Visible to the public Biblio

Filters: Author is Caballero, Juan  [Clear All Filters]
2022-02-25
Wilms, Daniel, Stoecker, Carsten, Caballero, Juan.  2021.  Data Provenance in Vehicle Data Chains. 2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring). :1–5.
With almost every new vehicle being connected, the importance of vehicle data is growing rapidly. Many mobility applications rely on the fusion of data coming from heterogeneous data sources, like vehicle and "smart-city" data or process data generated by systems out of their control. This external data determines much about the behaviour of the relying applications: it impacts the reliability, security and overall quality of the application's input data and ultimately of the application itself. Hence, knowledge about the provenance of that data is a critical component in any data-driven system. The secure traceability of the data handling along the entire processing chain, which passes through various distinct systems, is critical for the detection and avoidance of misuse and manipulation. In this paper, we introduce a mechanism for establishing secure data provenance in real time, demonstrating an exemplary use-case based on a machine learning model that detects dangerous driving situations. We show with our approach based on W3C decentralized identity standards that data provenance in closed data systems can be effectively achieved using technical standards designed for an open data approach.
2019-08-12
Karande, Vishal, Chandra, Swarup, Lin, Zhiqiang, Caballero, Juan, Khan, Latifur, Hamlen, Kevin.  2018.  BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :393-398.

Complex software is built by composing components implementing largely independent blocks of functionality. However, once the sources are compiled into an executable, that modularity is lost. This is unfortunate for code recipients, for whom knowing the components has many potential benefits, such as improved program understanding for reverse-engineering, identifying shared code across different programs, binary code reuse, and authorship attribution. A novel approach for decomposing such source-free program executables into components is here proposed. Given an executable, the approach first statically builds a decomposition graph, where nodes are functions and edges capture three types of relationships: code locality, data references, and function calls. It then applies a graph-theoretic approach to partition the functions into disjoint components. A prototype implementation, BCD, demonstrates the approach's efficacy: Evaluation of BCD with 25 C++ binary programs to recover the methods belonging to each class achieves high precision and recall scores for these tested programs.