DOCSLIB.ORG

Decoupling Coding Habits from Functionality for Effective Binary

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Decoupling Coding Habits from Functionality for Effective Binary Journal of Computer Security 0 (0) 1 1 IOS Press 1 1 2 2 3 3 4 Decoupling Coding Habits from 4 5 5 6 6 7 Functionality for Effective Binary 7 8 8 9 Authorship Attribution 9 10 10 11 11 a;∗ b b b c 12 Saed Alrabaee , Paria Shirani , Lingyu Wang , Mourad Debbabi and Aiman Hanna 12 13 a Information Systems and Security, United Arab Emirates University, UAE 13 14 E-mail: [email protected] 14 15 b CIISE, Concordia University, Montreal, QC, Canada 15 16 E-mails: [email protected], [email protected], [email protected] 16 17 c Computer Science, Concordia University, Montreal, QC, Canada 17 18 E-mail: [email protected] 18 19 19 20 Abstract. Binary authorship attribution refers to the process of identifying the author of a given anonymous binary file based on 20 21 stylistic characteristics. It aims to automate the laborious and error-prone reverse engineering task of discovering information 21 related to the author(s) of a binary code. Existing works typically employ machine learning methods to extract features that 22 are unique for each author and subsequently match them against a given binary to identify the author. However, most existing 22 23 works share a common critical limitation, i.e., they cannot distinguish between features representing program functionality 23 24 and those representing authorship (e.g., authors’ coding habits). Such distinction is crucial for effective authorship attribution 24 because what is unique in a particular binary may be attributed to either author, compiler, or function. In this study, we present 25 25 BINAUTHOR a system capable of decoupling program functionality from authors’ coding habits in binary code. To capture 26 coding habits, BINAUTHOR leverages a set of features that are based on collections of functionality-independent choices made 26 27 by authors during coding. Our evaluation demonstrates that BINAUTHOR outperforms existing methods in several aspects. 27 28 First, it successfully attributes a larger number of authors with a significantly higher accuracy (around 90%) based on the large 28 datasets extracted from selected open-source C++ projects in GitHub, Google Code Jam events, Planet Source Code contests, 29 and several programming projects. Second, BINAUTHOR is more robust than previous methods; there is no significant drop 29 30 in accuracy when the code is subjected to refactoring techniques, simple obfuscation, and processed with different compilers. 30 31 Finally, decoupling authorship from functionality allows us to apply BINAUTHOR to real malware binaries (Citadel, Zeus, 31 Stuxnet, Flame, Bunny, and Babar) to automatically generate evidence on similar coding habits. 32 32 Keywords: Binary Authorship Attribution, Malware Analysis, Coding Habits, Assembly Instructions 33 33 34 34 35 35 36 36 37 1. Introduction 37 38 38 39 Binary authorship attribution aims to automate the arduous and error-prone reverse engineering task 39 40 of extracting information related to the author(s) of a program binary and further attribute the author(s). 40 41 The ability to conduct such analyses at the binary level is especially important for security applications 41 42 because the source code for malware is not always available. In automating binary authorship attribution 42 43 compared to source code analysis, two main challenges are typically encountered: the binary code lacks 43 44 44 45 *Corresponding author. E-mail: [email protected]. 45 46 46 0926-227X/0-1900/$35.00 c 0 – IOS Press and the authors. All rights reserved 2 S. Alrabaee et al. / Authorship Attribution 1 many abstractions (i.e., variable names) that are present in the source code, and the time and space com- 1 2 plexities of analyzing binary code are greater than those of the corresponding source code. Although 2 3 significant efforts have been made to develop automated approaches for source code authorship attribu- 3 4 tion [1], these often rely on features that will likely be lost in the strings of bytes representing binary code 4 5 after the compilation process, such as variable and function naming, original control and data flow struc- 5 6 tures, comments, and space layout. To this end, a few approaches to binary authorship attribution have 6 7 been proposed; typically, they employ machine learning methods to extract unique features for each au- 7 8 thor and then match a given binary against such features to identify the authors [2–4]. These approaches 8 9 share the following limitations: (i) the chosen features are generally not related to author’s style but 9 10 rather to functionality; (ii) significantly lower accuracy is observed in the case of multiple authors [5]; 10 11 (iii) the approaches are easily defeated by refactoring techniques or simple obfuscation methods; and 11 12 (iv) the approaches handle only one platform (e.g., x86). Dealing with the binary authorship attribution 12 13 problem requires novel features that can capture author’s style characteristics, such as a preference for 13 14 using specific compilers, keywords, reused packages, implementation frameworks, and binary times- 14 15 tamps. More recently, the feasibility of authorship attribution on malware binaries was discussed at the 15 16 BlackHat conference [6]. A set of features are employed to group malware binaries according to author- 16 17 ship. However, the process is not automated and requires a considerable human intervention. 17 18 18 19 Key idea: We present BINAUTHOR, a system designed to recognize authors’ coding habits by decou- 19 20 pling them from program functionality in binary code. Instead of using generic features (e.g., n-grams 20 21 or small subgraphs of a CFG [4]), which may or may not be related to authorship, BINAUTHOR captures 21 22 coding habits based on a collection of functionality-independent choices frequently made by authors 22 23 during coding (e.g., preferring to use either if or switch, and relying more on either object-oriented 23 24 modularization or procedural programming). We first investigate a large collection of source code and 24 25 their mapping to assembly instructions in order to determine what coding habits may be preserved in the 25 26 binary, and consequently design and integrate features based on such habits into BINAUTHOR. Then, 26 27 we apply it to a series of problems related to binary authorship attribution, namely, attributing the au- 27 28 thor of a given binary from a set of author candidates inside a repository, identifying the presence of 28 29 multiple authors of the same binary on the basis of function-level analysis, and automatically extracting 29 30 authorship-related evidences from real malware binaries. 30 31 31 32 Summary of results: Our evaluation shows that BINAUTHOR outperforms existing approaches [2– 32 33 4] in several aspects. Specifically, the system attributes a larger number of authors with a significantly 33 34 higher accuracy (approximately 90%) based on large-scale datasets extracted from selected open-source 34 35 C++ projects on GitHub [7], Google Code Jam events [8], Planet Source Code contests [9], and stu- 35 36 dents’ programming projects. Furthermore, BINAUTHOR is more robust than previous methods in the 36 37 sense that the system can still attribute authors with an acceptable accuracy after the code is subjected to 37 38 refactoring and simple obfuscation techniques. Finally, applying BINAUTHOR to real malware binaries 38 39 (Zeus-Citadel, Stuxnet-Flame, and Bunny-Babar) automatically generates evidence of sim- 39 40 ilar coding habits shared by each pair of malware. These types of evidence match the findings of the 40 41 technical reports published by antivirus vendors [10, 11] and reverse engineering team [6]. 41 42 42 43 Contributions: The main contributions of this study are: 43 44 (1)B INAUTHOR yields a higher accuracy that survives refactoring techniques and simple obfuscation. 44 45 This shows the potential of BINAUTHOR as a practical tool to assist reverse engineers in a num- 45 46 46 S. Alrabaee et al. / Authorship Attribution 3 1 ber of security-related tasks, such as identifying the author of a malware sample, and clustering 1 2 malware samples based on common authors. 2 3 (2)B INAUTHOR is amongst the first approaches that performs automated authorship attribution on 3 4 real-world malware binaries. When we applied it to Zeus-Citadel, Stuxnet-Flame, and 4 5 Bunny-Babar malware binaries, it automatically generated evidence of coding habits shared by 5 6 each malware pair, matching the findings of antivirus vendors [10, 11] and reverse engineering 6 7 teams [6]. 7 8 (3) The filtration component of BINAUTHOR (which labels functions as compiler-related, library- 8 9 related, or user-related functions) is a stand-alone component. In addition, it can be employed 9 10 as pre-processing steps in other applications, such as clone detection, to allow for the reduction of 10 11 false positives and the enhancement of performance. We made the code available to the commu- 11 12 nity1. 12 13 13 In this paper, we significantly extend our previous work, by studying three models: BINAUTHOR; 14 14 BINAUTHOR , which combines BINAUTHOR with a compiler identification tool BINCOMP [12]; and 15 1 15 BINAUTHOR , which combines BINAUTHOR with GITZ, a tool [13] for lifting assembly instructions 16 2 16 to a canonical form. Specifically, our major extensions are as follows: i) we introduce a set of illustra- 17 17 tive examples to answer the following question: Does each programmer have a distinctive coding style 18 18 reflected in his/her collection of functionality-independent
Load more

Recommended publications
  • Watson Daniel.Pdf (5.294Mb)
    Source Code Stylometry and Authorship Attribution for Open Source by Daniel Watson A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Master of Mathematics in Computer Science Waterloo, Ontario, Canada, 2019 c Daniel Watson 2019 Author's Declaration I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii Abstract Public software repositories such as GitHub make transparent the development history of an open source software system. Source code commits, discussions about new features and bugs, and code reviews are stored and carefully attributed to the appropriate developers. However, sometimes governments may seek to analyze these repositories, to identify citi- zens who contribute to projects they disapprove of, such as those involving cryptography or social media. While developers who seek anonymity may contribute under assumed identi- ties, their body of public work may be characteristic enough to betray who they really are. The ability to contribute anonymously to public bodies of knowledge is extremely impor- tant to the future of technological and intellectual freedoms. Just as in security hacking, the only way to protect vulnerable individuals is by demonstrating the means and strength of available attacks so that those concerned may know of the need and develop the means to protect themselves. In this work, we present a method to de-anonymize source code contributors based on the authors' intrinsic programming style.
    [Show full text]
  • Code Hunt: Experience with Coding Contests at Scale
    Code Hunt: Experience with Coding Contests at Scale Judith Bishop R. Nigel Horspool Tao Xie Nikolai Tillmann, Microsoft Research University of Victoria University of Illinois at Jonathan de Halleux Redmond, WA, USA Victoria, BC, Canada Urbana-Champaign Microsoft Research [email protected] [email protected] IL, USA Redmond, WA, USA [email protected] nikolait, [email protected] Abstract—Mastering a complex skill like programming takes Code Hunt adds another dimension – that of puzzles. It is with many hours. In order to encourage students to put in these hours, these ideas in mind that we conceived Code Hunt, a game for we built Code Hunt, a game that enables players to program coding against the computer by solving a sequence of puzzles against the computer with clues provided as unit tests. The game of increasing complexity. Code Hunt is unique among coding has become very popular and we are now running worldwide systems and among games in that it combines the elements of contests where students have a fixed amount of time to solve a set of puzzles. This paper describes Code Hunt and the contest both to produce just what we need to get students to put in those experience it offers. We then show some early results that hours of practice to hone their programming skills. Along the demonstrate how Code Hunt can accurately discriminate between way, they also learn to understand testing, since the game is good and bad coders. The challenges of creating and selecting based on unit tests. Code Hunt has been used by over 50,000 puzzles for contests are covered.
    [Show full text]
  • Curriculum Vitae
    Curriculum Vitae Jakub Pachocki [email protected] Work experience 2016 { present Harvard School of Engineering and Applied Sciences Postdoctoral Fellow Education 2013 { 2016 Carnegie Mellon University PhD in Computer Science Thesis: Graphs and Beyond: Faster Algorithms for High Dimen- sional Convex Optimization Advisor: Gary Miller 2010 { 2013 University of Warsaw Bachelor's Degree in Computer Science Publications author names in alphabetical order • M. Cohen, Y. T. Lee, G. Miller, J. Pachocki and A. Sidford. Geometric Median in Nearly Linear Time. 48th Annual Symposium on the Theory of Computing (STOC 2016). • A. Ene, G. Miller, J. Pachocki and A. Sidford. Routing under Balance. 48th Annual Symposium on the Theory of Computing (STOC 2016). • M. Cygan, F. Fomin, A. Golovnev, A. Kulikov, I. Mihajlin, J. Pachocki and A. Soca la. Tight bounds for graph homomorphism and subgraph isomorphism. 27th Annual Symposium on Discrete Algorithms (SODA 2016). • M. Cohen, C. Musco and J. Pachocki. Online Row Sampling. 19th In- ternational Workshop on Approximation Algorithms for Combinatorial Optimization Problems (APPROX 2016). • M. Mitzenmacher, J. Pachocki, R. Peng, C. E. Tsourakakis and S. C. Xu. Scalable Large Near-Clique Detection in Large-Scale Networks via Sampling. 21th International Conference on Knowledge Discovery and Data Mining (KDD 2015). • M. Cohen, G. Miller, R. Kyng, J. Pachocki,p R. Peng, A. Rao and S. C. Xu. Solving SDD Systems in Nearly O(m log n) Time. 46th Annual Symposium on the Theory of Computing (STOC 2014). • M. Cygan, J. Pachocki, A. Socala. The Hardness of Subgraph Isomor- phism. arXiv preprint, 2015. • M. Cohen, G. Miller, J.
    [Show full text]
  • 321444 1 En Bookbackmatter 533..564
    Index 1 Abdominal aortic aneurysm, 123 10,000 Year Clock, 126 Abraham, 55, 92, 122 127.0.0.1, 100 Abrahamic religion, 53, 71, 73 Abundance, 483 2 Academy award, 80, 94 2001: A Space Odyssey, 154, 493 Academy of Philadelphia, 30 2004 Vital Progress Summit, 482 Accelerated Math, 385 2008 U.S. Presidential Election, 257 Access point, 306 2011 Egyptian revolution, 35 ACE. See artificial conversational entity 2011 State of the Union Address, 4 Acquired immune deficiency syndrome, 135, 2012 Black Hat security conference, 27 156 2012 U.S. Presidential Election, 257 Acxiom, 244 2014 Lok Sabha election, 256 Adam, 57, 121, 122 2016 Google I/O, 13, 155 Adams, Douglas, 95, 169 2016 State of the Union, 28 Adam Smith Institute, 493 2045 Initiative, 167 ADD. See Attention-Deficit Disorder 24 (TV Series), 66 Ad extension, 230 2M Companies, 118 Ad group, 219 Adiabatic quantum optimization, 170 3 Adichie, Chimamanda Ngozi, 21 3D bioprinting, 152 Adobe, 30 3M Cloud Library, 327 Adonis, 84 Adultery, 85, 89 4 Advanced Research Projects Agency Network, 401K, 57 38 42, 169 Advice to a Young Tradesman, 128 42-line Bible, 169 Adwaita, 131 AdWords campaign, 214 6 Affordable Care Act, 140 68th Street School, 358 Afghan Peace Volunteers, 22 Africa, 20 9 AGI. See Artificial General Intelligence 9/11 terrorist attacks, 69 Aging, 153 Aging disease, 118 A Aging process, 131 Aalborg University, 89 Agora (film), 65 Aaron Diamond AIDS Research Center, 135 Agriculture, 402 AbbVie, 118 Ahmad, Wasil, 66 ABC 20/20, 79 AI. See artificial intelligence © Springer Science+Business Media New York 2016 533 N.
    [Show full text]
  • Declaratively Solving Tricky Google Code Jam Problems with Prolog-Based Eclipse CLP System
    Declaratively solving tricky Google Code Jam problems with Prolog-based ECLiPSe CLP system Sergii Dymchenko Mariia Mykhailova Independent Researcher Independent Researcher [email protected] [email protected] ABSTRACT produces correct answers for all given test cases within a In this paper we demonstrate several examples of solving certain time limit (4 minutes for the \small" input and 8 challenging algorithmic problems from the Google Code Jam minutes for the \large" one). programming contest with the Prolog-based ECLiPSe sys- tem using declarative techniques: constraint logic program- GCJ competitors can use any freely available programming ming and linear (integer) programming. These problems language or system (including the ECLiPSe2 system de- were designed to be solved by inventing clever algorithms scribed in this paper). Most other competitions restrict par- and efficiently implementing them in a conventional imper- ticipants to a limited set of popular programming languages ative programming language, but we present relatively sim- (typically C++, Java, C#, Python). Many contestants par- ple declarative programs in ECLiPSe that are fast enough ticipate not only in GCJ, but also in other contests, and to find answers within the time limit imposed by the con- use the same language across all competitions. When the test rules. We claim that declarative programming with GCJ problem setters design the problems and evaluate their ECLiPSe is better suited for solving certain common kinds complexity, they keep in mind mostly this crowd of seasoned of programming problems offered in Google Code Jam than algorithmists. imperative programming. We show this by comparing the mental steps required to come up with both kinds of solu- We show that some GCJ problems that should be challeng- tions.
    [Show full text]
  • [Xtrl] Yahoo Is Shutting Down Its Groups Re
    Steve Spicer Oct 23 #1471 Re: Yahoo is shutting down its groups Thanks for keeping the dream alive from me as well, Bob. Peter K. Campbell On Tue, 22 Oct 2019 at 2:59 pm, Henk Meijerink hmeijeri2@... [xTRL] Peter K. Campbell Oct 23 #1470 Re: Yahoo is shutting down its groups The group will continue only as a bare basic mail list... Understand what's changing in Yahoo Groups Yahoo has made the decision to no longer allow users to Bob Backway Oct 21 #1469 Fw: [xTRL] Yahoo is shutting down its groups I own a few Yahoo groups and have converted some to IO. My understanding is that the Yahoo groups with continue, but all attachments and extra features such David Connor Oct 21 #1468 Re: Yahoo is shutting down its groups Ditto that, Bob. Thanks, Henk. On Tue, 22 Oct 2019 at 10:46 am, 'Vitas Anderson' vitas.anderson@... Henk Meijerink Oct 21 #1467 Re: Yahoo is shutting down its groups Facebook fine with me. Thanks for all your work Bob. Really appreciated by many. Liz Bednall Sent from Yahoo7 Mail on Android On Tue., 22 Oct. 2019 at 10:46 Liz Bednall Oct 21 #1466 Re: Yahoo is shutting down its groups Consolidating to Facebook sounds like a sensible suggestion Bob. And thank you for taking the trouble to curate this group. Best regards Vitas Anderson Mob: Vitas Anderson Oct 21 #1465 Yahoo is shutting down its groups XTRLers, Yahoo is shutting down its groups on December 14. This means this group will not exist after that date.
    [Show full text]
  • Managing a Global Workforce
    Managing a Global Workforce Managing a Global Workforce Challenges and Opportunities in International Human Resource Management Charles M. Vance Yongsun Paik M.E.Sharpe Armonk, New York London, England Copyright © 2006 by M.E. Sharpe, Inc. All rights reserved. No part of this book may be reproduced in any form without written permission from the publisher, M.E. Sharpe, Inc., 80 Business Park Drive, Armonk, New York 10504. Library of Congress Cataloging-in-Publication Data Vance, Charles M., 1952– Managing a global workforce : challenges and opportunities in international human resource management / by Charles M. Vance and Yongsun Paik. p. cm. Includes bibliographical references and index. ISBN-13 978-0-7656-1069-0 (cloth : alk. paper) ISBN-10 0-7656-1069-8 (cloth : alk. paper) 1. International business enterprises—Personnel management. 2. Personnel management. I. Paik, Yongsun, 1956– II. Title. HF5549.5.E45V46 2006 658.3—dc22 2006005775 Printed in the United States of America The paper used in this publication meets the minimum requirements of American National Standard for Information Sciences Permanence of Paper for Printed Library Materials, ANSI Z 39.48-1984. ~ BM (c)10987654321 INTRODUCTION AND OVERVIEW v To our dear wives and precious children: the global source of our support and inspiration. CONTENTS vii Contents Foreword xi Preface xiii 1. INTRODUCTION AND OVERVIEW Attracting Factory Workers in China 3 Introduction 4 Global Market Context 5 Key Perspectives in Global Workforce Management 25 Book Overview 30 Summary 31 Questions for Opening Scenario Analysis 32 Case 1.1. The United Nations of Bananas 32 Case 1.2. MNC Collaboration in Social Responsibility 34 Recommended Website Resources 35 2.
    [Show full text]
  • Arxiv:1701.02711V1 [Cs.CR] 10 Jan 2017
    On the Feasibility of Malware Authorship Attribution Saed Alrabaee, Paria Shirani, Mourad Debbabi, and Lingyu Wang Concordia University, Montreal, Canada Abstract. There are many occasions in which the security community is interested to discover the authorship of malware binaries, either for digital forensics analysis of malware corpora or for thwarting live threats of malware invasion. Such a discovery of authorship might be possible due to stylistic features inherent to software codes written by human programmers. Existing studies of authorship attribution of general pur- pose software mainly focus on source code, which is typically based on the style of programs and environment. However, those features critically depend on the availability of the program source code, which is usually not the case when dealing with malware binaries. Such program binaries often do not retain many semantic or stylistic features due to the compila- tion process. Therefore, authorship attribution in the domain of malware binaries based on features and styles that will survive the compilation process is challenging. This paper provides the state of the art in this literature. Further, we analyze the features involved in those techniques. By using a case study, we identify features that can survive the compi- lation process. Finally, we analyze existing works on binary authorship attribution and study their applicability to real malware binaries. 1 Introduction Authorship attribution comprises an important aspect of many forensic investi- gations, which is equally true in the computer world. When a malware attacks computer systems and leaves behind a malware corpus, an important question to ask is 'Who wrote this malware?'.
    [Show full text]
  • Elements of Programming Interviews in Python
    Elements of Programming Interviews in Python The Insiders’ Guide Adnan Aziz Tsung-Hsien Lee Amit Prakash This document is a sampling of our book, Elements of Programming Interviews in Python (EPI). Its purpose is to provide examples of EPI’s organization, content, style, topics, and quality. The sampler focuses solely on problems; in particular, it does not include three chapters on the nontechnical aspects of interviewing. We’d love to hear from you—we’re especially interested in your suggestions as to where the exposition can be improved, as well as any insights into interviewing trends you may have. You can buy EPI Python at Amazon.com (paperback). http://ElementsOfProgrammingInterviews.com Adnan Aziz is a Research Scientist at Facebook. Previously, he was a professor at the Department of Electrical and Computer Engineering at The University of Texas at Austin, where he conducted research and taught classes in applied algorithms. He received his Ph.D. from The University of California at Berkeley; his undergraduate degree is from Indian Institutes of Technology Kanpur. He has worked at Google, Qualcomm, IBM, and several software startups. When not designing algorithms, he plays with his children, Laila, Imran, and Omar. Tsung-Hsien Lee is a Senior Software Engineer at Uber. Previously, he worked as a Software Engineer at Google and as Software Engineer Intern at Facebook. He received both his M.S. and undergraduate degrees from National Tsing Hua University. He has a passion for designing and implementing algorithms. He likes to apply algorithms to every aspect of his life. He takes special pride in helping to organize Google Code Jam 2014 and 2015.
    [Show full text]
  • The Innovator's
    MoreMOreMORE fromfrom from QwertyQWERTY QWERTY at KAT.PH at at KAT.PH KAT.PH christensen gregersen dyer (Continued from front flap) ManageMent uS$29.95 “ Businesses worldwide have been guided and influenced by The Innovator’s Dilemma and Are you The Innovator’s Solution. Now The Innovator’s DNA shows where it all starts. This book the next gives you the fundamental building blocks for becoming more innovative and changing Jeff Dyer is the Horace the world. One of the most important books to come out this year, and one that will Steve JobS? Beesley Professor of Strategy at remain pivotal reading for years to come.” the Marriott School, Brigham —mArC benioff, Chairman and CEO, salesforce.com; author, Behind the Cloud You can be as innovative and impactful— Young University. He is widely if you can change your behaviors to improve published in strategy and your creative impact. business journals and was the “ The Innovator’s DNA is the ‘how to’ manual to innovation, and to the fresh thinking that the innov In The Innovator’s DNA, authors Jeff Dyer, fourth most cited management scholar from is the root of innovation. It has dozens of simple tricks that any person and any team Hal Gregersen, and bestselling author Clayton 1996–2006. can use today to discover the new ideas that solve the important problems. Buy it now M. Christensen (The Innovator’s Dilemma, The and read it tonight. Tomorrow you will learn more, create more, inspire more.” Innovator’s Solution) build on what we know hAl GreGerSen is a —SCott D.
    [Show full text]
  • Addendum Naac Self Study & Evaluative Reports March 2017
    DA-IICT ADDENDUM NAAC SELF STUDY & EVALUATIVE REPORTS MARCH 2017 TABLE OF CONTENTS DA-IICT --------------------------------------------------------------------------------------------------------------------------- 1 SECTION B ------------------------------------------------------------------------------------------------------------------------- 2 PROFILE OF THE UNIVERSITY ------------------------------------------------------------------------------------------------ 2 EXECUTIVE SUMMARY -------------------------------------------------------------------------------------------------------- 9 CRITERION I: CURRICULAR ASPECTS -------------------------------------------------------------------------------------- 12 CRITERION II - TEACHING-LEARNING AND EVALUATION ----------------------------------------------------------- 14 CRITERION III: RESEARCH, CONSULTANCY AND EXTENSION ------------------------------------------------------ 18 CRITERION IV - INFRASTRUCTURE AND LEARNING RESOURCES: ------------------------------------------------ 46 CRITERION V: STUDENT SUPPORT AND PROGRESSION ------------------------------------------------------------ 54 CRITERION VI: GOVERNANCE, LEADERSHIP AND MANAGEMENT ----------------------------------------------- 66 CRITERION VII: INNOVATIONS AND -------------------------------------------------------------------------------------- 67 BEST PRACTICES ---------------------------------------------------------------------------------------------------------------- 67 STATEMENT OF COMPLIANCE ----------------------------------------------------------------------------------------------
    [Show full text]
  • Thomas-LDW-2013-Phd-Thesis.Pdf
    ECOSYSTEM EMERGENCE: AN INVESTIGATION OF THE EMERGENCE PROCESSES OF SIX DIGITAL SERVICE ECOSYSTEMS Llewellyn D W Thomas Submitted to Imperial College in fulfilment of the requirements for the degree of Doctor of Philosophy. Innovation & Entrepreneurship Group Imperial College Business School South Kensington London SW7 2AZ United Kingdom 2 For Isabel, Hydra and Guillem. 3 4 DECLARATION This is to certify that: (i) The thesis comprises only my original work towards the PhD except where indicated; (ii) Due acknowledgement has been made in the text to all other material used; (iii) Due acknowledgement has been made in the text to my co-authors with whom I have worked on research manuscripts; (iv) The thesis is less than 100,000 words in length, exclusive of bibliography and appendices. I authorise the Dean of the Business School to make or have made a copy of this thesis to any person judged to have an acceptable reason for access to the information, i.e., for research, study or instruction. _________________________________________ Llewellyn D W Thomas 17th September 2013, London _________________________________________ Date, Place 5 6 ABSTRACT This thesis investigates processes of ecosystem emergence. Ecosystem research has thus far focused on understanding the structure and dynamics of already existing ecosystems. However much less attention has been devoted to the emergence of ecosystems. I first theoretically develop an institutional approach to ecosystems, arguing that the ecosystem is an organisational field which has value co-creation as its recognised area of institutional life. Synthesising the theories of dominant design, social movements, and institutional entrepreneurship, I identify four activities that drive the processes of ecosystem emergence: resource, technological, institutional and contextual activities.
    [Show full text]