376 resultados para Linux
Resumo:
Kernel-level malware is one of the most dangerous threats to the security of users on the Internet, so there is an urgent need for its detection. The most popular detection approach is misuse-based detection. However, it cannot catch up with today's advanced malware that increasingly apply polymorphism and obfuscation. In this thesis, we present our integrity-based detection for kernel-level malware, which does not rely on the specific features of malware. We have developed an integrity analysis system that can derive and monitor integrity properties for commodity operating systems kernels. In our system, we focus on two classes of integrity properties: data invariants and integrity of Kernel Queue (KQ) requests. We adopt static analysis for data invariant detection and overcome several technical challenges: field-sensitivity, array-sensitivity, and pointer analysis. We identify data invariants that are critical to system runtime integrity from Linux kernel 2.4.32 and Windows Research Kernel (WRK) with very low false positive rate and very low false negative rate. We then develop an Invariant Monitor to guard these data invariants against real-world malware. In our experiment, we are able to use Invariant Monitor to detect ten real-world Linux rootkits and nine real-world Windows malware and one synthetic Windows malware. We leverage static and dynamic analysis of kernel and device drivers to learn the legitimate KQ requests. Based on the learned KQ requests, we build KQguard to protect KQs. At runtime, KQguard rejects all the unknown KQ requests that cannot be validated. We apply KQguard on WRK and Linux kernel, and extensive experimental evaluation shows that KQguard is efficient (up to 5.6% overhead) and effective (capable of achieving zero false positives against representative benign workloads after appropriate training and very low false negatives against 125 real-world malware and nine synthetic attacks). In our system, Invariant Monitor and KQguard cooperate together to protect data invariants and KQs in the target kernel. By monitoring these integrity properties, we can detect malware by its violation of these integrity properties during execution.
Resumo:
In Model-Driven Engineering (MDE), the developer creates a model using a language such as Unified Modeling Language (UML) or UML for Real-Time (UML-RT) and uses tools such as Papyrus or Papyrus-RT that generate code for them based on the model they create. Tracing allows developers to get insights such as which events occur and timing information into their own application as it runs. We try to add monitoring capabilities using Linux Trace Toolkit: next generation (LTTng) to models created in UML-RT using Papyrus-RT. The implementation requires changing the code generator to add tracing statements for the events that the user wants to monitor to the generated code. We also change the makefile to automate the build process and we create an Extensible Markup Language (XML) file that allows developers to view their traces visually using Trace Compass, an Eclipse-based trace viewing tool. Finally, we validate our results using three models we create and trace.
Resumo:
Examensarbetet beskriver utvecklingen av säkerhetsapplikationen BeSafe vilken utvecklats för IT-konsulttjänsteverksamheten Sogeti. BeSafe kommer i framtiden integreras med två andra applikationer för att tillsammans bilda en större friluftsapplikation. Den färdiga applikationen besvarar de verifierbara målen och därmed även problemformuleringen. Applikationen erbjuder användaren möjlighet att stärka den egna säkerheten. Muntliga intervjuer genomfördes för att bestämma design, färger och logotyp för applikationen. Intervjuerna resulterade i en användarvänligare applikation där undersökningen riktade in arbetet mot det gränssnitt BeSafe nu har. BeSafe är utvecklad genom en iterativ process i utvecklingsmiljön Android Studios och riktar sig till enheter baserade på Androids OS. Vidareutveckling av applikationen skulle kunna ske i form av nya funktioner där användaren exempelvis kan tillåta anhöriga få live feedback på vart användaren befinner sig. Det har tagits hänsyn till etiska aspekter under arbetets gång för att värna om användarens integritet. Detta genom notifikationer, minimering av risk för spridning av data genom lagrings- och kommunikationssätt inom applikationen.
Resumo:
Tämän tutkielman tavoitteena oli toteuttaa optinen radiolinkki hyödyntäen ohjelmistoradiota. Työn alkuosassa käydään läpi ohjelmistoradiota yleisellä tasolla sekä yleisesti nykyisin käytössä olevia optisia tiedonsiirtotapoja. Työn keskiosassa käsitellään työhön käytettävä laitteisto ja ohjelmistot sekä optisen radioetuasteen suunnittelu ja toteutus. Työn loppuosassa analysoidaan toteutetun etuasteen toimintaa. Ohjelmistoradio, yleisemmin ohjelmallisesti määritetty radiolaite, jonka toiminnallisuutta, kuten modulaatioita, suodattimia ja kommunikointiin käytettävää taajuuskaistaa, pystytään muuttamaan ohjelmallisesti ilman laitteistomuutoksia. Useimmiten ohjelmistoradioiden toiminnallisuus määrätään ohjelmoimalla ohjelmistoradio-oheislaitteen ohjelmoitavia porttipiirejä, eli FPGA-piirejä. Optisen radioetuasteen suunnittelun pohjana käytettiin audiokäyttöön tarkoitettua infrapunalähetintä ja – vastaanotinta, jotka muokattiin toimimaan näkyvän valon aallonpituuksilla. Ohjelmistoradio-oheislaitteena toimi Ettus USRP1 varustettuna matalataajuisilla lähetin- ja vastaanotintytärkorteilla. Ohjelmistoradion ohjelmointiympäristönä toimi Linux Ubuntu, ja ohjelmistona GNURadio sekä sen graafinen ohjelmointikäyttöliittymä Gnu Radio Companion. Tutkielman lopputuloksena saatiin aikaan piirilevylle rakennettu optisen radioetuasteen prototyyppi, jolla pystyttiin siirtämään digitaalista audiota 300 kbps tiedonsiirtonopeudella muutamien senttimetrien matkalla pimeässä tilassa.
Resumo:
Particle filtering has proven to be an effective localization method for wheeled autonomous vehicles. For a given map, a sensor model, and observations, occasions arise where the vehicle could equally likely be in many locations of the map. Because particle filtering algorithms may generate low confidence pose estimates under these conditions, more robust localization strategies are required to produce reliable pose estimates. This becomes more critical if the state estimate is an integral part of system control. We investigate the use of particle filter estimation techniques on a hovercraft vehicle. The marginally stable dynamics of a hovercraft require reliable state estimates for proper stability and control. We use the Monte Carlo localization method, which implements a particle filter in a recursive state estimate algorithm. An H-infinity controller, designed to accommodate the latency inherent in our state estimation, provides stability and controllability to the hovercraft. In order to eliminate the low confidence estimates produced in certain environments, a multirobot system is designed to introduce mobile environment features. By tracking and controlling the secondary robot, we can position the mobile feature throughout the environment to ensure a high confidence estimate, thus maintaining stability in the system. A laser rangefinder is the sensor the hovercraft uses to track the secondary robot, observe the environment, and facilitate successful localization and stability in motion.
Resumo:
The growing demand for large-scale virtualization environments, such as the ones used in cloud computing, has led to a need for efficient management of computing resources. RAM memory is the one of the most required resources in these environments, and is usually the main factor limiting the number of virtual machines that can run on the physical host. Recently, hypervisors have brought mechanisms for transparent memory sharing between virtual machines in order to reduce the total demand for system memory. These mechanisms “merge” similar pages detected in multiple virtual machines into the same physical memory, using a copy-on-write mechanism in a manner that is transparent to the guest systems. The objective of this study is to present an overview of these mechanisms and also evaluate their performance and effectiveness. The results of two popular hypervisors (VMware and KVM) using different guest operating systems (Linux and Windows) and different workloads (synthetic and real) are presented herein. The results show significant performance differences between hypervisors according to the guest system workloads and execution time.
Resumo:
The search for patterns or motifs in data represents an area of key interest to many researchers. In this paper we present the Motif Tracking Algorithm, a novel immune inspired pattern identification tool that is able to identify unknown motifs which repeat within time series data. The power of the algorithm is derived from its use of a small number of parameters with minimal assumptions. The algorithm searches from a completely neutral perspective that is independent of the data being analysed and the underlying motifs. In this paper the motif tracking algorithm is applied to the search for patterns within sequences of low level system calls between the Linux kernel and the operating system’s user space. The MTA is able to compress data found in large system call data sets to a limited number of motifs which summarise that data. The motifs provide a resource from which a profile of executed processes can be built. The potential for these profiles and new implications for security research are highlighted. A higher level system call language for measuring similarity between patterns of such calls is also suggested.
Resumo:
La desfiguración de sitios web es uno de los ataques más populares hoy en día y se basan en realizar un cambio en el código HTML de una página web, que se presenta como un cambio visual en la imagen del mismo. En el presente trabajo se propone desarrollar un sistema mediante el cual se puedan detectar y/o reportar dichos cambios de una forma temprana y automatizada. El Software Libre (SL) ofrece la posibilidad de crear soluciones y es el marco sobre el cual se propone una solución.
Resumo:
Dissertação (mestrado)—Universidade de Brasília, Instituto de Geociências, 2016.
Resumo:
Trabajo realizado en la empresa CAF Power&Automation
Resumo:
Dissertação (mestrado)—Universidade de Brasília, Instituto de Artes, Programa de Pós-Graduação em Arte, 2016.
Resumo:
Dissertação de mestrado, Engenharia Electrónica e Telecomunicações, Faculdade de Ciências e Tecnologia, Universidade do Algarve, 2011
Resumo:
Data la sempre maggiore richiesta di fabbisogno energetico, si è sviluppata una nuova filosofia nella gestione dei consumi energetici, il DSM (demand side management), che ha lo scopo di incoraggiare il consumatore ad usare energia in modo più intelligente e coscienzioso. Questo obiettivo, unito all’accumulo di energia da fonti rinnovabili, permetterà un abbassamento dell’utilizzo dell’energia elettrica proveniente dal consumo di fonti non rinnovabili e altamente inquinanti come quelle a combustibili fossili ed una diminuzione sia del consumo energetico, sia del costo per produrre energia che dell’energia stessa. L’home automation e la domotica in ambiente domestico rappresentano un esempio di DSM. L’obiettivo di questa tesi è quello di creare un sistema di home automation utilizzando tecnologie opensource. Sono stati utilizzati device come board Arduino UNO, Raspberry Pi ed un PC con sistema operativo GNU/Linux per creare una simulazione di un sistema di home automation abbinato alla gestione di celle fotovoltaiche ed energy storaging. Il sistema permette di poter spegnere un carico energetico in base a delle particolari circostanze come, per esempio, il superamento di una certa soglia di consumo di energia elettrica. Il software utilizzato è opensource e mira a poter ottimizzare il consumo energetico secondo le proprie finalità. Il tutto a dimostrare che si può creare un sistema di home automation da abbinare con il presente e futuro delle fonti rinnovabili utilizzando tecnologie libere in modo tale da preservare privacy e security oltre che customizzazione e possibilità di adattamento a diverse circostanze. Nella progettazione del sistema è stato implementato un algoritmo per gestire varie situazioni all’interno di un ambiente domestico. La realizzazione di tale algoritmo ha prodotto ottimi risultati nella raggiungimento degli obiettivi prefissati. Il progetto di questa tesi può essere ulteriormente ampliato ed il codice è reperibile in un repository pubblico.
Resumo:
The objective of this research is to identify the factors that influence the migration of free software to proprietary software, or vice-versa. The theoretical framework was developed in light of the Diffusion of Innovations Theory (DIT) proposed by Rogers (1976, 1995), and the Unified Theory of Acceptance and Use of Technology (UTAUT) proposed by Venkatesh, Morris, Davis and Davis (2003). The research was structured in two phases: the first phase was exploratory, characterized by adjustments of the revised theory to fit Brazilian reality and the identification of companies that could be the subject of investigation; and the second phase was qualitative, in which case studies were conducted at ArcelorMittal Tubarão (AMT), a private company that migrated from proprietary software (Unix) to free software (Linux), and the city government of Serra, in Espírito Santo state, a public organization that migrated from free software (OpenOffice) to proprietary (MS Office). The results show that software migration decision takes into account factors that go beyond issues involving technical or cost aspects, such as cultural barriers, user rejection and resistance to change. These results underscore the importance of social aspects, which can play a decisive role in the decision regarding software migration and its successful implementation.
Resumo:
O presente trabalho propõe-se estudar a execução "cruzada” de produtos/aplicações, particularmente de aplicações num sistema para o qual não foram concebidas. Em concreto, pretende-se analisar a execução de programas nativos do Windows em ambiente Linux e vice-versa. Na exploração desta tese foi seleccionado um conjunto representativo de diferentes aplicações, desde produtos genéricos como o Microsoft Office, soluções ERP (Enterprise Resource Planning) e software mais utilizado em ambientes académicos e científicos. Para a execução de aplicações-Windows no Linux utilizaram-se essencialmente dois tipos de ferramentas: a camada de tradução Wine (capaz de executar programas nativos do Windows) e máquinas virtuais, como a VirtualBox e VMWare Player. Para a componente inversa deste trabalho (a execução de aplicações Linux em Windows), fez-se uso essencialmente dessas mesmas máquinas virtuais contendo embora (tendolhes sido adicionadas) as distribuições Linux, o Ubuntu 10.04 e OpenSUSE 11.3. ABSTRACT: This work intent to examine the "crossed “execution of products / applications, particularly in an operative system for which such products and applications were not designed. More specially, the purpose of this work is to analyze the performance of native Windows programs under within Linux and vice versa. Throughout the development of this thesis we selected a representative set of different applications, from generic products such 88 Microsoft Office, ERP (Enterprise Resource Planning) and software mainly used in academic and scientific environments. For the execution of Windows applications in Linux, we used essentially two types of tools: the translation layer Wine (capable of running native Windows programs) and virtual machines, such 88 VirtualBox and VMWare Player. For the reverse case, running Linux applications in Windows, the main solution was the use of virtual machines, added with Linux distributions, Ubuntu 10.04 and OpenSUSE 11.3.