Source code watermarking based on function dependency oriented sequencing

In the current market, extensive software development is taking place and the software industry is thriving. Major software giants have stated source code theft as a major threat to revenues. By inserting an identity-establishing watermark in the source code, a company can prove it's ownership over the source code. In this paper, we propose a watermarking scheme for C/C++ source codes by exploiting the language restrictions. If a function calls another function, the latter needs to be defined in the code before the former, unless one uses function pre-declarations. We embed the watermark in the code by imposing an ordering on the mutually independent functions by introducing bogus dependency. Removal of dependency by the attacker to erase the watermark requires extensive manual intervention thereby making the attack infeasible. The scheme is also secure against subtractive and additive attacks. Using our watermarking scheme, an n-bit watermark can be embedded in a program having n independent functions. The scheme is implemented on several sample codes and performance changes are analyzed.

Written in code : diversity and the new genetics

Modern genetic research holds out the promise of a bold new future in which humanity has identified and conquered the genetic roots of many diseases. Genetic science also promises to shed light on who we are, what it is that makes us tick, what it is that makes us the way we are — in short, what it is that makes us human. Yet while genetics are a potential saviour (saving us from disease), it also appears as a threat that at the extremes appears to be the stuff of our worst nightmares, such as the prospect, probably more imagined than real, of rows of cloned individuals. The new genetics hold out the promise that through genetics we will be able to determine what we are, a promise that is simultaneously appealing and terrifying. This chapter discusses the cloning of people and parts, the law’s response to cloning, genetics and diversity, a framework for law reform.

Where is the software? Building a Metadata Repository for Software and Code Generated by QUT Researchers

QUT Software Finder is a searchable repository of metadata describing software and source code, which has been created as a result of QUT research activities. It was launched in December 2013. https://researchdatafinder.qut.edu.au/scf The registry was designed to aid the discovery and visibility of QUT research outputs and encourage sharing and re-use of code and software throughout the research community, both nationally and internationally. The repository platform used is VIVO (an open source product initially developed at Cornell University). QUT Software Finder records that describe software or code are connected to information about researchers involved, the research groups, related publications and related projects. Links to where the software or code can be accessed from are also provided alongside licencing and re-use information.

Finding good differential patterns for attacks on SHA-1

In this paper we analyse properties of the message expansion algorithm of SHA-1 and describe a method of finding differential patterns that may be used to attack reduced versions of SHA-1. We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code. Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.

Formal analysis of card-based payment systems in mobile devices

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.

Computational fluid dynamics simulation and turbomachinery code validation of a high pressure ratio radial-inflow turbine

The present study explores reproducing the closest geometry of a high pressure ratio single stage radial-inflow turbine applied in the Sundstrans Power Systems T-100 Multipurpose Small Power Unit. The commercial software ANSYS-Vista RTD along with a built in module, BladeGen, is used to conduct a meanline design and create 3D geometry of one flow passage. Carefully examining the proposed design against the geometrical and experimental data, ANSYS-TurboGrid is applied to generate computational mesh. CFD simulations are performed with ANSYS-CFX in which three-dimensional Reynolds-Averaged Navier-Stokes equations are solved subject to appropriate boundary conditions. Results are compared with numerical and experimental data published in the literature in order to generate the exact geometry of the existing turbine and validate the numerical results against the experimental ones.

The role of the Saudi government and the Saudi building code in implementing sustainable housing construction in Saudi Arabia

The housing construction industry in Saudi Arabia has been booming rapidly in the past two decades. This boom has faced multiple downfalls in relation to government regulations and building codes, one of which is the application of sustainable methods to the housing construction. This paper sheds some light on the current role of the Saudi government and the role of the Saudi Building Code (SBC) in the housing construction industry. The methodology utilised in this paper was a Delphi survey that was distributed to twenty-five key stakeholders in the housing construction industry in Saudi Arabia. The results indicate that there is a lack of integration between the Saudi Building Code and the current construction methods used in the current construction industry. Some factors and elements are recommended to be incorporated into the Saudi Building Code and to be adopted as regulations in the Saudi housing construction industry.

Secure modular password authentication for the web using channel bindings

Secure protocols for password-based user authentication are well-studied in the cryptographic literature but have failed to see wide-spread adoption on the Internet; most proposals to date require extensive modifications to the Transport Layer Security (TLS) protocol, making deployment challenging. Recently, a few modular designs have been proposed in which a cryptographically secure password-based mutual authentication protocol is run inside a confidential (but not necessarily authenticated) channel such as TLS; the password protocol is bound to the established channel to prevent active attacks. Such protocols are useful in practice for a variety of reasons: security no longer relies on users' ability to validate server certificates and can potentially be implemented with no modifications to the secure channel protocol library. We provide a systematic study of such authentication protocols. Building on recent advances in modelling TLS, we give a formal definition of the intended security goal, which we call password-authenticated and confidential channel establishment (PACCE). We show generically that combining a secure channel protocol, such as TLS, with a password authentication protocol, where the two protocols are bound together using either the transcript of the secure channel's handshake or the server's certificate, results in a secure PACCE protocol. Our prototype based on TLS is available as a cross-platform client-side Firefox browser extension and a server-side web application which can easily be installed on deployed web browsers and servers.

Can a text message a week improve breastfeeding?

Background Breastfeeding is recognised as the optimal method for feeding infants with health gains made by reducing infectious diseases in infancy; and chronic diseases, including obesity, in childhood, adolescence and adulthood. Despite this, exclusivity and duration in developed countries remains resistant to improvement. The objectives of this research were to test if an automated mobile phone text messaging intervention, delivering one text message a week, could increase “any” breastfeeding rates and improve breastfeeding self-efficacy and coping. Methods Women were eligible to participate if they were: over eighteen years; had an infant less than three months old; were currently breastfeeding; no diagnosed mental illness; and used a mobile phone . Women in the intervention group received MumBubConnect, a text messaging service with automated responses delivered once a week for 8 weeks. Women in the comparison group received their usual care and were sampled two years after the intervention group. Data collection included online surveys at two time points, week zero and week nine, to measure breastfeeding exclusivity and duration, coping, emotions, accountability and self-efficacy. A range of statistical analyses were used to test for differences between groups. Hierarchical regression was used to investigate change in breastfeeding outcome, between groups, adjusting for co-variates. Results The intervention group had 120 participants at commencement and 114 at completion, the comparison group had 114 participants at commencement and 86 at completion. MumBubConnect had a positive impact on the primary outcome of breastfeeding behaviors with women receiving the intervention more likely to continue exclusive breastfeeding; with a 6% decrease in exclusive breastfeeding in the intervention group, compared to a 14% decrease in the comparison group (p < 0.001). This remained significant after controlling for infant age, mother’s income, education and delivery type (p = 0.04). Women in the intervention group demonstrated active coping and were less likely to display emotions-focussed coping (p < .001). There was no discernible statistical effect on self-efficacy or accountability. Conclusions A fully automated text messaging services appears to improve exclusive breastfeeding duration. The service provides a well-accepted, personalised support service that empowers women to actively resolve breastfeeding issues. Trial registration Australian New Zealand Clinical Trials Registry: ACTRN12614001091695.

User preferences for text message-delivered skin cancer prevention and early detection

Evidence is needed for the acceptability and user preferences of receiving skin cancer-related text messages. We prepared 27 questions to evaluate attitudes, satisfaction with program characteristics such as timing and spacing, and overall satisfaction with the Healthy Text program in young adults. Within this randomised controlled trial (age 18-42 years), 546 participants were assigned to one of three Healthy Text message groups; sun protection, skin self-examination, or attention-control. Over a 12-month period, 21 behaviour-specific text messages were sent to each group. Participants’ preferences were compared between the two interventions and control group at the 12-month follow-up telephone interview. In all three groups, participants reported the messages were easy to understand (98%), provided good suggestions or ideas (88%), and were encouraging (86%) and informative (85%) with little difference between the groups. The timing of the texts was received positively (92%); however, some suggestions for frequency or time of day the messages were received from 8% of participants. Participants in the two intervention groups found their messages more informative, and triggering behaviour change compared to control. Text messages about skin cancer prevention and early detection are novel and acceptable to induce behaviour change in young adults.

ACE research vignette 038 : Cracking the start-up code : does it matter when you do what?

This series of research vignettes is aimed at sharing current and interesting research findings from our team of international Entrepreneurship researchers. This vignette deals with the process of new venture creation, and specifically the sequence in which different ‘start-up activities’ are undertaken.