Global ETD Search

111	IoT Security Assessment of a Home Security Camera Hjärne, Nina, Kols, Ida January 2021 (has links) The amount of IoT devices in society is increasing.With this increase there is an inherently higher risk of hackersexploiting the vulnerabilities of such a device, accessing sensitivepersonal information. The objective of this project was to assessthe security level of a home security camera through findingvulnerabilities and exploiting them. The method used for thiswas to analyze the system and its communication, threat modelthe system to identify threats, perform vulnerability analysisand exploit the vulnerabilities through penetration testing. Theattacks on the system did not succeed and the system wasdeclared secure in the vulnerability analysis. From the aspectstested in this project, it can be assumed that safety precautionshave been taken to secure the home security camera frommalicious hackers. / Antalet IoT-produkter i samhället ökar ochmed fler och fler uppkopplade produkter i våra hem ökarrisken att hackare utnyttjar produkters sårbarheter för ondaavsikter, till exempel för att komma åt känslig personlig data.Målet med det här projektet var att hitta sårbarheter i ensäkerhetskamera för hemmet, attackera dem och utifrån resultatetbedöma hur säker produkten är. Detta gjordes genomatt analysera systemet och dess kommunikation, göra en hotmodellför att identifiera hot, genomföra sårbarhetsanalys ochsedan penetrationstesta hoten. Hackningsattackerna misslyckadesoch produkten bedömdes som säker i sårbarhetsanalysen.Utifrån de aspekter som testades i projektet kunde det bedömasatt grundläggande säkerhetsåtgärder vidtagits för att skyddasäkerhetskameran från hackare. / Kandidatexjobb i elektroteknik 2021, KTH, Stockholm security camera cyber security ethical hacking vulnerabilities threats penetration testing IoT privacy Elektroteknik och elektronik
112	Implementation of a Trusted I/O Processor on a Nascent SoC-FPGA Based Flight Controller for Unmanned Aerial Systems Kini, Akshatha Jagannath 26 March 2018 (has links) Unmanned Aerial Systems (UAS) are aircraft without a human pilot on board. They are comprised of a ground-based autonomous or human operated control system, an unmanned aerial vehicle (UAV) and a communication, command and control (C3) link between the two systems. UAS are widely used in military warfare, wildfire mapping, aerial photography, etc primarily to collect and process large amounts of data. While they are highly efficient in data collection and processing, they are susceptible to software espionage and data manipulation. This research aims to provide a novel solution to enhance the security of the flight controller thereby contributing to a secure and robust UAS. The proposed solution begins by introducing a new technology in the domain of flight controllers and how it can be leveraged to overcome the limitations of current flight controllers. The idea is to decouple the applications running on the flight controller from the task of data validation. The authenticity of all external data processed by the flight controller can be checked without any additional overheads on the flight controller, allowing it to focus on more important tasks. To achieve this, we introduce an adjacent controller whose sole purpose is to verify the integrity of the sensor data. The controller is designed using minimal resources from the reconfigurable logic of an FPGA. The secondary I/O processor is implemented on an incipient Zynq SoC based flight controller. The soft-core microprocessor running on the configurable logic of the FPGA serves as a first level check on the sensor data coming into the flight controller thereby forming a trusted boundary layer. / Master of Science SoC Drone aircraft Field programmable gate arrays ZYNQ MicroBlaze autopilot ArduPilot ArduPlane GPS Mission Planner Sensor Vulnerabilities Mailbox
113	Computational frameworks to nominate context-specific vulnerabilities and therapeutic opportunities through pre-clinical Bladder Cancer models Cantore, Thomas 01 February 2024 (has links) During the past few decades, the landscape of available therapeutic interventions for cancer treatment has widely expanded, boosted mainly by immunotherapy progress and the precision oncology paradigm. The extensive use of pre-clinical models in cancer research has led to the discovery of new effective treatment options for patients. Despite the notable advancements, some cancer types have found minor benefits from the use of precision-oncology interventions. Characterized by a heterogeneous molecular landscape, bladder cancer is one of the most frequent cancer types in which standard-of- care treatments involve surgical operations accompanied by broad-spectrum chemotherapy. My research stems from the need for precision oncology interventions in bladder cancer and specifically focuses on the development of computational frameworks to guide the discovery of new therapeutic opportunities. This work first introduces the exploration of possible therapeutic interventions in 9p21.3 depleted bladder tumors through the analysis of an in-house large High-Content Drug Screening that tested 2,349 compounds. By combining cell count changes and morphological quantitative features extracted from fluorescence images, we nominate cytarabine as a putative candidate eliciting specific cytotoxic effects in an engineered 9p21.3 depleted bladder cancer model compared to an isogenic wild-type clone. Focusing on the development of computational methodologies to nominate robust context-specific vulnerabilities, I further describe PRODE (PROtein interactions informed Differential Essentiality), an analytical workflow that integrates protein-protein interaction data and Loss of Function screening data. I extensively tested PRODE against the most commonly used and alternative methodologies and demonstrated its superior performance when classifying reference essential and context-essential genes collected from experimental and literature sources. Furthermore, we applied PRODE to a real case scenario, seeking essential genes selectively in the context of HER2+ Breast Cancer tumors. Finally, I report the computational analyses performed on Patient-Derived Organoids (PDOs) established from a bladder cancer cohort. PDOs are demonstrated as informative models when assessing the therapeutic sensitivity of patients to drugs. Overall, this research highlights novel precision-oncology applications by ad-hoc computational analyses that address key open technical and biological challenges in the field of bladder cancer and beyond.
114	Rôle de la collaboration famille-école dans la relation entre les caractéristiques sociodémographiques des familles et les difficultés de comportement des enfants de maternelle Savard, Aurélie January 2016 (has links) Résumé : Les enfants de maternelle dont la préparation scolaire est limitée risquent de présenter des difficultés comportementales nuisibles à leur adaptation ultérieure. L’implication des parents à l’école, plus précisément la collaboration famille-école (CFE), peut représenter un facteur de protection favorisant l’adaptation de l’enfant tout au long de son parcours scolaire. Les écrits scientifiques suggèrent que la CFE jouerait un rôle important dans l’explication des difficultés de comportement, surtout auprès des enfants provenant de familles défavorisées. Cette étude porte sur le rôle de la CFE dans l’explication des difficultés de comportement intériorisé et extériorisé des enfants de maternelle qui présentaient des lacunes sur le plan de leur préparation scolaire. Les analyses de régression linéaire montrent que pour l’ensemble des familles de l’échantillon (n=47), plus il y a de communication entre le parent et l’enseignant, plus il y a présence de comportements extériorisés et intériorisés. Par contre, la CFE modère la relation entre un indice d’adversité constitué du cumul de cinq facteurs de risque sociodémographiques et les difficultés de comportement intériorisé. Ainsi, chez les familles défavorisées, une communication plus fréquente est associée à moins de comportements de type intériorisé. / Abstract : Children with limited school readiness are at risk for behavioral problems, which impact their school adjustment. Parents’ involvement in school, such as family-school partnership (FSP), may be a protective factor improving child's adaptation throughout their school career. Literature shows the important role of the FSP in reducing behavioral difficulties, especially for children from disadvantaged families. This study aims to explain child externalizing and internalizing behavior problems in kindergarten through FSP in children showing a limited school readiness. Linear regressions show that a frequent communication between the parent and the teacher is associate with a greater presence of externalizing and internalizing behaviors for the whole sample (n=47). However, FSP moderates the relationship between the demographics vulnerabilities and internalized child behavior problem in kindergarten. Indeed, for disadvantaged families, when there is a more frequent communication, children have less internalized behaviors. Collaboration famille-école Difficultés de comportement Adversité Problèmes de comportement Vulnérabilité Caractéristiques sociodémographiques Family-school partnership Behavior problem Adversity Vulnerabilities Demographic Behavior difficulties
115	Analyse de vulnérabilités et évaluation de systèmes de détection d'intrusions pour les applications Web. / Web applications vulnerability analysis and intrusion detection systems assessment Akrout, Rim 18 October 2012 (has links) Avec le développement croissant d’Internet, les applications Web sont devenues de plus en plus vulnérables et exposées à des attaques malveillantes pouvant porter atteinte à des propriétés essentielles telles que la confidentialité, l’intégrité ou la disponibilité des systèmes d’information. Pour faire face à ces malveillances, il est nécessaire de développer des mécanismes de protection et de test (pare-feu, système de détection d’intrusion, scanner Web, etc.) qui soient efficaces. La question qui se pose est comment évaluer l’efficacité de tels mécanismes et quels moyens peut-on mettre en oeuvre pour analyser leur capacité à détecter correctement des attaques contre les applications web.Dans cette thèse nous proposons une nouvelle méthode, basée sur des techniques de clustering de pages Web, qui permet d’identifier les vulnérabilités à partir de l’analyse selon une approche boîte noire de l’application cible. Chaque vulnérabilité identifiée est réellement exploitée ce qui permet de s’assurer que la vulnérabilité identifiée ne correspond pas à un faux positif. L’approche proposée permet également de mettre en évidence différents scénarios d’attaque potentiels incluant l’exploitation de plusieurs vulnérabilités successives en tenant compte explicitement des dépendances entre les vulnérabilités.Nous nous sommes intéressés plus particulièrement aux vulnérabilités de type injection de code, par exemple les injections SQL. Cette méthode s’est concrétisée par la mise en oeuvre d’un nouveau scanner de vulnérabilités et a été validée expérimentalement sur plusieurs exemples d’applications vulnérables. Nous avons aussi développé une plateforme expérimentale intégrant le nouveau scanner de vulnérabilités, qui est destinée à évaluer l’efficacité de systèmes de détection d’intrusions pour des applications Web dans un contexte qui soit représentatif des menaces auxquelles ces applications seront confrontées en opération. Cette plateforme intègre plusieurs outils qui ont été conçus pour automatiser le plus possible les campagnes d’évaluation. Cette plateforme a été utilisée en particulier pour évaluer deux techniques de détection d’intrusions développées par nos partenaires dans le cadre d’un projet de coopération financé par l’ANR, le projet DALI. / With the increasing development of Internet, Web applications have become increasingly vulnerable and exposed to malicious attacks that could affect essential properties such as confidentiality, integrity or availability of information systems. To cope with these threats, it is necessary to develop efficient security protection mechanisms and testing techniques (firewall, intrusion detection system,Web scanner, etc..). The question that arises is how to evaluate the effectiveness of such mechanisms and what means can be implemented to analyze their ability to correctly detect attacks against Webapplications.This thesis presents a new methodology, based on web pages clustering, that is aimed at identifying the vulnerabilities of a Web application following a black box analysis of the target application. Each identified vulnerability is actually exploited to ensure that the identified vulnerability does not correspond to a false positive. The proposed approach can also highlight different potential attack scenarios including the exploitation of several successive vulnerabilities, taking into account explicitly the dependencies between these vulnerabilities. We have focused in particular on code injection vulnerabilities, such asSQL injections. The proposed method led to the development of a new Web vulnerability scanner and has been validated experimentally based on various vulnerable applications.We have also developed an experimental platform integrating the new web vulnerability scanner, that is aimed at assessing the effectiveness of Web applications intrusion detection systems, in a context that is representative of the threats that such applications face in operation. This platform integrates several tools that are designed to automate as much as possible the evaluation campaigns. It has been used in particular to evaluate the effectiveness of two intrusion detection techniques that have been developed by our partners of the collaborative project DALI, funded by the ANR, the French National Research Agency Système de détection d’intrusions Scanner Web Application Web Attaque et vulnérabilités Évaluation Web vulnerability scanners Web applications Web attacks Vulnerabilities Evaluation Ntrusion detection System 005
116	AUXÍLIO-RECLUSÃO Um olhar a partir dos sujeitos encarcerados, seus familiares e técnicos do sistema prisional Bonini, Rejane Maria Nalério 28 February 2011 (has links) Made available in DSpace on 2016-03-22T17:26:26Z (GMT). No. of bitstreams: 1 rejane1].pdf: 865016 bytes, checksum: 4b625b8e4fd332e5ed87a5323eb4128d (MD5) Previous issue date: 2011-02-28 / Social welfare s detention auxiliary benefit, as an instrument of social protection, is on the Brazilian Federal Constitution, aimed at the ones who depend on the beneficiary who is in prison and, therefore, cannot provide his family s subsistence. Historical changes in western societies highlighted the drastic increase of the imprisoned population, with the correlated amplification of families and individuals vulnerabilities. As a mechanism to face institutional, social and penal vulnerabilities, a study on the detention auxiliary benefit was accomplished, in order to search for the meaning attributed by individuals and their families under a state protection policy. Another highlighted aspect is the perception of technicians referring to the benefit and their performance in their operations. In this perspective, the study promotes visibility to the expropriation imposed to actors in imprisonment context, to the alienation of law and the importance of the detention auxiliary benefit to families and individuals for the rescue of dignity and citizenship / O benefício previdenciário auxílio-reclusão, como um instrumento de proteção social, está previsto na Constituição Federal Brasileira, destinado aos dependentes do segurado recolhido à prisão e impossibilitado de prover a subsistência de sua família. As mudanças ocorridas historicamente nas sociedades ocidentais marcaram o drástico aumento da população carcerária, com a correlata ampliação das vulnerabilidades das famílias e dos indivíduos. Como mecanismo de enfrentamento das vulnerabilidades institucional, social e penal foi realizado um estudo acerca do benefício auxílio-reclusão, com o objetivo de buscar o significado que os indivíduos e as famílias lhe atribuem sob o referencial de uma política de proteção do Estado. Outro aspecto destacado é a percepção dos técnicos acerca do benefício e atuação na sua operacionalidade. Nesse sentido o estudo dá visibilidade às desapropriações que são impostas aos atores no contexto de encarceramento, às diversas alienações do direito e a importância do auxílio-reclusão para as famílias e indivíduos no resgate da dignidade e cidadania Proteção Social Política de Previdência Social Vulnerabilidades Auxílio-reclusão Social welfare Politcs of Social Security Vulnerabilities Detention auxiliary benefit CNPQ::CIENCIAS SOCIAIS APLICADAS
117	Psicologia na Escola e rede de prote??o ? inf?ncia e adolesc?ncia: enfrentando vulnerabilidades / School Psychology and childhood and adolescence protection network: facing vulnerabilities Dias, Carolina Nascimento 14 February 2017 (has links) Submitted by SBI Biblioteca Digital (sbi.bibliotecadigital@puc-campinas.edu.br) on 2017-04-07T12:43:48Z No. of bitstreams: 1 CAROLINA NASCIMENTO DIAS.pdf: 3650487 bytes, checksum: 5d87f328d4db538c054ae394b216ede4 (MD5) / Made available in DSpace on 2017-04-07T12:43:48Z (GMT). No. of bitstreams: 1 CAROLINA NASCIMENTO DIAS.pdf: 3650487 bytes, checksum: 5d87f328d4db538c054ae394b216ede4 (MD5) Previous issue date: 2017-02-14 / Conselho Nacional de Pesquisa e Desenvolvimento Cient?fico e Tecnol?gico - CNPq / This study deals with the relation between full-time public school and the childhood and adolescence network protection in the northeast region in Campinas, Brazil. This research?s goal is to investigate how this relation happens and what is the school psychology?s role when facing this scenario. Starting from the comprehension concerning social politics and the need of children and adolescents? full protection and considering them as human beings with rights, we aim at discourse about politics? intersectoriality, thus the network may act by means of breaking with the vulnerabilities concerning children and their families. Based on the studies from the Critical Psychology and the Dialectical Historic Materialism we have been present at the school and the community through the ECOAR Project ? Convenience Action and Reflection Space. The region?s mapping was made to delimit the existing services on the territory, also there were conversations with teachers and managers, observation on the TDCs (Collective Teacher Work), there were meetings with the families and the protection network, analysis of student?s folders who are accompanied by some network service and interviews with the Pedagogical Counsellor at the school. All the procedures previously described were registered in diaries by the ECOAR team and the data was considered by means of constructive-interpretative analysis. The results found from the sources analyzed showed a disarticulation inside the network, the existence of a pathologizing and medicalized culture in the services, the tendency of blaming families for children?s conditions and at last the need for changes inside the institutions so it will be possible to have intersectoral articulation. We understand that in this scenario, school psychology acting possibilities are diverse, as long as professionals in this area are aware of the contractions on the capitalist system and by doing so they adopt practices based on cooperation and dialogues, aiming at enhancing each other and adding up efforts to build, together, an education capable to dialogue with life demands from Brazilian population. / O presente trabalho aborda a rela??o entre uma escola p?blica de educa??o integral e os demais equipamentos da rede de prote??o ? inf?ncia e adolesc?ncia na regi?o noroeste de Campinas, tendo como objetivo de pesquisa analisar como acontece essa rela??o. A partir da compreens?o acerca das pol?ticas sociais e da necessidade de prote??o integral das crian?as e adolescentes, considerando-os como seres de direitos, discorremos sobre a intersetorialidade das pol?ticas para que a rede atue de forma a romper com a vulnerabilidade das crian?as e suas fam?lias. Partindo das contribui??es da Psicologia Cr?tica e do Materialismo Hist?rico Dial?tico, estivemos presente na escola e na comunidade por meio do Projeto ECOAR ? Espa?o de Conviv?ncia A??o e Reflex?o. Foi realizado mapeamento da regi?o, demarcando os servi?os existentes no territ?rio, conversas com professores e gestores, presen?a nos TDCs (Trabalho Docente Coletivo), reuni?es com fam?lias e com profissionais da rede de prote??o, an?lise das pastas de estudantes que s?o acompanhados por algum servi?o da rede e entrevista com o Orientador Pedag?gico da escola. Todos os procedimentos descritos foram registrados em di?rios de campo pela equipe do ECOAR e os dados foram considerados por meio da an?lise construtivo-interpretativa. Os resultados encontrados a partir da an?lise das fontes demonstraram a desarticula??o da rede, a exist?ncia de uma cultura patologizante e medicalizante nos servi?os, a tend?ncia em se responsabilizar as fam?lias pelas condi??es das crian?as e a necessidade de que haja mudan?as no cotidiano das institui??es para que a articula??o intersetorial aconte?a. Percebemos que as possibilidades de atua??o da psicologia escolar diante deste cen?rio s?o diversas, desde que, cientes das contradi??es presente no sistema capitalista, adotemos pr?ticas baseadas na coopera??o e di?logo, visando fortalecermos uns aos outros e somando esfor?os para construirmos, juntos, uma educa??o que dialogue com as demandas de vida da popula??o brasileira.
118	Intervenções assistidas por animais com crianças em contextos de vulnerabilidade social: utilizando o método photovoice / Assisted interventions by animals with children in contexts of social vulnerability: using the method photovoice Pereira, Viviane Ribeiro 20 January 2017 (has links) Submitted by Aline Batista (alinehb.ufpel@gmail.com) on 2018-03-29T14:52:26Z No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Dissertacao_Viviane_Ribeiro_Pereira.pdf: 4549226 bytes, checksum: e19206a1b56da2d23bb09ecb54f31a4a (MD5) / Made available in DSpace on 2018-04-03T18:42:11Z (GMT). No. of bitstreams: 2 Dissertacao_Viviane_Ribeiro_Pereira.pdf: 4549226 bytes, checksum: e19206a1b56da2d23bb09ecb54f31a4a (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Previous issue date: 2017-01-20 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - CAPES / O presente estudo objetivou compreender as contribuições das Intervenções Assistidas por Animais (IAAS) na percepção da criança em contextos de vulnerabilidade social, por meio do método photovoice. Neste estudo, entende-se “crianças em vulnerabilidade social” as vítimas de abandono, violência física, psicológica, e emocional. Trata-se de uma esquisa participativa de abordagem qualitativa, realizada em uma escola pública da rede municipal de ensino da cidade de Pelotas, no estado do Rio Grande do Sul/Brasil. As atividades lúdicas com os cães foram desenvolvidas no espaço escolar (quadra de esportes). Os participantes deste estudo foram cinco crianças, na faixa etária entre 6 e 9 anos, cursando do 1º ao 4º ano do ensino fundamental. Os cães fazem parte do Projeto de Extensão do Curso de Medicina Veterinária da Universidade Federal de Pelotas/UFPel, conhecido na comunidade como Projeto Pet Terapia, com aprovação no COCEPE sob nº 52702026. A coleta de dados ocorreu entre os meses de junho e julho de 2016. Foi utilizado o método photovoice, que possibilitou aos participantes fazerem registros de suas percepções em relação às IAAS através da foto. A escolha desta metodologia se deu por entender-se que as crianças precisam ser vistas e ouvidas nas pesquisas, possibilitando que ganhem voz através das suas narrativas visuais. Para analisar os dados, utilizou-se a Análise Temática, da qual emergiu o tema: “O olhar da criança sobre a intervenção lúdica com os cães”. A metodologia empregada permitiu que a criança pudesse externalizar seus medos e anseios de forma descontraída, lúdica e divertida, por meio do ato de fotografar. O photovoice mostrou ser um instrumento valioso para estudos cujo o objetivo é tornar a criança protagonista de suas histórias de vida. Constatou- se que as IAAS, aliadas ao método photovoice, elevou a autoestima e a autoconfiança das crianças, observado durante os momentos de brincadeiras entre elas e os cães. Acariciar e afagar o cão foi um incremento importante para a redução do estresse e da ansiedade. A presença dele promoveu um conforto emocional e atmosfera acolhedora. Além de estimular o vínculo de amizade entre o grupo, melhorou a relação com seus pares. Neste sentido, pretende-se com os resultados obtidos neste estudo contribuir para divulgação desta abordagem terapêutica e apoiar a sua utilização como uma forma eficiente e inovadora, para promover as ações de cuidado à saúde de crianças em contextos de vulnerabilidade social. / The present study aimed to understand the contributions of Assisted Interventions by animals (AIA) in the perception of the child in contexts of social vulnerability, through photovoice method. In this study, “children with social vulnerability” are considered the victims of abandonment, physical, psychological and emotional violence. It is a Qualitative participatory research, realized in a public school of the municipal school of Pelotas, in the State of Rio Grande do Sul/Brazil. Playful activities with the dogs were developed in the school space (sports court). The participants of this study, there were five children, aged between 6 and 9 years, studying from 1st to 4th year of elementary school. The dogs are part of the extension project of the Veterinary Medicine course at the Federal University of Pelotas/UFPel, known in the community as project Pet therapy, with approval in COCEPE number 52702026. Data collection happen between the months of June/July 2016, we used the photovoice method, which enabled the participants make records of their perceptions about the IAAS via the photo. The choice of this methodology took place since we understand that children need to be seen and heard on the research, this method enables they win voice through their visual narratives. To analyze the date using the thematic analysis, from which emerged the theme: “The look of the child about the playful intervention with dog”. The methodology employed allowed the child could outsource their fears and desires so relaxed, playful and fun, through the Act of shooting. The photovoice method increased the self-esteem and self-confidence of children, observed during the moments of banter between them and dogs. Caressing and stroking the dog was an important increment to the reduction of stress and anxiety, his presence promoted a emotional comfort and cozy atmosphere, besides stimulating the bond of friendship between the group, improved relationship with their peers. In this sense it is intended with results obtained in this study contribute to dissemination of this therapeutic approach and support its use as a efficient and innovative contributions to promote the actions of the health care of children in contexts of social vulnerability. CNPQ::CIENCIAS DA SAUDE::ENFERMAGEM Pesquisa em Enfermagem Intervenção assistida por animais Pesquisas com crianças Vulnerabilidade social Nursing research Animal-assists intervention Research with children Social vulnerabilities
119	On Self-Declared Caliph Ibrahim’s December 2015 Speech: Further Evidence for Critical Vulnerabilities in the Crumbling Caliphate Kamolnick, Paul 02 January 2016 (has links) Excerpt: On December 26, 2015 a 24-minute audio message was released by the Islamic State Organization’s (ISO) official media arm al-Furqan. caliphate Caliph Ibrahim critical vulnerabilities evidence islamic state organization ISO speech Sociology and Anthropology American Politics International Relations Near and Middle Eastern Studies Terrorism Studies Theory, Knowledge and Science
120	Ontological lockdown assessment : a thesis presented in partial fulfilment of the requirements for the degree of Master of Science in Information Technology at Massey University, Palmerston North, New Zealand Steele, Aaron January 2008 (has links) In order to keep shared access computers secure and stable system administrators resort to locking down the computing environment in order to prevent intentional and unintentional damage by users. Skilled attackers are often able to break out of locked down computing environments and intentionally misuse shared access computers. This misuse has resulted in cases of mass identity theft and fraud, some of which have had an estimated cost ranging in millions. In order to determine if it is possible to break out of locked down computing environments an assessment method is required. Although a number of vulnerability assessment techniques exist, none of the existing techniques are sufficient for assessing locked down shared access computers. This is due to the existing techniques focusing on traditional, application specific, software vulnerabilities. Break out path vulnerabilities (which are exploited by attackers in order to break out of locked down environments) differ substantially from traditional vulnerabilities, and as a consequence are not easily discovered using existing techniques. Ontologies can be thought of as a modelling technique that can be used to capture expert knowledge about a domain of interest. The method for discovering break out paths in locked down computers can be considered expert knowledge in the domain of shared access computer security. This research proposes an ontology based assessment process for discovering break out path vulnerabilities in locked down shared access computers. The proposed approach is called the ontological lockdown assessment process. The ontological lockdown assessment process is implemented against a real world system and successfully identifies numerous break out path vulnerabilities. computer security computer vulnerability break-out path vulnerabilities shared access

Search results