WebRTC introduces new security considerations for real-time communications. The document discusses various VoIP attacks that could impact WebRTC like denial of service, fraud, and illegal interception. It also examines vulnerabilities from accessing devices, signaling sent in plain text, and cross protocol attacks. The presentation recommends using TLS for signaling, getting user permission for devices, DTLS-SRTP for media encryption, and identity management through providers. Integrating WebRTC with IMS can leverage the authentication of IMS subscriptions for web credentials.
Ewes can experience several pregnancy problems including pregnancy toxemia, hypocalcemia (milk fever), and hypomagnesaemia (grass staggers). Pregnancy toxemia occurs when ewes do not receive enough nutrition in the last weeks of pregnancy. Hypocalcemia is caused by stress lowering blood calcium levels in late pregnancy. Hypomagnesaemia results from ewes consuming fast-growing spring grass low in magnesium. Treatment for these conditions involves calcium or magnesium supplementation through intravenous or subcutaneous injections.
This document provides an overview of a presentation about quick stack building using AWS CDK and infrastructure as code. The presentation introduces AWS CDK and infrastructure as code, discusses CloudFormation and CDK, and provides tips. Slides from the presentation will be made available online later.
Native out-of-memory errors happen when a Java application runs out of memory, not in the Java object heap but outside it. The cause may be memory use for native libraries, class loading, multithreading, working data for the Java VM, backing storage for Java objects, or other reasons. No single tool can give you all the answers, and we need to cross-reference information from multiple sources to isolate a problem. Operating system tools, Java dumps, logs, and debuggers all provide useful perspectives, and your challenge is to line them up to see the whole picture. This session works through the tools and data available on the main server platforms to give you a repeatable framework for native out-of-memory error debug.
The document provides an overview of microbiology, including:
- Microbes are microscopic life forms that require magnification to view and come in various forms.
- Key figures like Hooke, van Leeuwenhoek, Redi, Pasteur, Lister, Koch, and Jenner helped prove that microbes cause disease and establish germ theory through experiments.
- Diseases can be infectious, caused by microbes entering the body, or chronic illnesses like cancer. While antibiotics reduced infectious diseases, new drug-resistant strains continue to emerge.
Docker is an open platform for developing, shipping, and running applications. It allows separating applications from infrastructure and treating infrastructure like code. Docker provides lightweight containers that package code and dependencies together. The Docker architecture includes images that act as templates for containers, a client-server model with a daemon, and registries for storing images. Key components that enable containers are namespaces, cgroups, and capabilities. The Docker ecosystem includes services like Docker Hub, Docker Swarm for clustering, and Docker Compose for orchestration.
This document introduces Flutter, an open-source framework for building cross-platform apps. It notes that with Flutter, developers can write code once and deploy their apps to Android, iOS, web, and Windows from the same codebase. Some key advantages of Flutter mentioned include hot reload for quick editing, a single codebase, direct compilation to machine code, and fast performance. The document also provides examples of packages that can be used to add features like login functionality, build a chess game, work with images and videos, generate QR codes, and share content. It lists some major companies that use Flutter and suggests getting an internship to gain experience with Flutter.
Ewes can experience several pregnancy problems including pregnancy toxemia, hypocalcemia (milk fever), and hypomagnesaemia (grass staggers). Pregnancy toxemia occurs when ewes do not receive enough nutrition in the last weeks of pregnancy. Hypocalcemia is caused by stress lowering blood calcium levels in late pregnancy. Hypomagnesaemia results from ewes consuming fast-growing spring grass low in magnesium. Treatment for these conditions involves calcium or magnesium supplementation through intravenous or subcutaneous injections.
This document provides an overview of a presentation about quick stack building using AWS CDK and infrastructure as code. The presentation introduces AWS CDK and infrastructure as code, discusses CloudFormation and CDK, and provides tips. Slides from the presentation will be made available online later.
Native out-of-memory errors happen when a Java application runs out of memory, not in the Java object heap but outside it. The cause may be memory use for native libraries, class loading, multithreading, working data for the Java VM, backing storage for Java objects, or other reasons. No single tool can give you all the answers, and we need to cross-reference information from multiple sources to isolate a problem. Operating system tools, Java dumps, logs, and debuggers all provide useful perspectives, and your challenge is to line them up to see the whole picture. This session works through the tools and data available on the main server platforms to give you a repeatable framework for native out-of-memory error debug.
The document provides an overview of microbiology, including:
- Microbes are microscopic life forms that require magnification to view and come in various forms.
- Key figures like Hooke, van Leeuwenhoek, Redi, Pasteur, Lister, Koch, and Jenner helped prove that microbes cause disease and establish germ theory through experiments.
- Diseases can be infectious, caused by microbes entering the body, or chronic illnesses like cancer. While antibiotics reduced infectious diseases, new drug-resistant strains continue to emerge.
Docker is an open platform for developing, shipping, and running applications. It allows separating applications from infrastructure and treating infrastructure like code. Docker provides lightweight containers that package code and dependencies together. The Docker architecture includes images that act as templates for containers, a client-server model with a daemon, and registries for storing images. Key components that enable containers are namespaces, cgroups, and capabilities. The Docker ecosystem includes services like Docker Hub, Docker Swarm for clustering, and Docker Compose for orchestration.
This document introduces Flutter, an open-source framework for building cross-platform apps. It notes that with Flutter, developers can write code once and deploy their apps to Android, iOS, web, and Windows from the same codebase. Some key advantages of Flutter mentioned include hot reload for quick editing, a single codebase, direct compilation to machine code, and fast performance. The document also provides examples of packages that can be used to add features like login functionality, build a chess game, work with images and videos, generate QR codes, and share content. It lists some major companies that use Flutter and suggests getting an internship to gain experience with Flutter.
Conferencia de Santiago Troncoso expuesta en la última edición de VoIP2DAY en la que nos explica cómo WebRTC hereda todas las amenazas de los servicios VoIP tradicionales junto con los ataques web existentes y nos da algunas claves sobre cómo mantener la seguridad de los servicios.
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"Quobis
WebRTC inherits all the threats of traditional VoIP services together with existing web attacks. In this session Antón Román will explain this together with ad-hoc WebRTC attacks and ways to deal with Identity and keep the services secure.
- VoIP attacks Denial of service. Fraud. Illegal interception. Illegal control.
- Adhoc WebRTC attacks: malicious HTML code. Webservers. Forced DoS. Cam/mic control. Etc.
- Protection: Role of border elements (SBC, media gateways,...). WebRTC Portal and web servers. Browser mechanisms
- Identity Management: Anonymous calls. OpenID and third parties. Telco identity. Real implementations
This document provides an overview of distributed denial of service (DDoS) attacks, including how they work, common techniques used, and strategies for mitigating them. It defines DDoS attacks as attempts to exhaust the resources of networks, applications, or services to deny access to legitimate users. The document discusses how botnets are commonly used to launch large-scale DDoS attacks from multiple sources simultaneously. It also outlines best practices for selecting DDoS protection devices, emphasizing the importance of up-to-date detection techniques, low latency, and customized hardware-based logic to withstand major attacks.
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
The document discusses security technologies for the Wireless Application Protocol (WAP), including:
- WAP 1.0 and 2.0 protocol stacks and their use of WTLS and TLS for secure communication
- WTLS limitations and enhancements like WPKI, WAPCert, and TLS over HTTP in WAP 2.0
- Information security technologies like WMLScript Crypto and the Wireless Identity Module (WIM) for digital signatures and credential storage
WebRTC allows for real-time communication through a web browser or mobile app using audio, video, and data without requiring a centralized server. It works by using STUN and TURN servers to handle signaling and traverse NATs to establish a direct peer-to-peer connection when possible. WebRTC implements encryption and permissions to help secure access to devices and media streams, though vulnerabilities still exist around stolen credentials and unverified certificates. It supports advanced features like simulcast for adaptive streaming and SFUs for flexible multi-party video routing.
This document is a security glossary from Razorpoint Security Technologies containing definitions of common security, hacking, and technology terms. It was last updated on January 9, 2006 and contains copyright information. The glossary contains over 150 terms spanning operating systems, networks, and technologies to help people understand the latest security terminology. If the reader has any other terms they would like defined, they can contact Razorpoint Security.
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...Sandro Gauci
WebRTC is often considered to be secure by default - with most security concerns being around IP address leakage which is more of a privacy issue than anything. Well, I have news for you - the applications and infrastructure that handles WebRTC can be attacked. It may indeed have various types of security vulnerabilities which are often overlooked. This presentation is based on experiences gained through security testing of WebRTC applications with anecdotal stories to illustrate the dangers. We will also take a peek at Video Delivery mechanisms such as RIST and SRT and discuss what could possibly go wrong there too!
The document describes a WebRTC gateway product that connects browser-based telephony using WebRTC standards to traditional VoIP networks and devices using SIP. The gateway allows users on any WebRTC-supported browser to make audio and video calls to SIP phones and networks, integrating browser communication into web applications without APIs or SDKs. It also provides security features like TLS encryption for calls between browsers and the gateway. The gateway can be quickly deployed on cloud platforms like Amazon Web Services.
This document discusses security issues and solutions related to Voice over IP (VoIP) systems. It begins with an introduction to VoIP and how it works, describing the protocols used including SIP, H.323, MGCP and RTP. It then outlines various security attacks on VoIP systems such as eavesdropping, denial of service attacks, and masquerading. Finally, it discusses approaches to enhancing VoIP security, including using encryption, firewalls, authentication, and secure protocols like SRTP.
The document discusses Internet of Things (IoT) security challenges and countermeasures. It begins with basics of IoT and sensors, then discusses how IoT connects to the internet. It outlines several approaches to securing IoT, including restricted access, encryption of network and data, managing default APIs, addressing human elements of security, and learning from past exploits. Specific threats like denial of service attacks, man-in-the-middle attacks, and brute force/dictionary attacks are examined. The document concludes that IoT security design must enable open yet secure infrastructure while respecting user privacy through individual policies.
The document discusses securing remote access connections by using a virtual private network (VPN) with Windows Server 2012 R2's Routing and Remote Access feature. It will use Extensible Authentication Protocol-Transport Level Security (EAP-TLS) and smartcards for authentication to encrypt traffic and securely connect remote users to the network. The goal is to properly secure these connections to provide end users with secure access to potentially sensitive company data and resources from outside the office.
The document discusses the formation of an IoT Security Task Force by the IoT Forum and CISO Platform to develop threat models, controls, and arrangements to improve IoT security. It proposes a "SECURENET" concept involving managed security network providers that would monitor IoT traffic and devices, block suspicious activity, and collaborate to identify security issues. The task force aims to provide fresh thinking around technical and legal approaches to attribute attacks and enable self-defense in IoT networks through a regulatory sandbox and cross-border response protocols. Critiques and improvements are invited.
Sergey Gordeychik gave a presentation on how to hack telecom networks and stay alive. He discussed that telecom networks have many perimeters including subscribers, partners, offices, and technology networks. He outlined specific attacks such as gaining unauthorized access to subscriber self-service portals or exploiting vulnerabilities in VoIP infrastructure. Gordeychik emphasized that telecom networks are complex with many third-party systems, exotic technologies, and administrative issues that can enable attacks if not properly secured. Forensics after an attack can also be very challenging in these large, dynamic networks.
The document discusses various technologies for securing e-commerce networks, including firewalls, intrusion detection systems, virtual private networks, and public key infrastructure. Firewalls act as a barrier between private and public networks and control network traffic. Intrusion detection systems monitor network activity for suspicious behavior. Virtual private networks use encryption to create secure connections over public networks like the Internet. A public key infrastructure enables secure exchange of data and payments on public networks through use of public/private key pairs from a trusted authority.
A Presentation by:
REMMY NWEKE, 2016 Fellow, Cyber Security Policy Defender
Secretary, Cyber Security Experts Association of Nigeria (CSEAN)
Lagos Branch
To mark the Cyber Security Awareness Campaign,
October 2016
A Survey Report on DDOS Attacking Tools, Detection and Prevention MechanismsIRJET Journal
This document summarizes a survey report on DDOS attacking tools, detection mechanisms, and prevention methods. It begins by introducing DDOS attacks and their increasing prevalence. It then describes several common DDOS attacking tools like Trinoo and Shaft in detail, including their mechanisms and a comparison. It discusses two main detection mechanisms - Snort, an open-source intrusion detection system, and time series analysis. Finally, it outlines a DDOS prevention protocol called DLSR that detects attacks and identifies attackers in three phases: detection, identification, and defense.
This document provides information about three computer networking topics: Telnet, VoIP, and HTTPS. It describes Telnet as a remote login protocol that allows users to access terminals on other systems. It explains the basic working of Telnet and how a connection is established. VoIP is summarized as using Internet Protocol to transfer voice calls by digitizing, compressing, and transmitting voice data in packets. Finally, it states that HTTPS secures communications between browsers and websites using TLS/SSL encryption to protect against eavesdropping and spoofing.
1. Net Defender is a simple firewall software designed for personal computers to block unauthorized Internet access. It uses packet filtering and allows or blocks traffic based on port numbers, protocols, and source/destination addresses and ports.
2. Common security issues include lack of initial security design, growing Internet usage, and attacks from criminals, hackers, and corporate spies using techniques like DDoS attacks and port scanning.
3. The Net Defender firewall software has a simple graphical user interface and allows users to add rules to allow or block traffic based on characteristics like port numbers and addresses. It also includes a basic port scanner to detect open ports.
This document summarizes a presentation about data security in online commerce. It discusses:
1) An introduction about the presenter's experience in secure web services and open source contributions.
2) The main topics that will be covered, including data security discussions and tools to test security risks.
3) The most common web application security weakness is failing to validate input from clients, which can lead to vulnerabilities like cross-site scripting and SQL injection.
4) It emphasizes that external data should never be trusted and validations are important with many data input points in complex applications.
Conferencia de Santiago Troncoso expuesta en la última edición de VoIP2DAY en la que nos explica cómo WebRTC hereda todas las amenazas de los servicios VoIP tradicionales junto con los ataques web existentes y nos da algunas claves sobre cómo mantener la seguridad de los servicios.
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"Quobis
WebRTC inherits all the threats of traditional VoIP services together with existing web attacks. In this session Antón Román will explain this together with ad-hoc WebRTC attacks and ways to deal with Identity and keep the services secure.
- VoIP attacks Denial of service. Fraud. Illegal interception. Illegal control.
- Adhoc WebRTC attacks: malicious HTML code. Webservers. Forced DoS. Cam/mic control. Etc.
- Protection: Role of border elements (SBC, media gateways,...). WebRTC Portal and web servers. Browser mechanisms
- Identity Management: Anonymous calls. OpenID and third parties. Telco identity. Real implementations
This document provides an overview of distributed denial of service (DDoS) attacks, including how they work, common techniques used, and strategies for mitigating them. It defines DDoS attacks as attempts to exhaust the resources of networks, applications, or services to deny access to legitimate users. The document discusses how botnets are commonly used to launch large-scale DDoS attacks from multiple sources simultaneously. It also outlines best practices for selecting DDoS protection devices, emphasizing the importance of up-to-date detection techniques, low latency, and customized hardware-based logic to withstand major attacks.
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
The document discusses security technologies for the Wireless Application Protocol (WAP), including:
- WAP 1.0 and 2.0 protocol stacks and their use of WTLS and TLS for secure communication
- WTLS limitations and enhancements like WPKI, WAPCert, and TLS over HTTP in WAP 2.0
- Information security technologies like WMLScript Crypto and the Wireless Identity Module (WIM) for digital signatures and credential storage
WebRTC allows for real-time communication through a web browser or mobile app using audio, video, and data without requiring a centralized server. It works by using STUN and TURN servers to handle signaling and traverse NATs to establish a direct peer-to-peer connection when possible. WebRTC implements encryption and permissions to help secure access to devices and media streams, though vulnerabilities still exist around stolen credentials and unverified certificates. It supports advanced features like simulcast for adaptive streaming and SFUs for flexible multi-party video routing.
This document is a security glossary from Razorpoint Security Technologies containing definitions of common security, hacking, and technology terms. It was last updated on January 9, 2006 and contains copyright information. The glossary contains over 150 terms spanning operating systems, networks, and technologies to help people understand the latest security terminology. If the reader has any other terms they would like defined, they can contact Razorpoint Security.
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...Sandro Gauci
WebRTC is often considered to be secure by default - with most security concerns being around IP address leakage which is more of a privacy issue than anything. Well, I have news for you - the applications and infrastructure that handles WebRTC can be attacked. It may indeed have various types of security vulnerabilities which are often overlooked. This presentation is based on experiences gained through security testing of WebRTC applications with anecdotal stories to illustrate the dangers. We will also take a peek at Video Delivery mechanisms such as RIST and SRT and discuss what could possibly go wrong there too!
The document describes a WebRTC gateway product that connects browser-based telephony using WebRTC standards to traditional VoIP networks and devices using SIP. The gateway allows users on any WebRTC-supported browser to make audio and video calls to SIP phones and networks, integrating browser communication into web applications without APIs or SDKs. It also provides security features like TLS encryption for calls between browsers and the gateway. The gateway can be quickly deployed on cloud platforms like Amazon Web Services.
This document discusses security issues and solutions related to Voice over IP (VoIP) systems. It begins with an introduction to VoIP and how it works, describing the protocols used including SIP, H.323, MGCP and RTP. It then outlines various security attacks on VoIP systems such as eavesdropping, denial of service attacks, and masquerading. Finally, it discusses approaches to enhancing VoIP security, including using encryption, firewalls, authentication, and secure protocols like SRTP.
The document discusses Internet of Things (IoT) security challenges and countermeasures. It begins with basics of IoT and sensors, then discusses how IoT connects to the internet. It outlines several approaches to securing IoT, including restricted access, encryption of network and data, managing default APIs, addressing human elements of security, and learning from past exploits. Specific threats like denial of service attacks, man-in-the-middle attacks, and brute force/dictionary attacks are examined. The document concludes that IoT security design must enable open yet secure infrastructure while respecting user privacy through individual policies.
The document discusses securing remote access connections by using a virtual private network (VPN) with Windows Server 2012 R2's Routing and Remote Access feature. It will use Extensible Authentication Protocol-Transport Level Security (EAP-TLS) and smartcards for authentication to encrypt traffic and securely connect remote users to the network. The goal is to properly secure these connections to provide end users with secure access to potentially sensitive company data and resources from outside the office.
The document discusses the formation of an IoT Security Task Force by the IoT Forum and CISO Platform to develop threat models, controls, and arrangements to improve IoT security. It proposes a "SECURENET" concept involving managed security network providers that would monitor IoT traffic and devices, block suspicious activity, and collaborate to identify security issues. The task force aims to provide fresh thinking around technical and legal approaches to attribute attacks and enable self-defense in IoT networks through a regulatory sandbox and cross-border response protocols. Critiques and improvements are invited.
Sergey Gordeychik gave a presentation on how to hack telecom networks and stay alive. He discussed that telecom networks have many perimeters including subscribers, partners, offices, and technology networks. He outlined specific attacks such as gaining unauthorized access to subscriber self-service portals or exploiting vulnerabilities in VoIP infrastructure. Gordeychik emphasized that telecom networks are complex with many third-party systems, exotic technologies, and administrative issues that can enable attacks if not properly secured. Forensics after an attack can also be very challenging in these large, dynamic networks.
The document discusses various technologies for securing e-commerce networks, including firewalls, intrusion detection systems, virtual private networks, and public key infrastructure. Firewalls act as a barrier between private and public networks and control network traffic. Intrusion detection systems monitor network activity for suspicious behavior. Virtual private networks use encryption to create secure connections over public networks like the Internet. A public key infrastructure enables secure exchange of data and payments on public networks through use of public/private key pairs from a trusted authority.
A Presentation by:
REMMY NWEKE, 2016 Fellow, Cyber Security Policy Defender
Secretary, Cyber Security Experts Association of Nigeria (CSEAN)
Lagos Branch
To mark the Cyber Security Awareness Campaign,
October 2016
A Survey Report on DDOS Attacking Tools, Detection and Prevention MechanismsIRJET Journal
This document summarizes a survey report on DDOS attacking tools, detection mechanisms, and prevention methods. It begins by introducing DDOS attacks and their increasing prevalence. It then describes several common DDOS attacking tools like Trinoo and Shaft in detail, including their mechanisms and a comparison. It discusses two main detection mechanisms - Snort, an open-source intrusion detection system, and time series analysis. Finally, it outlines a DDOS prevention protocol called DLSR that detects attacks and identifies attackers in three phases: detection, identification, and defense.
This document provides information about three computer networking topics: Telnet, VoIP, and HTTPS. It describes Telnet as a remote login protocol that allows users to access terminals on other systems. It explains the basic working of Telnet and how a connection is established. VoIP is summarized as using Internet Protocol to transfer voice calls by digitizing, compressing, and transmitting voice data in packets. Finally, it states that HTTPS secures communications between browsers and websites using TLS/SSL encryption to protect against eavesdropping and spoofing.
1. Net Defender is a simple firewall software designed for personal computers to block unauthorized Internet access. It uses packet filtering and allows or blocks traffic based on port numbers, protocols, and source/destination addresses and ports.
2. Common security issues include lack of initial security design, growing Internet usage, and attacks from criminals, hackers, and corporate spies using techniques like DDoS attacks and port scanning.
3. The Net Defender firewall software has a simple graphical user interface and allows users to add rules to allow or block traffic based on characteristics like port numbers and addresses. It also includes a basic port scanner to detect open ports.
This document summarizes a presentation about data security in online commerce. It discusses:
1) An introduction about the presenter's experience in secure web services and open source contributions.
2) The main topics that will be covered, including data security discussions and tools to test security risks.
3) The most common web application security weakness is failing to validate input from clients, which can lead to vulnerabilities like cross-site scripting and SQL injection.
4) It emphasizes that external data should never be trusted and validations are important with many data input points in complex applications.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
6. WebRTC. Use cases.
More information about
use cases available here:
Corporate:
○ Audio webclients for IMS, NGN, MS Lync, Cisco, etc.
○ Video webclients for conference bridges
○ Click to call (click to video/chat) solutions
○ Contact center solutions
Residential:
○ OTT services
○ Audio webclients for residential users
○ Webchats
○ Vertical applications (e-health,...)
○ Extended RCS/Joyn services
○ Online videogames
7. WebRTC. Architecture.
New elements introduced in the UC networks requires
new considerations in terms of security:
○ Web Server
○ WebRTC gateway
○ Laptop/desktop used as endpoint
8. Efforts in WebRTC security.
RFC Draft:
Security considerations
for RTC-Web
WebRTC inherits part of the potential VoIP attacks and
adds new threads:
○ New network elements to be hijacked, etc.
○ Open communications (new open ports, etc.)
○ Privacy issues through access to microphones and cams.
10. VoIP attacks. Introduction.
Types of VoIP attacks:
1. Denial of service
2. Fraud
3. Illegal interception
4. Illegal control
A VoIP attack causes an immediate economic damage for the attacked entity
and a direct economic profit to the attacker. This does not occur with other
type of attacks.
VoIP security
11. VoIP attacks. Denial of service.
The aim of an attack of DoS is to degrade the quality of the service that
perceives the user by means of the massive delivery of messages that require
of the use of resources (CPU, BW or memory) in the attacked system.
Examples: flood of register requests or calls in a softswitch that can pretend:
■ A simple failure of the service.
■ Attack for telephone fraud.
Also other "non intentional" attacks should be taking into account:
■ flood after a power blackout.
■ Bugs in terminals.
■ Viruses.
12. VoIP attacks. Fraud.
An attacker registers in the system with a valid user (discovers the password,
alters an IP, etc.) with the aim to do calls to international numbers. CFCA
estimates 40 Billions USD annually.
They are not only calls through the network. Sometimes the attacker obtains
remote access to a SIP proxy or softswitch that can use to originate illegal
calls by console.
● These attacks cause not only economic losses. Sometimes the legitimate
user has to pay the bill!!
● In most cases, it's difficult to determine the responsibility (customer or
operator) of the attacks.
13. VoIP attacks. Illegal interception.
Because of the IP nature is simpler to capture signalling and media traffic by
potential attackers to obtain information (audio of the call, other information
of the call exchanged, etc.)
As traditional VoIP SIP traffic is opened, this is more dangerous in Wi-Fi
networks where traffic is not ciphered.
WebRTC uses ciphered traffic for
signalling and media, so interception
could only be done in the endpoints
or media gateway.
14. VoIP attacks. Illegal control.
If an attacker achieves the credenciales of an
user or an administrator, he has absolute
control:
● Can be used to do calls with high costs:
causing losses to the service provider
and/or end customer.
● Hijacked lines can be used to finish calls
of other customers to which the attacker
sells services
● For illegal activities, makes more
difficult the judicial follow-up of the
calls.
16. Access to devices. Threats
HTML and JS script are executed by the browser as a
"sandbox" designed to be isolated from the rest of the
computer. However bugs may exist.
WebRTC API needs to access physical devices which
will provide real-time media information (and files):
THREAT: Web pages access to user's camera and
microphone without permissions.
17. Access to devices. Threats
Malicious
WebSever
Users can potentially being recorded with
Javascript code downloaded from a malicious
Web Server.
Malicious
Script
SRTP
18. Access to screen capture. Threats
Malicious
WebSever
SRTP
Malicious
Script
Security in screen sharing is specially critical as
very sensitive information can be stolen.
19. Websocket.
Websocket (RFC6445): provides a full-duplex socket
between a browser and a server.
It is just a TCP socket upgraded from an HTTP
handshake.
Standardized way for the server to send content to the
browser without being solicited by the client.
Image from http://blog.kaazing.com Image from: http://stackoverflow.com
20. Websocket DoS. Threats
Browser N
Attacked Server
websocket
Malicious
WebSever
Websocket allows cross-origin connection. DDoS attacks
can be implemented in a Web-oriented way.
Browser 1
websocket
httphttp
Malicious
Script
Malicious
Script
21. Websocket cross-protocol attack. Threats
ebsocket
A malicious script could potentially inject code which
is valid in HTTP poisoning HTTP intermediaries (i.e.
HTTP proxy). This is avoided natively by WS RFC.
http://tools.ietf.org/agenda/80/slides/hybi-2.pdf
22. Signaling sent over not TLS connection.
By default it implements digest authentication, however it has
a number of disadvantages:
● Several security options (like 'qop' for integrity) are
optional.
● Vulnerable to man-in-the-middle attacks.
Sending the messages in plain-text is not a good idea, it can
be authenticated but not privacy and integrity.
Signaling traffic can be sent over Websocket: data is
sent over a TCP socket without any encryption.
Equivalent to SIP over UDP/TCP.
Sending all the signaling over TLS is a must!
23. Security of TURN server.
TURN is necessary in many WebRTC scenarios to
establish bi-directional flows.
Media relaying is an expensive resource so it is
protected with credentials.
Those credentials can be long-term, if these
credentials are stolen the TURN server can be
abused.
24. Security in Click-to-call solutions
● Click to call solutions are potentially easy to be
attacked.
● The WebRTC Click2Call solution server must
implement mechanism to make sure the user is calling
from a trusted site and limit the amount of calls from
one location.
● Controlling the total amount of calls also will help to
minimize DDoS.
Web Visitor
Contact Center
26. Signaling over TLS.
SIP traffic can be sent over Secure Websocket: data is
sent over a TLS socket. Equivalent to SIP over TLS.
TLS provides privacy, integrity and authentication.
It also provides server authentication, and client
authentication if a client certificate is provided.
If the client certificate is signed by a Trusted Certification
Authority (CA) the real-time communication can have legal
value.
Using, HTTPS and WSS is necessary when working with
WebRTC. For example: Screen sharing only works
from HTTPS sites!
27. Access to devices.
WebRTC standard requires that access to device to be
notified to the user.
Browser notifies the
user that a tab is
currently accessing
media devices. With a
blinking red spot In
Chrome.
28. Access to devices.
Showing own video to the user helps to be aware that
the browser is accessing cam and micro.
The browser stores the permissions settings for HTTPS
sites which valid certificates.
29. Access to devices.
Screen capture requires to type of permissions:
2. Always active user content
1. Elevated permissions (in practice means installing a plugin once)
31. DDoS.
DoS and DDoS protections are pretty similar to the
implemented in Web Servers. Attacks can be potentially be
launched from thousands of browsers.
Signaling is going to be received via TCP/TLS: WS, WSS,
REST APIs, etc
Typical attack vectors (SYN flood, RESET attack etc) must
be stopped as soon as possible to limit resources exhaustion
which causes a denial of service.
WebRTC Gateways/servers normally will be exposed in
Internet listening on well-known ports (443 and 80).
32. DTLS-SRTP for media encryption
DTLS-SRTP manage the SRTP key exchange within the
RTP flow before starting media. This is done using DTLS,
a version of TLS based on datagrams.
Keys are not exchanged in the SDP protocol. It protects
the RTP flow even if signaling is not encrypted.
It is mandatory for
A fingerprint is included in the SDP to create a
security relationship between the SDP and the
DTLS-SRTP flows.
33. ICE.
ICE(RFC5245) allows RTP flows to traverse NAT routers. It
finds the best path for RTP/RTCP traffic.
STUN is used to find out the paths to send the RTP flow.
ICE, includes a handshake designed to verify that the
receiving element wishes to receive traffic from the
sender.
This identifier/password are created by the browser and used
during the ICE negotiation.
34. Monitoring.
It is important monitor all the traffic the same way it is done
with SIP traffic.
It is possible to gather even more information for WebRTC
sessions:
● IP geolocation.
● Host URL.
● Browser info.
● Contextual info.
36. Identity management.
WebRTC does not force any authentication method.
WebRTC API exposes an authentication API based on Identity
Providers which can be:
● Ad-hoc solutions
● Social networks
● Certification Authorities (private or
public)
● Telco authentication
IdP protocols: OpenID or BrowserID, Federated Google Login,
Facebook Connect, OAuth, WebFinger
37. Identity management. OpenID
Makes possible to be sure of the
identity using a third
party
New opportunity for operators as
Identity Providers: Mobile number
as Trusted Identity
38. Identity management.
+----------------+
| |
| Signaling |
| Server |
| |
+----------------+
^ ^
/
HTTPS / HTTPS
/
/
v v
JS API JS API
+-----------+ +-----------+
| | Media | |
Alice | Browser |<---------->| Browser | Bob
| | (DTLS+SRTP)| |
+-----------+ +-----------+
^ ^--+ +--^ ^
| | | |
v | | v
+-----------+ | | +-----------+
| |<--------+ | |
| IdP1 | | | IdP2 |
| | +------->| |
+-----------+ +-----------+
WebRTC API defined by W3C
Alice and Bob have relationships
with some Identity Provider (IdP) that
supports a protocol such as OpenID or
BrowserID, Federated Google Login,
Facebook Connect, OAuth, WebFinger)
that can be used to demonstrate their
identity to other parties.
40. Identity management.
Adds a second factor of authentications because we
validate the device (smartphone or PC) and the
credentials are introduced ciphered in a SIP
signalling packet.
Certification Authority
Certificate
verification
Example of Identity Management
45. Reference Model
WebRTC IMS Client (WIC)
P-CSCF enhanced for WebRTC (eP-CSCF)
IMS-AGW enhanced for WebRTC (eIMS-AGW)
WebRTC Web Server Function (WWSF)
WebRTC Authorization Function (WAF)
55. NAT traversal
In order to traverse restrictive-firewalls one could also use TCP/TLS transport. Some, are even
multiplexing that over HTTP-based connections
64. What we have learned today
● Legacy VoIP attacks could also be
important in WebRTC.
● WebRTC provides security by default
(mandatory encryption, access
permissions, etc).
● Care should be paid to Authentication
and Identity Management
65. Planning to be in Barcelona during MWC15?
Quobis' booth (#CS60, Spanish Pavilion) will showcase "Sippo
WebRTC Application Controller" to service providers and network
equipment vendors, showing them how to introduce new value-
added WebRTC services to their residential and corporate
customers, hiding the complexity behind the different
implementation of the standards by web browsers and gateway
vendors and providing a complete set of APIs to manage AAA,
user provisioning, contact management, policy control and other
features.
mwc@quobis.com
66. Planning to be in Barcelona during MWC15?
Register today for this free event at http:
//www.meetup.com/WebRTC-Barcelona