Biblio
The most visible use of computers and software is processing information for human consumption. The vast majority of computers in use, however, are much less visible. They run the engine, brakes, seatbelts, airbag, and audio system in your car. They digitally encode your voice and construct a radio signal to send it from your cell phone to a base station. They command robots on a factory floor, power generation in a power plant, processes in a chemical plant, and traffic lights in a city. These less visible computers are called embedded systems, and the software they run is called embedded software. The principal challenges in designing and analyzing embedded systems stem from their interaction with physical processes. This book takes a cyber-physical approach to embedded systems, introducing the engineering concepts underlying embedded systems as a technology and as a subject of study. The focus is on modeling, design, and analysis of cyber-physical systems, which integrate computation, networking, and physical processes.
The second edition offers two new chapters, several new exercises, and other improvements. The book can be used as a textbook at the advanced undergraduate or introductory graduate level and as a professional reference for practicing engineers and computer scientists. Readers should have some familiarity with machine structures, computer programming, basic discrete mathematics and algorithms, and signals and systems.
Intrusion detection using multiple security devices has received much attention recently. The large volume of information generated by these tools, however, increases the burden on both computing resources and security administrators. Moreover, attack detection does not improve as expected if these tools work without any coordination. In this work, we propose a simple method to join information generated by security monitors with diverse data formats. We present a novel intrusion detection technique that uses unsupervised clustering algorithms to identify malicious behavior within large volumes of diverse security monitor data. First, we extract a set of features from network-level and host-level security logs that aid in detecting malicious host behavior and flooding-based network attacks in an enterprise network system. We then apply clustering algorithms to the separate and joined logs and use statistical tools to identify anomalous usage behaviors captured by the logs. We evaluate our approach on an enterprise network data set, which contains network and host activity logs. Our approach correctly identifies and prioritizes anomalous behaviors in the logs by their likelihood of maliciousness. By combining network and host logs, we are able to detect malicious behavior that cannot be detected by either log alone.
Radio Frequency Identification (RFID) technology has been applied in many fields, such as tracking product through the supply chains, electronic passport (ePassport), proximity card, etc. Most companies will choose low-cost RFID tags. However, these RFID tags are almost no security mechanism so that criminals can easily clone these tags and get the user permissions. In this paper, we aim at more efficient detection proximity card be cloned and design a real-time intrusion detection system based on one tool of Complex Event Processing (Esper) in the RFID middleware. We will detect the cloned tags through training our system with the user's habits. When detected anomalous behavior which may clone tags have occurred, and then send the notification to user. We discuss the reliability of this intrusion detection system and describes in detail how to work.
Cloud and its transactions have emerged as a major challenge. This paper aims to come up with an efficient and best possible way to transfer data in cloud computing environment. This goal is achieved with the help of Soft Computing Techniques. Of the various techniques such as fuzzy logic, genetic algorithm or neural network, the paper proposes an effective method of intrusion detection using genetic algorithm. The selection of the optimized path for the data transmission proved to be effective method in cloud computing environment. Network path optimization increases data transmission speed making intrusion in network nearly impossible. Intruders are forced to act quickly for intruding the network which is quite a tough task for them in such high speed data transmission network.
Data generation and its utilization in important decision applications has been growing an extremely fast pace, which has made data a valuable resource that needs to be rigorously protected from attackers. Cloud storage systems claim to offer the promise of secure and elastic data storage services that can adapt to changing storage requirements. Despite diligent efforts being made to protect data, recent successful attacks highlight the need for going beyond the existing approaches centered on intrusion prevention, detection and recovery mechanisms. However, most security mechanisms have finite rate of failure, and with intrusion becoming more sophisticated and stealthy, the failure rate appears to be rising. In this paper we propose the use data fragmentation, followed by coding that introduces redundant fragments and dispersing fragments to multiple and independent cloud storage systems with each cloud handling only a single fragments. The paper proposes a multi-cloud fragmented cloud storage system architecture and design of the related software code. Probabilistic analysis is carried to quantify its intrusion tolerance abilities.
With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.
While power grid systems benefit from utilizing communication network through networked control and protection, the addition of communication exposes the power system to new security vulnerabilities and potential attacks. To mitigate these attacks, such as denial of service, intrusion detection systems (IDS) are often employed. In this paper we investigate the relationship of IDS accuracy performance to the stability of power systems via its impact on communication latency. Several IDS machine learning algorithms are implemented on the NSL-KDD dataset to obtain accuracy performance, and a mathematical model for computing the latency when incorporating IDS detection information during network routing is introduced. Simulation results on the New England 39-bus power system suggest that during a cyber-physical attack, a practical IDS can achieve similar stability as an ideal IDS with perfect detection. In addition, false positive rate has been found to have a larger impact than false negative rate under the simulation conditions studied. These observations can contribute to the design requirements of future embedded IDS solutions for power systems.
User engagement is recognized as an important component of the user experience, but relatively little is known about the effect of engagement on the learning outcomes of such interactions. This experimental user study examines the relationship between user engagement (UE) and comprehension in varied academic reading environments. Forty-one university students interacted with one of two sets of texts presented in 4 conditions in the context of preparing for a class assignment. Employing the User Engagement Scale (UES), we found evidence of a relationship between students' comprehension of the texts and their degree of engagement with them. However, this association was confined to one of the UES subscales and was not consistent across levels of engagement. An examination of additional variables found little evidence that system and content characteristics influenced engagement; however, we noted that all students' reported increased knowledge, but topical interest for non-engaged students declined. Results contribute to existing literature by adding further evidence that the relationship between engagement and comprehension is complex and mediated.
Multilateration techniques have been proposed to verify the integrity of unprotected location claims in wireless localization systems. A common assumption is that the adversary is equipped with only a single device from which it transmits location spoofing signals. In this paper, we consider a more advanced model where the attacker is equipped with multiple devices and performs a geographically distributed coordinated attack on the multilateration system. The feasibility of a distributed multi-device attack is demonstrated experimentally with a self-developed attack implementation based on multiple COTS software-defined radio (SDR) devices. We launch an attack against the OpenSky Network, an air traffic surveillance system that implements a time-difference-of-arrival (TDoA) multi-lateration method for aircraft localization based on ADS-B signals. Our experiments show that the timing errors for distributed spoofed signals are indistinguishable from the multilateration errors of legitimate aircraft signals, indicating that the threat of multi-device spoofing attacks is real in this and other similar systems. In the second part of this work, we investigate physical-layer features that could be used to detect multi-device attacks. We show that the frequency offset and transient phase noise of the attacker's radio devices can be exploited to discriminate between a received signal that has been transmitted by a single (legitimate) transponder or by multiple (malicious) spoofing sources. Based on that, we devise a multi-device spoofing detection system that achieves zero false positives and a false negative rate below 1%.
NoSQL solutions become emerging for large scaled, high performance, schema-flexible applications. WiredTiger is cost effective, non-locking, no-overwrite storage used as default storage engine in MongoDB. Understanding I/O characteristics of storage engine is important not only for choosing suitable solution with an application but also opening opportunities for researchers optimizing current working system, especially building more flash-awareness NoSQL DBMS. This paper explores background of MongoDB internals then analyze I/O characteristics of WiredTiger storage engine in detail. We also exploit space management mechanism in WiredTiger by using TRIM command.
The Internet of Things (IoT) presents itself as a promising set of key technologies to provide advanced smart applications. IoT has become a major trend lately and smart solutions can be found in a large variety of products. Since it provides a flexible and easy way to gather data from huge numbers of devices and exploit them ot provide new applications, it has become a central research area lately. However, due to the fact that IoT aims to interconnect millions of constrained devices that are monitoring the everyday life of people, acting upon physical objects around them, the security and privacy challenges are huge. Nevertheless, only lately the research focus has been on security and privacy solutions. Many solutions and IoT frameworks have only a minimum set of security, which is a basic access control. The EU FP7 project RERUM has a main focus on designing an IoT architecture based on the concepts of Security and Privacy by design. A central part of RERUM is the implementation of a middleware layer that provides extra functionalities for improved security and privacy. This work, presents the main elements of the RERUM middleware, which is based on the widely accepted OpenIoT middleware.
Today 2.9 billion people, or 40% of the world's population are online. By 2020, at least 40 billion more devices will become smart via embedded processors. The impact of such Internet of Things (IoT) on our society will be extraordinary. It will influence most consumer and business sectors, impact education, healthcare and safety. However, it certainly will also pose a challenge from a security point of view. Not only will the devices themselves become more complex, also the interaction between devices, the networks and the variance in topology will grow. Finally, with increasing amounts of data and assets at stake the incentive for attackers will increase. The costs of cyber attacks in such setting are estimated to reach about 2 trillion USD by 2020. Today, the IoT is just beginning to emerge. Unfortunately, when looking at its security, there is lots of room for improvement. Exploits reported at a steady pace clearly suggest that security is a major challenge when the world wants to successfully switch from an IoT hype to a real IoT deployment. Security, and security risk awareness, insufficiently present in today's consumer and developer mindset, are only a starting point. Once the requirement for strong security is widely accepted, there will be still the economical question of who is going to pay for security and its maintenance. Without enforcing certain standards by means of third party evaluation this problem is expected to be hard to get under control.
By connecting devices, people, vehicles and infrastructures everywhere in a city, governments and their partners can improve community wellbeing and other economic and financial aspects (e.g., cost and energy savings). Nonetheless, smart cities are complex ecosystems that comprise many different stakeholders (network operators, managed service providers, logistic centers...) who must work together to provide the best services and unlock the commercial potential of the IoT. This is one of the major challenges that faces today's smart city movement, and more generally the IoT as a whole. Indeed, while new smart connected objects hit the market every day, they mostly feed "vertical silos" (e.g., vertical apps, siloed apps...) that are closed to the rest of the IoT, thus hampering developers to produce new added value across multiple platforms. Within this context, the contribution of this paper is twofold: (i) present the EU vision and ongoing activities to overcome the problem of vertical silos; (ii) introduce recent IoT standards used as part of a recent Horizon 2020 IoT project to address this problem. The implementation of those standards for enhanced sporting event management in a smart city/government context (FIFA World Cup 2022) is developed, presented, and evaluated as a proof-of-concept.
We discuss a key engineering challenge in implementing the Identifier- Locator Network Protocol (ILNP), as described in IRTF Experimental RFCs 6740–6748: enabling legacy applications that use the C sockets API. We have built the first two OS kernel implementations of ILNPv6 (ILNP as a superset of IPv6), in both the Linux OS kernel and the FreeBSD OS kernel. Our evaluation is in comparison with IPv6, in the context of a topical and challenging scenario: host mobility implemented as a purely end-to-end function. Our experiments show that ILNPv6 has excellent potential for deployment using existing IPv6 infrastructure, whilst offering the new properties and functionality of ILNP.
This paper presents IPAS, an instruction duplication technique that protects scientific applications from silent data corruption (SDC) in their output. The motivation for IPAS is that, due to natural error masking, only a subset of SDC errors actually affects the output of scientific codes—we call these errors silent output corruption (SOC) errors. Thus applications require duplication only on code that, when affected by a fault, yields SOC. We use machine learning to learn code instructions that must be protected to avoid SOC, and, using a compiler, we protect only those vulnerable instructions by duplication, thus significantly reducing the overhead that is introduced by instruction duplication. In our experiments with five workloads, IPAS reduces the percentage of SOC by up to 90% with a slowdown that ranges between 1.04x and 1.35x, which corresponds to as much as 47% less slowdown than state-of-the-art instruction duplication techniques.
The ubiquity of portable mobile devices equipped with built-in cameras have led to a transformation in how and when digital images are captured, shared, and archived. Photographs and videos from social gatherings, public events, and even crime scenes are commonplace online. While the spontaneity afforded by these devices have led to new personal and creative outlets, privacy concerns of bystanders (and indeed, in some cases, unwilling subjects) have remained largely unaddressed. We present I-Pic, a trusted software platform that integrates digital capture with user-defined privacy. In I-Pic, users choose alevel of privacy (e.g., image capture allowed or not) based upon social context (e.g., out in public vs. with friends vs. at workplace). Privacy choices of nearby users are advertised via short-range radio, and I-Pic-compliant capture platforms generate edited media to conform to privacy choices of image subjects. I-Pic uses secure multiparty computation to ensure that users' visual features and privacy choices are not revealed publicly, regardless of whether they are the subjects of an image capture. Just as importantly, I-Pic preserves the ease-of-use and spontaneous nature of capture and sharing between trusted users. Our evaluation of I-Pic shows that a practical, energy-efficient system that conforms to the privacy choices of many users within a scene can be built and deployed using current hardware.
Biometric is uses to identify authorized person based on specific physiological or behavioral features. Template protection is a crucial requirement when designing an authentication system, where the template could be modified by attacker. Hill Cipher is a block cipher and symmetric key algorithm it has several advantages such as simplicity, high speed and high throughput can be used to protect Biometric Template. Unfortunately, Hill Cipher has some disadvantages such as takes smaller sizes of blocks, very simple and vulnerable for exhaustive key search attack and known plain text attack, also the key matrix which entered should be invertible. This paper proposed an enhancement to overcome these drawbacks of Hill Cipher by using a large and random key with large data block, beside overcome the Invertible-key Matrix problem. The efficiency of encryption has been checked out by Normalized Correlation Coefficient (NCC) and running time.
Internet of Things(IoT) is the next big boom in the networking field. The vision of IoT is to connect daily used objects (which have the ability of sensing and actuation) to the Internet. This may or may or may not involve human. IoT field is still maturing and has many open issues. We build up on the security issues. As the devices have low computational power and low memory the existing security mechanisms (which are a necessity) should also be optimized accordingly or a clean slate approach needs to be followed. This is a survey paper to focus on the security aspects of IoT. We further also discuss the open challenges in this fie
A self-managing software system should be able to monitor and analyze its runtime behavior and make adaptation decisions accordingly to meet certain desirable objectives. Traditional software adaptation techniques and recent “models@runtime” approaches usually require an a priori model for a system’s dynamic behavior. Oftentimes the model is difficult to define and labor-intensive to maintain, and tends to get out of date due to adaptation and architecture decay. We propose an alternative approach that does not require defining the system’s behavior model beforehand, but instead involves mining software component interactions from system execution traces to build a probabilistic usage model, which is in turn used to analyze, plan, and execute adaptations. In this article, we demonstrate how such an approach can be realized and effectively used to address a variety of adaptation concerns. In particular, we describe the details of one application of this approach for safely applying dynamic changes to a running software system without creating inconsistencies. We also provide an overview of two other applications of the approach, identifying potentially malicious (abnormal) behavior for self-protection, and improving deployment of software components in a distributed setting for performance self-optimization. Finally, we report on our experiments with engineering self-management features in an emergency deployment system using the proposed mining approach.
The Android platform is designed to support mutually untrusted third-party apps, which run as isolated processes but may interact via platform-controlled mechanisms, called Intents. Interactions among third-party apps are intended and can contribute to a rich user experience, for example, the ability to share pictures from one app with another. The Android platform presents an interesting point in a design space of module systems that is biased toward isolation, extensibility, and untrusted contributions. The Intent mechanism essentially provides message channels among modules, in which the set of message types is extensible. However, the module system has design limitations including the lack of consistent mechanisms to document message types, very limited checking that a message conforms to its specifications, the inability to explicitly declare dependencies on other modules, and the lack of checks for backward compatibility as message types evolve over time. In order to understand the degree to which these design limitations result in real issues, we studied a broad corpus of apps and cross-validated our results against app documentation and Android support forums. Our findings suggest that design limitations do indeed cause development problems. Based on our results, we outline further research questions and propose possible mitigation strategies.
New deception technologies bring a heightened level of aggressiveness in addressing cyberattacks. Dynamic deception steps in, when prevention systems fail, and provides organizations with an efficient way to continuously detect intrusions with high interaction traps, engagement servers, and luring techniques to engage attackers. It does this without requiring additional IT staff to manage the solution.
Organizations rely on security experts to improve the security of their systems. These professionals use background knowledge and experience to align known threats and vulnerabilities before selecting mitigation options. The substantial depth of expertise in any one area (e.g., databases, networks, operating systems) precludes the possibility that an expert would have complete knowledge about all threats and vulnerabilities. To begin addressing this problem of distributed knowledge, we investigate the challenge of developing a security requirements rule base that mimics human expert reasoning to enable new decision-support systems. In this paper, we show how to collect relevant information from cyber security experts to enable the generation of: (1) interval type-2 fuzzy sets that capture intra- and inter-expert uncertainty around vulnerability levels; and (2) fuzzy logic rules underpinning the decision-making process within the requirements analysis. The proposed method relies on comparative ratings of security requirements in the context of concrete vignettes, providing a novel, interdisciplinary approach to knowledge generation for fuzzy logic systems. The proposed approach is tested by evaluating 52 scenarios with 13 experts to compare their assessments to those of the fuzzy logic decision support system. The initial results show that the system provides reliable assessments to the security analysts, in particular, generating more conservative assessments in 19% of the test scenarios compared to the experts’ ratings.