Sexual attraction to exploitability

Goetz, Cari Debora

23 June 2014

This research explores the relationship between sexual exploitability and sexual attractiveness. Sexual exploitability describes the ease with which a woman could be pressured, deceived, or coerced into sex, or sexually assaulted. Study 1 documented novel cues to sexual exploitability. Moreover, men found women displaying these cues to be attractive as short-term mates, supporting the hypothesis that men’s attraction functions to motivate the pursuit of sexually accessible women. In Study 2, it was determined that women also perceived other women who displayed cues to exploitability as sexually attractive to men. Because displaying exploitability enhances a woman’s sexual attractiveness, women may have co-evolved mate attraction mechanisms designed to capitalize on this feature of male sexual psychology. In Study 3, it was hypothesized that three individual differences would predict which women would be more likely to signal exploitability as a mate attraction tactic: propensity towards short-term mating, relationship status, and self-perceived mate value. Women self-reported their likelihood of using mate attraction tactics involving the intentional display of exploitability cues. Women inclined toward casual sex were more likely to report using such tactics. In Study 4, a separate set of female participants made a hypothetical video dating profile to provide a record of their actual behavior in a mate attraction scenario. Women inclined toward short-term mating and high in the personality characteristic of Openness to Experience were more likely than their female counterparts to display exploitability cues in their videos. These convergent results across studies support the hypothesis that women pursuing short-term mating capitalize on the relationship between exploitability and attractiveness to achieve their mating goals. Results from these studies expand our knowledge of sexual exploitability and mate attraction. Documentation of a comprehensive list of cues to exploitability expands our knowledge of potential predictors of sexual victimization. Identification of individual differences that predict which women may functionally display exploitability cues increases our understanding of which women may be at greater risk for sexual exploitation. / text

Mating

Sexual attraction

Exploitability

Finding the needle in the heap : combining binary analysis techniques to trigger use-after-free / Analyses de code binaire pour la détection et le déclenchement de use-after-free

Feist, Josselin

29 March 2017

La sécurité des systèmes est devenue un élément majeur du développement logicielle, pour les éditeurs, les utilisateurs et les agences gouvernementales. Un problème récurrent est la détection de vulnérabilités, qui consiste à détecter les bugs qui pourraient permettre à un attaquant de gagner des privilèges non prévues, comme la lecture ou l’écriture de donnée sensible, voir même l’exécution de code non autorisé. Cette thèse propose une approche pratique pour la détection d’une vulnérabilité particulière : le use-after-free, qui apparaît quand un élément du tas est utilisé après avoir été libéré. Cette vulnérabilité a été utilisé dans de nombreux exploits, et est, de par sa nature, difficile à détecter. Les problèmes récurrents pour sa détection sont, par exemple, le fait que les éléments déclenchant la vulnérabilité peuvent être répartis à de grande distance dans le code, le besoin de raisonner sur l’allocateur mémoire, ou bien la manipulation de pointeurs. L’approche proposé consiste en deux étapes. Premièrement, une analyse statique, basée sur une analyse légère, mais non sûre, appelé GUEB, permet de traquer les accès mémoire ainsi que l’état des éléments du tas (alloué / libéré / utilisé) . Cette analyse mène à un slice de programme contenant de potentiel use-after-free. La seconde étape vient alors confirmer ou non la présence de vulnérabilité dans ces slices, et est basée sur un moteur d'exécution symbolique guidé, développé dans la plateforme Binsec. Ce moteur permet de générer des entrées du programme réel déclenchant un use-after-free. Cette combinaison s’est montré performante en pratique et a permis de détecter plusieurs use-after-free qui étaient précédemment inconnu dans plusieurs codes réels. L’implémentation des outils est disponible en open-source et fonctionne sur du code x86. / Security is becoming a major concern in software development, both for software editors, end-users, and government agencies. A typical problem is vulnerability detection, which consists in finding in a code bugs able to let an attacker gain some unforeseen privileges like reading or writing sensible data, or even hijacking the program execution.This thesis proposes a practical approach to detect a specific kind of vulnerability, called use-after-free, occurring when a heap memory block is accessed after being freed. Such vulnerabilities have lead to numerous exploits (in particular against web browsers), and they are difficult to detect since they may involve several distant events in the code (allocating, freeingand accessing a memory block).The approach proposed consists in two steps. First, a coarse-grain and unsound binary level static analysis, called GUEB, allows to track heap memory blocks operation (allocation, free, and use). This leads to a program slice containing potential use-after-free. Then, a dedicated guided dynamic symbolic execution, developed within the Binsec plateform, is used to retrieve concreteprogram inputs aiming to trigger these use-after-free. This combination happened to be be effective in practice and allowed to detect several unknown vulnerabilities in real-life code. The implementation is available as an open-source tool-chain operating on x86 binary code.

Vulnérabilité

Exploitabilité

Dynamique

Tas

Binaire

Vulnerability

Exploitability

Dynamic

Heap

Binary

004

The exploitability of pegmatite deposits in the lower Orange River area (Vioolsdrif - Henkries - Steinkopf)

Minnaar, Hendrik

21 February 2007

This study aims to investigate the exploitability of the pegmatite deposits in the lower Orange River area, situated between the settlements of Vioolsdrif, Henkries and Steinkopf in the Northern Province, in the light of current methods of financial analysis. A summary of the prevailing ore deposit model and a description of the geology are presented, and a financial analysis is undertaken taking into account the resources, current market conditions, and the legal requirements associated with a mining venture on the pegmatite bodies. The most acceptable ore deposit model for the formation of pegmatites currently presents the pegmatite body as the final stage of crystallization of a cooling magma (Cerny, 1998a). Recent studies suggest that the crystallization of the pegmatite occur at an unexpectedly fast rate by the working of undercooling, in which the rate of cooling exceeds the rate of crystallization (London, 2005). The pegmatites of the study area are mostly developed in granites of the Vioolsdrif Suite, in a post-orogenic tectonic setting and in many respects, fit well into the model of Ginsburg et al. (1979). Although resources are difficult to estimate, it can be said that individual pegmatite bodies in the study area host reserves of up to 50 Mt of pegmatite ore. The markets for feldspar, currently the primary commodity in pegmatites, show an increase in price and a positive outlook for the future. Legal requirements (licensing) are rigorous, under the new Act even more so than under the old, especially with regard to environmental issues. A financial analysis suggests that, although mining operations on pegmatite bodies are highly sensitive to changes in commodity prices, revenue and fuel-related expenses, they are feasible under the current market conditions. Zebrakop pegmatite is identified in this study as a potential target for the exploitation of a homogeneous pegmatite, coupled with the necessary development of bulk mining methods and a beneficiation plant. / Dissertation (MSc)--University of Pretoria, 2007. / Geology / Unrestricted

Henkries

Steinkopf

Deposits

Pegmatite

Exploitability

Area

Orange river

Settlements

Vioolsdrif

Lower

UCTD

Critical Substation Risk Assessment and Mitigation

Delport, Jacques

01 June 2018

Substations are joints in the power system that represent nodes that are vital to stable and reliable operation of the power system. They contrast the rest of the power system in that they are a dense combination of critical components causing all of them to be simultaneously vulnerable to one isolated incident: weather, attack, or other common failure modes. Undoubtedly, the loss of these vital links will have a severe impact to the to the power grid to varying degrees. This work creates a cascading model based on protection system misoperations to estimate system risk from loss-of-substation events in order to assess each substation's criticality. A continuation power flow method is utilized for estimating voltage collapse during cascades. Transient stability is included through the use of a supervised machine learning algorithm called random forests. These forests allow for fast, robust and accurate prediction of transient stability during loss-of-substation initiated cascades. Substation risk indices are incorporated into a preventative optimal power flow (OPF) to reduce the risk of critical substations. This risk-based dispatch represents an easily scalable, robust algorithm for reducing risk associated with substation losses. This new dispatch allows operators to operate at a higher cost operating point for short periods in which substations may likely be lost, such as large weather events, likely attacks, etc. and significantly reduce system risk associated with those losses. System risk is then studied considering the interaction of a power grid utility trying to protect their critical substations under a constrained budget and a potential attacker with insider information on critical substations. This is studied under a zero-sum game theoretic framework in which the utility is trying to confuse the attacker. A model is then developed to analyze how a utility may create a robust strategy of protection that cannot be heavily exploited while taking advantage of any mistakes potential attackers may make. / Ph. D.

critical substations

substation risk

system risk

cascading

hidden failures

misoperations

importance sampling

stability prediction

optimal power flow

game theory

restricted nash response

exploitation

exploitability