Biblio

Memory-based vulnerabilities are becoming more and more common in low-power and low-cost devices in IOT. We study several low-level vulnerabilities that lead to memory corruption in C and C++ programs, and how to use stack corruption and format string attack to exploit these vulnerabilities. Automatic methods for resisting memory attacks, such as stack canary and address space layout randomization ASLR, are studied. These methods do not need to change the source program. However, a return-oriented programming (ROP) technology can bypass them. Control flow integrity (CFI) can resist the destruction of ROP technology. In fact, the security design is holistic. Finally, we summarize the rules of security coding in embedded devices, and propose two novel methods of software anomaly detection process for IOT devices in the future.

With the development of wireless sensor networks (WSNs), WSNs have been widely used in various fields such as animal habitat detection, military surveillance, etc. This paper focuses on protecting the source location privacy (SLP) in WSNs. Existing algorithms perform poorly in non-uniform networks which are common in reality. In order to address the performance degradation problem of existing algorithms in non-uniform networks, this paper proposes a robust fixed path-based random routing scheme (RFRR), which guarantees the path diversity with certainty in non-uniform networks. In RFRR, the data packets are sent by selecting a routing path that is highly differentiated from each other, which effectively protects SLP and resists the backtracking attack. The experimental results show that RFRR increases the difficulty of the backtracking attack while safekeeping the balance between security and energy consumption.

The security of wireless network devices has received widespread attention, but most existing schemes cannot achieve fine-grained device identification. In practice, the security vulnerabilities of a device are heavily depending on its model and firmware version. Motivated by this issue, we propose a universal, extensible and device-independent framework called SCAFFISD, which can provide fine-grained identification of wireless routers. It can generate access rules to extract effective information from the router admin page automatically and perform quick scans for known device vulnerabilities. Meanwhile, SCAFFISD can identify rogue access points (APs) in combination with existing detection methods, with the purpose of performing a comprehensive security assessment of wireless networks. We implement the prototype of SCAFFISD and verify its effectiveness through security scans of actual products.

For future Internet, information-centric networking (ICN) is considered a potential solution to many of its current problems, such as content distribution, mobility, and security. Named Data Networking (NDN) is a more popular ICN project. However, concern regarding the protection of user data persists. Information caching in NDN decouples content and content publishers, which leads to content security threats due to lack of secure controls. Therefore, this paper presents a CP-ABE (ciphertext policy attribute based encryption) access control scheme based on hash table and data segmentation (CHTDS). Based on data segmentation, CHTDS uses a method of linearly splitting fixed data blocks, which effectively improves data management. CHTDS also introduces CP-ABE mechanism and hash table data structure to ensure secure access control and privilege revocation does not need to re-encrypt the published content. The analysis results show that CHTDS can effectively realize the security and fine-grained access control in the NDN environment, and reduce communication overhead for content access.

The Structured Query Language Injection Attack (SQLIA) is one of the most serious and popular threats of web applications. The results of SQLIA include the data loss or complete host takeover. Detection of SQLIA is always an intractable challenge because of the heterogeneity of the attack payloads. In this paper, a novel method to detect SQLIA based on word vector of SQL tokens and LSTM neural networks is described. In the proposed method, SQL query strings were firstly syntactically analyzed into tokens, and then likelihood ratio test is used to build the word vector of SQL tokens, ultimately, an LSTM model is trained with sequences of token word vectors. We developed a tool named WOVSQLI, which implements the proposed technique, and it was evaluated with a dataset from several sources. The results of experiments demonstrate that WOVSQLI can effectively identify SQLIA.

Nowadays, Cross Site Scripting (XSS) is one of the major threats to Web applications. Since it's known to the public, XSS vulnerability has been in the TOP 10 Web application vulnerabilities based on surveys published by the Open Web Applications Security Project (OWASP). How to effectively detect and defend XSS attacks are still one of the most important security issues. In this paper, we present a novel approach to detect XSS attacks based on deep learning (called DeepXSS). First of all, we used word2vec to extract the feature of XSS payloads which captures word order information and map each payload to a feature vector. And then, we trained and tested the detection model using Long Short Term Memory (LSTM) recurrent neural networks. Experimental results show that the proposed XSS detection model based on deep learning achieves a precision rate of 99.5% and a recall rate of 97.9% in real dataset, which means that the novel approach can effectively identify XSS attacks.