20,399 research outputs found

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Теорія систем мобільних інфокомунікацій. Системна архітектура

    Get PDF
    Навчальний посібник містить опис логічних та фізичних структур, процедур, алгоритмів, протоколів, принципів побудови і функціонування мереж стільникового мобільного зв’язку (до 3G) і мобільних інфокомунікацій (4G і вище), приділяючи увагу розгляду загальних архітектур мереж операторів мобільного зв’язку, їх управління і координування, неперервності еволюції розвитку засобів функціонування і способів надання послуг таких мереж. Посібник структурно має сім розділів і побудований так, що складність матеріалу зростає з кожним наступним розділом. Навчальний посібник призначено для здобувачів ступеня бакалавра за спеціальністю 172 «Телекомунікації та радіотехніка», буде також корисним для аспірантів, наукових та інженерно-технічних працівників за напрямом інформаційно-телекомунікаційних систем та технологій.The manual contains a description of the logical and physical structures, procedures, algorithms, protocols, principles of construction and operation of cellular networks for mobile communications (up to 3G) and mobile infocommunications (4G and higher), paying attention to the consideration of general architectures of mobile operators' networks, their management, and coordination, the continuous evolution of the development of the means of operation and methods of providing services of such networks. The manual has seven structural sections and is structured in such a way that the complexity of the material increases with each subsequent chapter. The textbook is intended for applicants for a bachelor's degree in specialty 172 "Telecommunications and Radio Engineering", and will also be useful to graduate students, and scientific and engineering workers in the direction of information and telecommunication systems and technologies

    A Design Science Research Approach to Smart and Collaborative Urban Supply Networks

    Get PDF
    Urban supply networks are facing increasing demands and challenges and thus constitute a relevant field for research and practical development. Supply chain management holds enormous potential and relevance for society and everyday life as the flow of goods and information are important economic functions. Being a heterogeneous field, the literature base of supply chain management research is difficult to manage and navigate. Disruptive digital technologies and the implementation of cross-network information analysis and sharing drive the need for new organisational and technological approaches. Practical issues are manifold and include mega trends such as digital transformation, urbanisation, and environmental awareness. A promising approach to solving these problems is the realisation of smart and collaborative supply networks. The growth of artificial intelligence applications in recent years has led to a wide range of applications in a variety of domains. However, the potential of artificial intelligence utilisation in supply chain management has not yet been fully exploited. Similarly, value creation increasingly takes place in networked value creation cycles that have become continuously more collaborative, complex, and dynamic as interactions in business processes involving information technologies have become more intense. Following a design science research approach this cumulative thesis comprises the development and discussion of four artefacts for the analysis and advancement of smart and collaborative urban supply networks. This thesis aims to highlight the potential of artificial intelligence-based supply networks, to advance data-driven inter-organisational collaboration, and to improve last mile supply network sustainability. Based on thorough machine learning and systematic literature reviews, reference and system dynamics modelling, simulation, and qualitative empirical research, the artefacts provide a valuable contribution to research and practice

    Countermeasures for the majority attack in blockchain distributed systems

    Get PDF
    La tecnología Blockchain es considerada como uno de los paradigmas informáticos más importantes posterior al Internet; en función a sus características únicas que la hacen ideal para registrar, verificar y administrar información de diferentes transacciones. A pesar de esto, Blockchain se enfrenta a diferentes problemas de seguridad, siendo el ataque del 51% o ataque mayoritario uno de los más importantes. Este consiste en que uno o más mineros tomen el control de al menos el 51% del Hash extraído o del cómputo en una red; de modo que un minero puede manipular y modificar arbitrariamente la información registrada en esta tecnología. Este trabajo se enfocó en diseñar e implementar estrategias de detección y mitigación de ataques mayoritarios (51% de ataque) en un sistema distribuido Blockchain, a partir de la caracterización del comportamiento de los mineros. Para lograr esto, se analizó y evaluó el Hash Rate / Share de los mineros de Bitcoin y Crypto Ethereum, seguido del diseño e implementación de un protocolo de consenso para controlar el poder de cómputo de los mineros. Posteriormente, se realizó la exploración y evaluación de modelos de Machine Learning para detectar software malicioso de tipo Cryptojacking.DoctoradoDoctor en Ingeniería de Sistemas y Computació

    The Artist as Surveillant: The Use of Surveillance Technology in Contemporary Art

    Get PDF
    Artists have long been called observers, voyeurs, and watchers, and with a particular interest in human behavior and society, they frequently use unknowing passersby as their subjects for works. Curators and scholars explored how artists put citizens under surveillance with photography and videography, which dates back to the early 1900s, years before governments deployed surveillance systems. Since the 1980s, artists have explicitly explored surveillance technology and theory to alert viewers to the rise of surveillance. Today, this genre is called artveillance, a term coined by Andrea Mubi Brighenti in 2010 to categorize art that explicitly deals with surveillance. This genre developed parallel to the rise of mass surveillance which created the current-day surveillance state. Since artveillance dominates the contemporary art scene, I was interested in the history of surveillance technology and themes in art. Although that history is brief, there is a wealth of artworks and studies on the topic. This thesis explores artists who use surveillance technology, specifically close-circuit video, in their practice and how this work has changed over time compared to the rise of government surveillance systems. To properly examine the artwork, each artwork’s technological history and broader cultural context is considered, with careful attention to the artists’ intentions. The thesis starts in the 1970s with Bruce Nauman and Peter Campus’s closed-circuit video installations. The artists did not aim to create a surveillance area but wanted to explore the viewer’s identity with their moving image. In Chapter 2, Julia Scher and Lynn Hershman Leeson’s work from the 1980s and early 1990s is discussed. Created when state surveillance was on the rise, the artists’ work used surveillance technology to critique the systems. The third chapter explores surveillance in a post-9/11 state through Jill Magid and Laura Poitras’s work. The artists exploited and exposed government systems to show how the public’s privacy is invaded. Finally, the paper concludes with an investigation into the public’s relationship with video surveillance, which resembles an apathetic acceptance

    Associated Random Neural Networks for Collective Classification of Nodes in Botnet Attacks

    Full text link
    Botnet attacks are a major threat to networked systems because of their ability to turn the network nodes that they compromise into additional attackers, leading to the spread of high volume attacks over long periods. The detection of such Botnets is complicated by the fact that multiple network IP addresses will be simultaneously compromised, so that Collective Classification of compromised nodes, in addition to the already available traditional methods that focus on individual nodes, can be useful. Thus this work introduces a collective Botnet attack classification technique that operates on traffic from an n-node IP network with a novel Associated Random Neural Network (ARNN) that identifies the nodes which are compromised. The ARNN is a recurrent architecture that incorporates two mutually associated, interconnected and architecturally identical n-neuron random neural networks, that act simultneously as mutual critics to reach the decision regarding which of n nodes have been compromised. A novel gradient learning descent algorithm is presented for the ARNN, and is shown to operate effectively both with conventional off-line training from prior data, and with on-line incremental training without prior off-line learning. Real data from a 107 node packet network is used with over 700,000 packets to evaluate the ARNN, showing that it provides accurate predictions. Comparisons with other well-known state of the art methods using the same learning and testing datasets, show that the ARNN offers significantly better performance

    Anuário científico da Escola Superior de Tecnologia da Saúde de Lisboa - 2021

    Get PDF
    É com grande prazer que apresentamos a mais recente edição (a 11.ª) do Anuário Científico da Escola Superior de Tecnologia da Saúde de Lisboa. Como instituição de ensino superior, temos o compromisso de promover e incentivar a pesquisa científica em todas as áreas do conhecimento que contemplam a nossa missão. Esta publicação tem como objetivo divulgar toda a produção científica desenvolvida pelos Professores, Investigadores, Estudantes e Pessoal não Docente da ESTeSL durante 2021. Este Anuário é, assim, o reflexo do trabalho árduo e dedicado da nossa comunidade, que se empenhou na produção de conteúdo científico de elevada qualidade e partilhada com a Sociedade na forma de livros, capítulos de livros, artigos publicados em revistas nacionais e internacionais, resumos de comunicações orais e pósteres, bem como resultado dos trabalhos de 1º e 2º ciclo. Com isto, o conteúdo desta publicação abrange uma ampla variedade de tópicos, desde temas mais fundamentais até estudos de aplicação prática em contextos específicos de Saúde, refletindo desta forma a pluralidade e diversidade de áreas que definem, e tornam única, a ESTeSL. Acreditamos que a investigação e pesquisa científica é um eixo fundamental para o desenvolvimento da sociedade e é por isso que incentivamos os nossos estudantes a envolverem-se em atividades de pesquisa e prática baseada na evidência desde o início dos seus estudos na ESTeSL. Esta publicação é um exemplo do sucesso desses esforços, sendo a maior de sempre, o que faz com que estejamos muito orgulhosos em partilhar os resultados e descobertas dos nossos investigadores com a comunidade científica e o público em geral. Esperamos que este Anuário inspire e motive outros estudantes, profissionais de saúde, professores e outros colaboradores a continuarem a explorar novas ideias e contribuir para o avanço da ciência e da tecnologia no corpo de conhecimento próprio das áreas que compõe a ESTeSL. Agradecemos a todos os envolvidos na produção deste anuário e desejamos uma leitura inspiradora e agradável.info:eu-repo/semantics/publishedVersio

    Redefining Community in the Age of the Internet: Will the Internet of Things (IoT) generate sustainable and equitable community development?

    Get PDF
    There is a problem so immense in our built world that it is often not fully realized. This problem is the disconnection between humanity and the physical world. In an era of limitless data and information at our fingertips, buildings, public spaces, and landscapes are divided from us due to their physical nature. Compared with the intense flow of information from our online world driven by the beating engine of the internet, our physical world is silent. This lack of connection not only has consequences for sustainability but also for how we perceive and communicate with our built environment in the modern age. A possible solution to bridge the gap between our physical and online worlds is a technology known as the Internet of Things (IoT). What is IoT? How does it work? Will IoT change the concept of the built environment for a participant within it, and in doing so enhance the dynamic link between humans and place? And what are the implications of IoT for privacy, security, and data for the public good? Lastly, we will identify the most pressing issues existing in the built environment by conducting and analyzing case studies from Pomona College and California State University, Northridge. By analyzing IoT in the context of case studies we can assess its viability and value as a tool for sustainability and equality in communities across the world

    L’Asie du Sud-Est 2023 : bilan, enjeux et perspectives

    Get PDF
    Chaque année, l’Institut de recherche sur l’Asie du Sud-Est contemporaine (IRASEC), basé à Bangkok, mobilise une vingtaine de chercheurs et d’experts pour mieux comprendre l’actualité régionale de ce carrefour économique, culturel et religieux, au cœur de l’Indo-Pacifique. Cette collection permet de suivre au fil des ans l’évolution des grands enjeux contemporains de cette région continentale et archipélagique de plus de 680 millions d’habitants, et d’en comprendre les dynamiques d’intégration régionale et de connectivités avec le reste du monde. L’Asie du Sud-Est 2023 propose une analyse synthétique et détaillée des principaux événements politiques et diplomatiques, ainsi que des évolutions économiques, sociales et environnementales de l’année 2022 dans chacun des onze pays de la région. Ce décryptage est complété pour chaque pays par un focus sur deux personnalités de l’année et une actualité marquante en image. L’ouvrage propose également cinq dossiers thématiques qui abordent des sujets traités à l’échelle régionale sud-est asiatique : les ressorts institutionnels de l’approche de santé intégrée One Health, le vieillissement de la population et sa prise en compte par les politiques publiques, les câbles sous-marins au cœur de la connectivité sud-est asiatique, l’aménagement du bassin du Mékong et ses multiples acteurs, et les enjeux politiques et linguistiques des langues transnationales. Des outils pratiques sont également disponibles : une fiche et une chronologie par pays et un cahier des principaux indicateurs démographiques, sociaux, économiques et environnementaux
    corecore