5,552 research outputs found
The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis
In recent years, mobile devices (e.g., smartphones and tablets) have met an
increasing commercial success and have become a fundamental element of the
everyday life for billions of people all around the world. Mobile devices are
used not only for traditional communication activities (e.g., voice calls and
messages) but also for more advanced tasks made possible by an enormous amount
of multi-purpose applications (e.g., finance, gaming, and shopping). As a
result, those devices generate a significant network traffic (a consistent part
of the overall Internet traffic). For this reason, the research community has
been investigating security and privacy issues that are related to the network
traffic generated by mobile devices, which could be analyzed to obtain
information useful for a variety of goals (ranging from device security and
network optimization, to fine-grained user profiling).
In this paper, we review the works that contributed to the state of the art
of network traffic analysis targeting mobile devices. In particular, we present
a systematic classification of the works in the literature according to three
criteria: (i) the goal of the analysis; (ii) the point where the network
traffic is captured; and (iii) the targeted mobile platforms. In this survey,
we consider points of capturing such as Wi-Fi Access Points, software
simulation, and inside real mobile devices or emulators. For the surveyed
works, we review and compare analysis techniques, validation methods, and
achieved results. We also discuss possible countermeasures, challenges and
possible directions for future research on mobile traffic analysis and other
emerging domains (e.g., Internet of Things). We believe our survey will be a
reference work for researchers and practitioners in this research field.Comment: 55 page
Pendekatan konstruktif dalam inovasi pengajaran dan pembelajaran Bahasa Melayu di Kolej Vokasional
Pendekatan konstruktif adalah pendekatan pengajaran dan pembelajaran yang
berpusatkan pelajar manakala inovasi pengajaran pula dikaitkan dengan kaedah
pengajaran yang terbaru demi mengukuhkan pemahaman pelajar. Pembelajaran
berasaskan pendekatan konstruktif merupakan elemen yang penting dan perlu
difahami oleh guru-guru bagi memantapkan proses pengajaran dan pembelajaran
sesuai dengan peredaran masa dan menjayakan proses tranformasi pendidikan
negara. Objektif kajian ini dijalankan untuk mengenal pasti pemahaman guru-guru
bahasa Melayu berkaitan inovasi, mengenal pasti perbezaan yang wujud antara guru
lelaki dan guru perempuan dalam mengamalkan inovasi, pengkaji juga melihat
adakah wujud perbezaan antara guru baru dan guru yang sudah berpengalaman
dalam aspek mengaplikasikan inovasi serta mengenal pasti kekangan-kekangan yang
dialami oleh para guru untuk mengaplikasikan inovasi di sekolah. Seramai 63 orang
guru bahasa Melayu dari lapan buah kolej vokasional telah dipilih sebagai responden
dalam kajian ini. Data dianalisis menggunakan perisian Winsteps 3.69.1.11 dengan
pendekatan Model Pengukuran Rasch. Hasil analisis menunjukkan bahawa guru�guru bahasa Melayu memahami kepentingan inovasi dalam pengajaran dan
pembelajaran. Hasil kajian juga menunjukkan guru-guru perempuan lebih banyak
menerapkan unsur inovasi dalam pengajaran berbanding guru lelaki. Walaupun
begitu, aspek pengalaman tidak menunjukkan perbezaan dari segi pengamalan
inovasi sama ada guru baru ataupun guru yang sudah berpengalaman. Pengkaji juga
mengenal pasti beberapa kekangan yang dialami oleh guru-guru untuk mengamalkan
inovasi ini. Sebagai langkah untuk menangani masalah berkenaan, beberapa
cadangan telah dikemukakan oleh pengkaji bagi memastikan guru-guru dapat
merealisasikan proses pengajaran berkesan dengan penerapan inovasi mengikut
model pendekatan konstruktif. Pengkaji berharap, kajian ini dapat dijadikan sebagai
satu panduan kepada pelaksana kurikulum bagi memastikan budaya inovasi sentiasa
menjadi amalan dalam kalangan guru demi mengangkat profesionalisme guru di
Malaysia
Exploring the Design of Pay-Per-Use Objects in the Construction Domain
Equipment used in the construction domain is often hired in order to reduce cost and maintenance overhead. The cost of hire is dependent on the time period involved and does not take into account the actual use equipment has received. This paper presents our initial investigation into how physical objects augmented with sensing and communication technologies can measure use in order to enable new pay-per-use payment models for equipment hire. We also explore user interaction with pay-per-use objects via mobile devices. The user interactions that take place within our prototype scenario range from simple information access to transactions involving multiple users. This paper presents the design, implementation and evaluation of a prototype pay-per-use system motivated by a real world equipment hire scenario. We also provide insights into the various challenges introduced by supporting a pay-per-use model, including data storage and data security in addition to user interaction issues
Applying Lessons from Cyber Attacks on Ukrainian Infrastructures to Secure Gateways onto the Industrial Internet of Things
Previous generations of safety-related industrial control systems were ‘air gapped’. In other words, process control
components including Programmable Logic Controllers (PLCs) and smart sensor/actuators were disconnected and
isolated from local or wide area networks. This provided a degree of protection; attackers needed physical access to
compromise control systems components. Over time this ‘air gap’ has gradually been eroded. Switches and
gateways have subsequently interfaced industrial protocols, including Profibus and Modbus, so that data can be
drawn from safety-related Operational Technology into enterprise information systems using TCP/IP. Senior
management uses these links to monitor production processes and inform strategic planning. The Industrial Internet
of Things represents another step in this evolution – enabling the coordination of physically distributed resources
from a centralized location. The growing range and sophistication of these interconnections create additional
security concerns for the operation and management of safety-critical systems. This paper uses lessons learned
from recent attacks on Ukrainian critical infrastructures to guide a forensic analysis of an IIoT switch. The intention
is to identify and mitigate vulnerabilities that would enable similar attacks to be replicated across Europe and North
America
- …