Information security, privacy, and compliance models for cloud computing services

Alruwaili, Fahad F.

13 April 2016

The recent emergence and rapid advancement of Cloud Computing (CC) infrastructure and services have made outsourcing Information Technology (IT) and digital services to Cloud Providers (CPs) attractive. Cloud offerings enable reduction in IT resources (hardware, software, services, support, and staffing), and provide flexibility and agility in resource allocation, data and resource delivery, fault-tolerance, and scalability. However, the current standards and guidelines adopted by many CPs are tailored to address functionality (such as availability, speed, and utilization) and design requirements (such as integration), rather than protection against cyber-attacks and associated security issues. In order to achieve sustainable trust for cloud services with minimal risks and impact on cloud customers, appropriate cloud information security models are required. The research described in this dissertation details the processes adopted for the development and implementation of an integrated information security cloud based approach to cloud service models. This involves detailed investigation into the inherent information security deficiencies identified in the existing cloud service models, service agreements, and compliance issues. The research conducted was a multidisciplinary in nature, with detailed investigations on factors such as people, technology, security, privacy, and compliance involved in cloud risk assessment to ensure all aspects are addressed in holistic and well-structured models. The primary research objectives for this dissertation are investigated through a series of scientific papers centered on these key research disciplines. The assessment of information security, privacy, and compliance implementations in a cloud environment is described in Chapters two, three, four, and five. Paper 1 (CCIPS: A Cooperative Intrusion Detection and Prevention Framework for Cloud Services) outlines a framework for detecting and preventing known and zero-day threats targeting cloud computing networks. This framework forms the basis for implementing enhanced threat detection and prevention via behavioral and anomaly data analysis. Paper 2 (A Trusted CCIPS Framework) extends the work of cooperative intrusion detection and prevention to enable trusted delivery of cloud services. The trusted CCIPS model details and justifies the multi-layer approach to enhance the performance and efficiency of detecting and preventing cloud threats. Paper 3 (SOCaaS: Security Operations Center as a Service for Cloud Computing Environments) describes the need for a trusted third party to perform real-time monitoring of cloud services to ensure compliance with security requirements by suggesting a security operations center system architecture. Paper 4 (SecSLA: A Proactive and Secure Service Level Agreement Framework for Cloud Services) identifies the necessary cloud security and privacy controls that need to be addressed in the contractual agreements, i.e. service level agreements (SLAs), between CPs and their customers. Papers five, six, seven, and eight (Chapters 6 – 9) focus on addressing and reducing the risk issues resulting from poor assessment to the adoption of cloud services and the factors that influence such as migration. The investigation of cloud-specific information security risk management and migration readiness frameworks, detailed in Paper 5 (An Effective Risk Management Framework for Cloud Computing Services) and Paper 6 (Information Security, Privacy, and Compliance Readiness Model) was achieved through extensive consideration of all possible factors obtained from different studies. An analysis of the results indicates that several key factors, including risk tolerance, can significantly influence the migration decision to cloud technology. An additional issue found during this research in assessing the readiness of an organization to move to the cloud is the necessity to ensure that the cloud service provider is actually with information security, privacy, and compliance (ISPC) requirements. This investigation is extended in Paper 7 (A Practical Life Cycle Approach for Cloud based Information Security) to include the six phases of creating proactive cloud information security systems beginning with initial design, through the development, implementation, operations and maintenance. The inherent difficulty in identifying ISPC compliant cloud technology is resolved by employing a tracking method, namely the eligibility and verification system presented in Paper 8 (Cloud Services Information Security and Privacy Eligibility and Verification System). Finally, Paper 9 (A Case Study of Migration to a Compliant Cloud Technology) describes the actual implementation of the proposed frameworks and models to help the decision making process faced by the Saudi financial agency in migrating their IT services to the cloud. Together these models and frameworks suggest that the threats and risks associated with cloud services are continuously changing and more importantly, increasing in complexity and sophistication. They contribute to making stronger cloud based information security, privacy, and compliance technological frameworks. The outcomes obtained significantly contribute to best practices in ensuring information security controls are addressed, monitoring, enforced, and compliant with relevant regulations. / Graduate / 0984 / 0790 / fahd333@gmail.com

Cloud Computing

Intrusion Prevention

Cyber Attacks/Threats

Security Operations Centre (SOC)

Service Level Agreement (SLA)

Cloud Security Services

Cloud Governance

Cloud Compliance

Cloud Forensics

Cloud Community

Risk Management

Eligibility and Verification

Trust

Monitoring

Virtualization

Rhetorical strategies of legitimation : the 9/11 Commission's public inquiry process

Parks, Ryan William

January 2011

This research project seeks to explore aspects of the post-reporting phase of the public inquiry process. Central to the public inquiry process is the concept of legitimacy and the idea that a public inquiry provides and opportunity to re-legitimate the credibility of failed public institutions. The current literature asserts that public inquiries re-legitimise through the production of authoritative narratives. As such, most of this scholarship has focused on the production of inquiry reports and, more recently, the reports themselves. However, in an era of accountability, and in the aftermath of such a poignant attack upon society, the production of a report may represent an apogee, but by no means an end, of the re-legitimation process. Appropriately, this thesis examines the post-reporting phase of the 9/11 Commission’s public inquiry process. The 9/11 Commission provides a useful research vehicle due to the bounded, and relatively linear, implementation process of the Commission’s recommendations. In little more than four months a majority of the Commission’s recommendations were passed into law. Within this implementation phase the dominant discursive process took place in the United States Congress. It is the legislative reform debates in the House of Representatives and the Senate that is the focus of this research project. The central research question is: what rhetorical legitimation strategies were employed in the legislative reform debates of the post-reporting phase of the 9/11 Commission’s public inquiry process? This study uses a grounded theory approach to the analysis of the legislative transcripts of the Congressional reform debates. This analysis revealed that proponents employed rhetorical strategies to legitimise a legislative ‘Call to Action’ narrative. Also, they employed rhetorical legitimation strategies that emphasised themes of bipartisanship, hard work and expertise in order to strengthen the standing of the legislation. Opponents of the legislation focused rhetorical de-legitimation strategies on the theme of ‘flawed process’. Finally, nearly all legislators, regardless of their view of the legislation, sought to appropriate the authoritative legitimacy of the Commission, by employing rhetorical strategies that presented their interests and motives as in line with the actions and wishes of the Commission.

338.0068

Security Analytics: Using Deep Learning to Detect Cyber Attacks

Lambert, Glenn M, II

01 January 2017

Security attacks are becoming more prevalent as cyber attackers exploit system vulnerabilities for financial gain. The resulting loss of revenue and reputation can have deleterious effects on governments and businesses alike. Signature recognition and anomaly detection are the most common security detection techniques in use today. These techniques provide a strong defense. However, they fall short of detecting complicated or sophisticated attacks. Recent literature suggests using security analytics to differentiate between normal and malicious user activities. The goal of this research is to develop a repeatable process to detect cyber attacks that is fast, accurate, comprehensive, and scalable. A model was developed and evaluated using several production log files provided by the University of North Florida Information Technology Security department. This model uses security analytics to complement existing security controls to detect suspicious user activity occurring in real time by applying machine learning algorithms to multiple heterogeneous server-side log files. The process is linearly scalable and comprehensive; as such it can be applied to any enterprise environment. The process is composed of three steps. The first step is data collection and transformation which involves identifying the source log files and selecting a feature set from those files. The resulting feature set is then transformed into a time series dataset using a sliding time window representation. Each instance of the dataset is labeled as green, yellow, or red using three different unsupervised learning methods, one of which is Partitioning around Medoids (PAM). The final step uses Deep Learning to train and evaluate the model that will be used for detecting abnormal or suspicious activities. Experiments using datasets of varying sizes of time granularity resulted in a very high accuracy and performance. The time required to train and test the model was surprisingly fast even for large datasets. This is the first research paper that develops a model to detect cyber attacks using security analytics; hence this research builds a foundation on which to expand upon for future research in this subject area.

Thesis

University of North Florida

UNF

Big Data Analytics

Security Analytics

Deep Learning

Cyber Attacks

Artificial Intelligence and Robotics

Information Security

Komentovaný český překlad esejistického díla: Anna Politkovskaja. Putinskaja Rossija (Biblioteka Al'debaran: http: lib.aldebaran.ru) / Annotated Тranslation of an Еssay: Anna Politkovskaya. Putinʼs Russiа (Biblioteka Al'debaran: http: lib.aldebaran.ru)

Hovorková, Aneta

January 2014

Reference 1 Abstract The aim of this Master Thesis is to present annotated translation of the chapter Nord-Ost. Noveyshaya istoriya unichtozheniya (Istoriya pervaya. Pyatyi; Istoriya vtoraya. No. 2551 - neizvestnyi; Istoriya tretya. Siradzhi, Yacha i vsye-vsye-vsye). The first part of the commentary focuses on analysis of the author's life and work, current political and social situation in the Russian Federation and the position of Russian opposition journalists and organisations. The next part presents comparative analysis of the original and also translation solutions, which were created with emphasis on the functional equivalence. In this part the translation method is presented. The closing part discusses translation solutions of the difficult parts of the text.

A Study on Fingerprinting of Locally Assigned MAC-Addresses

Djervbrant, Karl-Johan, Häggström, Andreas

January 2019

The number of WiFi Devices is increasing every day, most people traveling hasa device with a WiFi network card enabled. This is something EffectSoft AB in Halmstad utilizes in their service Flow, to track and count devices. The accuracy of counted devices was however not accurate enough for a commercial use and this is where this candidate Thesis will continue research on how to improve the accuracy. It introduces the fundamental problem on how one cannot directly count transmitted MAC-Addresses to count present devices, since the manufacturers implement features against this such as MAC-Address randomization. It covers how manufacturers are not consistent in their implementation of the IEEE 802.11 standard, how this can be utilized to estimate how many devices are present in the networkwith three different approaches. It also concludes that Control Frame Attacks is not a viable approach any longer to count devices and the best method for counting devices are a combination of Passive Probe Request Analysis techniques. / Mängden enheter som kommunicerar över WiFi ökar dagligen och idag bär de flesta människor en enhet med ett aktiverat WiFi-nätverkskort. Detta använder EffectSoft AB, ett företag i Halmstad till sin teknik Flow för att räkna mobila enheter. Noggrannheten för beräkningen är dock inte tillräckligt bra för att produkten ska kunna vara applicerbar på marknaden och därav handlar denna kandidatuppsatsen om beräkning av mobila enheter. Denna rapport presenterar de problem som man stöter på vid beräkning av mobila enheter som till exempel randomisering av MAC-Adresser. Den täcker även hur tillverkare inte är konsekventa i sin implementation av IEEE 802.11 standarden och hur detta kan utnyttjas genom tre metoderför beräkning av antal mobila enheter. Det fastställs att Control Frame Attack inte längre är en möjlig metod för syftet samt att den bästa metoden för beräkning avantalet mobila enheter är en kombination av olika passiva Probe Request analyser.

MAC-Address Randomization

Probe Request

Passive Probe Request Analysis

Control Frame Attacks

Computer Science

Network

IEEE 802.11

WiFi

Tracking

Counting.

Övrig annan teknik

Uma arquitetura para agrupamento de controles de segurança em ambientes de tecnologia da informação baseada em barganhas cooperativas irrestritas. / An architecture to grouping security controls in information technology environments based on unrestricted cooperative bargains.

Silva, Anderson Aparecido Alves da

15 December 2016

Controles de segurança, também chamados de mecanismos de proteção, voltados para previsão e detecção de eventos indesejados são cada vez mais empregados em ambientes de Tecnologia da Informação (TI). O pouco entendimento sobre as características dos eventos indesejados que agem nos sistemas e a baixa compatibilidade existente entre os diversos mecanismos de proteção são problemas que se destacam neste tipo de cenário. Diferentes configurações dificultam a combinação dos resultados destes mecanismos e raramente dois ou mais controles de segurança se complementam. Por esse motivo, o agrupamento entre mecanismos de detecção e de previsão não é trivialmente resolvido. Neste trabalho é proposta uma arquitetura, denominada de Arquitetura Estratégica de Agrupamento - Strategic Grouping Architecture (SGA) - para agrupamento de controles de segurança voltados para detecção e/ou previsão, que tem como base a busca de um equilíbrio entre as configurações e os resultados individuais de cada mecanismo de proteção envolvido. Para alcançar este equilíbrio a arquitetura proposta divide a análise dos eventos (legítimos e maliciosos) que passam pelos controles de segurança em dois níveis de abstração: o técnico, onde são coletadas as configurações e os resultados dos controles de segurança; e o estratégico, onde os dados obtidos no nível técnico são analisados por meio de barganhas cooperativas irrestritas - Unrestricted Cooperative Bargains (UCB), conceito proveniente da Teoria dos Jogos, que busca a otimização e equilíbrio entre resultados. Justamente por ser realizada em um nível de abstração diferente, a análise gerada pelo SGA identifica a influência que cada configuração exerce nos resultados agrupados. Para explorar a capacidade da arquitetura proposta, dois experimentos, bastante diferentes, que envolvem a ação de eventos indesejados em ambientes de TI são conduzidos. Os resultados obtidos mostram a viabilidade do agrupamento de controles de segurança de detecção e previsão e a possibilidade do uso do SGA em outros ambientes, que não estejam necessariamente ligados à segurança de TI. Baseada na literatura científica a validação do SGA consiste de uma transformação prévia na categoria dos jogos estratégicos usados - cooperativos para não-cooperativos - e na busca de situações como o Equilíbrio de Nash (EN) e o ótimo de Pareto, que indicam os melhores resultados de um jogo. / Security controls, also called protection mechanisms, focused on forecasting and detection of unwanted events are increasingly employed in Information Technology (IT) environments. The little understanding about the characteristics of unwanted events which act on the systems and the low rate of compatibility among several protection mechanisms are both problems that arise in that scenario. Different settings make difficult combining the results of these mechanisms and two or more controls rarely complement each other. Due to that, grouping mechanisms of detection and forecasting is not a trivial matter. In this work a framework called Strategic Grouping Architecture (SGA) is proposed to grouping security controls focused on detection and/or forecasting. SGA is based on the search for equilibrium between the settings and the individual results of each protection mechanism involved. In order to reach this equilibrium the proposed framework divide the analysis of events (legitimates and malicious) which go through the security controls in two abstract levels: the technical level, where the settings and the results of security controls are collected; and the strategic level, where the data obtained in the technical level are analyzed through Unrestricted Cooperative Bargains (UCB), concept from Game Theory that seeks to optimize and balance the results. Precisely because it is performed on a different level of abstraction, the analysis generated by the SGA identifies the influence that each setting has on the clustered results. In order to exploit the capability of the proposed architecture, two experiments, quite different, involving the action of unwanted events in IT environments, are conducted. The obtained findings show the feasibility of grouping detection and forecasting security controls and the possibility of using the SGA in other environments that are not necessarily related to IT security. Based on scientific literature SGA validation consists of a previous transformation in the category of strategy games used - cooperative to non-cooperative - and the search for situations such as the Nash Equilibrium (NE) and the Pareto optimal, indicating the best results a game.

Barganhas cooperativas irrestritas

Controles de segurança

Detection and forecasting attacks

Game theory

Kackers (Prevenção e Controle)

Mobile Ad hoc NETwork (MANET)

Mobile Ad hoc NETwork (MANET)

Security controls

Teoria dos jogos

Unrestricted cooperative bargains

Les relations américano-saoudiennes à l’épreuve des attaques du 11 septembre 2001 / The American-Saudi Relations Proof Against September 9, 2001 attacks

Kajja, Kamal

30 September 2014

La rencontre historique entre Abdul Aziz Ibn Saoud et le président américain Franklin D. Roosevelt à bord de l’U.S.S Quincy en mer rouge en février 1945, donna lieu à l’instauration des fondements d’une véritable alliance à long terme, basée sur des intérêts communs très forts entre l’Arabie Saoudite et les Etats-Unis. Le royaume a joué d’ailleurs un rôle important dans l’endiguement du nationalisme arabe et dans l’empêchement de toute pénétration soviétique au Moyen-Orient. Il a joué également un rôle central dans l’endiguement de la révolution islamique iranienne de Khomeiny. Cette alliance va mettre cependant du temps pour atteindre le degré au quelle elle est arrivée lors de la guerre du Golfe de 1990-1991, qui a eu comme résultat une présence militaire américaine permanente sur le sol saoudien et la radicalisation de l’opposition islamiste. Les attentats du 11 septembre 2001, qui ont constitué un véritable choc pour les deux pays, provoquèrent un profond malaise dans les relations américano-saoudiennes. Riyad s’est trouvée dans une situation délicate, quinze des dix neuf pirates de l’air étaient Saoudiens ainsi que le chef d’al-Qaida, Oussama Ben Laden. On assista à une détérioration des relations entre les deux pays et une grande suspicion qui eut du mal à se dissiper, malgré les déclarations de bonne volonté des dirigeants des deux pays. Soumise à d’énormes pressions américaines, l’Arabie Saoudite lança une série de réformes en vue de rassurer Washington et faire face également à une situation très compliquée sur le plan interne (problèmes socio-économiques, le rôle de l’institution religieuse wahhabite, l’extrémisme religieux, droits de la minorité chiite, la question de succession…). Le réchauffement constaté dans les relations entre les deux pays à partir de 2003, qui culmina avec l’instauration du « dialogue stratégique » en 2005, laissa rapidement place à une graduelle prise de distance entre Riyad et Washington à propos de plusieurs dossiers régionaux (la situation en Irak, les ambitions régionales ainsi que le programme nucléaire et balistique de l’Iran, le processus de paix, la Syrie…). Cette prise de distance s’est confirmée avec l’éclatement du «printemps arabe » et le lancement par les Etats-Unis d’une nouvelle stratégie, axée sur un désengagement de la puissance américaine vers la zone du Pacifique. / The Historical meeting between Adul Aziz Ibn Saoud and the US President, Franklin D. Roosevelt on bord of U.S.S Quincy in the Red Sea at February, 1945, had set up a real long standing Alliance based on a strong common Interests between Saudi Arabia and the United States. It will take a time for this Alliance to be at the level it had during the Gulf War (1990-1991), Wich had as result a permanent US Military presence in the Kingdom and the radicalization of Islamist Opposition. The 9/11 Attacks, which was a real Choc for the two Countries and provocated an Embarassment in the US- Saudi relations. Riyad was in a delicate situation, Fifteen of the Nineteen Hijackers of September 9, 11 was Saudis such as head of Al-Qaeda Oussama Ben Laden. We assisted then to a deterioration of the relations between the two Countries and a great Suspicion although some declarations of good Intentions by leaders of two Countries. Subject of a tremendous US pressures, the Saudi Arabia has inaugurated a series of Reforms to reassure Washington and to face a complicated internal situation (Socio-economic problems, the role of the Wahhabi religious Institution, religious Extremism, rights of Chia minority, the problem of succession). The warming of the relations between the two Countries by 2003 wich culminated with the instauration of « Strategic Dialogue » in 2005, made rapidly room to a gradual taken distance between Riyad and Washington about some Regional matters (Iraqi situation, the regional ambitions just as the Nuclear and Balistic program of Ira ; Peace Process ; Syria…). This taken distance is confirmed by the events of « Arab Spring » and the New American Strategy of disengagement to the Pacific Zone.

Attentats du 11 septembre 2001

Guerre du Golfe

Présence militaire permanente

Radicalisation

Opposition islamiste

Oussama Ben Laden

Pressions

Réformes

Abdul Aziz Ibn Saoud

Alliance

Gulf War

Permanent US Military Presence

Radicalization

Islamist Opposition

Septembre 9/11 Attacks

Al-Qaeda

Power and Electro-Magnetic Side-Channel Attacks : threats and countermeasures / Attaques par Canaux Auxiliaires en Consommation et Electro-Magnétique : menaces et contremesures

Lomne, Victor

07 July 2010

En cryptographie classique, un algorithme de chiffrement est considéré comme une boîte noire, et un attaquant n'a accès qu'aux textes clairs et chiffrés. Mais un circuit cryptographique émet aussi des informations sensibles lors d'une opération cryptographique, comme sa consommation de courant ou ses émissions électro-magnétiques. Par conséquent, différentes techniques, appelées attaques par canaux auxiliaires, permettent d'exploiter ces fuites d'informations physiques pour casser des algorithmes cryptographiques avec une complexité très faible en comparaison avec les méthodes de la cryptanalyse classique. Dans ce travail, les attaques par canaux auxiliaires basées sur la consommation de courant ou les émissions électro-magnétiques sont d'abord étudiées d'un point de vue algorithmique, et différentes améliorations sont proposées. Ensuite, une attention particulière est consacrée à l'exploitation du canal auxiliaire électro-magnétique, et un flot de simulation des radiations magnétiques des circuits intégrés est proposé et validé sur deux microcontrôleurs. Finalement, certaines contremesures permettant de protéger les algorithmes de chiffrement contre ces menaces, basées sur des styles de logique équilibrées, sont présentées et évaluées. / In cryptography, a cipher is considered as a black-box, and an attacker has only access to plaintexts and ciphertexts. But a real world cryptographic device leaks additionnal sensitive informations during a cryptographic operation, such as power consumption or electro-magnetic radiations. As a result, several techniques, called Side-Channel Attacks, allow exploiting these physical leakages to break ciphers with a very low complexity in comparison with methods of classical cryptanalysis. In this work, power and electro-magnetic Side-Channel Attacks are firstly studied from an algorithmic point-of-view, and some improvements are proposed. Then, a particular attention is given on the exploitation of the electro-magnetic side-channel, and a simulation flow predicting magnetic radiations of ICs is proposed and validated on two microcontrollers. Finally, some countermeasures allowing to protect ciphers against these threats, based on balanced logic styles, are presented and evaluated.

Attaques par canaux auxiliaires

Analyse differentielle de courant

Logique triple rail sécurisée

Sttl

Side-Channel Attacks

Differential Power Analysis

Differential Electro-Magnetic Analysis

Secure Triple Track Logic

Sttl

Avaliação do efeito em longo prazo do estresse neonatal causado pela separação ou privação materna em ratos sobre a expressão de comportamentos defensivos associados ao pânico / Evaluation of the long-term effect of neonatal stress caused by maternal separation or deprivation in rats on the expression of defensive behaviors associated with panic

Rosa, Daiane Santos

30 June 2017

Diversos estudos demonstram que o estresse infantil, incluindo situações de perda dos pais, negligência e abusos, representa um forte fator de risco para o desenvolvimento de transtornos de ansiedade, sendo de especial interesse para este trabalho, o transtorno do pânico. Modelos de estresse neonatal em animais de laboratório, que se baseiam na ruptura da relação mãe-filhote, como a separação materna e a privação materna, têm sido amplamente utilizados para avaliar as consequências desse estressor sobre a expressão de comportamentos defensivos associados à ansiedade na vida adulta. No entanto, pouco se sabe sobre seus efeitos em modelos animais de ataques de pânico, mais especificamente aqueles que associam esta condição emocional à resposta defensiva de fuga em animais. Diante disso, o objetivo inicial do presente trabalho foi o de estender as investigações dos efeitos do estresse neonatal sobre o comportamento de fuga de ratos adultos (após 60 dias de nascimento) observado no labirinto em T elevado (LTE), pela estimulação elétrica da substância cinzenta periaquedutal (SCPD) e durante a exposição a um ambiente em hipóxia (7% O2). Para efeitos comparativos, esses animais também foram testados em modelos animais associados à ansiedade generalizada e a depressão. Observamos que ratos Wistar submetidos à separação materna (3h/dia, do 2º ao 21º dia pós-nascimento) não diferiram de animais controles nos parâmetros comportamentais analisados nos modelos de pânico (fuga no LTE e pela estimulação elétrica da SCPD), nos de ansiedade (resposta de esquiva no LTE e o beber punido no teste de conflito de Vogel) ou no de depressão (tempo gasto em imobilidade no teste do nado forçado). Já em ratos privados da mãe (por 24h no 11º dia pós- nascimento), embora este estressor não tenha alterada a resposta de fuga no LTE, ele aumentou a expressão deste comportamento durante a exposição à hipóxia, sugestivo de um efeito panicogênico. Ainda empregando a privação materna, observamos que a administração intraperitoneal de um inibidor da síntese de serotonina, a pclorofenilalanina metil éster (p-CPA - 100mg/Kg/dia, por 4 dias antes dos testes comportamentais) facilitou a expressão do comportamento de fuga durante o teste da hipóxia nos animais controle, de maneira semelhante ao efeito obtido somente com a privação materna. Porém este tratamento não potencializou a fuga promovida pela privação materna. Já os níveis plasmáticos de corticosterona foram aumentados pela exposição à hipóxia, independentemente dos animais terem sido previamente privados da mãe ou terem recebido o pCPA antes do teste. Por fim, também observamos, através de uma análise por Western Blotting, que nem a privação materna ou a exposição à hipóxia altera a concentração de receptores serotonérgicos do tipo 5-HT1A na SCPD ou na amígdala. Em suma, nossos resultados mostram que a privação materna promove uma facilitação da resposta de fuga na hipóxia, sugerindo uma relação entre esse estresse neonatal e o desencadeamento de ataques de pânico de um subtipo específico, o pânico respiratório. Contudo, no que diz respeito ao envolvimento da neurotransmissão serotonérgica, mais estudos são necessários para entender sua participação nessa resposta. / Early life stress (ELS), including parental loss due to death, neglect or abuse, represents a major risk factor for the late development of psychiatric disorders, such as anxiety disorders. Animal models of ELS that are based on the disruption of mother-infant relationship, such as the repeated maternal separation or maternal deprivation, have been extensively used for the investigation of the longterm effects of these stressors on the expression of defensive behaviors associated with anxiety. However, little is known about their effects on animal models of panic attacks, more specifically in those that associate this emotional condition with escape behavior in animals. Therefore, the aim of the present study was to extend the investigation on the long-term consequences of neonatal stress on the escape response of adult rats (60 days after birth) evoked by the elevated T maze (ETM), electrical stimulation of the dorsal periaqueductal gray (DPAG) or hypoxia (7% O2). For comparative reasons, these animals were also tested in animal models of anxiety and depression. The results showed that the repeated maternal separation of male Wistar (3 hours/day from day 2 to 21 after birth) did not affect the behavioral indexes measured in the panic (escape in the ETM or after DPAG electrical stimulation), anxiety (ETM inhibitory avoidance or punished licking in the Vogel conflict test) or depression (time in immobility in the forced swimming test) models. On the other hand, rats submitted to maternal deprivation (24 hs in the 11th day after birth), although not differing from the control animals on escape expression in the ETM, showed a pronounced escape response during hypoxia, indicating a panicogenic-like response. Also, using this maternal deprivation protocol, we observed that systemic administration of a 5-HT synthesis inhibitor, p-chlrophenilalanine metylester (p-CPA - 100mg/Kg/day, for 4 days before the behavioral tests), facilitated escape expression during hypoxia in non-deprived animals to a level observed in non-pharmacologically treated deprived animals. We also observed that plasma corticosterone levels were increased 30 minutes after hypoxia exposure, independently of the previous condition of the animals (deprivation or drug treatment). Finally, we observed that the number of 5-HT1A receptors in the DPAG or amygdala, measured by Western Blotting, was not affect by previous maternal deprivation or exposure to hypoxia. Taken together, our results show that a single maternal deprivation episode facilitates the expression of escape behavior during hypoxia, suggesting a relationship between this ELS with the observation of a specific subtype of panic attack, the respiratory panic. Further studies are required in order to clarify the 5- HT involvement on these responses.

Dorsal periaqueductal gray matter

Early life stress

Estresse neonatal

Hipóxia

Hypoxia

Maternal deprivation

Maternal separation

Panic

Pânico

Pânico respiratório

Privação materna

Respiratory panic attacks

Separação materna

Serotonin

Serotonina

Substancia cinzenta periaquedutal

The Coming Past: A social psychological approach of the uses of historical analogies and their effects in political contexts

Ghilani, Djouaria

20 February 2019

Cette thèse a pour but d’examiner comment les individus utilisent des comparaisons entre des situations actuelles et des situations passées dans des contextes politiques. L’utilisation de telles analogies historiques a longtemps été documentée, en particulier au sein des sciences politiques, en histoire et dans les champs concernés par l’argumentation. Ces littératures ont mis en évidence la fréquence avec laquelle les responsables politiques et autres personnages publics utilisent les analogies dans des buts de délibération et de persuasion. Malgré leur omniprésence supposée, peu d’études en psychologie sociale se sont penchées sur ce processus. Les trois volets de cette thèse ont tenté de combler cette lacune en recourant à diverses méthodologies. Plusieurs études expérimentales nous ont d’abord permis d’investiguer si l’exposition à des analogies historiques influence les prédictions que posent les participants concernant des situations réelles incertaines. Les résultats montrent que l’effet, bien que de faible taille, tend à devenir plus fort à mesure que diminuent les connaissances actuelles des individus. Dans un second volet, au lieu de sélectionner a priori les analogies historiques, nous avons donné la possibilité aux répondant.e.s de générer leurs propres analogies et d’expliquer leurs choix dans des questionnaires récoltés en France, en Belgique et en Allemagne à la suite des deux attaques de 2015 en France. L’analyse des réponses ouvertes montre non seulement une grande diversité dans les manières de mettre en correspondance le présent et le passé – même lorsqu’il s’agit d’analogies avec le « même » événement (e.g. l’attaque du 11 septembre 2001) ;mais les participant.e.s utilisent de plus ces analogies pour formuler des arguments, plus ou moins implicites, par rapport à des débats actuels. Cette dimension argumentative dans l’usage des analogies historiques a été explorée plus avant dans un 3e volet. En analysant les articles du mois de mars 2014 relatifs à la crise de Crimée au sein de quatre journaux belges, nous avons relevé comment les individus s’y prennent pour établir des liens entre le passé et le présent, et comment ils procèdent pour les contester. Ensemble, les trois volets de cette thèse suggèrent que les personnes ordinaires, tout comme leurs homologues plus « experts », ne sont pas passives en utilisant les analogies historiques, mais participent activement, par leur biais, au processus éminemment politique de construction et de contestation des passé(s), présent(s) et futur(s). / Doctorat en Sciences psychologiques et de l'éducation / info:eu-repo/semantics/nonPublished

Psychologie sociale

Psychologie politique

Cognition sociale

Leçons du passé

Lessons of the past

Judgments and decision making

Jugements et prise de décision

Cognition sociale

Social cognition

Collective Memory

Mémoire collective

Crimean crisis

Crise de Crimée

Attaques de Paris

Paris attacks