1,016 research outputs found
The Montclarion, April 05, 2012
Student Newspaper of Montclair State Universityhttps://digitalcommons.montclair.edu/montclarion/1978/thumbnail.jp
The Montclarion, April 05, 2012
Student Newspaper of Montclair State Universityhttps://digitalcommons.montclair.edu/montclarion/1955/thumbnail.jp
Defending against Sybil Devices in Crowdsourced Mapping Services
Real-time crowdsourced maps such as Waze provide timely updates on traffic,
congestion, accidents and points of interest. In this paper, we demonstrate how
lack of strong location authentication allows creation of software-based {\em
Sybil devices} that expose crowdsourced map systems to a variety of security
and privacy attacks. Our experiments show that a single Sybil device with
limited resources can cause havoc on Waze, reporting false congestion and
accidents and automatically rerouting user traffic. More importantly, we
describe techniques to generate Sybil devices at scale, creating armies of
virtual vehicles capable of remotely tracking precise movements for large user
populations while avoiding detection. We propose a new approach to defend
against Sybil devices based on {\em co-location edges}, authenticated records
that attest to the one-time physical co-location of a pair of devices. Over
time, co-location edges combine to form large {\em proximity graphs} that
attest to physical interactions between devices, allowing scalable detection of
virtual vehicles. We demonstrate the efficacy of this approach using
large-scale simulations, and discuss how they can be used to dramatically
reduce the impact of attacks against crowdsourced mapping services.Comment: Measure and integratio
Critically engaging engineering in place by localizing counternarratives in engineering design
In this manuscript, we use the construct of critical epistemologies of place to frame our exploration of how to support engineering design among youth who have historically been marginalized from the domain, and its implications for educational settings. We present an in-depth longitudinal case study of one 12-year-old African American boy to raise questions of what it means for this youth to engage in engineering design in collaboration with the people around in him—experts and knowledgeable others in his community space and how this engagement supports his work in science and engineering. This study suggests that engaging engineering design through a critical epistemology of place involves an iterative and generative process of layering community wisdom and knowledge onto STEM toward (a) how epistemologies of place—and their layers—challenge dominant master narratives, (b) reimagining practices in place, and (c) transforming the dangerous territory of STEM. Our study expands upon current understandings of supporting youth in engaging engineering through highlighting the vital role of sociohistorically constructed understandings of STEM and community in determining when, how, and why engineering takes place
Recommended from our members
Mediating intimacy online: authenticity, magazines and chasing the clicks
This paper offers a production-based study of online consumer magazines for – and largely by – millennial women, with a particular focus on sex and relationship content. Adopting a feminist discourse analytic approach and a solidary-critical position, I examine 62 interviews conducted with producers, mainly writers and editors, from 12 publications based in the UK and Spain. The analysis maps how notions of intimacy penetrate different dimensions of the magazine, along with networks of influence for the development of content about sex and relationships, marked by a perceived shift from ‘experts’ to ‘real life’. The ways in which producers describe the particularities of woman’s magazine online journalism and dis/articulate a range of critiques are also explored. The paper highlights the increasing importance of ideas about authenticity for these media, making connections to online cultures, a reinvigorated interest in feminism, and contemporary branding strategies. Ultimately, I argue that journalists at women’s magazines simultaneously (re)produce, suffer and contest sexist media, deserving further feminist scholarly attention, and our solidarity as well as critique
Intensive Recrystallization-Controlled Rolling of High-Temperature-Processing Linepipe Steel with Low Niobium Content
The goal of this research was to gain a systematic understanding of the major factors that control the mechanical behavior and the final microstructure of a linepipe steel after High Temperature Processing and Controlled Cooling processing. Based on this in-depth knowledge, an innovative hot deformation process for optimized microstructure, strength and impact toughness using less alloying content was developed.
The science and understanding of the underlying phenomena in High-Temperature Processing (HTP) of a new alloy is the focus of this work. Nb content was considered an important variable, an opportunity for its reduction was hypothesized and proved. HSLA linepipe steel with three different Nb contents (0.09, 0.07 and 0.05wt%) was compared through two different deformation approaches. The conventional approach, having thickness reductions of 75% in roughing and 67% in finishing deformation passes. And the Intensive Recrystallization-Controlled Rolling (IRCR), having 85% reduction in roughing and 46% in finishing. Mechanisms were found, that explain for these alloys the grain coarsening behavior of austenite, the mean flow stress at rolling temperatures, the temperature of non-recrystallization, the precipitation in all stages of the process and the transformations involved from slab-reheating to plate-coiling.
An innovative hot deformation process was introduced, the IRCR process. While this work focused on the science, IRCR was devised as a robust thermomechanical process that can easily be scaled up to industrial proportions. This process achieved improved microstructural control, used less alloying and required less time for product processing. The microstructural control derived in improved mechanical properties and minimized variability through thick linepipe products (15-19mm). The science and engineering involved are presented and discussed in this document
Spartan Daily, September 3, 2015
Volume 145, Issue 6https://scholarworks.sjsu.edu/spartandaily/8213/thumbnail.jp
PRECEPT:a framework for ethical digital forensics investigations
Purpose: Cyber-enabled crimes are on the increase, and law enforcement has had to expand many of their detecting activities into the digital domain. As such, the field of digital forensics has become far more sophisticated over the years and is now able to uncover even more evidence that can be used to support prosecution of cyber criminals in a court of law. Governments, too, have embraced the ability to track suspicious individuals in the online world. Forensics investigators are driven to gather data exhaustively, being under pressure to provide law enforcement with sufficient evidence to secure a conviction. Yet, there are concerns about the ethics and justice of untrammeled investigations on a number of levels. On an organizational level, unconstrained investigations could interfere with, and damage, the organization’s right to control the disclosure of their intellectual capital. On an individual level, those being investigated could easily have their legal privacy rights violated by forensics investigations. On a societal level, there might be a sense of injustice at the perceived inequality of current practice in this domain. This paper argues the need for a practical, ethically-grounded approach to digital forensic investigations, one that acknowledges and respects the privacy rights of individuals and the intellectual capital disclosure rights of organisations, as well as acknowledging the needs of law enforcement. We derive a set of ethical guidelines, then map these onto a forensics investigation framework. We subjected the framework to expert review in two stages, refining the framework after each stage. We conclude by proposing the refined ethically-grounded digital forensics investigation framework. Our treatise is primarily UK based, but the concepts presented here have international relevance and applicability.Design methodology: In this paper, the lens of justice theory is used to explore the tension that exists between the needs of digital forensic investigations into cybercrimes on the one hand, and, on the other, individuals’ rights to privacy and organizations’ rights to control intellectual capital disclosure.Findings: The investigation revealed a potential inequality between the practices of digital forensics investigators and the rights of other stakeholders. That being so, the need for a more ethically-informed approach to digital forensics investigations, as a remedy, is highlighted, and a framework proposed to provide this.Practical Implications: Our proposed ethically-informed framework for guiding digital forensics investigations suggest a way of re-establishing the equality of the stakeholders in this arena, and ensuring that the potential for a sense of injustice is reduced.Originality/value: Justice theory is used to highlight the difficulties in squaring the circle between the rights and expectations of all stakeholders in the digital forensics arena. The outcome is the forensics investigation guideline, PRECEpt: Privacy-Respecting EthiCal framEwork, which provides the basis for a re-aligning of the balance between the requirements and expectations of digital forensic investigators on the one hand, and individual and organizational expectations and rights, on the other
Hidden in Plain Sight: Exploring Encrypted Channels in Android apps
As privacy features in Android operating system improve, privacy-invasive
apps may gradually shift their focus to non-standard and covert channels for
leaking private user/device information. Such leaks also remain largely
undetected by state-of-the-art privacy analysis tools, which are very effective
in uncovering privacy exposures via regular HTTP and HTTPS channels. In this
study, we design and implement, ThirdEye, to significantly extend the
visibility of current privacy analysis tools, in terms of the exposures that
happen across various non-standard and covert channels, i.e., via any protocol
over TCP/UDP (beyond HTTP/S), and using multi-layer custom encryption over
HTTP/S and non-HTTP protocols. Besides network exposures, we also consider
covert channels via storage media that also leverage custom encryption layers.
Using ThirdEye, we analyzed 12,598 top-apps in various categories from
Androidrank, and found that 2887/12,598 (22.92%) apps used custom
encryption/decryption for network transmission and storing content in shared
device storage, and 2465/2887 (85.38%) of those apps sent device information
(e.g., advertising ID, list of installed apps) over the network that can
fingerprint users. Besides, 299 apps transmitted insecure encrypted content
over HTTP/non-HTTP protocols; 22 apps that used authentication tokens over
HTTPS, happen to expose them over insecure (albeit custom encrypted)
HTTP/non-HTTP channels. We found non-standard and covert channels with multiple
levels of obfuscation (e.g., encrypted data over HTTPS, encryption at nested
levels), and the use of vulnerable keys and cryptographic algorithms. Our
findings can provide valuable insights into the evolving field of non-standard
and covert channels, and help spur new countermeasures against such privacy
leakage and security issues.Comment: Extended version of an ACM CCS 2022 pape
- …