911 resultados para Splash guard.
Resumo:
Kernel-level malware is one of the most dangerous threats to the security of users on the Internet, so there is an urgent need for its detection. The most popular detection approach is misuse-based detection. However, it cannot catch up with today's advanced malware that increasingly apply polymorphism and obfuscation. In this thesis, we present our integrity-based detection for kernel-level malware, which does not rely on the specific features of malware. ^ We have developed an integrity analysis system that can derive and monitor integrity properties for commodity operating systems kernels. In our system, we focus on two classes of integrity properties: data invariants and integrity of Kernel Queue (KQ) requests. ^ We adopt static analysis for data invariant detection and overcome several technical challenges: field-sensitivity, array-sensitivity, and pointer analysis. We identify data invariants that are critical to system runtime integrity from Linux kernel 2.4.32 and Windows Research Kernel (WRK) with very low false positive rate and very low false negative rate. We then develop an Invariant Monitor to guard these data invariants against real-world malware. In our experiment, we are able to use Invariant Monitor to detect ten real-world Linux rootkits and nine real-world Windows malware and one synthetic Windows malware. ^ We leverage static and dynamic analysis of kernel and device drivers to learn the legitimate KQ requests. Based on the learned KQ requests, we build KQguard to protect KQs. At runtime, KQguard rejects all the unknown KQ requests that cannot be validated. We apply KQguard on WRK and Linux kernel, and extensive experimental evaluation shows that KQguard is efficient (up to 5.6% overhead) and effective (capable of achieving zero false positives against representative benign workloads after appropriate training and very low false negatives against 125 real-world malware and nine synthetic attacks). ^ In our system, Invariant Monitor and KQguard cooperate together to protect data invariants and KQs in the target kernel. By monitoring these integrity properties, we can detect malware by its violation of these integrity properties during execution.^
Resumo:
Adult male and female emperor penguins (Aptenodytes forsteri) were fitted with satellite transmitters at Pointe-Géologie (Adélie Land), Dumont d'Urville Sea coast, in November 2005. Nine of 30 data sets were selected for analyses to investigate the penguins' diving behaviour at high resolution (doi:10.1594/PANGAEA.633708, doi:10.1594/PANGAEA.633709, doi:10.1594/PANGAEA.633710, doi:10.1594/PANGAEA.633711). The profiles are in synchrony with foraging trips of the birds during austral spring (doi:10.1594/PANGAEA.472171, doi:10.1594/PANGAEA.472173, doi:10.1594/PANGAEA.472164, doi:10.1594/PANGAEA.472160, doi:10.1594/PANGAEA.472161). Corresponding high resolution winter data (n = 5; archived elsewhere) were provided by A. Ancel, Centre d'Ecologie et Physiologie Energétiques, CNRS, Strasbourg, France. Air-breathing divers tend to increase their overall dive duration with increasing dive depth. In most penguin species, this occurs due to increasing transit (descent and ascent) durations but also because the duration of the bottom phase of the dive increases with increasing depth. We interpreted the efficiency with which emperor penguins can exploit different diving depths by analysing dive depth profile data of nine birds studied during the early and late chick-rearing period in Adélie Land, Antarctica. Another eight datasets of dive depth and duration frequency recordings (doi:10.1594/PANGAEA.472150, doi:10.1594/PANGAEA.472152, doi:10.1594/PANGAEA.472154, doi:10.1594/PANGAEA.472155, doi:10.1594/PANGAEA.472142, doi:10.1594/PANGAEA.472144, doi:10.1594/PANGAEA.472146, doi:10.1594/PANGAEA.472147), which backup the analysed high resolution depth profile data, and dive depth and duration frequency recordings of another bird (doi:10.1594/PANGAEA.472156, doi:10.1594/PANGAEA.472148) did not match the requirement of high resolution for analyses. Eleven additional data sets provide information on the overall foraging distribution of emperor penguins during the period analysed (doi:10.1594/PANGAEA.472157, doi:10.1594/PANGAEA.472158, doi:10.1594/PANGAEA.472162, doi:10.1594/PANGAEA.472163, doi:10.1594/PANGAEA.472166, doi:10.1594/PANGAEA.472167, doi:10.1594/PANGAEA.472168, doi:10.1594/PANGAEA.472170, doi:10.1594/PANGAEA.472172, doi:10.1594/PANGAEA.472174, doi:10.1594/PANGAEA.472175).
Resumo:
General note: Title and date provided by Bettye Lane.
Resumo:
Encryption and integrity trees guard against phys- ical attacks, but harm performance. Prior academic work has speculated around the latency of integrity verification, but has done so in an insecure manner. No industrial implementations of secure processors have included speculation. This work presents PoisonIvy, a mechanism which speculatively uses data before its integrity has been verified while preserving security and closing address-based side-channels. PoisonIvy reduces per- formance overheads from 40% to 20% for memory intensive workloads and down to 1.8%, on average.
Resumo:
Kernel-level malware is one of the most dangerous threats to the security of users on the Internet, so there is an urgent need for its detection. The most popular detection approach is misuse-based detection. However, it cannot catch up with today's advanced malware that increasingly apply polymorphism and obfuscation. In this thesis, we present our integrity-based detection for kernel-level malware, which does not rely on the specific features of malware. We have developed an integrity analysis system that can derive and monitor integrity properties for commodity operating systems kernels. In our system, we focus on two classes of integrity properties: data invariants and integrity of Kernel Queue (KQ) requests. We adopt static analysis for data invariant detection and overcome several technical challenges: field-sensitivity, array-sensitivity, and pointer analysis. We identify data invariants that are critical to system runtime integrity from Linux kernel 2.4.32 and Windows Research Kernel (WRK) with very low false positive rate and very low false negative rate. We then develop an Invariant Monitor to guard these data invariants against real-world malware. In our experiment, we are able to use Invariant Monitor to detect ten real-world Linux rootkits and nine real-world Windows malware and one synthetic Windows malware. We leverage static and dynamic analysis of kernel and device drivers to learn the legitimate KQ requests. Based on the learned KQ requests, we build KQguard to protect KQs. At runtime, KQguard rejects all the unknown KQ requests that cannot be validated. We apply KQguard on WRK and Linux kernel, and extensive experimental evaluation shows that KQguard is efficient (up to 5.6% overhead) and effective (capable of achieving zero false positives against representative benign workloads after appropriate training and very low false negatives against 125 real-world malware and nine synthetic attacks). In our system, Invariant Monitor and KQguard cooperate together to protect data invariants and KQs in the target kernel. By monitoring these integrity properties, we can detect malware by its violation of these integrity properties during execution.
Resumo:
According to life-history theory, individuals optimize their decisions in order to maximize their fitness. This raises a conflict between parents, which need to cooperate to ensure the propagation of their genes but at the same time need to minimize the associated costs. Trading-off between benefits and costs of a reproduction is one of the major forces driving demographic trends and has shaped several different parental care strategies. Using little penguins (Eudyptula minor) as a model, we investigated whether individuals of a pair provide equal parental effort when raising offspring and whether their behavior was consistent over 8 years of contrasting resource availability. Using an automated identification system, we found that 72% of little penguin pairs exhibited unforced (i.e., that did not result from desertion of 1 parent) unequal partnership through the postguard stage. This proportion was lower in favorable years. Although being an equal pair appeared to be a better strategy, it was nonetheless the least often observed. Individuals that contributed less than their partner were not less experienced (measured by age), and gender did not explain differences between partners. Furthermore, birds that contributed little or that contributed a lot tended to be consistent in their level of contribution across years. We suggest that unequal effort during breeding may reflect differences in individual quality, and we encourage future studies on parental care to consider this consistent low and high contributor behavior when investigating differences in pair investment into its offspring. Key words: attendance patterns, individual quality, meal size, parental care, reproductive costs, seabirds.
Resumo:
In this paper we propose a model for intelligent agents (sensors) on a Wireless Sensor Network to guard against energy-drain attacks in an energy-efficient and autonomous manner. This is intended to be achieved via an energy-harvested Wireless Sensor Network using a novel architecture to propagate knowledge to other sensors based on automated reasoning from an attacked sensor.
Resumo:
Starting from a descriptive analysis of the main attacks by Daesh in Tunisia, this article examines the nature and evolution of the terrorist organization in this North African country. Thus, it examines the characteristics and vicissitudes of the attack on the Bardo Museum in March 2015, the attack on the Susa beach in June 2015, the bombing of the Presidential Guard in November 2015 and, finally, the military offensive against the town of Ben Gardane in March 2016. In addition, it presents some previous facts that are relevant in this research, such as the important presence of Tunisian foreign fighters in Syria or Libya, and, in particular, the threat of Daesh in Libya to the Tunisian State
Resumo:
In establishing the reliability of performance-related design methods for concrete – which are relevant for resistance against chloride-induced corrosion - long-term experience of local materials and practices and detailed knowledge of the ambient and local micro-climate are critical. Furthermore, in the development of analytical models for performance-based design, calibration against test data representative of actual conditions in practice is required. To this end, the current study presents results from full-scale, concrete pier-stems under long-term exposure to a marine environment with work focussing on XS2 (below mid-tide level) in which the concrete is regarded as fully saturated and XS3 (tidal, splash and spray) in which the concrete is in an unsaturated condition. These exposures represent zones where concrete structures are most susceptible to ionic ingress and deterioration. Chloride profiles and chloride transport behaviour are studied using both an empirical model (erfc function) and a physical model (ClinConc). The time dependency of surface chloride concentration (Cs) and apparent diffusivity (Da) were established for the empirical model whereas, in the ClinConc model (originally based on saturated concrete), two new environmental factors were introduced for the XS3 environmental exposure zone. Although the XS3 is considered as one environmental exposure zone according to BS EN 206-1:2013, the work has highlighted that even within this zone, significant changes in chloride ingress are evident. This study aims to update the parameters of both models for predicting the long term transport behaviour of concrete subjected to environmental exposure classes XS2 and XS3.
Resumo:
Hardly a day goes by without the release of a handful of news stories about autonomous vehicles (or AVs for short). The proverbial “tipping point” of awareness has been reached in the public consciousness as AV technology is quickly becoming the new focus of firms from Silicon Valley to Detroit and beyond. Automation has, and will continue to have far-reaching implications for many human activities, but for driving, the technology is here. Google has been in talks with automaker Ford (1), Elon Musk has declared that Tesla will have the appropriate technology in two years (2), GM is paired-up with Lyft (3), Uber is in development-mode (4), Microsoft and Volvo have announced a partnership (5), Apple has been piloting its top-secret project “Titan” (6), Toyota is working on its own technology (7), as is BMW (8). Audi (9) made a splash by sending a driverless A7 concept car 550 miles from San Francisco to Las Vegas just in time to roll-into the 2016 Consumer Electronics Show. Clearly, the race is on.
Resumo:
O presente estudo exploratório visa analisar a possibilidade de existência de Sintomas Psicopatológicos nas Forças Policiais Portuguesas GNR, PSP e PJ. Por se verificar um aumento do suicídio, nestes profissionais, com uma taxa quatro vezes superior no ano de 2008. O objectivo é essencialmente o de prevenção, conhecendo as causas, poder-se-ia intervir em tempo próprio diminuindo a taxa de suicídio. Para atingir o objectivo enunciado vamos proceder à revisão da literatura e à descrição do estudo. Foram utilizados o questionário sócio-demográfico e o BSI (Brief Symptoms Inventory) na recolha dos dados de 45 polícias (15 GNR, 15 PSP e 15 PJ) que exercem funções na Zona Centro do País e que voluntariamente colaboraram. Uma vez recolhidos os dados, estes foram introduzidos e processados no SPSS (Statistical Package for the Social Sciences) versão 13.0. Os resultados obtidos permitiram concluir que não existem diferenças estatisticamente significativas nas diferentes Forças policiais, relativamente aos sintomas Psicopatológicos. / This present exploratory study pretends to analyze the existence of psicopatologic symptoms in the Portuguese Policies Forces, Republican National Guard, Public Security Police and Judicial Police. By the constatation of the increase of the suicidal tendence in this professionals, with a four time superior tax when compared with 2008. The essential objective is the prevention of suicide, well known their causes, we will can act in the own an favorable timing diminishing the tax of suicidal tentative. To obtain the pronounced objective, we will proceed to a reading revision over the behaviour characteristics as the subjects that commit suicide and the role of the police activities that have over the happenings. After, that we will describe the used metodology that involve a social demographic enquire and the BSI that (Brief Symptoms Inventory) over a sample of 45 police man (15 GNR, 15 PSP and 15 PJ) wich activities are situated in the center of Portugal that have been voluntary to this experience. Once data is collected, it was entered into a computerized database and processed in the statistical program SPSS (Statistical Package for the Social Sciences). The obtained results will allow to conclude if exist significant statistical differences in the various Policies Forces, related with the psicopatologic symptoms.
