7,138 research outputs found
Knowledge Graph Building Blocks: An easy-to-use Framework for developing FAIREr Knowledge Graphs
Knowledge graphs and ontologies provide promising technical solutions for
implementing the FAIR Principles for Findable, Accessible, Interoperable, and
Reusable data and metadata. However, they also come with their own challenges.
Nine such challenges are discussed and associated with the criterion of
cognitive interoperability and specific FAIREr principles (FAIR + Explorability
raised) that they fail to meet. We introduce an easy-to-use, open source
knowledge graph framework that is based on knowledge graph building blocks
(KGBBs). KGBBs are small information modules for knowledge-processing, each
based on a specific type of semantic unit. By interrelating several KGBBs, one
can specify a KGBB-driven FAIREr knowledge graph. Besides implementing semantic
units, the KGBB Framework clearly distinguishes and decouples an internal
in-memory data model from data storage, data display, and data access/export
models. We argue that this decoupling is essential for solving many problems of
knowledge management systems. We discuss the architecture of the KGBB Framework
as we envision it, comprising (i) an openly accessible KGBB-Repository for
different types of KGBBs, (ii) a KGBB-Engine for managing and operating FAIREr
knowledge graphs (including automatic provenance tracking, editing changelog,
and versioning of semantic units); (iii) a repository for KGBB-Functions; (iv)
a low-code KGBB-Editor with which domain experts can create new KGBBs and
specify their own FAIREr knowledge graph without having to think about semantic
modelling. We conclude with discussing the nine challenges and how the KGBB
Framework provides solutions for the issues they raise. While most of what we
discuss here is entirely conceptual, we can point to two prototypes that
demonstrate the principle feasibility of using semantic units and KGBBs to
manage and structure knowledge graphs
The Viability and Potential Consequences of IoT-Based Ransomware
With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested.
As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed.
For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim.
Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research
The Adirondack Chronology
The Adirondack Chronology is intended to be a useful resource for researchers and others interested in the Adirondacks and Adirondack history.https://digitalworks.union.edu/arlpublications/1000/thumbnail.jp
A productive response to legacy system petrification
Requirements change. The requirements of a legacy information system change, often in unanticipated ways, and at a more rapid pace than the rate at which the information system itself can be evolved to support them. The capabilities of a legacy system progressively fall further and further behind their evolving requirements, in a degrading process termed petrification. As systems petrify, they deliver diminishing business value, hamper business effectiveness, and drain organisational resources. To address legacy systems, the first challenge is to understand how to shed their resistance to tracking requirements change. The second challenge is to ensure that a newly adaptable system never again petrifies into a change resistant legacy system. This thesis addresses both challenges. The approach outlined herein is underpinned by an agile migration process - termed Productive Migration - that homes in upon the specific causes of petrification within each particular legacy system and provides guidance upon how to address them. That guidance comes in part from a personalised catalogue of petrifying patterns, which capture recurring themes underlying petrification. These steer us to the problems actually present in a given legacy system, and lead us to suitable antidote productive patterns via which we can deal with those problems one by one. To prevent newly adaptable systems from again degrading into legacy systems, we appeal to a follow-on process, termed Productive Evolution, which embraces and keeps pace with change rather than resisting and falling behind it. Productive Evolution teaches us to be vigilant against signs of system petrification and helps us to nip them in the bud. The aim is to nurture systems that remain supportive of the business, that are adaptable in step with ongoing requirements change, and that continue to retain their value as significant business assets
Microservice Architecture Reconstruction and Visualization Techniques: A Review
Microservice system solutions are driving digital transformation; however,
fundamental tools and system perspectives are missing to better observe,
understand, and manage these systems, their properties, and their dependencies.
Microservices architecture leads towards decentralization, which implies many
advantages to system operation; it, however, brings challenges to their
development. Microservice systems often lack a system-centric perspective that
would help engineers better cope with system evolution and quality assessment.
In this work, we explored microservice-specific architecture reconstruction
based on static analysis. Such reconstruction typically results in system
models to visualize selected system-centric perspectives. Conventional models
involve 2D methods; however, these methods are limited in utility when services
proliferate. We considered various architectural perspectives relevant to
microservices and assessed the relevancy of the traditional method, comparing
it to alternative data visualization using 3D space. As a representative of the
3D method, we considered a 3D graph model presented in augmented reality. To
begin testing the feasibility of deriving such perspectives from microservice
systems, we developed and implemented prototype tools for software architecture
reconstruction and visualization of compared perspectives. Using these
prototypes, we performed a small user study with software practitioners to
highlight the potentials and limitations of these innovative visualizations
used for common practitioner reasoning and tasks
From Bitcoin to Solana -- Innovating Blockchain towards Enterprise Applications
This survey presents a comprehensive study of recent advances in block-chain
technologies, focusing on how issues that affecting the enterprise adoption
were progressively addressed from the original Bitcoin system to Ethereum, to
Solana etc. Key issues preventing the wide adoption are scala-bility and
performance, while recent advances in Solana has clearly demon-strated that it
is possible to significantly improve on those issues by innovat-ing on data
structure, processes and algorithms by consolidating various time-consuming
algorithms and security enforcements, and differentiate and balance users and
their responsibilities and rights, while maintaining the re-quired security and
integrity that blockchain systems inherently offer
COMPUTER SCIENCE STUDENTS AND LIBRARY TECHNOLOGY: EVALUATING STUDENTS’ CAREER GOALS TO CREATE STRATEGIES THAT INCREASE INTEREST IN LIBRARY EMPLOYMENT
Academic libraries in the United States often have difficulty recruiting for technology-focused positions. This mixed-methods study examines what technology skills libraries are seeking in entry-level technology positions and explores ways to increase interest in library employment. Utilizing Lent’s (2013) social cognitive career theory (SCCT) framework, this study seeks to understand why students study computer science, how computer science students seek future employment, and explores how a large university in the southeastern United States can facilitate interest in applying for library technology positions. Quantitative data was determined through an examination of library technology positions to explore trends and what skills employers are seeking. Qualitative data was gathered from recorded interviews with current junior and senior level undergraduate computer science majors. Combined with an in-depth look at the literature and recruitment needs of libraries, possible solutions to the problem of practice are offered in the form of practical internships, interdisciplinary collaboration, and a potential graduate certificate with the goal of connecting computer science students to software development positions in libraries
Runtime Verification For Android Security
Users of computer systems face a constant threat of cyberattacks by malware designed to cause harm or disruption to services, steal information, or hold the user to ransom. Cyberattacks are becoming increasingly prevalent on mobile devices like Android. Attacks become more sophisticated along with countermeasures in an ever-increasing arms race. A novel attack method is ’collusion’, where the attack gets hidden by distributing the steps through many malicious software actors [7].We investigate the use of runtime verification to detect collusion attacks on the end-users device. We have developed a novel algorithm called Reverse-Ros¸u-Havelund that is a variation of an exist-ing algorithm by Grigore Ros¸u and Klaus Havelund [26]. Our approach is computationally efficient enough to detect collusion in realtime on the Android device and does not require prior knowledge of malware source code. Thus, it can detect future malware without modification to the detection system or the software under scrutiny
- …