361 resultados para malicious gossip
Resumo:
Road traffic crashes have emerged as a major health problem around the world. Road crash fatalities and injuries have been reduced significantly in developed countries, but they are still an issue in low and middle-income countries. The World Health Organization (WHO, 2009) estimates that the death toll from road crashes in low- and middle-income nations is more than 1 million people per year, or about 90% of the global road toll, even though these countries only account for 48% of the world's vehicles. Furthermore, it is estimated that approximately 265,000 people die every year in road crashes in South Asian countries and Pakistan stands out with 41,494 approximately deaths per year. Pakistan has the highest rate of fatalities per 100,000 population in the region and its road crash fatality rate of 25.3 per 100,000 population is more than three times that of Australia's. High numbers of road crashes not only cause pain and suffering to the population at large, but are also a serious drain on the country's economy, which Pakistan can ill-afford. Most studies identify human factors as the main set of contributing factors to road crashes, well ahead of road environment and vehicle factors. In developing countries especially, attention and resources are required in order to improve things such as vehicle roadworthiness and poor road infrastructure. However, attention to human factors is also critical. Human factors which contribute to crashes include high risk behaviours like speeding and drink driving, and neglect of protective behaviours such as helmet wearing and seat belt wearing. Much research has been devoted to the attitudes, beliefs and perceptions which contribute to these behaviours and omissions, in order to develop interventions aimed at increasing safer road use behaviours and thereby reducing crashes. However, less progress has been made in addressing human factors contributing to crashes in developing countries as compared to the many improvements in road environments and vehicle standards, and this is especially true of fatalistic beliefs and behaviours. This is a significant omission, since in different cultures in developing countries there are strong worldviews in which predestination persists as a central idea, i.e. that one's life (and death) and other events have been mapped out and are predetermined. Fatalism refers to a particular way in which people regard the events that occur in their lives, usually expressed as a belief that an individual does not have personal control over circumstances and that their lives are determined through a divine or powerful external agency (Hazen & Ehiri, 2006). These views are at odds with the dominant themes of modern health promotion movements, and present significant challenges for health advocates who aim to avert road crashes and diminish their consequences. The limited literature on fatalism reveals that it is not a simple concept, with religion, culture, superstition, experience, education and degree of perceived control of one's life all being implicated in accounts of fatalism. One distinction in the literature that seems promising is the distinction between empirical and theological fatalism, although there are areas of uncertainty about how well-defined the distinction between these types of fatalism is. Research into road safety in Pakistan is scarce, as is the case for other South Asian countries. From the review of the literature conducted, it is clear that the descriptions given of the different belief systems in developing countries including Pakistan are not entirely helpful for health promotion purposes and that further research is warranted on the influence of fatalism, superstition and other related beliefs in road safety. Based on the information available, a conceptual framework is developed as a means of structuring and focusing the research and analysis. The framework is focused on the influence of fatalism, superstition, religion and culture on beliefs about crashes and road user behaviour. Accordingly, this research aims to provide an understanding of the operation of fatalism and related beliefs in Pakistan to assist in the development and implementation of effective and culturally appropriate interventions. The research examines the influence of fatalism, superstition, religious and cultural beliefs on risky road use in Pakistan and is guided by three research questions: 1. What are the perceptions of road crash causation in Pakistan, in particular the role of fatalism, superstition, religious and cultural beliefs? 2. How does fatalism, superstition, and religious and cultural beliefs influence road user behaviour in Pakistan? 3. Do fatalism, superstition, and religious and cultural beliefs work as obstacles to road safety interventions in Pakistan? To address these questions, a qualitative research methodology was developed. The research focused on gathering data through individual in-depth interviewing using a semi-structured interview format. A sample of 30 participants was interviewed in Pakistan in the cities of Lahore, Rawalpindi and Islamabad. The participants included policy makers (with responsibility for traffic law), experienced police officers, religious orators, professional drivers (truck, bus and taxi) and general drivers selected through a combination of purposive, criterion and snowball sampling. The transcripts were translated from Urdu and analysed using a thematic analysis approach guided by the conceptual framework. The findings were divided into four areas: attribution of crash causation to fatalism; attribution of road crashes to beliefs about superstition and malicious acts; beliefs about road crash causation linked to popular concepts of religion; and implications for behaviour, safety and enforcement. Fatalism was almost universally evident, and expressed in a number of ways. Fate was used to rationalise fatal crashes using the argument that the people killed were destined to die that day, one way or another. Related to this was the sense of either not being fully in control of the vehicle, or not needing to take safety precautions, because crashes were predestined anyway. A variety of superstitious-based crash attributions and coping methods to deal with road crashes were also found, such as belief in the role of the evil eye in contributing to road crashes and the use of black magic by rivals or enemies as a crash cause. There were also beliefs related to popular conceptions of religion, such as the role of crashes as a test of life or a source of martyrdom. However, superstitions did not appear to be an alternative to religious beliefs. Fate appeared as the 'default attribution' for a crash when all other explanations failed to account for the incident. This pervasive belief was utilised to justify risky road use behaviour and to resist messages about preventive measures. There was a strong religious underpinning to the statement of fatalistic beliefs (this reflects popular conceptions of Islam rather than scholarly interpretations), but also an overlap with superstitious and other culturally and religious-based beliefs which have longer-standing roots in Pakistani culture. A particular issue which is explored in more detail is the way in which these beliefs and their interpretation within Pakistani society contributed to poor police reporting of crashes. The pervasive nature of fatalistic beliefs in Pakistan affects road user behaviour by supporting continued risk taking behaviour on the road, and by interfering with public health messages about behaviours which would reduce the risk of traffic crashes. The widespread influence of these beliefs on the ways that people respond to traffic crashes and the death of family members contribute to low crash reporting rates and to a system which appears difficult to change. Fate also appeared to be a major contributing factor to non-reporting of road crashes. There also appeared to be a relationship between police enforcement and (lack of) awareness of road rules. It also appears likely that beliefs can influence police work, especially in the case of road crash investigation and the development of strategies. It is anticipated that the findings could be used as a blueprint for the design of interventions aimed at influencing broad-spectrum health attitudes and practices among the communities where fatalism is prevalent. The findings have also identified aspects of beliefs that have complex social implications when designing and piloting driver intervention strategies. By understanding attitudes and behaviours related to fatalism, superstition and other related concepts, it should be possible to improve the education of general road users, such that they are less likely to attribute road crashes to chance, fate, or superstition. This study also underscores the understanding of this issue in high echelons of society (e.g., policy makers, senior police officers) as their role is vital in dispelling road users' misconceptions about the risks of road crashes. The promotion of an evidence or scientifically-based approach to road user behaviour and road safety is recommended, along with improved professional education for police and policy makers.
Resumo:
A Delay Tolerant Network (DTN) is one where nodes can be highly mobile, with long message delay times forming dynamic and fragmented networks. Traditional centralised network security is difficult to implement in such a network, therefore distributed security solutions are more desirable in DTN implementations. Establishing effective trust in distributed systems with no centralised Public Key Infrastructure (PKI) such as the Pretty Good Privacy (PGP) scheme usually requires human intervention. Our aim is to build and compare different de- centralised trust systems for implementation in autonomous DTN systems. In this paper, we utilise a key distribution model based on the Web of Trust principle, and employ a simple leverage of common friends trust system to establish initial trust in autonomous DTN’s. We compare this system with two other methods of autonomously establishing initial trust by introducing a malicious node and measuring the distribution of malicious and fake keys. Our results show that the new trust system not only mitigates the distribution of fake malicious keys by 40% at the end of the simulation, but it also improved key distribution between nodes. This paper contributes a comparison of three de-centralised trust systems that can be employed in autonomous DTN systems.
Resumo:
Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered. These vulnerabilities are most of the time used by ma¬licious people to penetrate these IT infrastructures for mainly disrupting business or stealing intellectual pro¬perties. Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infra¬structure based on sporadic security audits. Instead net¬works should be continuously tested against possible attacks. In this paper we present current results and challenges towards realizing automated and scalable solutions to identify possible attack scenarios in an IT in¬frastructure. Namely, we define an extensible frame¬work which uses public vulnerability databases to identify pro¬bable multi-step attacks in an IT infrastructure, and pro¬vide recommendations in the form of patching strategies, topology changes, and configuration updates.
Resumo:
Citizen Science projects are initiatives in which members of the general public participate in scientific research projects and perform or manage research-related tasks such as data collection and/or data annotation. Citizen Science is technologically possible and scientifically significant. However, although research teams can save time and money by recruiting general citizens to volunteer their time and skills to help data analysis, the reliability of contributed data varies a lot. Data reliability issues are significant to the domain of Citizen Science due to the quantity and diversity of people and devices involved. Participants may submit low quality, misleading, inaccurate, or even malicious data. Therefore, finding a way to improve the data reliability has become an urgent demand. This study aims to investigate techniques to enhance the reliability of data contributed by general citizens in scientific research projects especially for acoustic sensing projects. In particular, we propose to design a reputation framework to enhance data reliability and also investigate some critical elements that should be aware of during developing and designing new reputation systems.
Resumo:
Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways from payment systems to assisting the lives of elderly or disabled people. Security threats for these devices become increasingly dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level. Therefore, third-party developers have the opportunity to develop kernel-based low-level security tools which is not normal for smartphone platforms. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS for example, holding the greatest market share among all smartphone OSs, was closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners� privacy. In this work, we present our current results in analyzing the security of Android smartphones with a focus on its Linux side. Our results are not limited to Android, they are also applicable to Linux-based smartphones such as OpenMoko Neo FreeRunner. Our contribution in this work is three-fold. First, we analyze android framework and the Linux-kernel to check security functionalities. We survey wellaccepted security mechanisms and tools which can increase device security. We provide descriptions on how to adopt these security tools on Android kernel, and provide their overhead analysis in terms of resource usage. As open smartphones are released and may increase their market share similar to Symbian, they may attract attention of malware writers. Therefore, our second contribution focuses on malware detection techniques at the kernel level. We test applicability of existing signature and intrusion detection methods in Android environment. We focus on monitoring events on the kernel; that is, identifying critical kernel, log file, file system and network activity events, and devising efficient mechanisms to monitor them in a resource limited environment. Our third contribution involves initial results of our malware detection mechanism basing on static function call analysis. We identified approximately 105 Executable and Linking Format (ELF) executables installed to the Linux side of Android. We perform a statistical analysis on the function calls used by these applications. The results of the analysis can be compared to newly installed applications for detecting significant differences. Additionally, certain function calls indicate malicious activity. Therefore, we present a simple decision tree for deciding the suspiciousness of the corresponding application. Our results present a first step towards detecting malicious applications on Android-based devices.
Resumo:
Smartphones become very critical part of our lives as they offer advanced capabilities with PC-like functionalities. They are getting widely deployed while not only being used for classical voice-centric communication. New smartphone malwares keep emerging where most of them still target Symbian OS. In the case of Symbian OS, application signing seemed to be an appropriate measure for slowing down malware appearance. Unfortunately, latest examples showed that signing can be bypassed resulting in new malware outbreak. In this paper, we present a novel approach to static malware detection in resource-limited mobile environments. This approach can be used to extend currently used third-party application signing mechanisms for increasing malware detection capabilities. In our work, we extract function calls from binaries in order to apply our clustering mechanism, called centroid. This method is capable of detecting unknown malwares. Our results are promising where the employed mechanism might find application at distribution channels, like online application stores. Additionally, it seems suitable for directly being used on smartphones for (pre-)checking installed applications.
Resumo:
Smartphones started being targets for malware in June 2004 while malware count increased steadily until the introduction of a mandatory application signing mechanism for Symbian OS in 2006. From this point on, only few news could be read on this topic. Even despite of new emerging smartphone platforms, e.g. android and iPhone, malware writers seemed to lose interest in writing malware for smartphones giving users an unappropriate feeling of safety. In this paper, we revisit smartphone malware evolution for completing the appearance list until end of 2008. For contributing to smartphone malware research, we continue this list by adding descriptions on possible techniques for creating the first malware(s) for Android platform. Our approach involves usage of undocumented Android functions enabling us to execute native Linux application even on retail Android devices. This can be exploited to create malicious Linux applications and daemons using various methods to attack a device. In this manner, we also show that it is possible to bypass the Android permission system by using native Linux applications.
Resumo:
Smartphones are steadily gaining popularity, creating new application areas as their capabilities increase in terms of computational power, sensors and communication. Emerging new features of mobile devices give opportunity to new threats. Android is one of the newer operating systems targeting smartphones. While being based on a Linux kernel, Android has unique properties and specific limitations due to its mobile nature. This makes it harder to detect and react upon malware attacks if using conventional techniques. In this paper, we propose an Android Application Sandbox (AASandbox) which is able to perform both static and dynamic analysis on Android programs to automatically detect suspicious applications. Static analysis scans the software for malicious patterns without installing it. Dynamic analysis executes the application in a fully isolated environment, i.e. sandbox, which intervenes and logs low-level interactions with the system for further analysis. Both the sandbox and the detection algorithms can be deployed in the cloud, providing a fast and distributed detection of suspicious software in a mobile software store akin to Google's Android Market. Additionally, AASandbox might be used to improve the efficiency of classical anti-virus applications available for the Android operating system.
Resumo:
Private data stored on smartphones is a precious target for malware attacks. A constantly changing environment, e.g. switching network connections, can cause unpredictable threats, and require an adaptive approach to access control. Context-based access control is using dynamic environmental information, including it into access decisions. We propose an "ecosystem-in-an-ecosystem" which acts as a secure container for trusted software aiming at enterprise scenarios where users are allowed to use private devices. We have implemented a proof-of-concept prototype for an access control framework that processes changes to low-level sensors and semantically enriches them, adapting access control policies to the current context. This allows the user or the administrator to maintain fine-grained control over resource usage by compliant applications. Hence, resources local to the trusted container remain under control of the enterprise policy. Our results show that context-based access control can be done on smartphones without major performance impact.
Resumo:
Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways, e.g. for payment systems or assisting the lives of elderly or disabled people. Security threats for these devices become more and more dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level and where third-party developers first time have the opportunity to develop kernel-based low-level security tools. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS, holding the greatest market share among all smartphone OSs, was even closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners privacy. Since signature-based approaches mainly detect known malwares, anomaly-based approaches can be a valuable addition to these systems. They base on mathematical algorithms processing data that describe the state of a certain device. For gaining this data, a monitoring client is needed that has to extract usable information (features) from the monitored system. Our approach follows a dual system for analyzing these features. On the one hand, functionality for on-device light-weight detection is provided. But since most algorithms are resource exhaustive, remote feature analysis is provided on the other hand. Having this dual system enables event-based detection that can react to the current detection need. In our ongoing research we aim to investigates the feasibility of light-weight on-device detection for certain occasions. On other occasions, whenever significant changes are detected on the device, the system can trigger remote detection with heavy-weight algorithms for better detection results. In the absence of the server respectively as a supplementary approach, we also consider a collaborative scenario. Here, mobile devices sharing a common objective are enabled by a collaboration module to share information, such as intrusion detection data and results. This is based on an ad-hoc network mode that can be provided by a WiFi or Bluetooth adapter nearly every smartphone possesses.
Resumo:
Many software applications extend their functionality by dynamically loading executable components into their allocated address space. Such components, exemplified by browser plugins and other software add-ons, not only enable reusability, but also promote programming simplicity, as they reside in the same address space as their host application, supporting easy sharing of complex data structures and pointers. However, such components are also often of unknown provenance and quality and may be riddled with accidental bugs or, in some cases, deliberately malicious code. Statistics show that such component failures account for a high percentage of software crashes and vulnerabilities. Enabling isolation of such fine-grained components is therefore necessary to increase the stability, security and resilience of computer programs. This thesis addresses this issue by showing how host applications can create isolation domains for individual components, while preserving the benefits of a single address space, via a new architecture for software isolation called LibVM. Towards this end, we define a specification which outlines the functional requirements for LibVM, identify the conditions under which these functional requirements can be met, define an abstract Application Programming Interface (API) that encompasses the general problem of isolating shared libraries, thus separating policy from mechanism, and prove its practicality with two concrete implementations based on hardware virtualization and system call interpositioning, respectively. The results demonstrate that hardware isolation minimises the difficulties encountered with software based approaches, while also reducing the size of the trusted computing base, thus increasing confidence in the solution’s correctness. This thesis concludes that, not only is it feasible to create such isolation domains for individual components, but that it should also be a fundamental operating system supported abstraction, which would lead to more stable and secure applications.
Resumo:
Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.
Resumo:
As a decentralised communication technology, the Internet has offered much autonomy and unprecedented communication freedom to the Chinese public. Yet the Chinese government has imposed different forms of censorship over cyberspace. However, the Hong Kong erotic photo scandal reshuffles the traditional understanding of censorship in China as it points to a different territory. The paper takes the Hong Kong erotic photo scandal in 2008 as a case study and aims to examine the social and generational conflicts hidden in China. When thousands of photos containing sexually explicit images of Hong Kong celebrities were released on the Internet, gossip, controversies and eroticism fuelled the public discussion and threatened traditional values in China. The Internet provides an alternative space for the young Chinese who have been excluded from mainstream social discourse to engage in public debates. This, however, creates concerns, fear and even anger among the older generations in China, because they can no longer control, monitor and educate their children in the way that their predecessors have done for centuries. The photo scandal illustrates the internal social conflicts and distrust between generations in China and the generational conflict has a far-reaching political ramification as it creates a new concept of censorship.
Resumo:
Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.
Resumo:
A one-time program is a hypothetical device by which a user may evaluate a circuit on exactly one input of his choice, before the device self-destructs. One-time programs cannot be achieved by software alone, as any software can be copied and re-run. However, it is known that every circuit can be compiled into a one-time program using a very basic hypothetical hardware device called a one-time memory. At first glance it may seem that quantum information, which cannot be copied, might also allow for one-time programs. But it is not hard to see that this intuition is false: one-time programs for classical or quantum circuits based solely on quantum information do not exist, even with computational assumptions. This observation raises the question, "what assumptions are required to achieve one-time programs for quantum circuits?" Our main result is that any quantum circuit can be compiled into a one-time program assuming only the same basic one-time memory devices used for classical circuits. Moreover, these quantum one-time programs achieve statistical universal composability (UC-security) against any malicious user. Our construction employs methods for computation on authenticated quantum data, and we present a new quantum authentication scheme called the trap scheme for this purpose. As a corollary, we establish UC-security of a recent protocol for delegated quantum computation.
