10,630 research outputs found

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    Economia colaborativa

    Get PDF
    A importância de se proceder à análise dos principais desafios jurídicos que a economia colaborativa coloca – pelas implicações que as mudanças de paradigma dos modelos de negócios e dos sujeitos envolvidos suscitam − é indiscutível, correspondendo à necessidade de se fomentar a segurança jurídica destas práticas, potenciadoras de crescimento económico e bem-estar social. O Centro de Investigação em Justiça e Governação (JusGov) constituiu uma equipa multidisciplinar que, além de juristas, integra investigadores de outras áreas, como a economia e a gestão, dos vários grupos do JusGov – embora com especial participação dos investigadores que integram o grupo E-TEC (Estado, Empresa e Tecnologia) – e de outras prestigiadas instituições nacionais e internacionais, para desenvolver um projeto neste domínio, com o objetivo de identificar os problemas jurídicos que a economia colaborativa suscita e avaliar se já existem soluções para aqueles, refletindo igualmente sobre a conveniência de serem introduzidas alterações ou se será mesmo necessário criar nova regulamentação. O resultado desta investigação é apresentado nesta obra, com o que se pretende fomentar a continuação do debate sobre este tema.Esta obra é financiada por fundos nacionais através da FCT — Fundação para a Ciência e a Tecnologia, I.P., no âmbito do Financiamento UID/05749/202

    Technical Dimensions of Programming Systems

    Get PDF
    Programming requires much more than just writing code in a programming language. It is usually done in the context of a stateful environment, by interacting with a system through a graphical user interface. Yet, this wide space of possibilities lacks a common structure for navigation. Work on programming systems fails to form a coherent body of research, making it hard to improve on past work and advance the state of the art. In computer science, much has been said and done to allow comparison of programming languages, yet no similar theory exists for programming systems; we believe that programming systems deserve a theory too. We present a framework of technical dimensions which capture the underlying characteristics of programming systems and provide a means for conceptualizing and comparing them. We identify technical dimensions by examining past influential programming systems and reviewing their design principles, technical capabilities, and styles of user interaction. Technical dimensions capture characteristics that may be studied, compared and advanced independently. This makes it possible to talk about programming systems in a way that can be shared and constructively debated rather than relying solely on personal impressions. Our framework is derived using a qualitative analysis of past programming systems. We outline two concrete ways of using our framework. First, we show how it can analyze a recently developed novel programming system. Then, we use it to identify an interesting unexplored point in the design space of programming systems. Much research effort focuses on building programming systems that are easier to use, accessible to non-experts, moldable and/or powerful, but such efforts are disconnected. They are informal, guided by the personal vision of their authors and thus are only evaluable and comparable on the basis of individual experience using them. By providing foundations for more systematic research, we can help programming systems researchers to stand, at last, on the shoulders of giants

    Establishing a Data Science for Good Ecosystem: The Case of ATLytiCS

    Get PDF
    Data science for social good (DSSG) initiatives have been championed as worthy mechanisms for transformative change and social impact. However, researchers have not fully explored the systems by which actors coordinate, access data, determine goals and communicate opportunities for change. We contribute to the information systems ecosystems and the nonprofit volunteering literatures by exploring the ways in which data science volunteers leverage their talents to address social impact goals. We use Atlanta Analytics for Community Service (ATLytiCS), an organization that aids nonprofits and government agencies, as a case study. ATLytiCS represents a rare example of a nonprofit organization (NPO) managed and run by highly-skilled volunteer data scientists within a regionally networked system of actors and institutions. Based on findings from this case, we build a DSSG ecosystem framework to describe and distinguish DSSG ecosystems from related data and entrepreneurial ecosystems

    Machine Learning Research Trends in Africa: A 30 Years Overview with Bibliometric Analysis Review

    Full text link
    In this paper, a critical bibliometric analysis study is conducted, coupled with an extensive literature survey on recent developments and associated applications in machine learning research with a perspective on Africa. The presented bibliometric analysis study consists of 2761 machine learning-related documents, of which 98% were articles with at least 482 citations published in 903 journals during the past 30 years. Furthermore, the collated documents were retrieved from the Science Citation Index EXPANDED, comprising research publications from 54 African countries between 1993 and 2021. The bibliometric study shows the visualization of the current landscape and future trends in machine learning research and its application to facilitate future collaborative research and knowledge exchange among authors from different research institutions scattered across the African continent

    Production Systems Performance Optimization through Human/Machine Collaboration

    Get PDF
    The growth of enterprises is a constant source of research and development of new technologies. Indeed, to stand out from the competition and optimize their production, companies are moving toward the centralization of information and the implementation of machines. This dynamic requires a significant investment in terms of organization and research. Industry 4.0 is therefore at the heart of this reflection, as shown in the literature. It brings together many technologies, such as Artificial Intelligence (AI), the Internet of Things (IoT), and Big Data. This chapter focuses on company performance optimization through a sustainable Industry 4.0 framework involving methodologies such as lean manufacturing and DMAIC, new technologies as robotics, in addition to social, societal, and environmental transformations. This chapter will present robotic displacement solutions adapted to the industrial environment for improving production systems performance. Solutions for human-machine interaction problems such as human-machine interface or flexibility 4.0 will be shown

    Multiple criteria approach applied to digital transformation in fashion stores: the case of physical retailers in Spain

    Get PDF
    This research is funded by the Spanish State Research Agency, as part of the project PID2019103880RB-I00/AEI/10.13039/501100011033, and by the Andalusian Government, as part of the project P20_00673.In a very open competitive context where pure online players are consistently gaining market share, the use of digital devices is a steady trend which is penetrating physical retail stores as a tool for retailers to improve customer experience and increase engagement. This need has increased with the COVID-19 pandemic as electronic devices in physical stores reduce the contact between people providing a greater sense of health safety, hence improving the customer experience. This work develops a multiple-criteria decision-making model for retailers who want to digitize their physical stores, providing a systematic approach to manage investment priorities in the organization. Important decisions should involve all different areas of the organization: Finance, Clients, Internal Processes and Learning & Growth departments. This strategic decision can be made hierarchically to obtain consistent decisions, also the use of the Order Weighted Average operator allows for alternative scenarios to be presented and agreed among the different areas of the business. The authors develop a use case for a Spanish fashion retailer. In the most widely agreed scenario the preferred devices were more technologically complex and expensive, while in the scenarios where the head of Finance is more predominant, cheaper and simpler devices were selected.Spanish Government PID2019103880RB-I00/AEI/10.13039/501100011033Andalusian Government P20_0067
    • …
    corecore