Visible to the public Biblio

Filters: Author is State, Radu  [Clear All Filters]
2022-07-15
Lagraa, Sofiane, State, Radu.  2021.  What database do you choose for heterogeneous security log events analysis? 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM). :812—817.
The heterogeneous massive logs incoming from multiple sources pose major challenges to professionals responsible for IT security and system administrator. One of the challenges is to develop a scalable heterogeneous logs database for storage and further analysis. In fact, it is difficult to decide which database is suitable for the needs, the best of a use case, execution time and storage performances. In this paper, we explore, study, and compare the performance of SQL and NoSQL databases on large heterogeneous event logs. We implement the relational database using MySQL, the column-oriented database using Impala on the top of Hadoop, and the graph database using Neo4j. We experiment the databases on a large heterogeneous logs and provide advice, the pros and cons of each SQL and NoSQL database. Our findings that Impala outperforms MySQL and Neo4j databases in terms of loading logs, execution time of simple queries, and storage of logs. However, Neo4j outperforms Impala and MySQL in the execution time of complex queries.
2022-06-09
Trestioreanu, Lucian, Nita-Rotaru, Cristina, Malhotra, Aanchal, State, Radu.  2021.  SPON: Enabling Resilient Inter-Ledgers Payments with an Intrusion-Tolerant Overlay. 2021 IEEE Conference on Communications and Network Security (CNS). :92–100.
Payment systems are a critical component of everyday life in our society. While in many situations payments are still slow, opaque, siloed, expensive or even fail, users expect them to be fast, transparent, cheap, reliable and global. Recent technologies such as distributed ledgers create opportunities for near-real-time, cheaper and more transparent payments. However, in order to achieve a global payment system, payments should be possible not only within one ledger, but also across different ledgers and geographies.In this paper we propose Secure Payments with Overlay Networks (SPON), a service that enables global payments across multiple ledgers by combining the transaction exchange provided by the Interledger protocol with an intrusion-tolerant overlay of relay nodes to achieve (1) improved payment latency, (2) fault-tolerance to benign failures such as node failures and network partitions, and (3) resilience to BGP hijacking attacks. We discuss the design goals and present an implementation based on the Interledger protocol and Spines overlay network. We analyze the resilience of SPON and demonstrate through experimental evaluation that it is able to improve payment latency, recover from path outages, withstand network partition attacks, and disseminate payments fairly across multiple ledgers. We also show how SPON can be deployed to make the communication between different ledgers resilient to BGP hijacking attacks.
2022-02-03
Rivera, Sean, State, Radu.  2021.  Securing Robots: An Integrated Approach for Security Challenges and Monitoring for the Robotic Operating System (ROS). 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM). :754—759.
Robotic systems are becoming an ever-increasing part of everyday life due to their capacity to carry out physical tasks on behalf of human beings. Found in nearly every facet of our lives, robotic systems are used domestically, in small and large-scale factories, for the production and processing of agriculture, for military operations, to name a few. The Robotic Operating System (ROS) is the standard operating system used today for the development of modular robotic systems. However, in its development, ROS has been notorious for the absence of security mechanisms, placing people in danger both physically and digitally. This dissertation summary presents the development of a suite of ROS tools, leading up to the development of a modular, secure framework for ROS. An integrated approach for the security of ROS-enabled robotic systems is described, to set a baseline for the continual development to increase ROS security. The work culminates in the ROS security tool ROS-Immunity, combining internal system defense, external system verification, and automated vulnerability detection in an integrated tool that, in conjunction with Secure-ROS, provides a suite of defenses for ROS systems against malicious attackers.
2020-09-11
Baden, Mathis, Ferreira Torres, Christof, Fiz Pontiveros, Beltran Borja, State, Radu.  2019.  Whispering Botnet Command and Control Instructions. 2019 Crypto Valley Conference on Blockchain Technology (CVCBT). :77—81.
Botnets are responsible for many large scale attacks happening on the Internet. Their weak point, which is usually targeted to take down a botnet, is the command and control infrastructure: the foundation for the diffusion of the botmaster's instructions. Hence, botmasters employ stealthy communication methods to remain hidden and retain control of the botnet. Recent research has shown that blockchains can be leveraged for under the radar communication with bots, however these methods incur fees for transaction broadcasting. This paper discusses the use of a novel technology, Whisper, for command and control instruction dissemination. Whisper allows a botmaster to control bots at virtually zero cost, while providing a peer-to-peer communication infrastructure, as well as privacy and encryption as part of its dark communication strategy. It is therefore well suited for bidirectional botnet command and control operations, and creating a botnet that is very difficult to take down.
2020-04-13
Rivera, Sean, Lagraa, Sofiane, Nita-Rotaru, Cristina, Becker, Sheila, State, Radu.  2019.  ROS-Defender: SDN-Based Security Policy Enforcement for Robotic Applications. 2019 IEEE Security and Privacy Workshops (SPW). :114–119.
In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought.
2019-02-14
Torres, Christof Ferreira, Schütte, Julian, State, Radu.  2018.  Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts. Proceedings of the 34th Annual Computer Security Applications Conference. :664-676.

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be changed once deployed to the blockchain. They typically implement the business logic of distributed apps and carry billions of dollars worth of coins. In that respect, it is imperative that smart contracts are correct and have no vulnerabilities or bugs. However, research has identified different classes of vulnerabilities in smart contracts, some of which led to prominent multi-million dollar fraud cases. In this paper we focus on vulnerabilities related to integer bugs, a class of bugs that is particularly difficult to avoid due to some characteristics of the Ethereum Virtual Machine and the Solidity programming language. In this paper we introduce Osiris – a framework that combines symbolic execution and taint analysis, in order to accurately find integer bugs in Ethereum smart contracts. Osiris detects a greater range of bugs than existing tools, while providing a better specificity of its detection. We have evaluated its performance on a large experimental dataset containing more than 1.2 million smart contracts. We found that 42,108 contracts contain integer bugs. Besides being able to identify several vulnerabilities that have been reported in the past few months, we were also able to identify a yet unknown critical vulnerability in a couple of smart contracts that are currently deployed on the Ethereum blockchain.