13,768 research outputs found
The Viability and Potential Consequences of IoT-Based Ransomware
With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested.
As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed.
For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim.
Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research
Effects of 3 MeV Proton Irradiation on Superconductivity and CDW in 2H-NbSe2 Single Crystals
Interplay between superconductivity and charge-density wave (CDW) in 2H-NbSe2
single crystals irradiated by 3 MeV protons is studied. Both Tc and TCDW are
found to decrease monotonically with the increase in irradiation dose. This
behavior is different from electron-irradiated NbSe2, where TCDW is suppressed
monotonically with the increase in dose, while Tc shows an initial enhancement
before it starts to decrease. We attempt to explain this difference based on
the negative pressure effect which has been reported in our previous study on
NbSe2 irradiated by heavy ions
Chandra X-ray Measurement of Gas-phase Heavy Element Abundances in the Central Parsec of the Galaxy
Elemental abundances are key to our understanding of star formation and
evolution in the Galactic center. Previous work on this topic has been based on
infrared (IR) observations, but X-ray observations have the potential of
constraining the abundance of heavy elements, mainly through their K-shell
emission lines. Using 5.7 Ms Chandra observations, we provide the first
abundance measurement of Si, S, Ar, Ca and Fe, in four prominent diffuse X-ray
features located in the central parsec of the Galaxy, which are the
manifestation of shock-heated hot gas. A two-temperature, non-equilibrium
ionization spectral model is employed to derive the abundances of these five
elements. In this procedure, a degeneracy is introduced due to uncertainties in
the composition of light elements, in particular, H, C and N. Assuming that the
hot gas is H-depleted but C- and N-enriched, as would be expected for a
standard scenario in which the hot gas is dominated by Wolf-Rayet star winds,
the spectral fit finds a generally subsolar abundance for the heavy elements.
If, instead, the light elements had a solar-like abundance, the heavy elements
have a fitted abundance of 1--2 solar. The /Fe abundance ratio,
on the other hand, is mostly supersolar and insensitive to the exact
composition of the light elements. These results are robust against potential
biases due to either a moderate spectral S/N or the presence of non-thermal
components. Implications of the measured abundances for the Galactic center
environment are addressed.Comment: 13 pages, 6 figures, Accepted for publication in MNRA
Collaborative Device-level Botnet Detection for Internet of Things
Cyber attacks on the Internet of Things (IoT) have seen a significant increase in recent years. This is primarily due to the widespread adoption and prevalence of IoT within domestic and critical national infrastructures, as well as inherent security vulnerabilities within IoT endpoints. Therein, botnets have emerged as a major threat to IoT-based infrastructures targeting firmware vulnerabilities such as weak or default passwords to assemble an army of compromised devices which can serve as a lethal cyber-weapon against target systems, networks, and services. In this paper, we present our efforts to mitigate this challenge through the development of an intrusion detection system that resides within an IoT device to provide enhanced visibility thereby achieving security hardening of such devices. The device-level intrusion detection presented here is part of our research framework BTC_SIGBDS (Blockchain-powered, Trustworthy, Collaborative, Signature-based Botnet Detection System). We identify the research challenge through a systematic critical review of existing literature and present detailed design of the device-level component of the BTC_SIGBDS framework. We use a signature based detection scheme with trusted signature updates to strengthen protection against emerging attacks. We have evaluated the suitability and enhanced the capability through the generation of custom signatures of two of the most famous signature-based IDS with ISOT, IoT23, and BoTIoT datasets to assess the effectiveness with respect to detection of anomalous traffic within a typical resource constrained IoT network in terms of number of alerts, detection rates, detection time as well as in terms of peak CPU and memory usage
Self-Supervised Learning to Prove Equivalence Between Straight-Line Programs via Rewrite Rules
We target the problem of automatically synthesizing proofs of semantic
equivalence between two programs made of sequences of statements. We represent
programs using abstract syntax trees (AST), where a given set of
semantics-preserving rewrite rules can be applied on a specific AST pattern to
generate a transformed and semantically equivalent program. In our system, two
programs are equivalent if there exists a sequence of application of these
rewrite rules that leads to rewriting one program into the other. We propose a
neural network architecture based on a transformer model to generate proofs of
equivalence between program pairs. The system outputs a sequence of rewrites,
and the validity of the sequence is simply checked by verifying it can be
applied. If no valid sequence is produced by the neural network, the system
reports the programs as non-equivalent, ensuring by design no programs may be
incorrectly reported as equivalent. Our system is fully implemented for a given
grammar which can represent straight-line programs with function calls and
multiple types. To efficiently train the system to generate such sequences, we
develop an original incremental training technique, named self-supervised
sample selection. We extensively study the effectiveness of this novel training
approach on proofs of increasing complexity and length. Our system, S4Eq,
achieves 97% proof success on a curated dataset of 10,000 pairs of equivalent
programsComment: 30 pages including appendi
Comedians without a Cause: The Politics and Aesthetics of Humour in Dutch Cabaret (1966-2020)
Comedians play an important role in society and public debate. While comedians have been considered important cultural critics for quite some time, comedy has acquired a new social and political significance in recent years, with humour taking centre stage in political and social debates around issues of identity, social justice, and freedom of speech. To understand the shifting meanings and political implications of humour within a Dutch context, this PhD thesis examines the political and aesthetic workings of humour in the highly popular Dutch cabaret genre, focusing on cabaret performances from the 1960s to the present. The central questions of the thesis are: how do comedians use humour to deliver social critique, and how does their humour resonate with political ideologies? These questions are answered by adopting a cultural studies approach to humour, which is used to analyse Dutch cabaret performances, and by studying related materials such as reviews and media interviews with comedians. This thesis shows that, from the 1960s onwards, Dutch comedians have been considered ‘progressive rebels’ – politically engaged, subversive, and carrying a left-wing political agenda – but that this image is in need of correction. While we tend to look for progressive political messages in the work of comedians who present themselves as being anti-establishment rebels – such as Youp van ‘t Hek, Hans Teeuwen, and Theo Maassen – this thesis demonstrates that their transgressive and provocative humour tends to protect social hierarchies and relationships of power. Moreover, it shows that, paradoxically, both the deliberately moderate and nuanced humour of Wim Kan and Claudia de Breij, and the seemingly past-oriented nostalgia of Alex Klaasen, are more radical and progressive than the transgressive humour of van ‘t Hek, Teeuwen and Maassen. Finally, comedians who present absurdist or deconstructionist forms of humour, such as the early student cabarets, Freek de Jonge, and Micha Wertheim, tend to disassociate themselves from an explicit political engagement. By challenging the dominant image of the Dutch comedian as a ‘progressive rebel,’ this thesis contributes to a better understanding of humour in the present cultural moment, in which humour is often either not taken seriously, or one-sidedly celebrated as being merely pleasurable, innocent, or progressively liberating. In so doing, this thesis concludes, the ‘dark’ and more conservative sides of humour tend to get obscured
Fruit Crop Improvement with Genome Editing, In Vitro and Transgenic Approaches
Fruit species contribute to nutritional and health security by providing micronutrients, antioxidants, and bioactive phytoconstituents, and hence fruit-based products are becoming functional foods presently and for the future. Although conventional breeding methods have yielded improved varieties having fruit quality, aroma, antioxidants, yield, and nutritional traits, the threat of climate change and need for improvement in several other traits such as biotic and abiotic stress tolerance and higher nutritional quality has demanded complementary novel strategies. Biotechnological research in fruit crops has offered immense scope for large-scale multiplication of elite clones, in vitro, mutagenesis, and genetic transformation. Advanced molecular methods, such as genome-wide association studies (GWAS), QTLomics, genomic selection for the development of novel germplasm having functional traits for agronomic and nutritional quality, and enrichment of bioactive constituents through metabolic pathway engineering and development of novel products, are now paving the way for trait-based improvement for developing genetically superior varieties in fruit plant species for enhanced nutritional quality and agronomic performance. In this article, we highlight the applications of in vitro and molecular breeding approaches for use in fruit breeding
Influence of constituent particles on fracture of aluminum alloys under high-triaxiality loading
Single-edge notch bending tests are conducted to study the influence of constituent particles on the fracture resistance of aluminum alloys 6061, 6063, and 6110 under high-constraint loading conditions. The alloys are tested in the as-cast state after homogenization and artificial aging to temper T6. Each alloy type was delivered with two different volume fractions of constituent particles to enable a quantitative assessment of its impact on the toughness of these aluminum alloys. One variant corresponds to the commercial alloy, whereas the other variant is tailor made with an increased amount of constituent particles by adding Fe and Si to the commercial alloy. All alloys exhibit a dendritic structure with particles clustered at grain boundaries and dendrite arm boundaries. The increased content of constituent particles in the tailor-made alloys is shown to be purely detrimental for the toughness and reduces relevant fracture energy parameters by more than 50% in the alloys tested herein. In the plane-strain-dominated regions of the specimens where the stress triaxiality is highest, crack propagation was found to take place on grain boundaries and dendrite arm boundaries due to void nucleation, growth, and coalescence from the constituent particles. Differences in toughness between the alloys are primarily related to variations in the content, size, and spacing of the constituent particles. A comparison between the three different alloy types, i.e. 6061, 6063, and 6110, shows that strength affects the toughness, but it does not follow the commonly reported trade-off between strength and ductility.publishedVersio
Collaborative Device-level Botnet Detection for Internet of Things
Cyber attacks on the Internet of Things (IoT) have seen a significant increase in recent years. This is primarily due to the widespread adoption and prevalence of IoT within domestic and critical national infrastructures, as well as inherent security vulnerabilities within IoT endpoints. Therein, botnets have emerged as a major threat to IoT-based infrastructures targeting firmware vulnerabilities such as weak or default passwords to assemble an army of compromised devices which can serve as a lethal cyber-weapon against target systems, networks, and services. In this paper, we present our efforts to mitigate this challenge through the development of an intrusion detection system that resides within an IoT device to provide enhanced visibility thereby achieving security hardening of such devices. The device-level intrusion detection presented here is part of our research framework BTC_SIGBDS (Blockchain-powered, Trustworthy, Collaborative, Signature-based Botnet Detection System). We identify the research challenge through a systematic critical review of existing literature and present detailed design of the device-level component of the BTC_SIGBDS framework. We use a signature based detection scheme with trusted signature updates to strengthen protection against emerging attacks. We have evaluated the suitability and enhanced the capability through the generation of custom signatures of two of the most famous signature-based IDS with ISOT, IoT23, and BoTIoT datasets to assess the effectiveness with respect to detection of anomalous traffic within a typical resource constrained IoT network in terms of number of alerts, detection rates, detection time as well as in terms of peak CPU and memory usage
A variational Bayesian inference technique for model updating of structural systems with unknown noise statistics
Dynamic models of structural and mechanical systems can be updated to match the measured data through a Bayesian inference process. However, the performance of classical (non-adaptive) Bayesian model updating approaches decreases significantly when the pre-assumed statistical characteristics of the model prediction error are violated. To overcome this issue, this paper presents an adaptive recursive variational Bayesian approach to estimate the statistical characteristics of the prediction error jointly with the unknown model parameters. This approach improves the accuracy and robustness of model updating by including the estimation of model prediction error. The performance of this approach is demonstrated using numerically simulated data obtained from a structural frame with material non-linearity under earthquake excitation. Results show that in the presence of non-stationary noise/error, the non-adaptive approach fails to estimate unknown model parameters, whereas the proposed approach can accurately estimate them
- …