Filter-resistant code injection on ARM

Code injection attacks are one of the most powerful and important classes of attacks on software. In these attacks, the attacker sends malicious input to a software application, where it is stored in memory. The malicious input is chosen in such a way that its representation in memory is also a valid representation of a machine code program that performs actions chosen by the attacker. The attacker then triggers a bug in the application to divert the control flow to this injected machine code. A typical action of the injected code is to launch a command interpreter shell, and hence the malicious input is often called shellcode. Attacks are usually performed against network facing applications, and such applications often perform validations or encodings on input. Hence, a typical hurdle for attackers, is that the shellcode has to pass one or more filtering methods before it is stored in the vulnerable application??s memory space. Clearly, for a code injection attack to succeed, the malicious input must survive such validations and transformations. Alphanumeric input (consisting only of letters and digits) is typically very robust for this purpose: it passes most filters and is untouched by most transformations. This paper studies the power of alphanumeric shellcode on the ARM architecture. It shows that the subset of ARM machine code programs that (when interpreted as data) consist only of alphanumerical characters is a Turing complete subset. This is a non-trivial result, as the number of instructions that consist only of alphanumeric characters is very limited. To craft useful exploit code (and to achieve Turing completeness), several tricks are needed, including the use of self-modifying code.     

Pollution source identification using a coupled diffusion model with a genetic algorithm

A new approach for the source quantification has been developed on the basis of real air pollutant hourly concentrations of SO₂, measured by three monitoring stations, during 9 h, around a group of three industrial sources. This inverse problem has been solved by coupling a direct model of diffusion (Pasquill’s Gaussian model) with a genetic algorithm, to search solutions leading to a minimum error between model outputs and measurements. The inversion performance depends on the relationship between the wind field and the configuration sources–receptors: good results are obtained when the monitoring stations are downwind from the sources, and in these cases, the order of magnitude of emissions is retrieved, sometimes with less than 10% error for at least two sources; there are some configurations (wind direction versus source and receptor locations) which do not permit to restore emissions. The latter situations reveal the need to conceive a specific network of sensors, taking into account the source locations and the most frequent weather patterns.     

Training visual attention in a naturalistic visual environment

The efficiency of training visual attention in the central and peripheral visual field was investigated by means of a visual detection task that was performed in a naturalistic visual environment including numerous, time-varying visual distractors. We investigated the minimum number of repetitions of the training required to obtain the top performance and whether intra-day training improved performance as efficiently as inter-day training. Additionally, our research aimed to find out whether exposure to a demanding task such as a microsurgical intervention may cancel out the effects of training.

Results showed that performance in visual attention peaked within three (for tasks in the central visual field) to seven (for tasks in the periphery) days subsequent to training. Intra-day training had no significant effect on performance. When attention training was administered after exposure to stress, improvement of attentional performance was more pronounced than when training was completed before the exposure. Our findings support the implementation of training in situ at work for more efficient results.

Practitioner Summary: Visual attention is important in an increasing number of workplaces, such as with surveillance, inspection, or driving. This study shows that it is possible to train visual attention efficiently within three to seven days. Because our study was executed in a naturalistic environment, training results are more likely to reflect the effects in the real workplace.     

Crossing textual and visual content in different application scenarios

This paper deals with multimedia information access. We propose two new approaches for hybrid text-image information processing that can be straightforwardly generalized to the more general multimodal scenario. Both approaches fall in the trans-media pseudo-relevance feedback category. Our first method proposes using a mixture model of the aggregate components, considering them as a single relevance concept. In our second approach, we define trans-media similarities as an aggregation of monomodal similarities between the elements of the aggregate and the new multimodal object. We also introduce the monomodal similarity measures for text and images that serve as basic components for both proposed trans-media similarities. We show how one can frame a large variety of problem in order to address them with the proposed techniques: image annotation or captioning, text illustration and multimedia retrieval and clustering. Finally, we present how these methods can be integrated in two applications: a travel blog assistant system and a tool for browsing the Wikipedia taking into account the multimedia nature of its content.

Permeability, porosity and pore geometry of hot-pressed calcite

Permeability may be altered in the Earth by plastic flow of the rock matrix. In order to better understand the relation between plastic flow and pore geometry, we measured the permeability of a suite of hot-pressed calcite samples with differing porosities. We found that the permeability dramatically decreased with decreasing porosity, particularly in the range of 10 to 4% total porosity. These results agree with a model for pore geometry changes during hot-pressing as previously developed for ceramics. Measurements of unconnected and interconnected porosity showed that the interconnected porosity virtually disappeared in samples with a total porosity of 4% or less. Scanning electron microscope observations showed that the porosity of samples above 10% total porosity were composed of large ‘spheroidal’ pores which were often connected by ‘tubular’ pores. During the last stage of hot-pressing, these ‘tubes’ are thought to collapse making the pore network disconnected.     

La structure cristalline de Ca4Fe9O17: Des feuillets “hexagonaux” d'octaedres FeO6 et de bipyramides FeO5 lies par des tetraedres FeO4

The new calcium ferrite Ca₄Fe₉O₁₇, belonging to the CaFe_2+nO_4+n family ($\text{n}\text{=}\text{1}\text{4}$), has not the same stacking process of “FeO” blocks in “CaFeO₄” blocks, as the others terms of the series.It crystallizes in the monoclinic system, space group C2 with the parameters: $\text{a}\text{= 10,441}\text{A}\text{?}$, $\text{b}\text{= 6,025}\text{A}\text{?}$, $\text{c}\text{= 11,384}\text{a}\text{?}$ and β = 98°80. Its structure is characterized by the presence of iron atoms in oxygen octahedra and trigonal based bipyramides stacking in hexagonal layers along $\text{c}$.These layers are linked by iron atoms on tetrahedral sites. Calcium atoms are hexagonaly located around each tetrahedron.     

Multi-month memory effects on early summer vegetative activity in semi-arid South Africa and their spatial heterogeneity

In semi-arid African regions (annual rainfall between 200 and 600 mm), variability of vegetative activity is mainly due to the rainfall of the current rainy season. In most of South Africa, the rainy season occurs from October to March. On average, vegetative activity lags rainfall by 1 to 2 months. The interannual variability in early summer (December to September) normalized difference vegetation index (NDVI) depends primarily on precipitation at the beginning (October to November) of the rainy season. However, once this primary control is removed, the residual interannual variability in NDVI highlights a double memory effect: a 1-year effect, referred to as Mem₁, and a 7- to 10-month effect, referred to as Mem₂. This article aims at better describing the influence of soil and vegetation characteristics on these two memory effects. The data sets used in this study are as follows: (1) a 19-year NDVI time series from National Oceanic and Atmospheric Administration (NOAA) satellites, (2) rainfall records from a network of 1160 rain-gauge stations compiled by the Water Research Commission (WRC), (3) vegetation types from Global Land Cover (GLC) 2000 and (4) soil characteristics from the soil and terrain database for Southern Africa (SOTERSAF). Results indicate that among 20–30% of NDVI variance that is not explained by the concurrent rainfall, one-third is explained by the two memory effects. Mem₁ is found to have maximum effect in the northwest of our study domain, near the Botswana boundary, in the South Kalahari. Associated conditions are open grasslands growing on Arenosols. Mem₁ is less important in the southeast, particularly in open grassland with shrubs growing on Cambisols. Thus, Mem₁ mainly depends on soil texture. Mem₂ is more widespread and its influence is the greatest in the centre, the south and the east of our domain. It is related to rainfall from January to April, which controls, beyond the intervening dry season, the interannual variations of NDVI (December to September) at the beginning of the next rainy season. Through these new findings, this article emphasizes again the high potential of remote-sensing techniques to monitor and understand the dynamics of semi-arid environments.     

Directional laser generation and detection of ultrasound with arrays of optical fibers

Some aspects of the generation and detection of ultrasound with laser beams are presented. The objective of the study is (1) to present some experimental results on the generation of ultrasound with an array of optical fibers, (2) to discuss the possibility of generating directional surface waves with acousto-optic scanning in a very narrow frequency band, thus increasing the signal-to-noise ratio, and (3) to discuss the feasibility of the directional detection of ultrasound by using an array of optical fibers as a receiver, also with the goal of increasing the signal-to-noise ratio.