6,242 research outputs found
Execution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal
of countering code-injection attacks. However, ISR seems to have lost its
appeal since code-injection attacks became less attractive because protection
mechanisms such as data execution prevention (DEP) as well as code-reuse
attacks became more prevalent.
In this paper, we show that ISR can be extended to also protect against
code-reuse attacks while at the same time offering security guarantees similar
to those of software diversity, control-flow integrity, and information hiding.
We present Scylla, a scheme that deploys a new technique for in-place code
encryption to hide the code layout of a randomized binary, and restricts the
control flow to a benign execution path. This allows us to i) implicitly
restrict control-flow targets to basic block entries without requiring the
extraction of a control-flow graph, ii) achieve execution integrity within
legitimate basic blocks, and iii) hide the underlying code layout under
malicious read access to the program. Our analysis demonstrates that Scylla is
capable of preventing state-of-the-art attacks such as just-in-time
return-oriented programming (JIT-ROP) and crash-resistant oriented programming
(CROP). We extensively evaluate our prototype implementation of Scylla and show
feasible performance overhead. We also provide details on how this overhead can
be significantly reduced with dedicated hardware support
Indocyanine green fluorescence imaging in colorectal surgery: overview, applications, and future directions
Indocyanine green fluorescence imaging is a surgical tool with increasing applications in colorectal surgery. This tool has received acceptance in various surgical disciplines as a potential method to enhance surgical field visualisation, improve lymph node retrieval, and decrease the incidence of anastomotic leaks. In colorectal surgery specifically, small studies have shown that intraoperative fluorescence imaging is a safe and feasible method to assess anastomotic perfusion, and its use might affect the incidence of anastomotic leaks. Controlled trials are ongoing to validate these conclusions. The number of new indications for indocyanine green continues to increase, including innovative options for detecting and guiding management of colorectal metastasis to the liver. These advances could offer great value for surgeons and patients, by improving the accuracy and outcomes of oncological resections
Tackling plastic pollution in New Zealandâs fin fishing industry Case study: Moana NZ
This study aims to seek ways to prevent marine plastic pollution leakage in New Zealandâs commercial fin fishing industry supply chains. Drawing on a case study approach, this research investigates how sea and land-based plastic material flows are perceived by those working for commercial fishing company Moana NZ. It considers current global, regional and national policies, as well as current initiatives that seek to minimise marine plastic pollution and considers the potential for their implementation in this context. This study also acknowledges the significant role that industry can play in implementing best practice guided by the top of the zero waste hierarchy.falseLondo
Risks and remedies in e-learning system
One of the most effective applications of Information and Communication
Technology (ICT) is the emergence of E-Learning. Considering the importance and
need of E-Learning, recent years have seen a drastic change of learning
methodologies in Higher Education. Undoubtedly, the three main entities of
E-Learning system can be considered as Student, Teacher & Controlling Authority
and there will be different level, but a good E-Learning system needs total
integrity among all entities in every level. Apart from integrity enforcement,
security enforcement in the whole system is the other crucial way to organize
the it. As internet is the backbone of the entire system which is inherently
insecure, during transaction of message in E-Learning system, hackers attack by
utilising different loopholes of technology. So different security measures are
required to be imposed on the system. In this paper, emphasis is given on
different risks called e-risks and their remedies called e-remedies to build
trust in the minds of all participants of E-Learning system
UK Rules For Unfired Pressure Vessels
The present code PD 5500, formerly BS 5500 [1] evolved partly from the well-known BS 1500 [2] in the 1950's and BS 1515 [3] first published in 1965; the latter permitted higher level allowable stresses and more advanced rules. In 1969, following a report from the Committee of Enquiry into the Pressure Vessel Industry, the British Standards Institution brought all the pressure vessel interests together under one general committee in order to rationalise the activity. This became PVE/ and presides over a large committee structure. There are a series of functional sub-committees who deal with specific aspects and a large number of technical committees as well as many additional sub committees and working groups. Most of these meet regularly. The technical committee PVE/1, Pressure Vessels, has overall responsibility for BS 5500. The functional committee PVE/1/15 Design Methods has an overall responsibility relating to 'Design' with particular reference to the design section of BS 5500 (Section 3). The first edition of BS 5500 was issued in 1976. The actual issue was delayed for some time because, in the early 1970's, there was an attempt in Europe to produce an international pressure vessel standard. A draft of the international standard appeared as ISO DIS 2694 [4] in 1973 but it was not generally accepted and the attempt was abandoned in the mid 70's. It was decided to use some of the material from 2694 within BS 5500 so that although the Standard was long delayed it benefited to some extent from the international efforts. Initially, committee PVE/l set out the concept of a "master" pressure vessel standard which could readily be applied to any vessel in either ferrous or non-ferrous materials and for highly specialised application with the minimum of supplementary requirements. The layout of BS 5500 is consistent with this concept and although the Standard has perhaps not fulfilled this high ideal, it has certainly been employed widely in many industries including non pressure vessel type applications. When issued it had a number of distinctive features compared with other pressure codes viz; weld joint factors were removed, the present three categories of construction were introduced, there was a new novel external pressure section, it has a loose leaf format and an annual updating was introduced. Further editions of BS 5500 have been issued every three years since 1982
Application Of Machine Learning Directed To Detect And Prevent Network Intrusion In Xyz Switching Company (Financial Switching Company)
Makalah ini menjelaskan perbandingan beberapa model pembelajaran mesin yang akan digunakan untuk mendeteksi dan mencegah intrusi jaringan, berdasarkan data yang dikumpulkan dari PT. Perangkat Firewall Generasi Berikutnya dari XYZ. Lalu lintas yang diterima ke lingkungan perusahaan dibagi menjadi tiga jenis yang berbeda yaitu diterima, dicegah dan ditolak. Algoritma yang dibandingkan adalah Decision Trees, Random Forest, Gradient Boosted Trees dan NaĂŻve Bayes
- âŚ