: The past 6 years has seen the introduction of glycan arrays containing large numbers of sialic acid (Sia) containing compounds and these arrays have been used to demonstrate the relative binding affinity of influenza viruses to different glycans. Though infor...postprin