928 resultados para malicious users
Resumo:
Contemporary integrated circuits are designed and manufactured in a globalized environment leading to concerns of piracy, overproduction and counterfeiting. One class of techniques to combat these threats is circuit obfuscation which seeks to modify the gate-level (or structural) description of a circuit without affecting its functionality in order to increase the complexity and cost of reverse engineering. Most of the existing circuit obfuscation methods are based on the insertion of additional logic (called “key gates”) or camouflaging existing gates in order to make it difficult for a malicious user to get the complete layout information without extensive computations to determine key-gate values. However, when the netlist or the circuit layout, although camouflaged, is available to the attacker, he/she can use advanced logic analysis and circuit simulation tools and Boolean SAT solvers to reveal the unknown gate-level information without exhaustively trying all the input vectors, thus bringing down the complexity of reverse engineering. To counter this problem, some ‘provably secure’ logic encryption algorithms that emphasize methodical selection of camouflaged gates have been proposed previously in literature [1,2,3]. The contribution of this paper is the creation and simulation of a new layout obfuscation method that uses don't care conditions. We also present proof-of-concept of a new functional or logic obfuscation technique that not only conceals, but modifies the circuit functionality in addition to the gate-level description, and can be implemented automatically during the design process. Our layout obfuscation technique utilizes don’t care conditions (namely, Observability and Satisfiability Don’t Cares) inherent in the circuit to camouflage selected gates and modify sub-circuit functionality while meeting the overall circuit specification. Here, camouflaging or obfuscating a gate means replacing the candidate gate by a 4X1 Multiplexer which can be configured to perform all possible 2-input/ 1-output functions as proposed by Bao et al. [4]. It is important to emphasize that our approach not only obfuscates but alters sub-circuit level functionality in an attempt to make IP piracy difficult. The choice of gates to obfuscate determines the effort required to reverse engineer or brute force the design. As such, we propose a method of camouflaged gate selection based on the intersection of output logic cones. By choosing these candidate gates methodically, the complexity of reverse engineering can be made exponential, thus making it computationally very expensive to determine the true circuit functionality. We propose several heuristic algorithms to maximize the RE complexity based on don’t care based obfuscation and methodical gate selection. Thus, the goal of protecting the design IP from malicious end-users is achieved. It also makes it significantly harder for rogue elements in the supply chain to use, copy or replicate the same design with a different logic. We analyze the reverse engineering complexity by applying our obfuscation algorithm on ISCAS-85 benchmarks. Our experimental results indicate that significant reverse engineering complexity can be achieved at minimal design overhead (average area overhead for the proposed layout obfuscation methods is 5.51% and average delay overhead is about 7.732%). We discuss the strengths and limitations of our approach and suggest directions that may lead to improved logic encryption algorithms in the future. References: [1] R. Chakraborty and S. Bhunia, “HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493–1502, 2009. [2] J. A. Roy, F. Koushanfar, and I. L. Markov, “EPIC: Ending Piracy of Integrated Circuits,” in 2008 Design, Automation and Test in Europe, 2008, pp. 1069–1074. [3] J. Rajendran, M. Sam, O. Sinanoglu, and R. Karri, “Security Analysis of Integrated Circuit Camouflaging,” ACM Conference on Computer Communications and Security, 2013. [4] Bao Liu, Wang, B., "Embedded reconfigurable logic for ASIC design obfuscation against supply chain attacks,"Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014 , vol., no., pp.1,6, 24-28 March 2014.
Resumo:
Authentication plays an important role in how we interact with computers, mobile devices, the web, etc. The idea of authentication is to uniquely identify a user before granting access to system privileges. For example, in recent years more corporate information and applications have been accessible via the Internet and Intranet. Many employees are working from remote locations and need access to secure corporate files. During this time, it is possible for malicious or unauthorized users to gain access to the system. For this reason, it is logical to have some mechanism in place to detect whether the logged-in user is the same user in control of the user's session. Therefore, highly secure authentication methods must be used. We posit that each of us is unique in our use of computer systems. It is this uniqueness that is leveraged to "continuously authenticate users" while they use web software. To monitor user behavior, n-gram models are used to capture user interactions with web-based software. This statistical language model essentially captures sequences and sub-sequences of user actions, their orderings, and temporal relationships that make them unique by providing a model of how each user typically behaves. Users are then continuously monitored during software operations. Large deviations from "normal behavior" can possibly indicate malicious or unintended behavior. This approach is implemented in a system called Intruder Detector (ID) that models user actions as embodied in web logs generated in response to a user's actions. User identification through web logs is cost-effective and non-intrusive. We perform experiments on a large fielded system with web logs of approximately 4000 users. For these experiments, we use two classification techniques; binary and multi-class classification. We evaluate model-specific differences of user behavior based on coarse-grain (i.e., role) and fine-grain (i.e., individual) analysis. A specific set of metrics are used to provide valuable insight into how each model performs. Intruder Detector achieves accurate results when identifying legitimate users and user types. This tool is also able to detect outliers in role-based user behavior with optimal performance. In addition to web applications, this continuous monitoring technique can be used with other user-based systems such as mobile devices and the analysis of network traffic.
Resumo:
We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.
Resumo:
Modern automobiles are no longer just mechanical tools. The electronics and computing services they are shipping with are making them not less than a computer. They are massive kinetic devices with sophisticated computing power. Most of the modern vehicles are made with the added connectivity in mind which may be vulnerable to outside attack. Researchers have shown that it is possible to infiltrate into a vehicle’s internal system remotely and control the physical entities such as steering and brakes. It is quite possible to experience such attacks on a moving vehicle and unable to use the controls. These massive connected computers can be life threatening as they are related to everyday lifestyle. First part of this research studied the attack surfaces in the automotive cybersecurity domain. It also illustrated the attack methods and capabilities of the damages. Online survey has been deployed as data collection tool to learn about the consumers’ usage of such vulnerable automotive services. The second part of the research portrayed the consumers’ privacy in automotive world. It has been found that almost hundred percent of modern vehicles has the capabilities to send vehicle diagnostic data as well as user generated data to their manufacturers, and almost thirty five percent automotive companies are collecting them already. Internet privacy has been studies before in many related domain but no privacy scale were matched for automotive consumers. It created the research gap and motivation for this thesis. A study has been performed to use well established consumers privacy scale – IUIPC to match with the automotive consumers’ privacy situation. Hypotheses were developed based on the IUIPC model for internet consumers’ privacy and they were studied by the finding from the data collection methods. Based on the key findings of the research, all the hypotheses were accepted and hence it is found that automotive consumers’ privacy did follow the IUIPC model under certain conditions. It is also found that a majority of automotive consumers use the services and devices that are vulnerable and prone to cyber-attacks. It is also established that there is a market for automotive cybersecurity services and consumers are willing to pay certain fees to avail that.
Resumo:
The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.
Resumo:
This paper reflects the changing notion of the Virtual University and its realization. We introduce an approach from the Sociology of Science and Technology (STS) which analyses the construction of the “student as a user” as seen through the “eyes of designers”. We ask how social relations are built into technological artefacts. In showing how socio-technical developments transcend sometimes contradict and various notions of “the student” we discuss difficulties and chances of bridging the gap between designers of e-learning-artefacts and its assumed addresses. (DIPF/Orig.)
Resumo:
This paper aims to categorize Brazilian Internet users according to the diversity of their online activities and to assess the propensity of these Internet users´ groups to use electronic government (e-gov) services. The Amartya Sen’s Capability Approach was adopted as the theoretical framework for its consideration of people’s freedom to decide on their use of available resources and their competencies for these decisions, leading to the use of e-gov services. Multivariate statistical techniques were used to perform data analysis from the 2007, 2009 and 2011 editions of ICT Household Survey. The results showed that Internet users belonging to the advanced and intermediate use groups were more likely to use e-gov services than those who belong to the sporadic use group. Moreover, the results also demonstrated that the Internet user group of intermediate use presented a higher tendency to use e-gov services than the Internet user group of advanced use. This tendency is possibly related to the extensive use of interactive and collaborative activities of leisure and entertainment performed by this type of user. The findings of this research may be useful in guiding public policies for the dissemination and provision of electronic government services in Brazil.
Resumo:
The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.
Resumo:
Poor medication adherence is problematic among HIV positive, low-income African-American substance users. Substance use has been shown to be associated with poor medication adherence, though we do not know the mechanism that underlies this relationship. Lack of positive environmental rewards and the propensity to discount delayed rewards may be possible mechanisms to explain this relationship. Using baseline data from a randomized controlled trial, we examined the relationships between substance use and medication adherence, testing both environmental rewards and delay discounting as independent mediators. There was a main effect of substance use on adherence, such that high frequency of substance use predicted poor adherence. There was also a main effect of environmental rewards on adherence, such that a lack of environmental reinforcement predicted poor adherence. This study shed light on the processes that contribute to low adherence, namely substance use and lack of environmental contingencies, and suggests important targets for intervention.
Resumo:
Texto completo em atas de encontros científicos internacionais com arbitragem
Resumo:
HIV-positive individuals engage in substance use at higher rates than the general population and are more likely to also suffer from concurrent psychiatric disorders and substance use disorders. Despite this, little is known about the unique clinical concerns of HIV-positive individuals entering substance use treatment. This study examined the clinical characteristics of clients (N=1712) entering residential substance use treatment as a function of self-reported HIV status (8.65% HIV-positive). Results showed higher levels of concurrent substance use and psychiatric disorders for HIV-positive individuals, who were also significantly more likely to meet criteria for bipolar disorder and borderline personality disorder. Past diagnoses of depression, posttraumatic stress disorder, and social phobia were also significantly more common. Study findings indicate a need to provide more intensive care for HIV-positive individuals, including resources targeted at concurrent psychiatric problems, to ensure positive treatment outcomes following residential substance use treatment discharge.
Resumo:
Strong evidence suggests that the climate is changing and that these changes are largely caused by human activities. A consensus exists among researchers that human activity is causing global warming and that actions to mitigate global warming need to be taken swiftly. The transportation sector, which relies heavily on fossil fuel burning and primarily oil, is one of the big contributors to air pollution problems at local, regional and global levels. It is the fastest growing source of greenhouse gas emissions and is estimated to be responsible for nearly a quarter of global energyrelated carbon dioxide emissions. Car sharing is a mobility solution encouraging its users to decrease private car usage in favour of communal transit and environmental goals. The idea of car sharing originates from the aspiration to decrease personal car ownership and to reduce vehicle distance travelled. This thesis seeks to complement the understanding of Finnish car sharing users and their usage through better categorization. Through better categorization and segmentation of Finnish car sharing users the thesis seeks to provide information for improved marketing insight. Research is done on the demographic and behavioural characteristics of Finnish car sharing users and they are compared with international findings about the characteristics of International car sharing users. The main research problem is Are Finnish car sharing users similar to international ones? A theoretical research framework on the determinants of individual car sharing usage is built based on international research about demographic and behaviouristic characteristics. After this a quantitative survey is performed to the customers of a Finnish car sharing organization. The data analysed in the thesis consist out of 532 answers received from the car sharing organizations customers. The data is analysed with descriptive and other exploratory methods, which create an understanding of Finnish car sharing users. At the end of the analysis the demographic and behavioural characteristics of Finnish car sharing users are compared with international ones. The research findings of the thesis indicate that the demographic and behavioural characteristics of Finnish car sharing usage largely follow those of their international counterparts. Thanks to the thesis results the car sharing organization is able to better target their customers through improved marketing insight.
Resumo:
Background The study upon which this paper is based was undertaken to understand users’ and non-users’ perceptions concerning facilitators and barriers to equitable and universal access to health care in resource-poor countries such as Malawi. In this study, non-users of health services were defined as people who were not in need of health services or those who had stopped using them due to significant barriers. Methods A total of 80 interviews with non-users of health services were conducted in Rumphi, Ntchisi, Phalombe and Blantyre Districts of Malawi. Interviews focused on why informants were not using formal health services at the time of data collection. In order to identify non-users, snowballing was used health surveillance assistants, village headmen and community members also helped. One focus group discussion was also conducted with non-users of health services who were members of the Zion Church. Results Informants described themselves as non-users of health services due to several reasons: cost of health services; long distances to health facilities; poor attitude of health workers; belief in the effectiveness of traditional medicines; old age and their failure to walk. Others were non-users due to their disability; hence they could not walk over long distances or could not communicate effectively with health providers. Some of these non-users were complete non-users, namely members of the Zion Church and those who believed in traditional medicine, and they stated that nothing could be done to transform them into users of health services. Other non-users stated that they could become users if their challenges were addressed e.g. for those who were non-users of health services due to poor attitudes of health workers, they stated that if these health workers were transferred they would be able to access health services. Conclusions Public health education targeting both health workers and non-users, ensuring a functional outreach program and addressing other health system challenges such as shortage of drugs and human resources would assist in transforming non-users into users of health services.
