47 research outputs found
MS IPTV audit collection services
Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011Microsoft Mediaroom Internet Protocol Television (MS IPTV), uma plataforma de televisão digital, levou o conceito de televisão a uma dimensão totalmente nova. MS IPTV é um sistema onde o serviço de televisão digital é entregue aos clientes usando Internet Protocol (IP), através de uma conexão de banda larga. Com o advento do IPTV começaram a aparecer novas situações relacionadas com a segurança da televisão, uma vez que, a infra-estrutura começou a ganhar complexidade e exposição a uma série de novos riscos. Por esta razão, a segurança numa infra-estrutura de MS IPTV não é apenas mais uma funcionalidade, mas sim uma necessidade. Podemos mesmo dizer que hoje em dia é obrigatório aguçar o engenho para estar um passo à frente dos atacantes, uma vez que estes estão sempre à espera de uma brecha, para comprometer os sistemas. Uma infra-estrutura como o MS IPTV armazena por omissão dados relativos ao comportamento dos utilizadores ao nível dos logs, no entanto esta informação só se torna relevante se puder ser consultada e analisada com o objetivo de proporcionar uma compreensão a alto nível sobre os diferentes padrões que estão a ocorrer nos servidores ou no comportamento dos utilizadores, uma tarefa que envolve poderosas técnicas de data parsing.
A tese apresenta uma abordagem que combina técnicas de data parsing, a fim de analisar os logs relevantes da infra-estrutura de MS IPTV, com o objetivo principal de aumentar a segurança através da investigação dos tipos de informações adicionais que pode ser extraída.
Tentámos assim entender se é possível determinar que tipos de ataques estão a ser perpetrados contra a infra-estrutura MS IPTV, com base na análise dos logs. Como o foco central desta tese está no diagnóstico, propomos uma abordagem para descobrir ataques, onde os logs são verificados para identificar grupos coerentes de ocorrências susceptíveis de constituir ataques que apelidámos de padrões. Nos testes, verificámos que a nossa abordagem consegue bons resultados na descoberta de ataques. Os resultados obtidos têm a vantagem adicional de poderem ser integrados na ferramenta de monitorização utilizada pelas equipas de operação dos sistemas da Portugal Telecom, o System Center Operations Manager (SCOM).Microsoft Mediaroom Internet Protocol TeleVision (MS IPTV), one of the platforms for digital TV, took television to an all new dimension level. MS IPTV is described as a system where a digital television service is delivered to consumers using the Internet Protocol over a broadband connection. Since the infrastructure started to gain complexity and exposure to a number of new risks, never envisaged situations related to television security started to appear. For this reason, MS IPTV security is not only a great asset, but also a necessity. Nowadays it is mandatory to sharpen the wit to get ahead of attackers, who are always waiting for a breach to compromise our systems.
MS IPTV log servers collect information about user and system behavior. However, this information only becomes relevant if it can be queried and analyzed with the purpose of providing high-level understanding about the different patterns. This task must comprise powerful data parsing techniques, since MS IPTV is able to generate close to one terabyte of logs per day.
This thesis presents an approach that combines data parsing techniques in order to analyze relevant MS IPTV logs, with the main objective to increase security through the investigation of what type of additional information can be extracted from the server log files of a MS IPTV platform. The thesis focus is on diagnosis, trying to understand if it is possible to determine what type of attacks are being perpetrated against the MS IPTV infrastructure.
We propose an approach for discovering attacks, where the application logs are scanned to identify coherent groups of occurrences that we call patterns, which are likely to constitute attacks. Our results showed that our approach achieves good results in discovering potential attacks. Our output results can be integrated into the MS IPTV monitoring system tool SCOM (System Center Operations Manager), which is an additional advantage over the other monitoring and log management systems
Cooperating broadcast and cellular conditional access system for digital television
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between Pay‐TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay‐TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay‐TV systems.
This paper presents a novel end‐to‐end system architecture for Pay‐TV systems cooperating mobile and broadcasting technologies. It provides a cost‐effective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in Pay‐TV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and set‐top box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary set‐top box.
Having thoroughly considered state‐of‐the‐art technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and set‐top box production cost criteria
FISE: A Forwarding Table Structure for Enterprise Networks
This is the author accepted manuscript. The final version is available from IEEE via the DOI in this recordWith increasing demands for more flexible services, the routing policies in enterprise networks become much
richer. This has placed a heavy burden to the current router
forwarding plane in support of the increasing number of
policies, primarily due to the limited capacity in TCAM, which
further hinders the development of new network services
and applications. The scalable forwarding table structures
for enterprise networks have therefore attracted numerous
attentions from both academia and industry.
To tackle this challenge, in this paper we present the design
and implementation of a new forwarding table structure. It
separates the functions of TCAM and SRAM, and maximally
utilizes the large and flexible SRAM. A set of schemes are
progressively designed, to compress storage of forwarding
rules, and maintain correctness and achieve line-card speeds
of packet forwarding. We further design an incremental
update algorithm that allows less access to memory. The
proposed scheme is validated and evaluated through a realistic
implementation on a commercial router using real datasets.
Our proposal can be easily implemented in the existing
devices. The evaluation results show that the performance of
forwarding tables under the proposed scheme is promising.National Key R&D Program of ChinaNational Natural Science Foundation of China (NSFC)Scientific Research Foundation for Young Teachers of Shenzhen Universit
MediaSync: Handbook on Multimedia Synchronization
This book provides an approachable overview of the most recent advances in the fascinating field of media synchronization (mediasync), gathering contributions from the most representative and influential experts. Understanding the challenges of this field in the current multi-sensory, multi-device, and multi-protocol world is not an easy task. The book revisits the foundations of mediasync, including theoretical frameworks and models, highlights ongoing research efforts, like hybrid broadband broadcast (HBB) delivery and users' perception modeling (i.e., Quality of Experience or QoE), and paves the way for the future (e.g., towards the deployment of multi-sensory and ultra-realistic experiences). Although many advances around mediasync have been devised and deployed, this area of research is getting renewed attention to overcome remaining challenges in the next-generation (heterogeneous and ubiquitous) media ecosystem. Given the significant advances in this research area, its current relevance and the multiple disciplines it involves, the availability of a reference book on mediasync becomes necessary. This book fills the gap in this context. In particular, it addresses key aspects and reviews the most relevant contributions within the mediasync research space, from different perspectives. Mediasync: Handbook on Multimedia Synchronization is the perfect companion for scholars and practitioners that want to acquire strong knowledge about this research area, and also approach the challenges behind ensuring the best mediated experiences, by providing the adequate synchronization between the media elements that constitute these experiences
How\u27s My Network - Incentives and Impediments of Home Network Measurements
Gathering meaningful information from Home Networking (HN) environments has presented researchers with measurement strategy challenges. A measurement platform is typically designed around the process of gathering data from a range of devices or usage statistics in a network that are specifically behind the HN firewall. HN studies require a fine balance between incentives and impediments to promote usage and minimize efforts for user participation with the focus on gathering robust datasets and results. In this dissertation we explore how to gather data from the HN Ecosystem (e.g. devices, apps, permissions, configurations) and feedback from HN users across a multitude of HN infrastructures, leveraging low impediment and low/high incentive methods to entice user participation. We look to understand the trade-offs of using a variety of approach types (e.g. Java Applet, Mobile app, survey) for data collections, user preferences, and how HN users react and make changes to the HN environment when presented with privacy/security concerns, norms of comparisons (e.g. comparisons to the local environment and to other HNs) and other HN results. We view that the HN Ecosystem is more than just “the network” as it also includes devices and apps within the HN. We have broken this dissertation down into the following three pillars of work to understand incentives and impediments of user participation and data collections. These pillars include: 1) preliminary work, as part of the How\u27s My Network (HMN) measurement platform, a deployed signed Java applet that provided a user-centered network measurement platform to minimize user impediments for data collection, 2) a HN user survey on preference, comfort, and usability of HNs to understand incentives, and 3) the creation and deployment of a multi-faceted How\u27s My Network Mobile app tool to gather and compare attributes and feedback with high incentives for user participation; as part of this flow we also include related approaches and background work. The HMN Java applet work demonstrated the viability of using a Web browser to obtain network performance data from HNs via a user-centric network measurement platform that minimizes impediments for user participation. The HMN HN survey work found that users prefer to leverage a Mobile app for HN data collections, and can be incentivized to participate in a HN study by providing attributes and characteristics of the HN Ecosystem. The HMN Mobile app was found to provide high incentives, with minimal impediments, for participation with focus on user Privacy and Security concerns. The HMN Mobile app work found that 84\% of users reported a change in perception of privacy and security, 32\% of users uninstalled apps, and 24\% revoked permissions in their HN. As a by-product of this work we found it was possible to gather sensitive information such as previously attached networks, installed apps and devices on the network. This information exposure to any installed app with minimal or no granted permissions is a potential privacy concern
Creation of value with open source software in the telecommunications field
Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200
Identificação de utilizadores seniores em televisão interativa (iTV) : uma matriz de decisão tecnológica
Doutoramento em Informação e Comunicação em Plataformas DigitaisDesde que surgiu há mais de 50 anos, a televisão sofreu muitas
transformações, tanto ao nível tecnológico (por exemplo com a passagem da
emissão a preto/branco para cor, o som analógico para digital, a difusão
digital) como a nível da sua influência nas sociedades. Entre outros fatores de
ordem tecnológica, a consolidação da Internet com o seu elevado nível de
personalização, da experiência de utilização, e a sua enorme quantidade de
conteúdos disponíveis, catapultou a televisão no sentido de esta se tornar mais
interativa. Assim, o telespectador passou a poder usufruir de uma experiência
televisiva que pode, por um lado, ser mais participativa, sendo-lhe possível,
por exemplo, alvitrar sobre a qualidade de um programa enquanto assiste à
sua exibição, e, por outro, ser mais personalizada, possibilitando-lhe, por
exemplo, receber conteúdos automaticamente adequados ao seu perfil e
contexto. No entanto, esta experiência mais participativa e personalizável
carece de uma identificação, idealmente automática e não intrusiva, de quem
pode beneficiar da mesma – o telespectador. Contudo, e apesar de
significativos avanços na área da televisão interativa, tanto ao nível da
infraestrutura de suporte como ao nível dos serviços disponibilizados, a
identificação dos utilizadores é, ainda, uma área de estudo com muitos
aspetos por compreender.
Os seniores, em particular, são grandes consumidores de televisão e
representam uma fatia muito considerável das pessoas que podem beneficiar
das potencialidades disponibilizadas pela interatividade presente em muitos
serviços atuais. Um número crescente destes serviços são desenhados com o
objetivo de promoverem um envelhecimento ativo e um concreto apoio à vida,
pelo que os seniores podem beneficiar, em vários aspetos do seu quotidiano,
se os utilizarem. Nesta faixa etária, a identificação de utilizadores tem, como
elemento potenciador da experiência de utilização, um papel especialmente
importante ao nível de um aproveitamento personalizado e dirigido destes
serviços. No entanto, atendendo às diferentes combinações de características
físicas, sensoriais, cognitivas e, mesmo, de literacia digital que tipificam os
seniores, perspetivou-se existir uma dependência do perfil do utilizador na
seleção do método de identificação mais adequado, os quais podem ser
baseados, por exemplo, num leitor de impressões digitais, instalado no
telecomando; na leitura de uma wearable tag ou de um cartão RFiD; no
reconhecimento da face e, eventualmente, na voz do utilizador.
Assim, a inerente investigação desenrolou-se em várias fases, no sentido de
permitir alicerçar a construção de uma matriz de decisão tecnológica que, em
função do perfil de utilizador, selecione o sistema de identificação mais
adequado. O procedimento metodológico inerente à construção desta matriz de decisão,
passou por um longo processo envolvendo utilizadores reais, que se iniciou
com a realização de entrevistas exploratórias com o objetivo de permitir
conhecer melhor os seniores e a forma como estes encaram a tecnologia e,
mais concretamente, a televisão interativa.
Foi depois implementado um protótipo de alta-fidelidade, completamente
funcional, para a realização de testes com o objetivo de perceber qual a
preferência relativamente a um subconjunto de tecnologias de identificação.
Estes testes, uma vez que não permitiram testar todas as tecnologias em
estudo, revelaram-se inconclusivos, porém permitiram reforçar a necessidade
de identificar e caracterizar os referidos aspetos do perfil do utilizador que
podem interferir na sua preferência relativamente ao sistema de identificação.
As características identificadas constituíram-se como os parâmetros de
entrada da matriz, sendo que para preencher as respetivas células realizaramse
testes de aceitação, com um conjunto de seniores, tendo por base um
protótipo, wizard of oz, especificamente implementado para permitir
experienciar todas as tecnologias em estudo. Estes testes foram precedidos
pela avaliação das capacidades funcionais dos participantes, nos diversos
parâmetros definidos.
Este texto relata, assim, todo o processo de investigação que foi conduzido,
terminando com uma descrição de exemplos de utilização da matriz de
decisão implementada e com a identificação de potenciais caminhos de
desenvolvimento deste trabalho.Television underwent by many socio-technological changes since its beginning
in the fifties. Beyond some inherent technological factors like the transition from
black and white to color and the digitalization of both audio and video
components, the consolidation of the Internet with its high level of
customization of user experience and massive amount of available content,
helped television to be driven towards an interactive dimension.
Thus, the viewer happened to be able to enjoy from a viewing experience that
can, first, be more participatory as he can, for example, vote in TV shows or
express his opinion about the quality of a TV program and, second, be more
personalized allowing him, for instance, receiving TV contents appropriated to
his profile and context of use.
However, this more participatory and customizable experience lacks of an
automatic identification process of the person/s that is/are watching TV.
Despite significant advances in the area of interactive television (iTV), the
automatic identification of viewers, especially if a non-intrusive way is at stake,
is still a research area with many unsolved topics.
Elder people, in particular, are major consumers of television and represent a
very sizable chunk of viewers that can benefit from the potential offered by this
interactivity in many types of services. A growing number of these services are
designed with the aim to promote active aging and life support, thus seniors
can benefit in various aspects of their daily lives, if they use them.
In this age group, the automatic identification of viewers has a special role in a
personalized and targeted usage of these services, acting as an enhancer of
the user experience. However, due to a broad range of physical, sensorial,
cognitive and digital literacy characteristics inherent to the elderly, it was
envisaged that the definition of the most suitable viewer identification
technology would be dependent of the actual user/viewer profile. Actually, the
user identification method can be based in several technology options, e.g. a
fingerprint reader placed in the remote, a wearable tag, an RFID card, a facial
or a voice recognition system, making it necessary deciding on the best
approach for each possible viewer profile.
The research was carried out in order to leverage the design of a decision
matrix that, using the characteristics of the senior's profile, computes the most
suitable viewer identification method.
The methodology used to build the matrix was based on multiple sets of
interviews and evaluation sessions with elderly viewers in a longitudinal
prototyping process. We started with a set of exploratory interviews that
allowed a better understanding how seniors see iTV technology. After, it was
implemented a fully functional prototype (that allowed to test a particular set of
identification technologies), that was evaluated by seniors participants, to find a
clear trend about the preference of identification technologies. Despite these tests were a step forward (since they allow to understand that
viewer’s characteristics can influence their preferences about the identification
technology), they were not totally conclusive mainly due to the fact that they
only had allowed testing a particular set of technologies among all that are
referenced in this research.
The aforementioned characteristics became the inputs of the decision matrix,
leading to a new set of tests to start filling in its cells. These tests were based
on a wizard of oz prototype that allowed participants to experiment all
identification technologies referred in this research. All these tests with seniors
were made at their homes preceded of the evaluation of their functional
characteristics (the ones identified in previous test and that can influence
viewer's preferences).
The document ends reporting the main conclusions and examples of the matrix
usage and with some points to next steps of this work