16,805 research outputs found

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Joutsen / Svanen 2016

    Get PDF

    The fairy tale therapist

    Get PDF
    Creative Work: The Fairy Tale Therapist:- My original intention was to create a new form of self-help book using fairy tale characters to address psychological problems. The book I wrote does use fairy tale characters to address psychological problems, but it isn’t written as a typical self-help book. Instead, it’s the story of Helen, a therapist whose personal life suddenly and dramatically falls apart. Her solution? Not one she would suggest to her clients. She leaves everyone she knows and sets up a new practice in a small village in Wales, where her troubles start to fade. Until, that is, the fairy tale characters start coming in through her office window. Contextualising Research: The Fragility of Equilibrium in Therapy and Writing:- In this part of the thesis, I explore the methodologies, underpinning literature and the personal journey of discovery that led to the final book. I examine bibliotherapy, the self-help genre and case studies after selecting a canon of well-known self-help books. I then review classical fairy tales and I try using fairy tale characters rather than case studies as examples in a self-help book. I present these attempts and argue why this straight substitution doesn’t work well. Instead, therefore, I decided to use fairy tale characters’ dilemmas to illustrate the process of psychotherapy, so readers can better understand the aims and processes in therapy, and see inside a therapist’s mind. The resulting book ('The Fairy Tale Therapist', the creative part of my thesis), raised two further questions which I answer and explore in the critical component. Is there a concept that is central both to writing fiction and to carrying out/undergoing psychotherapy, and if so how does it achieve this? Story is the bridge that links these disciplines, and I found the key within story is the concept of equilibrium, the desire to return to a stable state an organism is disrupted by a challenge. Equilibrium is, however, elusive: once achieved, disequilibrium begins again. How might changing perspective help to better understand characters in fiction and clients in therapy/self-help? I found that by adhering to the plot but looking at what happens from a different perspective, as an author I gained a deeper understanding of characters other than the central character. I can also apply this technique to help my patients. Instead of trying to change what’s going on outside of themselves, I can challenge them to try changing the way they consider what’s going on, and in so doing help them to learn to accept—perhaps even celebrate—their circumstances

    Estudo do IPFS como protocolo de distribuição de conteúdos em redes veiculares

    Get PDF
    Over the last few years, vehicular ad-hoc networks (VANETs) have been the focus of great progress due to the interest in autonomous vehicles and in distributing content not only between vehicles, but also to the Cloud. Performing a download/upload to/from a vehicle typically requires the existence of a cellular connection, but the costs associated with mobile data transfers in hundreds or thousands of vehicles quickly become prohibitive. A VANET allows the costs to be several orders of magnitude lower - while keeping the same large volumes of data - because it is strongly based in the communication between vehicles (nodes of the network) and the infrastructure. The InterPlanetary File System (IPFS) is a protocol for storing and distributing content, where information is addressed by its content, instead of its location. It was created in 2014 and it seeks to connect all computing devices with the same system of files, comparable to a BitTorrent swarm exchanging Git objects. It has been tested and deployed in wired networks, but never in an environment where nodes have intermittent connectivity, such as a VANET. This work focuses on understanding IPFS, how/if it can be applied to the vehicular network context, and comparing it with other content distribution protocols. In this dissertation, IPFS has been tested in a small and controlled network to understand its working applicability to VANETs. Issues such as neighbor discoverability times and poor hashing performance have been addressed. To compare IPFS with other protocols (such as Veniam’s proprietary solution or BitTorrent) in a relevant way and in a large scale, an emulation platform was created. The tests in this emulator were performed in different times of the day, with a variable number of files and file sizes. Emulated results show that IPFS is on par with Veniam’s custom V2V protocol built specifically for V2V, and greatly outperforms BitTorrent regarding neighbor discoverability and data transfers. An analysis of IPFS’ performance in a real scenario was also conducted, using a subset of STCP’s vehicular network in Oporto, with the support of Veniam. Results from these tests show that IPFS can be used as a content dissemination protocol, showing it is up to the challenge provided by a constantly changing network topology, and achieving throughputs up to 2.8 MB/s, values similar or in some cases even better than Veniam’s proprietary solution.Nos últimos anos, as redes veiculares (VANETs) têm sido o foco de grandes avanços devido ao interesse em veículos autónomos e em distribuir conteúdos, não só entre veículos mas também para a "nuvem" (Cloud). Tipicamente, fazer um download/upload de/para um veículo exige a utilização de uma ligação celular (SIM), mas os custos associados a fazer transferências com dados móveis em centenas ou milhares de veículos rapidamente se tornam proibitivos. Uma VANET permite que estes custos sejam consideravelmente inferiores - mantendo o mesmo volume de dados - pois é fortemente baseada na comunicação entre veículos (nós da rede) e a infraestrutura. O InterPlanetary File System (IPFS - "sistema de ficheiros interplanetário") é um protocolo de armazenamento e distribuição de conteúdos, onde a informação é endereçada pelo conteúdo, em vez da sua localização. Foi criado em 2014 e tem como objetivo ligar todos os dispositivos de computação num só sistema de ficheiros, comparável a um swarm BitTorrent a trocar objetos Git. Já foi testado e usado em redes com fios, mas nunca num ambiente onde os nós têm conetividade intermitente, tal como numa VANET. Este trabalho tem como foco perceber o IPFS, como/se pode ser aplicado ao contexto de rede veicular e compará-lo a outros protocolos de distribuição de conteúdos. Numa primeira fase o IPFS foi testado numa pequena rede controlada, de forma a perceber a sua aplicabilidade às VANETs, e resolver os seus primeiros problemas como os tempos elevados de descoberta de vizinhos e o fraco desempenho de hashing. De modo a poder comparar o IPFS com outros protocolos (tais como a solução proprietária da Veniam ou o BitTorrent) de forma relevante e em grande escala, foi criada uma plataforma de emulação. Os testes neste emulador foram efetuados usando registos de mobilidade e conetividade veicular de alturas diferentes de um dia, com um número variável de ficheiros e tamanhos de ficheiros. Os resultados destes testes mostram que o IPFS está a par do protocolo V2V da Veniam (desenvolvido especificamente para V2V e VANETs), e que o IPFS é significativamente melhor que o BitTorrent no que toca ao tempo de descoberta de vizinhos e transferência de informação. Uma análise do desempenho do IPFS em cenário real também foi efetuada, usando um pequeno conjunto de nós da rede veicular da STCP no Porto, com o apoio da Veniam. Os resultados destes testes demonstram que o IPFS pode ser usado como protocolo de disseminação de conteúdos numa VANET, mostrando-se adequado a uma topologia constantemente sob alteração, e alcançando débitos até 2.8 MB/s, valores parecidos ou nalguns casos superiores aos do protocolo proprietário da Veniam.Mestrado em Engenharia de Computadores e Telemátic

    Natcher, William Huston, 1909-1994 (MSS 142)

    Get PDF
    Finding aid only for Manuscripts Collection 142. Correspondence, journals, scrapbooks and printed matter documenting the career of Natcher, a Representative from Kentucky who served in the United States Congress from 1953-1994. Click on “Additional Files” below for a separate inventory of photographs and an index of names and subjects in the photographs

    Heideggers holy and quiet joy: body hermeneutics of two paintings by Lawren S. Harris

    Get PDF
    How would our lived human body experience Heidegger's holy? This dissertation uses a phenomenological method of body hermeneutics to develop a lived experience of the notion of the holy from Heidegger's later thought with the help of two paintings by Lawren S. Harris. Body hermeneutics, developed by Samuel Mallin, is a method of systematically feeling out and describing the experience of phenomena through the four regions of the lived body: the perceptual, the motor-practical, the affective, and the cognitive/linguistic. The artworks hold the phenomena and create situations through which the viewer can repeatedly access and explore the phenomena. The artworks also speak to the whole body, not just to the cognitive aspect of our being, and thus make it much easier for us to recognize and overcome our cognitive preconceptions and to develop a fuller bodily experience of the phenomena. The first part of the dissertation, working with the painting Beaver Swamp, Algoma, explores how one can phenomenologically experience and describe that which is not an entity, since both being and the holy in Heidegger's understanding are not entities. By describing the contrasts between the experience of figures and lines in the painting on one hand and colour and light fields on the other, a new bodily attitude can be felt and developed that is quite different from our everyday attitudes towards phenomenology and perceiving things in general. This new bodily attitude is helpful for describing phenomena like being and the holy as understood by Heidegger. The second part of the dissertation, with the help of the painting Northern Lake, further develops the understanding of the new bodily attitude. It explores a particular kind of darkness to better understand the phenomena of depth and abyss, and a particular kind of light to describe the haleness as the experience of the holy

    The Theatre of Linda Griffiths

    Get PDF
    Linda Griffiths, actor and playwright, is a charismatic and vital presence on the Toronto theatre scene from the early 1970s until her untimely death in 2014. She travels across Canada and to Broadway, performing Maggie & Pierre after it premiers in the Backspace of Theatre Passe Muraille in 1980. She performs in her final play, Heaven Above, Heaven Below, with Layne Coleman in this same intimate space in 2013. Between these two shows, Griffiths works in theatres across Canada all the while maintaining her dedication to Theatre Passe Muraille. Her beginnings in collective creation lead her to experiment with process and with the formal composition of her plays, as well as to continuously navigate between her roles as actor and playwright. This dissertation studies the arc of Griffiths's career in order to reposition her in the field. It explores Griffiths's experiments with form as well as her embodiment and continuation of the spirit and enthusiasm of the alternative theatre movement in Canada. I trace the development of her uvre as that of a playwright whose creative process travels the arc from collective, to collaboration, to writing solo for backspaces and mainstages, for both intimate venues and large national theatres, ultimately establishing her as one of Canada's most original and vibrant playwrights. This dissertation analyzes Griffiths's career as she discovers her actor-playwright identity, develops her own distinct creative process, and using her own unique methods writes and performs meaningful, powerful pieces which imagine new possibilities in women's representation. I draw on original archival research from the Linda Griffiths fonds held at the University of Guelph as well as archives and papers in the private possession of Layne Coleman, Griffiths's long-term fellow theatre practitioner. As a kaleidoscopic creator, Griffiths's work necessitates a kaleidoscopic study. The methods of analysis, however, remain focused on archival research into her process. Because of her tendency to write from lived experience and to thoroughly research her subjects, who are often derived from real people, I investigate Griffiths's alchemical methods of transforming truthful material into illusory, fantastical, ephemeral, yet poignant and impactful performances

    A Multi-Scalar Socio-Policy Analysis of Resource Reallocation and Water Security in Twenty-First Century Utah, USA

    Get PDF
    As drought and a warming climate continue to impact the western United States, balancing the water needs of cities, agriculture, and natural systems is becoming increasingly more complex. One approach commonly promoted to address water supply issues is the transfer of water between users via markets. However, markets for water face multiple obstacles that can often be costly for participants due to constraints inherent in western U.S. water law. Coinciding with issues of cost, water markets must overcome disinterest among water rights holders in releasing their water rights for uses even if temporarily. Moreover, water transfers bring to light the potential impacts to security in access to water for other needs when water is moved between locations and uses. This research examined key challenges to the establishment and use of market-based transfer arrangements known as water banks. Existing water banks in other states were first analyzed to assess how they have added flexibility to existing water law in order to address specific or broad impacts of water scarcity. Northern Utah’s Bear River Basin then served as a case setting to examine the complexities of establishing water banks through the perspectives of individual water users and others involved in water management. Data were collected through interviews, focus groups, observations of legislative workgroups, and analysis of existing literature. This research found that the benefits of transfers through water banks are potentially dependent on the scale of interest that the transaction is assessed at and how the consumption of water is managed. Moreover, this work found that the prevailing behaviors and attitudes regarding water transfers are in part rooted in how existing water laws and organizations have controlled allocation and use of the resource. Understanding these social factors is critical to the policy designs of market-based approaches to sharing water that rely on participation of water rights holders to contribute towards rebalancing water supplies and meeting policy objectives at all scales of interest
    • …
    corecore