Biblio

The difference of sensor devices and the camera position offset will lead the geometric differences of the matching images. The traditional SIFT image matching algorithm has a large number of incorrect matching point pairs and the matching accuracy is low during the process of image matching. In order to solve this problem, a SIFT image matching based on Maximum Likelihood Estimation Sample Consensus (MLESAC) algorithm is proposed. Compared with the traditional SIFT feature matching algorithm, SURF feature matching algorithm and RANSAC feature matching algorithm, the proposed algorithm can effectively remove the false matching feature point pairs during the image matching process. Experimental results show that the proposed algorithm has higher matching accuracy and faster matching efficiency.

The recently proposed Oblivious Cross-Tags (OXT) protocol (CRYPTO 2013) has broken new ground in designing efficient searchable symmetric encryption (SSE) protocol with support for conjunctive keyword search in a single-writer single-reader framework. While the OXT protocol offers high performance by adopting a number of specialised data-structures, it also trades-off security by leaking 'partial' database information to the server. Recent attacks have exploited similar partial information leakage to breach database confidentiality. Consequently, it is an open problem to design SSE protocols that plug such leakages while retaining similar efficiency. In this paper, we propose a new SSE protocol, called Hidden Cross-Tags (HXT), that removes 'Keyword Pair Result Pattern' (KPRP) leakage for conjunctive keyword search. We avoid this leakage by adopting two additional cryptographic primitives - Hidden Vector Encryption (HVE) and probabilistic (Bloom filter) indexing into the HXT protocol. We propose a 'lightweight' HVE scheme that only uses efficient symmetric-key building blocks, and entirely avoids elliptic curve-based operations. At the same time, it affords selective simulation-security against an unbounded number of secret-key queries. Adopting this efficient HVE scheme, the overall practical storage and computational overheads of HXT over OXT are relatively small (no more than 10% for two keywords query, and 21% for six keywords query), while providing a higher level of security.

The existing research on the Internet of Things(IoT) security mainly focuses on attack and defense on a single protocol layer. Increasing and ubiquitous use of loT also makes it vulnerable to many attacks. An attacker try to performs the intelligent, brutal and stealthy attack that can reduce the risk of being detected. In these kinds of attacks, the attackers not only restrict themselves to a single layer of protocol stack but they also try to decrease the network performance and throughput by a simultaneous and coordinated attack on different layers. A new class of attacks, termed as cross-layer attack became prominent due to lack of interaction between MAC, routing and upper layers. These attacks achieve the better effect with reduced cost. Research has been done on cross-layer attacks in other domains like Cognitive Radio Network(CRN), Wireless Sensor Networks(WSN) and ad-hoc networks. However, our proposed scheme of cross-layer attack in IoT is the first paper to the best of our knowledge. In this paper, we have proposed Rank Manipulation and Drop Delay(RMDD) cross-layer attack in loT, we have investigated how small intensity attack on Routing protocol for low power lossy networks (RPL) degrades the overall application throughput. We have exploited the Rank system of the RPL protocol to implement the attacks. Rank is given to each node in the graph, and it shows its position in the network. If the rank could be manipulated in some manner, then the network topology can be modified. Simulation results demonstrate that the proposed attacks degrade network performance very much in terms of the throughput, latency, and connectivity.

Social robots may make use of social abilities such as persuasion, commanding obedience, and lying. Meanwhile, the field of computer security and privacy has shown that these interpersonal skills can be applied by humans to perform social engineering attacks. Social engineering attacks are the deliberate application of manipulative social skills by an individual in an attempt to achieve a goal by convincing others to do or say things that may or may not be in their best interests. In our work we argue that robot social engineering attacks are already possible and that defenses should be developed to protect against these attacks. We do this by defining what a robot social engineer is, outlining how previous research has demonstrated robot social engineering, and discussing the risks that can accompany robot social engineering attacks.

This Since the past century, the digital design industry has performed an outstanding role in the development of electronics. Hence, a great variety of designs are developed daily, these designs must be submitted to high standards of verification in order to ensure the 100% of reliability and the achievement of all design requirements. The Universal Verification Methodology (UVM) is the current standard at the industry for the verification process due to its reusability, scalability, time-efficiency and feasibility of handling high-level designs. This research proposes a functional verification framework using UVM for an AES encryption module based on a very detailed and robust verification plan. This document describes the complete verification process as done in the industry for a popular module used in information-security applications in the field of cryptography, defining the basis for future projects. The overall results show the achievement of the high verification standards required in industry applications and highlight the advantages of UVM against System Verilog-based functional verification and direct verification methodologies previously developed for the AES module.

Cloud-backed file systems provide on-demand, high-availability, scalable storage. Their security may be improved with techniques such as erasure codes and secret sharing to fragment files and encryption keys in several clouds. Attacking the server-side of such systems involves penetrating one or more clouds, which can be extremely difficult. Despite all these benefits, a weak side remains: the client-side. The client devices store user credentials that, if stolen or compromised, may lead to confidentiality, integrity, and availability violations. In this paper we propose RockFS, a cloud-backed file system framework that aims to make the client-side of such systems resilient to attacks. RockFS protects data in the client device and allows undoing unintended file modifications.

We present a method based on the Hamilton-Jacobi framework that is able to compute over- and under-approximations of reachable sets for autonomous dynamical systems beyond polynomial dynamics. The method does not resort to user-supplied candidate polynomials, but rather relies on an expansion of the evolution function whose convergence in compact state space is guaranteed. Over- and under-approximations of the reachable state space up to any designated precision can consequently be obtained based on truncations of that expansion. As the truncations used in computing over- and under-approximations as well as their associated error bounds agree, double-sided enclosures of the true reach-set can be computed in a single sweep. We demonstrate the precision of the enclosures thus obtained by comparison of benchmark results to related simulations.

The most promising way to improve the performance of dynamic information-flow tracking (DIFT) for machine code is to only track instructions when they process tainted data. Unfortunately, prior approaches to on-demand DIFT are a poor match for modern mobile platforms that rely heavily on parallelism to provide good interactivity in the face of computationally intensive tasks like image processing. The main shortcoming of these prior efforts is that they cannot support an arbitrary mix of parallel threads due to the limitations of page protections. In this paper, we identify parallel permissions as a key requirement for multithreaded, on-demand native DIFT, and we describe the design and implementation of a system called SandTrap that embodies this approach. Using our prototype implementation, we demonstrate that SandTrap's native DIFT overhead is proportional to the amount of tainted data that native code processes. For example, in the photo-sharing app Instagram, SandTrap's performance is close to baseline (1x) when the app does not access tainted data. When it does, SandTrap imposes a slowdown comparable to prior DIFT systems (\textasciitilde8x).

Although the Android system has been continuously hardened against side-channel attacks, there are still plenty of APIs available that can be exploited. However, most side-channel analyses in the literature consider specifically chosen APIs (or resources) in the Android framework, after a manual analysis of APIs for possible information leaks has been performed. Such a manual analysis is a tedious, time consuming, and error-prone task, meaning that information leaks tend to be overlooked. To overcome this tedious task, we introduce SCANDROID, a framework that automatically profiles the Java-based Android API for possible information leaks. Events of interest, such as website launches, Google Maps queries, or application starts, are triggered automatically, and while these events are being triggered, the Java-based Android API is analyzed for possible information leaks that allow inferring these events later on. To assess the Android API for information leaks, SCANDROID relies on dynamic time warping. By applying SCANDROID on Android 8 (Android Oreo), we identified several Android APIs that allow inferring website launches, Google Maps queries, and application starts. The triggered events are by no means exhaustive but have been chosen to demonstrate the broad applicability of SCANDROID. Among the automatically identified information leaks are, for example, the java.io.File API, the android.os.storage.StorageManager API, and several methods within the android.net. Traffics tats API. Thereby, we identify the first side-channel leaks in the Android API on Android 8 (Android Oreo).

Nowadays, the proliferation of smart, communication-enable devices is opening up many new opportunities of pervasive applications. A major requirement of pervasive applications is to be secured. The complexity to secure pervasive systems is to address a end-to-end security level: from the device to the services according to the entire life cycle of devices, applications and platform. In this article, we propose a solution combining both hardware and software elements to secure communications between devices and pervasive platform based on certificates issued from a Public Key Infrastructure. Our solution is implemented and validated with a real device extended by a secure element and our own Public Key Infrastructure.

Quick Response (QR) codes are rapidly becoming pervasive in our daily life because of its fast readability and the popularity of smartphones with a built-in camera. However, recent researches raise security concerns because QR codes can be easily sniffed and decoded which can lead to private information leakage or financial loss. To address the issue, we present mQRCode which exploit patterns with specific spatial frequency to camouflage QR codes. When the targeted receiver put a camera at the designated position (e.g., 30cm and 0° above the camouflaged QR code), the original QR code is revealed due to the Moiré phenomenon. Malicious adversaries will only see camouflaged QR code at any other position. Our experiments show that the decoding rate of mQR codes is 95% or above within 0.83 seconds. When the camera is 10cm or 15° away from the designated location, the decoding rate drops to 0 so it's secure from attackers.

This paper presents a contemporary review of communication architectures and topographies for MANET-connected Internet-of-Things (IoT) systems. Routing protocols for multi-hop MANETs are analyzed with a focus on the standardized Routing Protocol for Low-power and Lossy Networks. Various security threats and vulnerabilities in current MANET routing are described and security enhanced routing protocols and trust models presented as methodologies for supporting secure routing. Finally, the paper identifies some key research challenges in the emerging domain of MANET-IoT connectivity.

Implantable medical devices (IMDs) typically rely on proprietary protocols to wirelessly communicate with external device programmers. In this paper, we fully reverse engineer the proprietary protocol between a device programmer and a widely used commercial neurostimulator from one of the leading IMD manufacturers. For the reverse engineering, we follow a black-box approach and use inexpensive hardware equipment. We document the message format and the protocol state-machine, and show that the transmissions sent over the air are neither encrypted nor authenticated. Furthermore, we conduct several software radio-based attacks that could compromise the safety and privacy of patients, and investigate the feasibility of performing these attacks in real scenarios. Motivated by our findings, we propose a security architecture that allows for secure data exchange between the device programmer and the neurostimulator. It relies on using a patient»s physiological signal for generating a symmetric key in the neurostimulator, and transporting this key from the neurostimulator to the device programmer through a secret out-of-band (OOB) channel. Our solution allows the device programmer and the neurostimulator to agree on a symmetric session key without these devices needing to share any prior secrets; offers an effective and practical balance between security and permissive access in emergencies; requires only minor hardware changes in the devices; adds minimal computation and communication overhead; and provides forward and backward security. Finally, we implement a proof-of-concept of our solution.

In the context of edge computing, IoT-as-a-Service (IoTaaS) with IoT data hubs and execution services allow IoT tenant applications (apps) to be executed next to IoT devices, enabling edge analytics and controls. However, this brings up new security challenges on controlling tenant apps in IoTaaS, whilst the great potential of IoTaaS can only be realized by flexible security mechanisms to govern such applications. In this paper, we propose a Model-Driven Security policy enforcement framework, named MDSIoT, for IoT tenant apps deployed in edge servers. This framework allows execution policies specified at the model level and then transformed into the code that can be deployed for policy enforcement at runtime. Moreover, our approach supports for the interoperability of IoT tenant apps when deployed in the edge to access IoTaaS services. The interoperability is enabled by an intermediate proxy layer (gatekeeper) that abstracts underlying communication protocols to the different IoTaaS services from IoT tenant apps. Therefore, our approach supports different IoT tenant apps to be deployed and controlled automatically, independently from their technologies, e.g. programming languages. We have developed a proof-of-concept of the proposed gatekeepers based on ThingML, derived from execution policies. Thanks to the ThingML tool, we can generate platform-specific code of gatekeepers that can be deployed in the edge for controlling IoT tenant apps based on the execution policies.

The sensitivity of a function is the maximum change of its output for a unit change of its input. In this paper we present a method for determining the sensitivity of SQL queries, seen as functions from databases to datasets, where the change is measured in the number of rows that differ. Given a query, a database schema and a number, our method constructs a formula that is satisfiable only if the sensitivity of the query is bigger than this number. Our method is composable, and can also be applied to SQL workflows. Our results can be used to calibrate the amount of noise that has to be added to the output of the query to obtain a certain level of differential privacy.

Code reuse attacks have been a threat to software security since the introduction of non-executable memory protections. Despite significant advances in various types of additional defenses, such as control flow integrity (CFI) and leakage-resilient code randomization, recent code reuse attacks have demonstrated that these defenses are often not enough to prevent successful exploitation. Sophisticated exploits can reuse code comprising larger code fragments that conform to the enforced CFI policy and which are not affected by randomization. As a step towards improving our defenses against code reuse attacks, in this paper we present Shredder, a defense-in-depth exploit mitigation tool for the protection of closed-source applications. In a preprocessing phase, Shredder statically analyzes a given application to pinpoint the call sites of potentially useful (to attackers) system API functions, and uses backwards data flow analysis to derive their expected argument values and generate whitelisting policies in a best-effort way. At runtime, using library interposition, Shredder exposes to the protected application only specialized versions of these critical API functions, and blocks any invocation that violates the enforced policy. We have experimentally evaluated our prototype implementation for Windows programs using a large set of 251 shellcode and 30 code reuse samples, and show that it improves significantly upon code stripping, a state-of-the-art code surface reduction technique, by blocking a larger number of malicious payloads with negligible runtime overhead.

The security of current key exchange protocols such as Diffie-Hellman key exchange is based on the hardness of number theoretic problems. However, these key exchange protocols are threatened by weak random number generators, advances to CPU power, a new attack from the eavesdropper, and the emergence of a quantum computer. Quantum Key Distribution (QKD) addresses these challenges by using quantum properties to exchange a secret key without the risk of being intercepted. Recent developments on the QKD system resulted in a stable key generation with fewer errors so that the QKD system is rapidly becoming a solid commercial proposition. However, although the security of the QKD system is guaranteed by quantum physics, its careless implementation could make the system vulnerable. In this paper, we proposed the first side-channel attack on plug-and-play QKD system. Through a single electromagnetic trace obtained from the phase modulator on Alice's side, we were able to classify the electromagnetic trace into four classes, which corresponds to the number of bit and basis combination in the BB84 protocol. We concluded that the plug-and-play QKD system is vulnerable to side-channel attack so that the countermeasure must be considered.

Recently, IoT, 5G mobile, big data, and artificial intelligence are increasingly used in the real world. These technologies are based on convergenced in Cyber Physical System(Cps). Cps technology requires core technologies to ensure reliability, real-time, safety, autonomy, and security. CPS is the system that can connect between cyberspace and physical space. Cyberspace attacks are confused in the real world and have a lot of damage. The personal information that dealing in CPS has high confidentiality, so the policies and technique will needed to protect the attack in advance. If there is an attack on the CPS, not only personal information but also national confidential data can be leaked. In order to prevent this, the risk is measured using the Factor Analysis of Information Risk (FAIR) Model, which can measure risk by element for situational awareness in CPS environment. To reduce risk by preventing attacks in CPS, this paper measures risk after using the concept of Crime Prevention Through Environmental Design(CPTED).

Our prototype app, Pocket Penjing, built using Unity3D, takes its name from the Chinese "Penjing." These tray plantings of miniature trees pre-date bonsai, often including miniature benches or figures to allude to people's relationship to the tree. App users choose a species, then create and name their tree. Swiping rotates a 3D globe showing flagged locations. Each flag represents a live online air quality monitoring station data stream that the app can scrape. Data is pulled in from the selected station and the AR window loads. The AR tree grows in real-time 3D. Its L-Systems form is determined by the selected live air quality data. We used this prototype as the basis of a two-part formative participatory design workshop with 63 participants.

Evaluating new technological developments for energy systems is becoming more and more complex. The overall application environment is a continuously growing and interconnected cyber-physical system so that analytical assessment is practically impossible to realize. Consequently, new solutions must be evaluated in simulation studies. Due to the interdisciplinarity of the simulation scenarios, various heterogeneous tools must be connected. This approach is known as co-simulation. During the last years, different approaches have been developed or adapted for applications in energy systems. In this paper, two co-simulation approaches are compared that follow generic, versatile concepts. The tool MOSAIK, which has been explicitly developed for the purpose of co-simulation in complex energy systems, is compared to the High Level Architecture (HLA), which possesses a domain-independent scope but is often employed in the energy domain. The comparison is twofold, considering the tools’ conceptual architectures as well as results from the simulation of representative test cases. It suggests that MOSAIK may be the better choice for entry-level, prototypical co-simulation while HLA is more suited for complex and extensive studies.

Security is a key concern in Internet of Things (IoT) designs. In a heterogeneous and complex environment, service providers and service requesters must trust each other. On-off attack is a sophisticated trust threat in which a malicious device can perform good and bad services randomly to avoid being rated as a low trust node. Some countermeasures demands prior level of trust knowing and time to classify a node behavior. In this paper, we introduce a Smart Middleware that automatically assesses the IoT resources trust, evaluating service providers attributes to protect against On-off attacks.

In this paper, we aim at the automated unit coverage-based testing for embedded software. To achieve the goal, by analyzing the industrial requirements and our previous work on automated unit testing tool CAUT, we rebuild a new tool, SmartUnit, to solve the engineering requirements that take place in our partner companies. SmartUnit is a dynamic symbolic execution implementation, which supports statement, branch, boundary value and MC/DC coverage. SmartUnit has been used to test more than one million lines of code in real projects. For confidentiality motives, we select three in-house real projects for the empirical evaluations. We also carry out our evaluations on two open source database projects, SQLite and PostgreSQL, to test the scalability of our tool since the scale of the embedded software project is mostly not large, 5K-50K lines of code on average. From our experimental results, in general, more than 90% of functions in commercial embedded software achieve 100% statement, branch, MC/DC coverage, more than 80% of functions in SQLite achieve 100% MC/DC coverage, and more than 60% of functions in PostgreSQL achieve 100% MC/DC coverage. Moreover, SmartUnit is able to find the runtime exceptions at the unit testing level. We also have reported exceptions like array index out of bounds and divided-by-zero in SQLite. Furthermore, we analyze the reasons of low coverage in automated unit testing in our setting and give a survey on the situation of manual unit testing with respect to automated unit testing in industry.

Smart grids require communication networks for supervision functions and control operations. With this they become attractive targets for attackers. In newer power grids, State Estimation (SE) is often performed based on Kalman Filters (KFs) to deal with noisy measurement data and detect Bad Data (BD) due to failures in the measurement system. Nevertheless, in a setting where attackers can gain access to modify sensor data, they can exploit the fact that SE is used to process the data. In this paper, we show how an attacker can modify Phasor Measurement Unit (PMU) sensor data in a way that it remains undetected in the state estimation process. We show how anomaly detection methods based on innovation gain fail if an attacker is aware of the state estimation and uses the right strategy to circumvent detection.

In last decades, the web and online services have revolutionized the modern world. However, by increasing our dependence on online services, as a result, online security threats are also increasing rapidly. One of the most common online security threats is a so-called Phishing attack, the purpose of which is to mimic a legitimate website such as online banking, e-commerce or social networking website in order to obtain sensitive data such as user-names, passwords, financial and health-related information from potential victims. The problem of detecting phishing websites has been addressed many times using various methodologies from conventional classifiers to more complex hybrid methods. Recent advancements in deep learning approaches suggested that the classification of phishing websites using deep learning neural networks should outperform the traditional machine learning algorithms. However, the results of utilizing deep neural networks heavily depend on the setting of different learning parameters. In this paper, we propose a swarm intelligence based approach to parameter setting of deep learning neural network. By applying the proposed approach to the classification of phishing websites, we were able to improve their detection when compared to existing algorithms.

The ever-increasing number of malware samples demands for automated tools that aid the analysts in the reverse engineering of complex malicious binaries. Frequently, malware communicates over an encrypted channel with external network resources under the control of malicious actors, such as Command and Control servers that control the botnet of infected machines. Hence, a key aspect in malware analysis is uncovering and understanding the semantics of network communications. In this paper we present SysTaint, a semi-automated tool that runs malware samples in a controlled environment and analyzes their execution to support the analyst in identifying the functions involved in the communication and the exchanged data. Our evaluation on four banking Trojan samples from different families shows that SysTaint is able to handle and inspect encrypted network communications, obtaining useful information on the data being sent and received, on how each sample processes this data, and on the inner portions of code that deal with the data processing.