984 resultados para security features
Resumo:
With the recent explosion in the complexity and amount of digital multimedia data, there has been a huge impact on the operations of various organizations in distinct areas, such as government services, education, medical care, business, entertainment, etc. To satisfy the growing demand of multimedia data management systems, an integrated framework called DIMUSE is proposed and deployed for distributed multimedia applications to offer a full scope of multimedia related tools and provide appealing experiences for the users. This research mainly focuses on video database modeling and retrieval by addressing a set of core challenges. First, a comprehensive multimedia database modeling mechanism called Hierarchical Markov Model Mediator (HMMM) is proposed to model high dimensional media data including video objects, low-level visual/audio features, as well as historical access patterns and frequencies. The associated retrieval and ranking algorithms are designed to support not only the general queries, but also the complicated temporal event pattern queries. Second, system training and learning methodologies are incorporated such that user interests are mined efficiently to improve the retrieval performance. Third, video clustering techniques are proposed to continuously increase the searching speed and accuracy by architecting a more efficient multimedia database structure. A distributed video management and retrieval system is designed and implemented to demonstrate the overall performance. The proposed approach is further customized for a mobile-based video retrieval system to solve the perception subjectivity issue by considering individual user's profile. Moreover, to deal with security and privacy issues and concerns in distributed multimedia applications, DIMUSE also incorporates a practical framework called SMARXO, which supports multilevel multimedia security control. SMARXO efficiently combines role-based access control (RBAC), XML and object-relational database management system (ORDBMS) to achieve the target of proficient security control. A distributed multimedia management system named DMMManager (Distributed MultiMedia Manager) is developed with the proposed framework DEMUR; to support multimedia capturing, analysis, retrieval, authoring and presentation in one single framework.
Resumo:
Data mining can be defined as the extraction of implicit, previously un-known, and potentially useful information from data. Numerous re-searchers have been developing security technology and exploring new methods to detect cyber-attacks with the DARPA 1998 dataset for Intrusion Detection and the modified versions of this dataset KDDCup99 and NSL-KDD, but until now no one have examined the performance of the Top 10 data mining algorithms selected by experts in data mining. The compared classification learning algorithms in this thesis are: C4.5, CART, k-NN and Nave Bayes. The performance of these algorithms are compared with accuracy, error rate and average cost on modified versions of NSL-KDD train and test dataset where the instances are classified into normal and four cyber-attack categories: DoS, Probing, R2L and U2R. Additionally the most important features to detect cyber-attacks in all categories and in each category are evaluated with Wekas Attribute Evaluator and ranked according to Information Gain. The results show that the classification algorithm with best performance on the dataset is the k-NN algorithm. The most important features to detect cyber-attacks are basic features such as the number of seconds of a network connection, the protocol used for the connection, the network service used, normal or error status of the connection and the number of data bytes sent. The most important features to detect DoS, Probing and R2L attacks are basic features and the least important features are content features. Unlike U2R attacks, where the content features are the most important features to detect attacks.
Resumo:
We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.
Resumo:
SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisations confidential data. This is done by an intruder re-crafting web forms input and query strings used in web requests with malicious intent to compromise the security of an organisations confidential data stored at the back-end database. The database is the most valuable data source, and thus, intruders are unrelenting in constantly evolving new techniques to bypass the signatures solutions currently provided in Web Application Firewalls (WAF) to mitigate SQLIA. There is therefore a need for an automated scalable methodology in the pre-processing of SQLIA features fit for a supervised learning model. However, obtaining a ready-made scalable dataset that is feature engineered with numerical attributes dataset items to train Artificial Neural Network (ANN) and Machine Leaning (ML) models is a known issue in applying artificial intelligence to effectively address ever evolving novel SQLIA signatures. This proposed approach applies numerical attributes encoding ontology to encode features (both legitimate web requests and SQLIA) to numerical data items as to extract scalable dataset for input to a supervised learning model in moving towards a ML SQLIA detection and prevention model. In numerical attributes encoding of features, the proposed model explores a hybrid of static and dynamic pattern matching by implementing a Non-Deterministic Finite Automaton (NFA). This combined with proxy and SQL parser Application Programming Interface (API) to intercept and parse web requests in transition to the back-end database. In developing a solution to address SQLIA, this model allows processed web requests at the proxy deemed to contain injected query string to be excluded from reaching the target back-end database. This paper is intended for evaluating the performance metrics of a dataset obtained by numerical encoding of features ontology in Microsoft Azure Machine Learning (MAML) studio using Two-Class Support Vector Machines (TCSVM) binary classifier. This methodology then forms the subject of the empirical evaluation.
Resumo:
The past several years have seen the surprising and rapid rise of Bitcoin and other cryptocurrencies. These are decentralized peer-to-peer networks that allow users to transmit money, tocompose financial instruments, and to enforce contracts between mutually distrusting peers, andthat show great promise as a foundation for financial infrastructure that is more robust, efficientand equitable than ours today. However, it is difficult to reason about the security of cryptocurrencies. Bitcoin is a complex system, comprising many intricate and subtly-interacting protocol layers. At each layer it features design innovations that (prior to our work) have not undergone any rigorous analysis. Compounding the challenge, Bitcoin is but one of hundreds of competing cryptocurrencies in an ecosystem that is constantly evolving. The goal of this thesis is to formally reason about the security of cryptocurrencies, reining in their complexity, and providing well-defined and justified statements of their guarantees. We provide a formal specification and construction for each layer of an abstract cryptocurrency protocol, and prove that our constructions satisfy their specifications. The contributions of this thesis are centered around two new abstractions: scratch-off puzzles, and the blockchain functionality model. Scratch-off puzzles are a generalization of the Bitcoin mining algorithm, its most iconic and novel design feature. We show how to provide secure upgrades to a cryptocurrency by instantiating the protocol with alternative puzzle schemes. We construct secure puzzles that address important and well-known challenges facing Bitcoin today, including wasted energy and dangerous coalitions. The blockchain functionality is a general-purpose model of a cryptocurrency rooted in the Universal Composability cryptography theory. We use this model to express a wide range of applications, including transparent smart contracts (like those featured in Bitcoin and Ethereum), and also privacy-preserving applications like sealed-bid auctions. We also construct a new protocol compiler, called Hawk, which translates user-provided specifications into privacy-preserving protocols based on zero-knowledge proofs.
Resumo:
In the past few years, human facial age estimation has drawn a lot of attention in the computer vision and pattern recognition communities because of its important applications in age-based image retrieval, security control and surveillance, biomet- rics, human-computer interaction (HCI) and social robotics. In connection with these investigations, estimating the age of a person from the numerical analysis of his/her face image is a relatively new topic. Also, in problems such as Image Classification the Deep Neural Networks have given the best results in some areas including age estimation. In this work we use three hand-crafted features as well as five deep features that can be obtained from pre-trained deep convolutional neural networks. We do a comparative study of the obtained age estimation results with these features.
Resumo:
Recent technological advancements have played a key role in seamlessly integrating cloud, edge, and Internet of Things (IoT) technologies, giving rise to the Cloud-to-Thing Continuum paradigm. This cloud model connects many heterogeneous resources that generate a large amount of data and collaborate to deliver next-generation services. While it has the potential to reshape several application domains, the number of connected entities remarkably broadens the security attack surface. One of the main problems is the lack of security measures to adapt to the dynamic and evolving conditions of the Cloud-To-Thing Continuum. To address this challenge, this dissertation proposes novel adaptable security mechanisms. Adaptable security is the capability of security controls, systems, and protocols to dynamically adjust to changing conditions and scenarios. However, since the design and development of novel security mechanisms can be explored from different perspectives and levels, we place our attention on threat modeling and access control. The contributions of the thesis can be summarized as follows. First, we introduce a model-based methodology that secures the design of edge and cyber-physical systems. This solution identifies threats, security controls, and moving target defense techniques based on system features. Then, we focus on access control management. Since access control policies are subject to modifications, we evaluate how they can be efficiently shared among distributed areas, highlighting the effectiveness of distributed ledger technologies. Furthermore, we propose a risk-based authorization middleware, adjusting permissions based on real-time data, and a federated learning framework that enhances trustworthiness by weighting each client's contributions according to the quality of their partial models. Finally, since authorization revocation is another critical concern, we present an efficient revocation scheme for verifiable credentials in IoT networks, featuring decentralization, demanding minimum storage and computing capabilities. All the mechanisms have been evaluated in different conditions, proving their adaptability to the Cloud-to-Thing Continuum landscape.
Resumo:
Embedded systems are increasingly integral to daily life, improving and facilitating the efficiency of modern Cyber-Physical Systems which provide access to sensor data, and actuators. As modern architectures become increasingly complex and heterogeneous, their optimization becomes a challenging task. Additionally, ensuring platform security is important to avoid harm to individuals and assets. This study primarily addresses challenges in contemporary Embedded Systems, focusing on platform optimization and security enforcement. The initial section of this study delves into the application of machine learning methods to efficiently determine the optimal number of cores for a parallel RISC-V cluster to minimize energy consumption using static source code analysis. Results demonstrate that automated platform configuration is not only viable but also that there is a moderate performance trade-off when relying solely on static features. The second part focuses on addressing the problem of heterogeneous device mapping, which involves assigning tasks to the most suitable computational device in a heterogeneous platform for optimal runtime. The contribution of this section lies in the introduction of novel pre-processing techniques, along with a training framework called Siamese Networks, that enhances the classification performance of DeepLLVM, an advanced approach for task mapping. Importantly, these proposed approaches are independent from the specific deep-learning model used. Finally, this research work focuses on addressing issues concerning the binary exploitation of software running in modern Embedded Systems. It proposes an architecture to implement Control-Flow Integrity in embedded platforms with a Root-of-Trust, aiming to enhance security guarantees with limited hardware modifications. The approach involves enhancing the architecture of a modern RISC-V platform for autonomous vehicles by implementing a side-channel communication mechanism that relays control-flow changes executed by the process running on the host core to the Root-of-Trust. This approach has limited impact on performance and it is effective in enhancing the security of embedded platforms.
Resumo:
The morphological criteria for identification of intercalated duct lesions (IDLs) of salivary glands have been defined recently. It has been hypothesised that IDL could be a precursor of basal cell adenoma (BCA). BCAs show a variety of histological patterns, and the tubular variant is the one that presents the strongest resemblance with IDLs. The aim of this study was to analyse the morphological and immunohistochemical profiles of IDLs and BCAs classified into tubular and non-tubular subtypes, to determine whether or not IDL and tubular BCA represent distinct entities. Eight IDLs, nine tubular BCAs and 19 non-tubular BCAs were studied. All tubular BCAs contained IDL-like areas, which represented 20-70% of the tumour. In non-tubular BCA, IDL-like areas were occasional and small (<5%). One patient presented IDLs, tubular BCAs and IDL/tubular BCA combined lesions. Luminal ductal cells of IDLs and tubular BCAs exhibited positivity for CK7, lysozyme, S100 and DOG1. In the non-tubular BCA group, few luminal cells exhibited such an immunoprofile; they were mainly CK14-positive. Basal/myoepithelial cells of IDLs, tubular BCAs and non-tubular BCAs were positive for CK14, calponin, -SMA and p63; they were more numerous in BCA lesions. IDL, tubular BCA and non-tubular BCA form a continuum of lesions in which IDLs are related closely to tubular BCA. In both, the immunoprofile of luminal and myoepithelial cells recapitulates the normal intercalated duct. The difference between the adenoma-like subset of IDLs and tubular BCA rests mainly on the larger numbers of myoepithelial cells in the latter. Our findings indicate that at least some BCAs can arise via IDLs.
Resumo:
To describe the clinical history of a child with aggressive behavior and recurring death-theme speech, and report the experience of the team of authors, who proposed an alternative to medication through the establishment of a protection network and the inter-sector implementation of the circle of security concept. A 5-year-old child has a violent and aggressive behavior at the day-care. The child was diagnosed by the healthcare center with depressive disorder and behavioral disorder, and was medicated with sertraline and risperidone. Side effects were observed, and the medications were discontinued. Despite several actions, such as talks, teamwork, psychological and psychiatric follow-up, the child's behavior remained unchanged. A unique therapeutic project was developed by Universidade Estadual de Campinas' Medical School students in order to establish a connection between the entities responsible for the child's care (daycare center, healthcare center, and family). Thus, the team was able to develop a basic care protection network. The implementation of the inter-sector circle of security, as well as the communication and cooperation among the teams, produced very favorable results in this case. This initiative was shown to be a feasible and effective alternative to the use of medication for this child.
Resumo:
Brazilian epidemiological studies on rheumatoid arthritis are scarce, mainly in the northeast; thus many data currently available originate from the international literature. To describe demographic, clinical and serological characteristics of patients with rheumatoid arthritis (RA) followed-up by the same physician, in state of Piau, Brazil. Data were collected between August 2010 and March 2013, in three health services of Piau that provided health care in Rheumatology: a university-affiliated hospital, a public outpatient clinic and a private clinic. The numbers represent mean SD or percentage: 47.511.03 years-old non-Caucasian woman, non-smoker (59.2%), low educational level, mean disease duration of 7.7 years 7.6, and major extra-articular manifestations were rheumatoid nodules (19.4%) and sicca syndrome (46.9%). Features of rheumatoid arthritis obtained in this study are similar to those found in some national and international studies, but we observed higher female preponderance and illiteracy rate, in addition to a moderately severe erosive disease on average, with frequent sicca and other extra-articular manifestations.
Resumo:
With a huge amount of printed documents nowadays, identifying their source is useful for criminal investigations and also to authenticate digital copies of a document. In this paper, we propose novel techniques for laser printer attribution. Our solutions do not need very high resolution scanning of the investigated document and explore the multidirectional, multiscale and low-level gradient texture patterns yielded by printing devices. The main contributions of this work are: (1) the description of printed areas using multidirectional and multiscale co-occurring texture patterns; (2) description of texture on low-level gradient areas by a convolution texture gradient filter that emphasizes textures in specific transition areas and (3) the analysis of printer patterns in segments of interest, which we call frames, instead of whole documents or only printed letters. We show by experiments in a well documented dataset that the proposed methods outperform techniques described in the literature and present near-perfect classification accuracy being very promising for deployment in real-world forensic investigations.
Resumo:
To evaluate pathologic features with implications on surgical radicality in women treated with radical hysterectomy and pelvic lymphadenectomy for cervical cancer stage IA1 with lymph vascular space invasion (LVSI) and stage IA2 by correlating findings in conization and hysterectomy specimens. Women with cervical cancer stage IA1 with LVSI and stage IA2 diagnosed by loop electrosurgical excisional procedure or cold knife conization were treated with radical hysterectomy and pelvic lymphadenectomy from January 1999 to December 2011 in 2 institutions. Fifty patients were enrolled: 40 with stage IA2 and 10 with stage IA1 with LVSI. Median age was 43 (30-67) years. All patients underwent cervical conization for diagnosis (45 loop electrosurgical excisional procedure, 5 cold knife). Lymph vascular space invasion was detected in 15 patients (30%). Two patients had positive pelvic nodes. No parametrial involvement was detected in the entire cohort. Positive margins were present in 35 patients, and residual disease was detected in 22 patients (44%). Positive margins predicted residual disease at radical hysterectomy (P = 0.02). Medium follow-up time was 51 months. One patient developed a pelvic recurrence, and there were no disease-related deaths. Patients with positive margins in cone biopsy specimens have an increased risk of residual disease at radical hysterectomy and require careful evaluation before conservative surgery. Pelvic lymph node evaluation is essential because lymph node metastasis may occur even in early stages. The lack of parametrial invasion in this study reinforces the knowledge that the select group of patients with microinvasive cervical carcinoma stages IA1 LVSI and stage IA2 have a very low risk of parametrial infiltration. Less radical surgery can be carefully considered for these patients.
Resumo:
Universidade Estadual de Campinas . Faculdade de Educao Fsica
Resumo:
PURPOSE: Apert syndrome is a rare type I acrocephalosyndactyly syndrome characterized by craniosynostosis, severe syndactyly of the hands and feet, and dysmorphic facial features. Presents autosomal dominant inheritance assigned to mutations in the fibroblast growth factor receptors gene. The oral cavity of Apert patients includes a reduction in the size of the maxilla, tooth crowding, anterior open-bite of the maxilla, impacted teeth, delayed eruption, ectopic eruption, supernumerary teeth, and thick gingiva. The mandible usually is within normal size and shape, and simulates a pseudoprognathism. CASE DESCRIPTION: A female patient, 13 years old, with diagnosis of Apert syndrome, attended a dental radiology clinic. The clinical signs were occular anomalies, dysmorphic facial features, syndactyly and oral features observed clinically and radiographically. The patient was referred to a specialized center of clinical care for patients with special needs. CONCLUSION: Because of the multiple alterations in patients with Apert syndrome, a multidisciplinary approach, including dentists and neurosurgeons, plastic surgeons, ophthalmologists and geneticists, is essential for a successful planning and treatment.
