Biblio
With the rapid development of information technology, software systems' scales and complexity are showing a trend of expansion. The users' needs for the software security, software security reliability and software stability are growing increasingly. At present, the industry has applied machine learning methods to the fields of defect detection to repair and improve software defects through the massive data intelligent semantic analysis or code scanning. The model in machine learning is faced with big difficulty of model building, understanding, and the poor visualization in the field of traditional software defect detection. In view of the above problems, we present a point of view that intelligent semantic analysis technology based on massive data, and using the trusted behavior decision tree model to analyze the soft behavior by layered detection technology. At the same time, it is equipped related test environment to compare the tested software. The result shows that the defect detection technology based on intelligent semantic analysis of massive data is superior to other techniques at the cost of building time and error reported ratio.
The difference of sensor devices and the camera position offset will lead the geometric differences of the matching images. The traditional SIFT image matching algorithm has a large number of incorrect matching point pairs and the matching accuracy is low during the process of image matching. In order to solve this problem, a SIFT image matching based on Maximum Likelihood Estimation Sample Consensus (MLESAC) algorithm is proposed. Compared with the traditional SIFT feature matching algorithm, SURF feature matching algorithm and RANSAC feature matching algorithm, the proposed algorithm can effectively remove the false matching feature point pairs during the image matching process. Experimental results show that the proposed algorithm has higher matching accuracy and faster matching efficiency.
Security model is an important subject in the field of low energy independence complexity theory. It takes security strategy as the core, changes the system from static protection to dynamic protection, and provides the basis for the rapid response of the system. A large number of empirical studies have been conducted to verify the cache consistency. The development of object oriented language is pure object oriented language, and the other is mixed object oriented language, that is, adding class, inheritance and other elements in process language and other languages. This paper studies a new object-oriented language application, namely GUT for a write-back cache, which is based on the study of simulation algorithm to solve all these challenges in the field of low energy independence complexity theory.
Internet-of-Things (IoT) is a resource-constrained network with machines low on power, processing and memory capabilities. Resource constraints in IoT impact the adoption of protocols for design and validation of unique identity (ID) for every machine. Malicious machines spoof ID to pose as administrative machines and program their neighbour systems in the network with malware. The cycle of ID spoofing and infecting the IP-enabled devices with malware creates an entire network popularly termed as the Botnet. In this paper, we study 6LoWPAN and ZigBee for DDoS and ID spoofing vulnerabilities. We propose a design for generation and validation of ID on such systems called Pseudo Random Identity Generator (PRIG). We compare the performance of PRIG-adapted 6LoWPAN with 6LoWPAN in a simulated personal area network (PAN) model under DDoS stress and demonstrate a 93% reduction in ID validation time as well as an improvement of 67% in overall throughput.
Mobile Ad-Hoc Networks (MANETs) are prone to many security attacks. One such attack is the blackhole attack. This work proposes a simple and effective application layer based intrusion detection scheme in a MANET to detect blackholes. The proposed algorithm utilizes mobile agents (MA) and wtracert (modified version of Traceroute for MANET) to detect multiple black holes in a DSR protocol based MANET. Use of MAs ensure that no modifications need to be carried out in the underlying routing algorithms or other lower layers. Simulation results show successful detection of single and multiple blackhole nodes, using the proposed detection mechanism, across varying mobility speeds of the nodes.
Automatic exploit generation is an open challenge. Existing solutions usually explore in depth the crashing paths, i.e., paths taken by proof-of-concept (POC) inputs triggering vulnerabilities, and generate exploits when exploitable states are found along the paths. However, exploitable states do not always exist in crashing paths. Moreover, existing solutions heavily rely on symbolic execution and are not scalable in path exploration and exploit generation. In addition, few solutions could exploit heap-based vulnerabilities. In this paper, we propose a new solution revery to search for exploitable states in paths diverging from crashing paths, and generate control-flow hijacking exploits for heap-based vulnerabilities. It adopts three novel techniques:(1) a digraph to characterize a vulnerability's memory layout and its contributor instructions;(2) a fuzz solution to explore diverging paths, which have similar memory layouts as the crashing paths, in order to search more exploitable states and generate corresponding diverging inputs;(3) a stitch solution to stitch crashing paths and diverging paths together, and synthesize EXP inputs able to trigger both vulnerabilities and exploitable states. We have developed a prototype of revery based on the binary analysis engine angr, and evaluated it on a set of 19 real world CTF (capture the flag) challenges. Experiment results showed that it could generate exploits for 9 (47%) of them, and generate EXP inputs able to trigger exploitable states for another 5 (26%) of them.
Recently, attribute-based access control (ABAC) has emerged as a convenient paradigm for specifying, enforcing and maintaining rich and flexible authorization policies, leveraging attributes originated from multiple sources, e.g., operative systems, software modules, remote services, etc. However, attackers may try to bypass ABAC policies by compromising such sources to forge the attributes they provide, e.g., by deliberately manipulating the data contained within those attributes at will, in an effort to gain unintended access to sensitive resources as a result. In such a context, performing a proper risk assessment of ABAC policies, taking into account their enlisted attributes as well as their corresponding sources, becomes highly convenient to overcome zero-day security incidents or vulnerabilities, before they can be later exploited by attackers. With this in mind, we introduce RiskPol, an automated risk assessment framework for ABAC policies based on dynamically combining previously-assigned trust scores for each attribute source, such that overall scores at the policy level can be later obtained and used as a reference for performing a risk assessment on each policy. In this paper, we detail the general intuition behind our approach, its current status, as well as our plans for future work.
The existing research on the Internet of Things(IoT) security mainly focuses on attack and defense on a single protocol layer. Increasing and ubiquitous use of loT also makes it vulnerable to many attacks. An attacker try to performs the intelligent, brutal and stealthy attack that can reduce the risk of being detected. In these kinds of attacks, the attackers not only restrict themselves to a single layer of protocol stack but they also try to decrease the network performance and throughput by a simultaneous and coordinated attack on different layers. A new class of attacks, termed as cross-layer attack became prominent due to lack of interaction between MAC, routing and upper layers. These attacks achieve the better effect with reduced cost. Research has been done on cross-layer attacks in other domains like Cognitive Radio Network(CRN), Wireless Sensor Networks(WSN) and ad-hoc networks. However, our proposed scheme of cross-layer attack in IoT is the first paper to the best of our knowledge. In this paper, we have proposed Rank Manipulation and Drop Delay(RMDD) cross-layer attack in loT, we have investigated how small intensity attack on Routing protocol for low power lossy networks (RPL) degrades the overall application throughput. We have exploited the Rank system of the RPL protocol to implement the attacks. Rank is given to each node in the graph, and it shows its position in the network. If the rank could be manipulated in some manner, then the network topology can be modified. Simulation results demonstrate that the proposed attacks degrade network performance very much in terms of the throughput, latency, and connectivity.
In spite of being a promising technology which will make our lives a lot easier we cannot be oblivious to the fact IoT is not safe from online threat and attacks. Thus, along with the growth of IoT we also need to work on its aspects. Taking into account the limited resources that these devices have it is important that the security mechanisms should also be less complex and do not hinder the actual functionality of the device. In this paper, we propose an ECC based lightweight authentication for IoT devices which deploy RFID tags at the physical layer. ECC is a very efficient public key cryptography mechanism as it provides privacy and security with lesser computation overhead. We also present a security and performance analysis to verify the strength of our proposed approach.
When vertically aligned carbon nanotube arrays (CNT forests) are heated by optical, electrical, or any other means, heat confinement in the lateral directions (i.e. perpendicular to the CNTs' axes), which stems from the anisotropic structure of the forest, is expected to play an important role. It has been found that, in spite of being primarily conductive along the CNTs' axes, focusing a laser beam on the sidewall of a CNT forest can lead to a highly localized hot region-an effect known as ``Heat Trap''-and efficient thermionic emission. This unusual heat confinement phenomenon has applications where the spread of heat has to be minimized, but electrical conduction is required, notably in energy conversion (e.g. vacuum thermionics and thermoelectrics). However, despite its strong scientific and practical importance, the existence and role of the lateral heat confinement in the Heat Trap effect have so far been elusive. In this work, for the first time, by using a rotating elliptical laser beam, we directly observe the existence of this lateral heat confinement and its corresponding effects on the unusual temperature rise during the Heat Trap effect.
Exploits based on ROP (Return-Oriented Programming) are increasingly present in advanced attack scenarios. Testing systems for ROP-based attacks can be valuable for improving the security and reliability of software. In this paper, we propose ROPMATE, the first Visual Analytics system specifically designed to assist human red team ROP exploit builders. In contrast, previous ROP tools typically require users to inspect a puzzle of hundreds or thousands of lines of textual information, making it a daunting task. ROPMATE presents builders with a clear interface of well-defined and semantically meaningful gadgets, i.e., fragments of code already present in the binary application that can be chained to form fully-functional exploits. The system supports incrementally building exploits by suggesting gadget candidates filtered according to constraints on preserved registers and accessed memory. Several visual aids are offered to identify suitable gadgets and assemble them into semantically correct chains. We report on a preliminary user study that shows how ROPMATE can assist users in building ROP chains.
Connected and automated vehicles aim to improve the comfort and the safety of the driver and passengers. To this end, car manufacturers continually improve actual standardized methods to ensure their customers safety, privacy, and vehicles security. However, these methods do not support fully autonomous vehicles, linkability and confusion threats. To address such gaps, we propose a systematic threat analysis and risk assessment framework, SARA, which comprises an improved threat model, a new attack method/asset map, the involvement of the attacker in the attack tree, and a new driving system observation metric. Finally, we demonstrate its feasibility in assessing risk with two use cases: Vehicle Tracking and Comfortable Emergency Brake Failure.
In this letter, we proposed a novel scheme for the realization of scalable and flexible semi-quantum secret sharing between a boss and multiple dynamic agent groups. In our scheme, the boss Alice can not only distribute her secret messages to multiple users, but also can dynamically adjust the number of users and user groups based on the actual situation. Furthermore, security analysis demonstrates that our protocol is secure against both external attack and participant attack. Compared with previous schemes, our protocol is more flexible and practical. In addition, since our protocol involving only single qubit measurement that greatly weakens the hardware requirements of each user.
Public cloud data storage services were considered as a potential alternative to store low-cost digital data in the short term. They are offered by different providers on the Internet. Some providers offer limited free plans for the users who are starting the service. However, data security concern arises when data stored are considered as a valuable asset. This study explores the usage of secret sharing scheme: Rabin's IDA and Shamir's SSA to implement a tool called dCloud for file protection stored in public cloud storage in a seamless way. It addresses data security by hiding its complexities when targeting ordinary non-technical users. The secret key is automatically generated by dCloud in a secure random way on Rabin's IDA. Shamir's SSA completes the process through dispersing the key into each of Rabin's IDA output files. Moreover, the Hash value of the original file is added to each of those output files to confirm the integrity of the file during reconstruction. Besides, the authentication key is used to communicate with all of the defined service providers during storage and reconstruction as well. It is stored into local secure key-store. By having a key to access the key-store, an ordinary non-technical user will be able to use dCloud to store and retrieve targeted file within defined public cloud storage services securely.
We introduce the fraud de-anonymization problem, that goes beyond fraud detection, to unmask the human masterminds responsible for posting search rank fraud in online systems. We collect and study search rank fraud data from Upwork, and survey the capabilities and behaviors of 58 search rank fraudsters recruited from 6 crowdsourcing sites. We propose Dolos, a fraud de-anonymization system that leverages traits and behaviors extracted from these studies, to attribute detected fraud to crowdsourcing site fraudsters, thus to real identities and bank accounts. We introduce MCDense, a min-cut dense component detection algorithm to uncover groups of user accounts controlled by different fraudsters, and leverage stylometry and deep learning to attribute them to crowdsourcing site profiles. Dolos correctly identified the owners of 95% of fraudster-controlled communities, and uncovered fraudsters who promoted as many as 97.5% of fraud apps we collected from Google Play. When evaluated on 13,087 apps (820,760 reviews), which we monitored over more than 6 months, Dolos identified 1,056 apps with suspicious reviewer groups. We report orthogonal evidence of their fraud, including fraud duplicates and fraud re-posts.
In this paper, the security performance of a dual-hop underlay cognitive radio (CR) system is investigated. In this system, we consider that the transmitted information by a source node S is forwarded by a multi-antenna relay R to its intended destination D. The relay performs the maximal-ratio combining (MRC) technique to process the multiple copies of the received signal. We also consider the presence of an eavesdropper who is attempting to intercept the transmitted information at both communication links, (i.e, S-R and R-D). In underlay cognitive radio networks (CRN), the source and the relay are required to adjust their transmission power to avoid causing interference to the primary user. Under this constraint, a closed-form expression of the secrecy outage probability is derived subject to Nakagami-m fading model. The derived expression is validated using Monte-Carlo simulation for various values of fading severity parameters as well as the number of MRC branches.
Modern cyber-physical systems are complex networked computing systems that electronically control physical systems. Autonomous road vehicles are an important and increasingly ubiquitous instance. Unfortunately, their increasing complexity often leads to security vulnerabilities. Network connectivity exposes these vulnerable systems to remote software attacks that can result in real-world physical damage, including vehicle crashes and loss of control authority. We introduce an integrated architecture to provide provable security and safety assurance for cyber-physical systems by ensuring that safety-critical operations and control cannot be unintentionally affected by potentially malicious parts of the system. Fine-grained information flow control is used to design both hardware and software, determining how low-integrity information can affect high-integrity control decisions. This security assurance is used to improve end-to-end security across the entire cyber-physical system. We demonstrate this integrated approach by developing a mobile robotic testbed modeling a self-driving system and testing it with a malicious attack.
Protocols for securely testing the equality of two encrypted integers are common building blocks for a number of proposals in the literature that aim for privacy preservation. Being used repeatedly in many cryptographic protocols, designing efficient equality testing protocols is important in terms of computation and communication overhead. In this work, we consider a scenario with two parties where party A has two integers encrypted using an additively homomorphic scheme and party B has the decryption key. Party A would like to obtain an encrypted bit that shows whether the integers are equal or not but nothing more. We propose three secure equality testing protocols, which are more efficient in terms of communication, computation or both compared to the existing work. To support our claims, we present experimental results, which show that our protocols achieve up to 99% computation-wise improvement compared to the state-of-the-art protocols in a fair experimental set-up.
Due to privacy threats associated with computation of outsourced data, processing data on the encrypted domain has become a viable alternative. Secure computation of encrypted data is relevant for analysing datasets in areas (such as genome processing, private data aggregation, cloud computations) that require basic arithmetic operations. Performing division operation over-all encrypted inputs has not been achieved using homomorphic schemes in non-interactive modes. In interactive protocols, the cost of obtaining an encrypted quotient (from encrypted values) is computationally expensive. To the best of our knowledge, existing homomorphic solutions on encrypted division are often relaxed to consider public or private divisor. We acknowledge that there are other techniques such as secret sharing and garbled circuits adopted to compute secure division, but we are interested in homomorphic solutions. We propose an efficient and interactive two-party protocol that computes the fixed-point quotient of two encrypted inputs, using an efficient and secure comparison protocol as a sub-protocol. Our proposal provides a computational advantage, with a linear complexity in the digit precision of the quotient. We provide proof of security in the universally composable framework and complexity analyses. We present experimental results for two cryptosystem implementations in order to compare performance. An efficient prototype of our protocol is implemented using additive homomorphic scheme (Paillier), whereas a non-efficient fully-homomorphic scheme (BGV) version is equally presented as a proof of concept and analyses of our proposal.
Infrastructure-as-a-Service clouds provide out-of-band remote management for users to access their virtual machines (VMs). Out-of-band remote management is a method for indirectly accessing VMs via their virtual devices. While virtual devices running in the virtualized system are managed by cloud operators, not all cloud operators are always trusted in clouds. To prevent information leakage from virtual devices and tampering with their I/O data, several systems have been proposed by trusting the hypervisor in the virtualized system. However, they have various issues on security and management. This paper proposes VSBypass, which enables secure out-of-band remote management outside the virtualized system using a technique called transparent passthrough. VSBypass runs the entire virtualized system in an outer VM using nested virtualization. Then it intercepts I/O requests of out-of-band remote management and processes those requests in shadow devices, which run outside the virtualized system. We have implemented VSBypass in Xen for the virtual serial console and GUI remote access. We confirmed that information leakage was prevented and that the performance was comparable to that in traditional out-of-band remote management.
Secure network coding realizes the secrecy of the message when the message is transmitted via noiseless network and a part of edges or a part of intermediate nodes are eavesdropped. In this framework, if the channels of the network has noise, we apply the error correction to noisy channel before applying the secure network coding. In contrast, secure physical layer network coding is a method to securely transmit a message by a combination of coding operation on nodes when the network is given as a set of noisy channels. In this paper, we give several examples of network, in which, secure physical layer network coding realizes a performance that cannot be realized by secure network coding.
This study examines the secure transition for robotic surgery session. Surgeon sends set of instructions as data. The data is encapsulated with surgeon secure signature to conform surgeon identity. At the same time, patient information sends to the surgeon as a secure row of frames to estimate patient situation dependent on the real medical reports. Elliptic Curve Diffie-Hellman is use as an asymmetric encryption method. Here the session between surgeon console and interactive robot arm was achieved and supported with four secret keys. Two private keys are chosen on each side and two public keys are calculated from these private keys. These results indicate that the level of the security was improved by use asymmetric encryption rather than symmetric encryption. And by contributed four secret keys the patient information must be safer.
Data security in smart metering applications is important not only to secure the customer privacy but also to protect the power utility against fraud attempts. Usual deployment of metering applications rely on the power utility infrastructure, assuming its Advanced Metering Infrastructure (AMI) as trustworthy. This paper describes the design and deployment of a smart metering system focusing on the security of the AMI (smart meters, data aggregator on the field, Metering Data Collection system and metering database) considering the data processing on untrusted clouds. We discuss one use case of the SecureCloud project, an ongoing project that investigates how security and privacy requirements of smart grid applications can be met with a secure cloud platform based on Intel SGX enclaves. The paper describes the components of the advanced metering system as well as the security approach adopted to meet its requirements. A smart metering application has been prototyped in the SecureCloud platform and the integration challenges are discussed from the perspectives of security, privacy and scalability.
Implantable medical devices (IMDs) typically rely on proprietary protocols to wirelessly communicate with external device programmers. In this paper, we fully reverse engineer the proprietary protocol between a device programmer and a widely used commercial neurostimulator from one of the leading IMD manufacturers. For the reverse engineering, we follow a black-box approach and use inexpensive hardware equipment. We document the message format and the protocol state-machine, and show that the transmissions sent over the air are neither encrypted nor authenticated. Furthermore, we conduct several software radio-based attacks that could compromise the safety and privacy of patients, and investigate the feasibility of performing these attacks in real scenarios. Motivated by our findings, we propose a security architecture that allows for secure data exchange between the device programmer and the neurostimulator. It relies on using a patient»s physiological signal for generating a symmetric key in the neurostimulator, and transporting this key from the neurostimulator to the device programmer through a secret out-of-band (OOB) channel. Our solution allows the device programmer and the neurostimulator to agree on a symmetric session key without these devices needing to share any prior secrets; offers an effective and practical balance between security and permissive access in emergencies; requires only minor hardware changes in the devices; adds minimal computation and communication overhead; and provides forward and backward security. Finally, we implement a proof-of-concept of our solution.
Modern vehicles in Intelligent Transportation Systems (ITS) can communicate with each other as well as roadside infrastructure units (RSUs) in order to increase transportation efficiency and road safety. For example, there are techniques to alert drivers in advance about traffic incidents and to help them avoid congestion. Threats to these systems, on the other hand, can limit the benefits of these technologies. Securing ITS itself is an important concern in ITS design and implementation. In this paper, we provide a security model of ITS which extends the classic layered network security model with transportation security and information security, and gives a reference for designing ITS architectures. Based on this security model, we also present a classification of ITS threats for defense. Finally a proof-of-concept example with malicious nodes in an ITS system is also given to demonstrate the impact of attacks. We analyzed the threat of malicious nodes and their effects to commuters, like increasing toll fees, travel distances, and travel times etc. Experimental results from simulations based on Veins shows the threats will bring about 43.40% more total toll fees, 39.45% longer travel distances, and 63.10% more travel times.