26,440 research outputs found
Sistema de bloqueio de computadores
Mestrado em Engenharia de Computadores e TelemáticaThe use of multiple computing devices per person is increasing more and more. Nowadays is normal that mobile devices like smartphones, tablets and laptops are present in the everyday life of a single person and in many cases people use these devices to perform important operations related with their professional life. This also presents a problem, as these devices come with the user in everyday life and the fact that often they have a high monetary value means that these devices are susceptible to theft. This thesis introduces a computer locking system that distinguishes itself from existing similar systems because (i) it is designed to work independently of the Operating System(s) installed on the laptop or mobile device, (ii) depends on a firrmware driver that implements the lock operation making it resistant to storage device formats or any other attack that uses software operations. It is also explored the operation of a device that has a firrmware that follows the Unified Extensible Firmware Interface (UEFI) specification as well as the development of drivers for this type of firrmware. It was also developed a security protocol and various cryptographic techniques where explored and implemented.O uso de vários dispositivos computacionais por pessoa está a aumentar cada vez mais. Hoje em dia é normal dispositivos móveis como o smartphone, tablet e computador portátil estarem presentes no quotidiano das pessoas e em muitos casos as pessoas necessitam de realizar tarefas na sua vida profissional nestes dispositivos. Isto apresenta também um problema, como estes dispositivos acompanham o utilizador no dia a dia e pelo facto de muitas vezes terem um valor monetário elevado faz com que estes dispositivos sejam suscetíveis a roubos. Esta tese introduz um sistema de bloqueio de computadores que se distingue dos sistemas similares existentes porque, (i) _e desenhado para funcionar independentemente do(s) sistema(s) operativo(s) instalado(s) no computador portátil ou no dispositivo móvel, (ii) depende de um driver do firrmware que concretiza a operação de bloqueio fazendo com que seja resistente contra formatação do dispositivo de armazenamento ou qualquer outro ataque que tenho por base a utilização de software. É explorado então o funcionamento de um dispositivo que tenha um firmware que respeita a especificação Unfied Extensible Firmware Interface (UEFI) assim como a programação de drivers para este tipo de firmware. Foi também desenvolvido um protocolo
de segurança e são exploradas várias técnicas criptográficas passiveis de serem implementadas
Recommended from our members
Ensuring Access to Safe and Nutritious Food for All Through the Transformation of Food Systems
The Viability and Potential Consequences of IoT-Based Ransomware
With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested.
As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed.
For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim.
Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research
One Small Step for Generative AI, One Giant Leap for AGI: A Complete Survey on ChatGPT in AIGC Era
OpenAI has recently released GPT-4 (a.k.a. ChatGPT plus), which is
demonstrated to be one small step for generative AI (GAI), but one giant leap
for artificial general intelligence (AGI). Since its official release in
November 2022, ChatGPT has quickly attracted numerous users with extensive
media coverage. Such unprecedented attention has also motivated numerous
researchers to investigate ChatGPT from various aspects. According to Google
scholar, there are more than 500 articles with ChatGPT in their titles or
mentioning it in their abstracts. Considering this, a review is urgently
needed, and our work fills this gap. Overall, this work is the first to survey
ChatGPT with a comprehensive review of its underlying technology, applications,
and challenges. Moreover, we present an outlook on how ChatGPT might evolve to
realize general-purpose AIGC (a.k.a. AI-generated content), which will be a
significant milestone for the development of AGI.Comment: A Survey on ChatGPT and GPT-4, 29 pages. Feedback is appreciated
([email protected]
Technical Dimensions of Programming Systems
Programming requires much more than just writing code in a programming language. It is usually done in the context of a stateful environment, by interacting with a system through a graphical user interface. Yet, this wide space of possibilities lacks a common structure for navigation. Work on programming systems fails to form a coherent body of research, making it hard to improve on past work and advance the state of the art.
In computer science, much has been said and done to allow comparison of programming languages, yet no similar theory exists for programming systems; we believe that programming systems deserve a theory too.
We present a framework of technical dimensions which capture the underlying characteristics of programming systems and provide a means for conceptualizing and comparing them.
We identify technical dimensions by examining past influential programming systems and reviewing their design principles, technical capabilities, and styles of user interaction. Technical dimensions capture characteristics that may be studied, compared and advanced independently. This makes it possible to talk about programming systems in a way that can be shared and constructively debated rather than relying solely on personal impressions.
Our framework is derived using a qualitative analysis of past programming systems. We outline two concrete ways of using our framework. First, we show how it can analyze a recently developed novel programming system. Then, we use it to identify an interesting unexplored point in the design space of programming systems.
Much research effort focuses on building programming systems that are easier to use, accessible to non-experts, moldable and/or powerful, but such efforts are disconnected. They are informal, guided by the personal vision of their authors and thus are only evaluable and comparable on the basis of individual experience using them. By providing foundations for more systematic research, we can help programming systems researchers to stand, at last, on the shoulders of giants
Communicating Actor Automata -- Modelling Erlang Processes as Communicating Machines
Brand and Zafiropulo's notion of Communicating Finite-State Machines (CFSMs)
provides a succinct and powerful model of message-passing concurrency, based
around channels. However, a major variant of message-passing concurrency is not
readily captured by CFSMs: the actor model. In this work, we define a variant
of CFSMs, called Communicating Actor Automata, to capture the actor model of
concurrency as provided by Erlang: with mailboxes, from which messages are
received according to repeated application of pattern matching. Furthermore,
this variant of CFSMs supports dynamic process topologies, capturing common
programming idioms in the context of actor-based message-passing concurrency.
This gives a new basis for modelling, specifying, and verifying Erlang
programs. We also consider a class of CAAs that give rise to freedom from race
conditions.Comment: In Proceedings PLACES 2023, arXiv:2304.0543
Self-Supervised Learning to Prove Equivalence Between Straight-Line Programs via Rewrite Rules
We target the problem of automatically synthesizing proofs of semantic
equivalence between two programs made of sequences of statements. We represent
programs using abstract syntax trees (AST), where a given set of
semantics-preserving rewrite rules can be applied on a specific AST pattern to
generate a transformed and semantically equivalent program. In our system, two
programs are equivalent if there exists a sequence of application of these
rewrite rules that leads to rewriting one program into the other. We propose a
neural network architecture based on a transformer model to generate proofs of
equivalence between program pairs. The system outputs a sequence of rewrites,
and the validity of the sequence is simply checked by verifying it can be
applied. If no valid sequence is produced by the neural network, the system
reports the programs as non-equivalent, ensuring by design no programs may be
incorrectly reported as equivalent. Our system is fully implemented for a given
grammar which can represent straight-line programs with function calls and
multiple types. To efficiently train the system to generate such sequences, we
develop an original incremental training technique, named self-supervised
sample selection. We extensively study the effectiveness of this novel training
approach on proofs of increasing complexity and length. Our system, S4Eq,
achieves 97% proof success on a curated dataset of 10,000 pairs of equivalent
programsComment: 30 pages including appendi
Composing games into complex institutions
Game theory is used by all behavioral sciences, but its development has long
centered around tools for relatively simple games and toy systems, such as the
economic interpretation of equilibrium outcomes. Our contribution,
compositional game theory, permits another approach of equally general appeal:
the high-level design of large games for expressing complex architectures and
representing real-world institutions faithfully. Compositional game theory,
grounded in the mathematics underlying programming languages, and introduced
here as a general computational framework, increases the parsimony of game
representations with abstraction and modularity, accelerates search and design,
and helps theorists across disciplines express real-world institutional
complexity in well-defined ways. Relative to existing approaches in game
theory, compositional game theory is especially promising for solving game
systems with long-range dependencies, for comparing large numbers of
structurally related games, and for nesting games into the larger logical or
strategic flows typical of real world policy or institutional systems.Comment: ~4000 words, 6 figure
Grasping nothing: a study of minimal ontologies and the sense of music
If music were to have a proper sense – one in which it is truly given – one might reasonably place this in sound and aurality. I contend, however, that no such sense exists; rather, the sense of music takes place, and it does so with the impossible. To this end, this thesis – which is a work of philosophy and music – advances an ontology of the impossible (i.e., it thinks the being of what, properly speaking, can have no being) and considers its implications for music, articulating how ontological aporias – of the event, of thinking the absolute, and of sovereignty’s dismemberment – imply senses of music that are anterior to sound. John Cage’s Silent Prayer, a nonwork he never composed, compels a rerethinking of silence on the basis of its contradictory status of existence; Florian Hecker et al.’s Speculative Solution offers a basis for thinking absolute music anew to the precise extent that it is a discourse of meaninglessness; and Manfred Werder’s [yearn] pieces exhibit exemplarily that music’s sense depends on the possibility of its counterfeiting. Inso-much as these accounts produce musical senses that take the place of sound, they are also understood to be performances of these pieces. Here, then, thought is music’s organon and its instrument
Теорія систем мобільних інфокомунікацій. Системна архітектура
Навчальний посібник містить опис логічних та фізичних структур, процедур,
алгоритмів, протоколів, принципів побудови і функціонування мереж
стільникового мобільного зв’язку (до 3G) і мобільних інфокомунікацій (4G і вище),
приділяючи увагу розгляду загальних архітектур мереж операторів мобільного
зв’язку, їх управління і координування, неперервності еволюції розвитку засобів
функціонування і способів надання послуг таких мереж. Посібник структурно має
сім розділів і побудований так, що складність матеріалу зростає з кожним
наступним розділом. Навчальний посібник призначено для здобувачів ступеня
бакалавра за спеціальністю 172 «Телекомунікації та радіотехніка», буде також
корисним для аспірантів, наукових та інженерно-технічних працівників за
напрямом інформаційно-телекомунікаційних систем та технологій.The manual contains a description of the logical and physical structures, procedures, algorithms, protocols, principles of construction and operation of cellular networks for mobile communications (up to 3G) and mobile infocommunications (4G and higher), paying attention to the consideration of general architectures of mobile operators' networks, their management, and coordination, the continuous evolution of the development of the means of operation and methods of providing services of such networks. The manual has seven structural sections and is structured in such a way that the complexity of the material increases with each subsequent chapter. The textbook is intended for applicants for a bachelor's degree in specialty 172 "Telecommunications and Radio Engineering", and will also be useful to graduate students, and scientific and engineering workers in the direction of information and telecommunication systems and technologies
- …