18,798 research outputs found

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Technical Dimensions of Programming Systems

    Get PDF
    Programming requires much more than just writing code in a programming language. It is usually done in the context of a stateful environment, by interacting with a system through a graphical user interface. Yet, this wide space of possibilities lacks a common structure for navigation. Work on programming systems fails to form a coherent body of research, making it hard to improve on past work and advance the state of the art. In computer science, much has been said and done to allow comparison of programming languages, yet no similar theory exists for programming systems; we believe that programming systems deserve a theory too. We present a framework of technical dimensions which capture the underlying characteristics of programming systems and provide a means for conceptualizing and comparing them. We identify technical dimensions by examining past influential programming systems and reviewing their design principles, technical capabilities, and styles of user interaction. Technical dimensions capture characteristics that may be studied, compared and advanced independently. This makes it possible to talk about programming systems in a way that can be shared and constructively debated rather than relying solely on personal impressions. Our framework is derived using a qualitative analysis of past programming systems. We outline two concrete ways of using our framework. First, we show how it can analyze a recently developed novel programming system. Then, we use it to identify an interesting unexplored point in the design space of programming systems. Much research effort focuses on building programming systems that are easier to use, accessible to non-experts, moldable and/or powerful, but such efforts are disconnected. They are informal, guided by the personal vision of their authors and thus are only evaluable and comparable on the basis of individual experience using them. By providing foundations for more systematic research, we can help programming systems researchers to stand, at last, on the shoulders of giants

    Implementing Health Impact Assessment as a Required Component of Government Policymaking: A Multi-Level Exploration of the Determinants of Healthy Public Policy

    Get PDF
    It is widely understood that the public policies of ‘non-health’ government sectors have greater impacts on population health than those of the traditional healthcare realm. Health Impact Assessment (HIA) is a decision support tool that identifies and promotes the health benefits of policies while also mitigating their unintended negative consequences. Despite numerous calls to do so, the Ontario government has yet to implement HIA as a required component of policy development. This dissertation therefore sought to identify the contexts and factors that may both enable and impede HIA use at the sub-national (i.e., provincial, territorial, or state) government level. The three integrated articles of this dissertation provide insights into specific aspects of the policy process as they relate to HIA. Chapter one details a case study of purposive information-seeking among public servants within Ontario’s Ministry of Education (MOE). Situated within Ontario’s Ministry of Health (MOH), chapter two presents a case study of policy collaboration between health and ‘non-health’ ministries. Finally, chapter three details a framework analysis of the political factors supporting health impact tool use in two sub-national jurisdictions – namely, Québec and South Australia. MOE respondents (N=9) identified four components of policymaking ‘due diligence’, including evidence retrieval, consultation and collaboration, referencing, and risk analysis. As prospective HIA users, they also confirmed that information is not routinely sought to mitigate the potential negative health impacts of education-based policies. MOH respondents (N=8) identified the bureaucratic hierarchy as the brokering mechanism for inter-ministerial policy development. As prospective HIA stewards, they also confirmed that the ministry does not proactively flag the potential negative health impacts of non-health sector policies. Finally, ‘lessons learned’ from case articles specific to Québec (n=12) and South Australia (n=17) identified the political factors supporting tool use at different stages of the policy cycle, including agenda setting (‘policy elites’ and ‘political culture’), implementation (‘jurisdiction’), and sustained implementation (‘institutional power’). This work provides important insights into ‘real life’ policymaking. By highlighting existing facilitators of and barriers to HIA use, the findings offer a useful starting point from which proponents may tailor context-specific strategies to sustainably implement HIA at the sub-national government level

    Gamification in E-Learning: game factors to strengthen specific English pronunciation features in undergraduate students at UPTC Sogamoso

    Get PDF
    Appendix A Characterization survey (104), Appendix B. EFL Students’ questionnaire (109), Appendix C. Characterization survey: data treatment question (113), Appendix D. Informed consent letter, English version (114), Appendix E. Carta de consentimiento informado, versión en español (117), Appendix F. Time Schedule (120), Appendix G. Sample Challenges at Moodle (126), Appendix H. Participants’ questionnaire results (128).La gamificación es un término que suele denotar el uso de componentes del juego en situaciones no relacionadas con el juego en sí para crear experiencias de aprendizaje agradables, divertidas y motivadoras para los estudiantes (Werbach y Hunter, 2012). Por lo tanto, el análisis de los factores básicos de los juegos se convierte en algo esencial a la hora de definir y utilizar la gamificación como estrategia de mediación del inglés como lengua extranjera para fortalecer rasgos específicos de pronunciación en los estudiantes de pregrado de la UPTC Sogamoso. El procedimiento de estudio se basa en la investigación acción mediante la implementación de la estrategia de gamificación para la mediación en la pronunciación del inglés, orientada a treinta estudiantes de diferentes programas de ingeniería, administración y tecnología con niveles heterogéneos de dominio del inglés. Las actividades se centran principalmente en la producción de sonidos, el ritmo, el acento y la entonación, los rasgos de pronunciación segmental y suprasegmental. Los resultados arrojaron una evidente mejora en las características segméntales y suprasegmentales de la percepción en la pronunciación de los participantes así como la contribución del objetivo de los juegos a la instrucción fonética y fonológica, la sensación en el juego a la motivación para mejorar la pronunciación, el reto establecido en los juegos a la actitud positiva de los participantes, y la sociabilidad a la exposición practica de la pronunciación inglesa.Gamification is a relatively new term that often denotes the use of game components in situations unrelated to the game itself to create enjoyable, fun, and motivating learning experiences for students (Werbach and Hunter, 2012). Therefore, analyzing the games' basic factors becomes essential when defining and using gamification as a strategy for English as Foreign Language mediation to strengthen specific pronunciation features in UPTC Sogamoso undergraduate students. The study procedure is based on action research by implementing the gamification strategy for mediation in English pronunciation, oriented to thirty students from different engineering, management, and technology programs at heterogeneous levels of English proficiency. The activities mainly focus on sound production, rhythm, stress, and intonation, segmental and suprasegmental pronunciation features. The results showed an evident improvement in the segmental and suprasegmental features of the participants' pronunciation perception as well as the contribution of game goals to phonetics and phonological instruction, the game sensation to the motivation for pronunciation improvement, the game challenge to the participants' positive attitude, and the sociality to the English pronunciation exposure practice

    Towards a more just refuge regime: quotas, markets and a fair share

    Get PDF
    The international refugee regime is beset by two problems: Responsibility for refuge falls disproportionately on a few states and many owed refuge do not get it. In this work, I explore remedies to these problems. One is a quota distribution wherein states are distributed responsibilities via allotment. Another is a marketized quota system wherein states are free to buy and sell their allotments with others. I explore these in three parts. In Part 1, I develop the prime principles upon which a just regime is built and with which alternatives can be adjudicated. The first and most important principle – ‘Justice for Refugees’ – stipulates that a just regime provides refuge for all who have a basic interest in it. The second principle – ‘Justice for States’ – stipulates that a just distribution of refuge responsibilities among states is one that is capacity considerate. In Part 2, I take up several vexing questions regarding the distribution of refuge responsibilities among states in a collective effort. First, what is a state’s ‘fair share’? The answer requires the determination of some logic – some metric – with which a distribution is determined. I argue that one popular method in the political theory literature – a GDP-based distribution – is normatively unsatisfactory. In its place, I posit several alternative metrics that are more attuned with the principles of justice but absent in the political theory literature: GDP adjusted for Purchasing Power Parity and the Human Development Index. I offer an exploration of both these. Second, are states required to ‘take up the slack’ left by defaulting peers? Here, I argue that duties of help remain intact in cases of partial compliance among states in the refuge regime, but that political concerns may require that such duties be applied with caution. I submit that a market instrument offers one practical solution to this problem, as well as other advantages. In Part 3, I take aim at marketization and grapple with its many pitfalls: That marketization is commodifying, that it is corrupting, and that it offers little advantage in providing quality protection for refugees. In addition to these, I apply a framework of moral markets developed by Debra Satz. I argue that a refuge market may satisfy Justice Among States, but that it is violative of the refugees’ welfare interest in remaining free of degrading and discriminatory treatment

    Supernatural crossing in Republican Chinese fiction, 1920s–1940s

    Get PDF
    This dissertation studies supernatural narratives in Chinese fiction from the mid-1920s to the 1940s. The literary works present phenomena or elements that are or appear to be supernatural, many of which remain marginal or overlooked in Sinophone and Anglophone academia. These sources are situated in the May Fourth/New Culture ideological context, where supernatural narratives had to make way for the progressive intellectuals’ literary realism and their allegorical application of supernatural motifs. In the face of realism, supernatural narratives paled, dismissed as impractical fantasies that distract one from facing and tackling real life. Nevertheless, I argue that the supernatural narratives do not probe into another mystical dimension that might co-exist alongside the empirical world. Rather, they imagine various cases of the characters’ crossing to voice their discontent with contemporary society or to reflect on the notion of reality. “Crossing” relates to characters’ acts or processes of trespassing the boundary that separates the supernatural from the conventional natural world, thus entailing encounters and interaction between the natural and the supernatural. The dissertation examines how crossing, as a narrative device, disturbs accustomed and mundane situations, releases hidden tensions, and discloses repressed truths in Republican fiction. There are five types of crossing in the supernatural narratives. Type 1 is the crossing into “haunted” houses. This includes (intangible) human agency crossing into domestic spaces and revealing secrets and truths concealed by the scary, feigned ‘haunting’, thus exposing the hidden evil and the other house occupiers’ silenced, suffocated state. Type 2 is men crossing into female ghosts’ apparitional residences. The female ghosts allude to heart-breaking, traumatic experiences in socio-historical reality, evoking sympathetic concern for suffering individuals who are caught in social upheavals. Type 3 is the crossing from reality into the characters’ delusional/hallucinatory realities. While they physically remain in the empirical world, the characters’ abnormal perceptions lead them to exclusive, delirious, and quasi-supernatural experiences of reality. Their crossings blur the concrete boundaries between the real and the unreal on the mental level: their abnormal perceptions construct a significant, meaningful reality for them, which may be as real as the commonly regarded objective reality. Type 4 is the crossing into the netherworld modelled on the real world in the authors’ observation and bears a spectrum of satirised objects of the Republican society. The last type is immortal visitors crossing into the human world. This type satirises humanity’s vices and destructive potential. The primary sources demonstrate their writers’ witty passion to play with super--natural notions and imagery (such as ghosts, demons, and immortals) and stitch them into vivid, engaging scenes using techniques such as the gothic, the grotesque, and the satirical, in order to evoke sentiments such as terror, horror, disgust, dis--orientation, or awe, all in service of their insights into realist issues. The works also creatively tailor traditional Chinese modes and motifs, which exemplifies the revival of Republican interest in traditional cultural heritage. The supernatural narratives may amaze or disturb the reader at first, but what is more shocking, unpleasantly nudging, or thought-provoking is the problematic society and people’s lives that the supernatural (misunderstandings) eventually reveals. They present a more compre--hensive treatment of reality than Republican literature with its revolutionary consciousness surrounding class struggle. The critical perspectives of the supernatural narratives include domestic space, unacknowledged history and marginal individuals, abnormal mentality, and pervasive weaknesses in humanity. The crossing and supernatural narratives function as a means of better understanding the lived reality. This study gathers diverse primary sources written by Republican writers from various educational and political backgrounds and interprets them from a rare perspective, thus filling a research gap. It promotes a fuller view of supernatural narratives in twentieth-century Chinese literature. In terms of reflecting the social and personal reality of the Republican era, the supernatural narratives supplement the realist fiction of the time

    The developing maternal-infant relationship: a qualitative longitudinal study

    Get PDF
    Aim The study aimed to explore maternal perceptions and the use of knowledge relating to their infant’s mental health over time using qualitative longitudinal research. Background There has been a growing interest in infant mental health over recent years. Much of this interest is directed through the lens of infant determinism, through knowledge regarding neurological development resulting in biological determinism. Research and policy in this field are directed toward individual parenting behaviours, usually focused on the mother. Despite this, there is little attention given to maternal perspectives of infant mental health, indicating that a more innovative approach to methodology is required. Methods This study took a qualitative longitudinal approach, and interviews were undertaken with seven mothers from the third trimester of pregnancy and then throughout the first year of the infant’s life. Interviews were conducted at 34 weeks of pregnancy, and then when the infant was 6 and 12 weeks, 6, 9, and 12 months, alongside the collection of researcher field notes—a total of 41 interviews. Data were analysed by creating case profiles, memos, and summaries, and then cross-comparison of the emerging narratives. A psycho-socially informed approach was taken to the analysis of data. Findings Three interrelated themes emerged from the data: evolving maternal identity, growing a person, and creating a safe space. The theme of evolving maternal identity dominated the other themes of growing a person and creating a safe space in a way that met perceived socio-cultural requirements for mothering and childcare practices. Participants’ personal stories give voice to their perceptions of the developing maternal-infant relationship in the context of their socio-cultural setting, relationships with others, and experiences over time. Conclusions This study adds new knowledge by giving mothers a voice to express how the maternal-infant relationship develops over time. The findings demonstrate how the developing maternal-infant relationship grows in response to their mutual needs as the mother works to create and sustain identities for herself and the infant that will fit within their socio-cultural context and individual situations. Additionally, the findings illustrate the importance of temporal considerations, social networks, and intergenerational relationships to this evolving process. Recommendations for practice, policy, and education are made that reflect the unique relationship between mother and infant and the need to conceptualise this using an ecological approach

    Digital asset management via distributed ledgers

    Get PDF
    Distributed ledgers rose to prominence with the advent of Bitcoin, the first provably secure protocol to solve consensus in an open-participation setting. Following, active research and engineering efforts have proposed a multitude of applications and alternative designs, the most prominent being Proof-of-Stake (PoS). This thesis expands the scope of secure and efficient asset management over a distributed ledger around three axes: i) cryptography; ii) distributed systems; iii) game theory and economics. First, we analyze the security of various wallets. We start with a formal model of hardware wallets, followed by an analytical framework of PoS wallets, each outlining the unique properties of Proof-of-Work (PoW) and PoS respectively. The latter also provides a rigorous design to form collaborative participating entities, called stake pools. We then propose Conclave, a stake pool design which enables a group of parties to participate in a PoS system in a collaborative manner, without a central operator. Second, we focus on efficiency. Decentralized systems are aimed at thousands of users across the globe, so a rigorous design for minimizing memory and storage consumption is a prerequisite for scalability. To that end, we frame ledger maintenance as an optimization problem and design a multi-tier framework for designing wallets which ensure that updates increase the ledger’s global state only to a minimal extent, while preserving the security guarantees outlined in the security analysis. Third, we explore incentive-compatibility and analyze blockchain systems from a micro and a macroeconomic perspective. We enrich our cryptographic and systems' results by analyzing the incentives of collective pools and designing a state efficient Bitcoin fee function. We then analyze the Nash dynamics of distributed ledgers, introducing a formal model that evaluates whether rational, utility-maximizing participants are disincentivized from exhibiting undesirable infractions, and highlighting the differences between PoW and PoS-based ledgers, both in a standalone setting and under external parameters, like market price fluctuations. We conclude by introducing a macroeconomic principle, cryptocurrency egalitarianism, and then describing two mechanisms for enabling taxation in blockchain-based currency systems

    How to Be a God

    Get PDF
    When it comes to questions concerning the nature of Reality, Philosophers and Theologians have the answers. Philosophers have the answers that can’t be proven right. Theologians have the answers that can’t be proven wrong. Today’s designers of Massively-Multiplayer Online Role-Playing Games create realities for a living. They can’t spend centuries mulling over the issues: they have to face them head-on. Their practical experiences can indicate which theoretical proposals actually work in practice. That’s today’s designers. Tomorrow’s will have a whole new set of questions to answer. The designers of virtual worlds are the literal gods of those realities. Suppose Artificial Intelligence comes through and allows us to create non-player characters as smart as us. What are our responsibilities as gods? How should we, as gods, conduct ourselves? How should we be gods
    corecore