10,285 research outputs found

    Sistema de bloqueio de computadores

    Get PDF
    Mestrado em Engenharia de Computadores e TelemáticaThe use of multiple computing devices per person is increasing more and more. Nowadays is normal that mobile devices like smartphones, tablets and laptops are present in the everyday life of a single person and in many cases people use these devices to perform important operations related with their professional life. This also presents a problem, as these devices come with the user in everyday life and the fact that often they have a high monetary value means that these devices are susceptible to theft. This thesis introduces a computer locking system that distinguishes itself from existing similar systems because (i) it is designed to work independently of the Operating System(s) installed on the laptop or mobile device, (ii) depends on a firrmware driver that implements the lock operation making it resistant to storage device formats or any other attack that uses software operations. It is also explored the operation of a device that has a firrmware that follows the Unified Extensible Firmware Interface (UEFI) specification as well as the development of drivers for this type of firrmware. It was also developed a security protocol and various cryptographic techniques where explored and implemented.O uso de vários dispositivos computacionais por pessoa está a aumentar cada vez mais. Hoje em dia é normal dispositivos móveis como o smartphone, tablet e computador portátil estarem presentes no quotidiano das pessoas e em muitos casos as pessoas necessitam de realizar tarefas na sua vida profissional nestes dispositivos. Isto apresenta também um problema, como estes dispositivos acompanham o utilizador no dia a dia e pelo facto de muitas vezes terem um valor monetário elevado faz com que estes dispositivos sejam suscetíveis a roubos. Esta tese introduz um sistema de bloqueio de computadores que se distingue dos sistemas similares existentes porque, (i) _e desenhado para funcionar independentemente do(s) sistema(s) operativo(s) instalado(s) no computador portátil ou no dispositivo móvel, (ii) depende de um driver do firrmware que concretiza a operação de bloqueio fazendo com que seja resistente contra formatação do dispositivo de armazenamento ou qualquer outro ataque que tenho por base a utilização de software. É explorado então o funcionamento de um dispositivo que tenha um firmware que respeita a especificação Unfied Extensible Firmware Interface (UEFI) assim como a programação de drivers para este tipo de firmware. Foi também desenvolvido um protocolo de segurança e são exploradas várias técnicas criptográficas passiveis de serem implementadas

    The Metaverse: Survey, Trends, Novel Pipeline Ecosystem & Future Directions

    Full text link
    The Metaverse offers a second world beyond reality, where boundaries are non-existent, and possibilities are endless through engagement and immersive experiences using the virtual reality (VR) technology. Many disciplines can benefit from the advancement of the Metaverse when accurately developed, including the fields of technology, gaming, education, art, and culture. Nevertheless, developing the Metaverse environment to its full potential is an ambiguous task that needs proper guidance and directions. Existing surveys on the Metaverse focus only on a specific aspect and discipline of the Metaverse and lack a holistic view of the entire process. To this end, a more holistic, multi-disciplinary, in-depth, and academic and industry-oriented review is required to provide a thorough study of the Metaverse development pipeline. To address these issues, we present in this survey a novel multi-layered pipeline ecosystem composed of (1) the Metaverse computing, networking, communications and hardware infrastructure, (2) environment digitization, and (3) user interactions. For every layer, we discuss the components that detail the steps of its development. Also, for each of these components, we examine the impact of a set of enabling technologies and empowering domains (e.g., Artificial Intelligence, Security & Privacy, Blockchain, Business, Ethics, and Social) on its advancement. In addition, we explain the importance of these technologies to support decentralization, interoperability, user experiences, interactions, and monetization. Our presented study highlights the existing challenges for each component, followed by research directions and potential solutions. To the best of our knowledge, this survey is the most comprehensive and allows users, scholars, and entrepreneurs to get an in-depth understanding of the Metaverse ecosystem to find their opportunities and potentials for contribution

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Associated Random Neural Networks for Collective Classification of Nodes in Botnet Attacks

    Full text link
    Botnet attacks are a major threat to networked systems because of their ability to turn the network nodes that they compromise into additional attackers, leading to the spread of high volume attacks over long periods. The detection of such Botnets is complicated by the fact that multiple network IP addresses will be simultaneously compromised, so that Collective Classification of compromised nodes, in addition to the already available traditional methods that focus on individual nodes, can be useful. Thus this work introduces a collective Botnet attack classification technique that operates on traffic from an n-node IP network with a novel Associated Random Neural Network (ARNN) that identifies the nodes which are compromised. The ARNN is a recurrent architecture that incorporates two mutually associated, interconnected and architecturally identical n-neuron random neural networks, that act simultneously as mutual critics to reach the decision regarding which of n nodes have been compromised. A novel gradient learning descent algorithm is presented for the ARNN, and is shown to operate effectively both with conventional off-line training from prior data, and with on-line incremental training without prior off-line learning. Real data from a 107 node packet network is used with over 700,000 packets to evaluate the ARNN, showing that it provides accurate predictions. Comparisons with other well-known state of the art methods using the same learning and testing datasets, show that the ARNN offers significantly better performance

    A Decision Support System for Economic Viability and Environmental Impact Assessment of Vertical Farms

    Get PDF
    Vertical farming (VF) is the practice of growing crops or animals using the vertical dimension via multi-tier racks or vertically inclined surfaces. In this thesis, I focus on the emerging industry of plant-specific VF. Vertical plant farming (VPF) is a promising and relatively novel practice that can be conducted in buildings with environmental control and artificial lighting. However, the nascent sector has experienced challenges in economic viability, standardisation, and environmental sustainability. Practitioners and academics call for a comprehensive financial analysis of VPF, but efforts are stifled by a lack of valid and available data. A review of economic estimation and horticultural software identifies a need for a decision support system (DSS) that facilitates risk-empowered business planning for vertical farmers. This thesis proposes an open-source DSS framework to evaluate business sustainability through financial risk and environmental impact assessments. Data from the literature, alongside lessons learned from industry practitioners, would be centralised in the proposed DSS using imprecise data techniques. These techniques have been applied in engineering but are seldom used in financial forecasting. This could benefit complex sectors which only have scarce data to predict business viability. To begin the execution of the DSS framework, VPF practitioners were interviewed using a mixed-methods approach. Learnings from over 19 shuttered and operational VPF projects provide insights into the barriers inhibiting scalability and identifying risks to form a risk taxonomy. Labour was the most commonly reported top challenge. Therefore, research was conducted to explore lean principles to improve productivity. A probabilistic model representing a spectrum of variables and their associated uncertainty was built according to the DSS framework to evaluate the financial risk for VF projects. This enabled flexible computation without precise production or financial data to improve economic estimation accuracy. The model assessed two VPF cases (one in the UK and another in Japan), demonstrating the first risk and uncertainty quantification of VPF business models in the literature. The results highlighted measures to improve economic viability and the viability of the UK and Japan case. The environmental impact assessment model was developed, allowing VPF operators to evaluate their carbon footprint compared to traditional agriculture using life-cycle assessment. I explore strategies for net-zero carbon production through sensitivity analysis. Renewable energies, especially solar, geothermal, and tidal power, show promise for reducing the carbon emissions of indoor VPF. Results show that renewably-powered VPF can reduce carbon emissions compared to field-based agriculture when considering the land-use change. The drivers for DSS adoption have been researched, showing a pathway of compliance and design thinking to overcome the ‘problem of implementation’ and enable commercialisation. Further work is suggested to standardise VF equipment, collect benchmarking data, and characterise risks. This work will reduce risk and uncertainty and accelerate the sector’s emergence

    INVESTIGATING THE PERCEPTION OF EXPATRIATES TOWARDS IMMIGRATION SERVICE QUALITY IN SHARJAH, UNITED ARAB EMIRATES THROUGH MIXED METHOD APPROACH

    Get PDF
    The public sectors in UAE are under immense pressure to demonstrate that their services are customer-focused and that continuous performance improvement is being delivered. The United Arab Emirates is a favoured destination for expatriates due to its own citizens form a minority of the population and are barely represented in the private sector workforce. These highly unusual demographics confer high importance on the national immigration services. Recently, increased interest in international migration, specifically within the United Arab Emirates, has been shown both by government agencies and by the governments of industrialised countries. Given the importance of the expatriate labour force to economic stability and growth in the Emirates, this research investigates how immigration services are perceived, with the aim of contributing to their improvement, thus ultimately supporting economic growth. It proposes a service quality perception framework to improve understanding within SID of how to raise levels of service delivered to migrants and other persons directly or indirectly affected by SID services. Qualitative data were collected by means of semi-structured interviews and quantitative data by means of a questionnaire survey based on the abovementioned framework. The survey data, on the variables influencing participants’ experiences and perceptions of SID services, were subjected to statistical analysis. The framework was then used to evaluate quality of service in terms of general impressions, delivery, location, response, SID culture and behaviour. Numerical data were analysed using inferential and descriptive statistics. It was found that service quality positively influenced service behaviour and that this relationship was mediated by SID culture. This research makes an original contribution to knowledge as one of the few studies of immigration to the United Arab Emirates. By examining the workings of one immigration department, it adds to the literature on immigration departments and organisational development in developing countries. It illuminates the mechanics of immigration services and demonstrates their increasing importance to the world economy

    Defining Service Level Agreements in Serverless Computing

    Get PDF
    The emergence of serverless computing has brought significant advancements to the delivery of computing resources to cloud users. With the abstraction of infrastructure, ecosystem, and execution environments, users could focus on their code while relying on the cloud provider to manage the abstracted layers. In addition, desirable features such as autoscaling and high availability became a provider’s responsibility and can be adopted by the user\u27s application at no extra overhead. Despite such advancements, significant challenges must be overcome as applications transition from monolithic stand-alone deployments to the ephemeral and stateless microservice model of serverless computing. These challenges pertain to the uniqueness of the conceptual and implementation models of serverless computing. One of the notable challenges is the complexity of defining Service Level Agreements (SLA) for serverless functions. As the serverless model shifts the administration of resources, ecosystem, and execution layers to the provider, users become mere consumers of the provider’s abstracted platform with no insight into its performance. Suboptimal conditions of the abstracted layers are not visible to the end-user who has no means to assess their performance. Thus, SLA in serverless computing must take into consideration the unique abstraction of its model. This work investigates the Service Level Agreement (SLA) modeling of serverless functions\u27 and serverless chains’ executions. We highlight how serverless SLA fundamentally differs from earlier cloud delivery models. We then propose an approach to define SLA for serverless functions by utilizing resource utilization fingerprints for functions\u27 executions and a method to assess if executions adhere to that SLA. We evaluate the approach’s accuracy in detecting SLA violations for a broad range of serverless application categories. Our validation results illustrate a high accuracy in detecting SLA violations resulting from resource contentions and provider’s ecosystem degradations. We conclude by presenting the empirical validation of our proposed approach, which could detect Execution-SLA violations with accuracy up to 99%

    A Comparative Study on Students’ Learning Expectations of Entrepreneurship Education in the UK and China

    Get PDF
    Entrepreneurship education has become a critical subject in academic research and educational policy design, occupying a central role in contemporary education globally. However, a review of the literature indicates that research on entrepreneurship education is still in a relatively early stage. Little is known about how entrepreneurship education learning is affected by the environmental context to date. Therefore, combining the institutional context and focusing on students’ learning expectations as a novel perspective, the main aim of the thesis is to address the knowledge gap by developing an original conceptual framework to advance understanding of the dynamic learning process of entrepreneurship education through the lens of self-determination theory, thereby providing a basis for advancing understanding of entrepreneurship education. The author adopted an epistemological positivism philosophy and a deductive approach. This study gathered 247 valid questionnaires from the UK (84) and China (163). It requested students to recall their learning expectations before attending their entrepreneurship courses and to assess their perceptions of learning outcomes after taking the entrepreneurship courses. It was found that entrepreneurship education policy is an antecedent that influences students' learning expectations, which is represented in the difference in student autonomy. British students in active learning under a voluntary education policy have higher autonomy than Chinese students in passive learning under a compulsory education policy, thus having higher learning expectations, leading to higher satisfaction. The positive relationship between autonomy and learning expectations is established, which adds a new dimension to self-determination theory. Furthermore, it is also revealed that the change in students’ entrepreneurial intentions before and after their entrepreneurship courses is explained by understanding the process of a business start-up (positive), hands-on business start-up opportunities (positive), students’ actual input (positive) and tutors’ academic qualification (negative). The thesis makes contributions to both theory and practice. The findings have far reaching implications for different parties, including policymakers, educators, practitioners and researchers. Understanding and shaping students' learning expectations is a critical first step in optimising entrepreneurship education teaching and learning. On the one hand, understanding students' learning expectations of entrepreneurship and entrepreneurship education can help the government with educational interventions and policy reform, as well as improving the quality and delivery of university-based entrepreneurship education. On the other hand, entrepreneurship education can assist students in establishing correct and realistic learning expectations and entrepreneurial conceptions, which will benefit their future entrepreneurial activities and/or employment. An important implication is that this study connects multiple stakeholders by bridging the national-level institutional context, organisational-level university entrepreneurship education, and individual level entrepreneurial learning to promote student autonomy based on an understanding of students' learning expectations. This can help develop graduates with their ability for autonomous learning and autonomous entrepreneurial behaviour. The results of this study help to remind students that it is them, the learners, their expectations and input that can make the difference between the success or failure of their study. This would not only apply to entrepreneurship education but also to other fields of study. One key message from this study is that education can be encouraged and supported but cannot be “forced”. Mandatory entrepreneurship education is not a quick fix for the lack of university students’ innovation and entrepreneurship. More resources must be invested in enhancing the enterprise culture, thus making entrepreneurship education desirable for students

    Political Islam and grassroots activism in Turkey : a study of the pro-Islamist Virtue Party's grassroots activists and their affects on the electoral outcomes

    Get PDF
    This thesis presents an analysis of the spectacular rise of political Islam in Turkey. It has two aims: first to understand the underlying causes of the rise of the Welfare Party which -later became the Virtue Party- throughout the 1990s, and second to analyse how grassroots activism influenced this process. The thesis reviews the previous literature on the Islamic fundamentalist movements, political parties, political party systems and concentrates on the local party organisations and their effects on the party's electoral performance. It questions the categorisation of Islamic fundamentalism as an appropriate label for this movement. An exploration of such movements is particularly important in light of the event of 11`x' September. After exploring existing theoretical and case studies into political Islam and party activism, I present my qualitative case study. I have used ethnographic methodology and done participatory observations among grassroots activists in Ankara's two sub-districts covering 105 neighbourhoods. I examined the Turkish party system and the reasons for its collapse. It was observed that as a result of party fragmentation, electoral volatility and organisational decline and decline in the party identification among the citizens the Turkish party system has declined. However, the WP/VP profited from this trend enormously and emerged as the main beneficiary of this process. Empirical data is analysed in four chapters, dealing with the different aspects of the Virtue Party's local organisations and grassroots activists. They deal with change and continuity in the party, the patterns of participation, the routes and motives for becoming a party activist, the profile of party activists and the local party organisations. I explore what they do and how they do it. The analysis reveals that the categorisation of Islamic fundamentalism is misplaced and the rise of political Islam in Turkey cannot be explained as religious revivalism or the rise of Islamic fundamentalism. It is a political force that drives its strength from the urban poor which has been harshly affected by the IMF directed neoliberal economy policies. In conclusion, it is shown that the WP/VP's electoral chances were significantly improved by its very efficient and effective party organisations and highly committed grassroots activists
    corecore