14,100 research outputs found

    Sistema de bloqueio de computadores

    Get PDF
    Mestrado em Engenharia de Computadores e TelemáticaThe use of multiple computing devices per person is increasing more and more. Nowadays is normal that mobile devices like smartphones, tablets and laptops are present in the everyday life of a single person and in many cases people use these devices to perform important operations related with their professional life. This also presents a problem, as these devices come with the user in everyday life and the fact that often they have a high monetary value means that these devices are susceptible to theft. This thesis introduces a computer locking system that distinguishes itself from existing similar systems because (i) it is designed to work independently of the Operating System(s) installed on the laptop or mobile device, (ii) depends on a firrmware driver that implements the lock operation making it resistant to storage device formats or any other attack that uses software operations. It is also explored the operation of a device that has a firrmware that follows the Unified Extensible Firmware Interface (UEFI) specification as well as the development of drivers for this type of firrmware. It was also developed a security protocol and various cryptographic techniques where explored and implemented.O uso de vários dispositivos computacionais por pessoa está a aumentar cada vez mais. Hoje em dia é normal dispositivos móveis como o smartphone, tablet e computador portátil estarem presentes no quotidiano das pessoas e em muitos casos as pessoas necessitam de realizar tarefas na sua vida profissional nestes dispositivos. Isto apresenta também um problema, como estes dispositivos acompanham o utilizador no dia a dia e pelo facto de muitas vezes terem um valor monetário elevado faz com que estes dispositivos sejam suscetíveis a roubos. Esta tese introduz um sistema de bloqueio de computadores que se distingue dos sistemas similares existentes porque, (i) _e desenhado para funcionar independentemente do(s) sistema(s) operativo(s) instalado(s) no computador portátil ou no dispositivo móvel, (ii) depende de um driver do firrmware que concretiza a operação de bloqueio fazendo com que seja resistente contra formatação do dispositivo de armazenamento ou qualquer outro ataque que tenho por base a utilização de software. É explorado então o funcionamento de um dispositivo que tenha um firmware que respeita a especificação Unfied Extensible Firmware Interface (UEFI) assim como a programação de drivers para este tipo de firmware. Foi também desenvolvido um protocolo de segurança e são exploradas várias técnicas criptográficas passiveis de serem implementadas

    The Metaverse: Survey, Trends, Novel Pipeline Ecosystem & Future Directions

    Full text link
    The Metaverse offers a second world beyond reality, where boundaries are non-existent, and possibilities are endless through engagement and immersive experiences using the virtual reality (VR) technology. Many disciplines can benefit from the advancement of the Metaverse when accurately developed, including the fields of technology, gaming, education, art, and culture. Nevertheless, developing the Metaverse environment to its full potential is an ambiguous task that needs proper guidance and directions. Existing surveys on the Metaverse focus only on a specific aspect and discipline of the Metaverse and lack a holistic view of the entire process. To this end, a more holistic, multi-disciplinary, in-depth, and academic and industry-oriented review is required to provide a thorough study of the Metaverse development pipeline. To address these issues, we present in this survey a novel multi-layered pipeline ecosystem composed of (1) the Metaverse computing, networking, communications and hardware infrastructure, (2) environment digitization, and (3) user interactions. For every layer, we discuss the components that detail the steps of its development. Also, for each of these components, we examine the impact of a set of enabling technologies and empowering domains (e.g., Artificial Intelligence, Security & Privacy, Blockchain, Business, Ethics, and Social) on its advancement. In addition, we explain the importance of these technologies to support decentralization, interoperability, user experiences, interactions, and monetization. Our presented study highlights the existing challenges for each component, followed by research directions and potential solutions. To the best of our knowledge, this survey is the most comprehensive and allows users, scholars, and entrepreneurs to get an in-depth understanding of the Metaverse ecosystem to find their opportunities and potentials for contribution

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Self-Supervised Learning to Prove Equivalence Between Straight-Line Programs via Rewrite Rules

    Full text link
    We target the problem of automatically synthesizing proofs of semantic equivalence between two programs made of sequences of statements. We represent programs using abstract syntax trees (AST), where a given set of semantics-preserving rewrite rules can be applied on a specific AST pattern to generate a transformed and semantically equivalent program. In our system, two programs are equivalent if there exists a sequence of application of these rewrite rules that leads to rewriting one program into the other. We propose a neural network architecture based on a transformer model to generate proofs of equivalence between program pairs. The system outputs a sequence of rewrites, and the validity of the sequence is simply checked by verifying it can be applied. If no valid sequence is produced by the neural network, the system reports the programs as non-equivalent, ensuring by design no programs may be incorrectly reported as equivalent. Our system is fully implemented for a given grammar which can represent straight-line programs with function calls and multiple types. To efficiently train the system to generate such sequences, we develop an original incremental training technique, named self-supervised sample selection. We extensively study the effectiveness of this novel training approach on proofs of increasing complexity and length. Our system, S4Eq, achieves 97% proof success on a curated dataset of 10,000 pairs of equivalent programsComment: 30 pages including appendi

    Pretrained Embeddings for E-commerce Machine Learning: When it Fails and Why?

    Full text link
    The use of pretrained embeddings has become widespread in modern e-commerce machine learning (ML) systems. In practice, however, we have encountered several key issues when using pretrained embedding in a real-world production system, many of which cannot be fully explained by current knowledge. Unfortunately, we find that there is a lack of a thorough understanding of how pre-trained embeddings work, especially their intrinsic properties and interactions with downstream tasks. Consequently, it becomes challenging to make interactive and scalable decisions regarding the use of pre-trained embeddings in practice. Our investigation leads to two significant discoveries about using pretrained embeddings in e-commerce applications. Firstly, we find that the design of the pretraining and downstream models, particularly how they encode and decode information via embedding vectors, can have a profound impact. Secondly, we establish a principled perspective of pre-trained embeddings via the lens of kernel analysis, which can be used to evaluate their predictability, interactively and scalably. These findings help to address the practical challenges we faced and offer valuable guidance for successful adoption of pretrained embeddings in real-world production. Our conclusions are backed by solid theoretical reasoning, benchmark experiments, as well as online testings

    Centella asiatica (L.) Urb: A comprehensive bibliometric analysis of published studies between 1857 and 2022

    Get PDF
    Centella asiatica (L.) Urban (C. asiatica) is a medicinal plant that generates terpenes, phenols, vitamins, minerals, polyacetylene and fatty acids among other phyto-constituents. This review focuses on the bibliometric analysis of 1164 documents on C. asiatica that were retrieved from the Scopus database. Harzing Publish or Perish and VOSviewer were used for citation and network analyses. According to the bibliometric analysis, publications are on the rise, particularly in the fields of pharmacology, toxicology and pharmaceutics, medicine, biochemistry, genetics and molecular biology, agricultural and biological sciences, and chemistry. "Phytoremediation", "secondary metabolites", "Andrographis paniculata", and "cognitive impairment" are emerging areas for C. asiatica research. However, currently there is a lack of international collaboration in C. asiatica research among contributing countries. Researchers can utilise the findings cited in this reiew to locate potential collaborators, top authors, countries and documents

    Examples of works to practice staccato technique in clarinet instrument

    Get PDF
    Klarnetin staccato tekniğini güçlendirme aşamaları eser çalışmalarıyla uygulanmıştır. Staccato geçişlerini hızlandıracak ritim ve nüans çalışmalarına yer verilmiştir. Çalışmanın en önemli amacı sadece staccato çalışması değil parmak-dilin eş zamanlı uyumunun hassasiyeti üzerinde de durulmasıdır. Staccato çalışmalarını daha verimli hale getirmek için eser çalışmasının içinde etüt çalışmasına da yer verilmiştir. Çalışmaların üzerinde titizlikle durulması staccato çalışmasının ilham verici etkisi ile müzikal kimliğe yeni bir boyut kazandırmıştır. Sekiz özgün eser çalışmasının her aşaması anlatılmıştır. Her aşamanın bir sonraki performans ve tekniği güçlendirmesi esas alınmıştır. Bu çalışmada staccato tekniğinin hangi alanlarda kullanıldığı, nasıl sonuçlar elde edildiği bilgisine yer verilmiştir. Notaların parmak ve dil uyumu ile nasıl şekilleneceği ve nasıl bir çalışma disiplini içinde gerçekleşeceği planlanmıştır. Kamış-nota-diyafram-parmak-dil-nüans ve disiplin kavramlarının staccato tekniğinde ayrılmaz bir bütün olduğu saptanmıştır. Araştırmada literatür taraması yapılarak staccato ile ilgili çalışmalar taranmıştır. Tarama sonucunda klarnet tekniğin de kullanılan staccato eser çalışmasının az olduğu tespit edilmiştir. Metot taramasında da etüt çalışmasının daha çok olduğu saptanmıştır. Böylelikle klarnetin staccato tekniğini hızlandırma ve güçlendirme çalışmaları sunulmuştur. Staccato etüt çalışmaları yapılırken, araya eser çalışmasının girmesi beyni rahatlattığı ve istekliliği daha arttırdığı gözlemlenmiştir. Staccato çalışmasını yaparken doğru bir kamış seçimi üzerinde de durulmuştur. Staccato tekniğini doğru çalışmak için doğru bir kamışın dil hızını arttırdığı saptanmıştır. Doğru bir kamış seçimi kamıştan rahat ses çıkmasına bağlıdır. Kamış, dil atma gücünü vermiyorsa daha doğru bir kamış seçiminin yapılması gerekliliği vurgulanmıştır. Staccato çalışmalarında baştan sona bir eseri yorumlamak zor olabilir. Bu açıdan çalışma, verilen müzikal nüanslara uymanın, dil atış performansını rahatlattığını ortaya koymuştur. Gelecek nesillere edinilen bilgi ve birikimlerin aktarılması ve geliştirici olması teşvik edilmiştir. Çıkacak eserlerin nasıl çözüleceği, staccato tekniğinin nasıl üstesinden gelinebileceği anlatılmıştır. Staccato tekniğinin daha kısa sürede çözüme kavuşturulması amaç edinilmiştir. Parmakların yerlerini öğrettiğimiz kadar belleğimize de çalışmaların kaydedilmesi önemlidir. Gösterilen azmin ve sabrın sonucu olarak ortaya çıkan yapıt başarıyı daha da yukarı seviyelere çıkaracaktır

    PreFair: Privately Generating Justifiably Fair Synthetic Data

    Full text link
    When a database is protected by Differential Privacy (DP), its usability is limited in scope. In this scenario, generating a synthetic version of the data that mimics the properties of the private data allows users to perform any operation on the synthetic data, while maintaining the privacy of the original data. Therefore, multiple works have been devoted to devising systems for DP synthetic data generation. However, such systems may preserve or even magnify properties of the data that make it unfair, endering the synthetic data unfit for use. In this work, we present PreFair, a system that allows for DP fair synthetic data generation. PreFair extends the state-of-the-art DP data generation mechanisms by incorporating a causal fairness criterion that ensures fair synthetic data. We adapt the notion of justifiable fairness to fit the synthetic data generation scenario. We further study the problem of generating DP fair synthetic data, showing its intractability and designing algorithms that are optimal under certain assumptions. We also provide an extensive experimental evaluation, showing that PreFair generates synthetic data that is significantly fairer than the data generated by leading DP data generation mechanisms, while remaining faithful to the private data.Comment: 15 pages, 11 figure

    INVESTIGATING THE PERCEPTION OF EXPATRIATES TOWARDS IMMIGRATION SERVICE QUALITY IN SHARJAH, UNITED ARAB EMIRATES THROUGH MIXED METHOD APPROACH

    Get PDF
    The public sectors in UAE are under immense pressure to demonstrate that their services are customer-focused and that continuous performance improvement is being delivered. The United Arab Emirates is a favoured destination for expatriates due to its own citizens form a minority of the population and are barely represented in the private sector workforce. These highly unusual demographics confer high importance on the national immigration services. Recently, increased interest in international migration, specifically within the United Arab Emirates, has been shown both by government agencies and by the governments of industrialised countries. Given the importance of the expatriate labour force to economic stability and growth in the Emirates, this research investigates how immigration services are perceived, with the aim of contributing to their improvement, thus ultimately supporting economic growth. It proposes a service quality perception framework to improve understanding within SID of how to raise levels of service delivered to migrants and other persons directly or indirectly affected by SID services. Qualitative data were collected by means of semi-structured interviews and quantitative data by means of a questionnaire survey based on the abovementioned framework. The survey data, on the variables influencing participants’ experiences and perceptions of SID services, were subjected to statistical analysis. The framework was then used to evaluate quality of service in terms of general impressions, delivery, location, response, SID culture and behaviour. Numerical data were analysed using inferential and descriptive statistics. It was found that service quality positively influenced service behaviour and that this relationship was mediated by SID culture. This research makes an original contribution to knowledge as one of the few studies of immigration to the United Arab Emirates. By examining the workings of one immigration department, it adds to the literature on immigration departments and organisational development in developing countries. It illuminates the mechanics of immigration services and demonstrates their increasing importance to the world economy

    Marvellous real in the Middle East: a comparative study of magical realism in contemporary women’s fiction

    Get PDF
    Magical realism has been studied extensively in relation to Latin America and subsequently in other parts of the world, yet the Middle East has not received adequate attention in academic scholarship. This PhD study examines a selection of contemporary female-authored narratives from the Middle East to establish an understanding of the practice of magical realism in this region. The selected texts for this study are: Raja Alem’s Fatma and My Thousand and One Nights; Shahrnush Parsipur’s Women Without Men and Touba and the Meaning of Night; Elif Shafak’s The Bastard of Istanbul and Gina B. Nahai’s Moonlight on the Avenue of Faith. This study firstly explores the concept of magical realism as a mode of writing and determines its relationship to the Middle Eastern context. It then evaluates the texts under scrutiny by examining how the narrative of magical realism is constructed and what the sources are of the magical component in these texts, specifically in relation to Middle Eastern mythology. It also investigates the ideological aspect behind the employment of magical realism and whether it serves any political goal. The analysis of the selected texts is approached from three standpoints, that is, from literary, mythological and ideological perspectives. I argue that magical realism serves various purposes and that it is applied from perspectives that can be regarded as marginal to their communities’ dominant values, to subvert mainstream ideology. I also demonstrate that the Middle East is a crucial place to investigate magical realism because of the numerous complex cultural values that interact with each other in this region, and which enrich the practice of magical realism
    corecore