Visible to the public Biblio

Filters: Keyword is Instruction sets  [Clear All Filters]
2023-09-01
She, Cairui, Chen, Liwei, Shi, Gang.  2022.  TFCFI:Transparent Forward Fine-grained Control-Flow Integrity Protection. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :407—414.
Code-reuse attacks (including ROP/JOP) severely threaten computer security. Control-flow integrity (CFI), which can restrict control flow in legal scope, is recognised as an effective defence mechanism against code-reuse attacks. Hardware-based CFI uses Instruction Set Architecture (ISA) extensions with additional hardware modules to implement CFI and achieve better performance. However, hardware-based fine-grained CFI adds new instructions to the ISA, which can not be executed on old processors and breaks the compatibility of programs. Some coarse-grained CFI designs, such as Intel IBT, maintain the compatibility of programs but can not provide enough security guarantees.To balance the security and compatibility of hardware CFI, we propose Transparent Forward CFI (TFCFI). TFCFI implements hardware-based fine-grained CFI designs without changing the ISA. The software modification of TFCFI utilizes address information and hint instructions in RISC-V as transparent labels to mark the program. The hardware module of TFCFI monitors the control flow during execution. The program modified by TFCFI can be executed on old processors without TFCFI. Benefiting from transparent labels, TFCFI also solves the destination equivalence problem. The experiment on FPGA shows that TFCFI incurs negligible performance overhead (1.82% on average).
2023-05-12
Huang, Pinguo, Fu, Min.  2022.  Analysis of Java Lock Performance Metrics Classification. 2022 International Symposium on Advances in Informatics, Electronics and Education (ISAIEE). :407–411.

Java locking is an essential functionality and tool in the development of applications and systems, and this is mainly because several modules may run in a synchronized way inside an application and these modules need a good coordination manner in order for them to run properly and in order to make the whole application or system stable and normal. As such, this paper focuses on comparing various Java locking mechanisms in order to achieve a better understanding of how these locks work and how to conduct a proper locking mechanism. The comparison of locks is made according to CPU usage, memory consumption, and ease of implementation indicators, with the aim of providing guidance to developers in choosing locks for different scenarios. For example, if the Pessimistic Locks are used in any program execution environment, i.e., whenever a thread obtains resources, it needs to obtain the lock first, which can ensure a certain level of data security. However, it will bring great CPU overhead and reduce efficiency. Also, different locks have different memory consumption, and developers are sometimes faced with the need to choose locks rationally with limited memory, or they will cause a series of memory problems. In particular, the comparison of Java locks is able to lead to a systematic classification of these locks and can help improve the understanding of the taxonomy logic of the Java locks.

Zhang, Tong, Cui, Xiangjie, Wang, Yichuan, Du, Yanning, Gao, Wen.  2022.  TCS Security Analysis in Intel SGX Enclave MultiThreading. 2022 International Conference on Networking and Network Applications (NaNA). :276–281.

With the rapid development of Internet Technology in recent years, the demand for security support for complex applications is becoming stronger and stronger. Intel Software Guard Extensions (Intel SGX) is created as an extension of Intel Systems to enhance software security. Intel SGX allows application developers to create so-called enclave. Sensitive application code and data are encapsulated in Trusted Execution Environment (TEE) by enclave. TEE is completely isolated from other applications, operating systems, and administrative programs. Enclave is the core structure of Intel SGX Technology. Enclave supports multi-threading. Thread Control Structure (TCS) stores special information for restoring enclave threads when entering or exiting enclave. Each execution thread in enclave is associated with a TCS. This paper analyzes and verifies the possible security risks of enclave under concurrent conditions. It is found that in the case of multithread concurrency, a single enclave cannot resist flooding attacks, and related threads also throw TCS exception codes.

2022-11-08
Shomron, Gil, Weiser, Uri.  2020.  Non-Blocking Simultaneous Multithreading: Embracing the Resiliency of Deep Neural Networks. 2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO). :256–269.
Deep neural networks (DNNs) are known for their inability to utilize underlying hardware resources due to hard-ware susceptibility to sparse activations and weights. Even in finer granularities, many of the non-zero values hold a portion of zero-valued bits that may cause inefficiencies when executed on hard-ware. Inspired by conventional CPU simultaneous multithreading (SMT) that increases computer resource utilization by sharing them across several threads, we propose non-blocking SMT (NB-SMT) designated for DNN accelerators. Like conventional SMT, NB-SMT shares hardware resources among several execution flows. Yet, unlike SMT, NB-SMT is non-blocking, as it handles structural hazards by exploiting the algorithmic resiliency of DNNs. Instead of opportunistically dispatching instructions while they wait in a reservation station for available hardware, NB-SMT temporarily reduces the computation precision to accommodate all threads at once, enabling a non-blocking operation. We demonstrate NB-SMT applicability using SySMT, an NB-SMT-enabled output-stationary systolic array (OS-SA). Compared with a conventional OS-SA, a 2-threaded SySMT consumes 1.4× the area and delivers 2× speedup with 33% energy savings and less than 1% accuracy degradation of state-of-the-art CNNs with ImageNet. A 4-threaded SySMT consumes 2.5× the area and delivers, for example, 3.4× speedup and 39%×energy savings with 1% accuracy degradation of 40%-pruned ResNet-18.
2022-09-29
Zhang, Zhengjun, Liu, Yanqiang, Chen, Jiangtao, Qi, Zhengwei, Zhang, Yifeng, Liu, Huai.  2021.  Performance Analysis of Open-Source Hypervisors for Automotive Systems. 2021 IEEE 27th International Conference on Parallel and Distributed Systems (ICPADS). :530–537.
Nowadays, automotive products are intelligence intensive and thus inevitably handle multiple functionalities under the current high-speed networking environment. The embedded virtualization has high potentials in the automotive industry, thanks to its advantages in function integration, resource utilization, and security. The invention of ARM virtualization extensions has made it possible to run open-source hypervisors, such as Xen and KVM, for embedded applications. Nevertheless, there is little work to investigate the performance of these hypervisors on automotive platforms. This paper presents a detailed analysis of different types of open-source hypervisors that can be applied in the ARM platform. We carry out the virtualization performance experiment from the perspectives of CPU, memory, file I/O, and some OS operation performance on Xen and Jailhouse. A series of microbenchmark programs have been designed, specifically to evaluate the real-time performance of various hypervisors and the relevant overhead. Compared with Xen, Jailhouse has better latency performance, stable latency, and little interference jitter. The performance experiment results help us summarize the advantages and disadvantages of these hypervisors in automotive applications.
2022-08-26
Ke, Jie, Mo, Jingrong.  2021.  Design and Implementation of Task Driven Communication System with Multi-user Authority. 2021 6th International Conference on Smart Grid and Electrical Automation (ICSGEA). :375—377.
In order to solve the problem of data analysis and application caused by the inefficient integration of hardware and software compatibility of hardware in the Internet of things, this paper proposes and designs a C/S framework communication system based on task driven and multi-user authority. By redefining the relationship between users and hardware and adopting the matching framework for different modules, the system realizes the high concurrent and complex data efficient collaborative processing between software and hardware. Finally, by testing and verifying the functions of the system, the communication system effectively realizes the functions of data processing between software and hardware, and achieves the expected results.
2022-05-19
Zhang, Feng, Pan, Zaifeng, Zhou, Yanliang, Zhai, Jidong, Shen, Xipeng, Mutlu, Onur, Du, Xiaoyong.  2021.  G-TADOC: Enabling Efficient GPU-Based Text Analytics without Decompression. 2021 IEEE 37th International Conference on Data Engineering (ICDE). :1679–1690.
Text analytics directly on compression (TADOC) has proven to be a promising technology for big data analytics. GPUs are extremely popular accelerators for data analytics systems. Unfortunately, no work so far shows how to utilize GPUs to accelerate TADOC. We describe G-TADOC, the first framework that provides GPU-based text analytics directly on compression, effectively enabling efficient text analytics on GPUs without decompressing the input data. G-TADOC solves three major challenges. First, TADOC involves a large amount of dependencies, which makes it difficult to exploit massive parallelism on a GPU. We develop a novel fine-grained thread-level workload scheduling strategy for GPU threads, which partitions heavily-dependent loads adaptively in a fine-grained manner. Second, in developing G-TADOC, thousands of GPU threads writing to the same result buffer leads to inconsistency while directly using locks and atomic operations lead to large synchronization overheads. We develop a memory pool with thread-safe data structures on GPUs to handle such difficulties. Third, maintaining the sequence information among words is essential for lossless compression. We design a sequence-support strategy, which maintains high GPU parallelism while ensuring sequence information. Our experimental evaluations show that G-TADOC provides 31.1× average speedup compared to state-of-the-art TADOC.
2022-04-13
Arthi, R, Krishnaveni, S.  2021.  Design and Development of IOT Testbed with DDoS Attack for Cyber Security Research. 2021 3rd International Conference on Signal Processing and Communication (ICPSC). :586—590.
The Internet of Things (IoT) is clubbed by networking of sensors and other embedded electronics. As more devices are getting connected, the vulnerability of getting affected by various IoT threats also increases. Among the IoT threads, DDoS attacks are causing serious issues in recent years. In IoT, these attacks are challenging to detect and isolate. Thus, an effective Intrusion Detection System (IDS) is essential to defend against these attacks. The traditional IDS is based on manual blacklisting. These methods are time-consuming and will not be effective to detect novel intrusions. At present, IDS are automated and programmed to be dynamic which are aided by machine learning & deep learning models. The performance of these models mainly depends on the data used to train the model. Majority of IDS study is performed with non-compatible and outdated datasets like KDD 99 and NSL KDD. Research on specific DDoS attack datasets is very less. Therefore, in this paper, we first aim to examine the effect of existing datasets in the IoT environment. Then, we propose a real-time data collection framework for DNS amplification attacks in IoT. The generated network packets containing DDoS attack is captured through port mirroring.
2022-04-01
Marts, W. Pepper, Dosanjh, Matthew G. F., Levy, Scott, Schonbein, Whit, Grant, Ryan E., Bridges, Patrick G..  2021.  MiniMod: A Modular Miniapplication Benchmarking Framework for HPC. 2021 IEEE International Conference on Cluster Computing (CLUSTER). :12–22.
The HPC application community has proposed many new application communication structures, middleware interfaces, and communication models to improve HPC application performance. Modifying proxy applications is the standard practice for the evaluation of these novel methodologies. Currently, this requires the creation of a new version of the proxy application for each combination of the approach being tested. In this article, we present a modular proxy-application framework, MiniMod, that enables evaluation of a combination of independently written computation kernels, data transfer logic, communication access, and threading libraries. MiniMod is designed to allow rapid development of individual modules which can be combined at runtime. Through MiniMod, developers only need a single implementation to evaluate application impact under a variety of scenarios.We demonstrate the flexibility of MiniMod’s design by using it to implement versions of a heat diffusion kernel and the miniFE finite element proxy application, along with a variety of communication, granularity, and threading modules. We examine how changing communication libraries, communication granularities, and threading approaches impact these applications on an HPC system. These experiments demonstrate that MiniMod can rapidly improve the ability to assess new middleware techniques for scientific computing applications and next-generation hardware platforms.
2022-02-22
Zhou, Tianyang.  2021.  Performance comparison and optimization of mainstream NIDS systems in offline mode based on parallel processing technology. 2021 2nd International Conference on Computing and Data Science (CDS). :136—140.
For the network intrusion detection system (NIDS), improving the performance of the analysis process has always been one of the primary goals that NIDS needs to solve. An important method to improve performance is to use parallel processing technology to maximize the usage of multi-core CPU resources. In this paper, by splitting Pcap data packets, the NIDS software Snort3 can process Pcap packets in parallel mode. On this basis, this paper compares the performance between Snort2, Suricata, and Snort3 with different CPU cores in processing different sizes of Pcap data packets. At the same time, a parallel unpacking algorithm is proposed to further improve the parallel processing performance of Snort3.
2021-09-30
Gambhir, Gaurav, Mandal, Jyotsna Kumar.  2020.  Multi-Core Implementation of Chaotic RGB-LSB Steganography Technique. 2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC). :496–500.
The paper presents shared memory implementation of chaotic RGB LSB steganography technique, The proposed technique involves hiding the secret information into RGB components of the cover image. Chaotic logistic map has been used to generate highly random numbers for enhancing the security of embedded information. Encryption and decryption process is parallelized using OpenMP API in multicore environment, and results show significant speed up and highly scalable results even with large amount of data.
2021-08-31
Kim, Hwajung, Yeom, Heon Young, Son, Yongseok.  2020.  An Efficient Database Backup and Recovery Scheme using Write-Ahead Logging. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :405—413.
Many cloud services perform periodic database backup to keep the data safe from failures such as sudden system crashes. In the database system, two techniques are widely used for data backup and recovery: a physical backup and a logical backup. The physical backup uses raw data by copying the files in the database, whereas the logical backup extracts data from the database and dumps it into separated files as a sequence of query statements. Both techniques support a full backup strategy that contains data of the entire database and incremental backup strategy that contains changed data since a previous backup. However, both strategies require additional I/O operations to perform the backup and need a long time to restore a backup. In this paper, we propose an efficient backup and recovery scheme by exploiting write-ahead logging (WAL) in database systems. In the proposed scheme, for backup, we devise a backup system to use log data generated by the existing WAL to eliminate the additional I/O operations. To restore a backup, we utilize and optimize the existing crash recovery procedure of WAL to reduce recovery time. For example, we divide the recovery range and applying the backup data for each range independently via multiple threads. We implement our scheme in MySQL, a popular database management system. The experimental result demonstrates that the proposed scheme provides instant backup while reducing recovery time compared with the existing schemes.
2021-07-07
Al-hamouri, Rahaf, Al-Jarrah, Heba, Al-Sharif, Ziad A., Jararweh, Yaser.  2020.  Measuring the Impacts of Virtualization on the Performance of Thread-Based Applications. 2020 Seventh International Conference on Software Defined Systems (SDS). :131–138.
The following topics are dealt with: cloud computing; software defined networking; cryptography; telecommunication traffic; Internet of Things; authorisation; software radio; cryptocurrencies; data privacy; learning (artificial intelligence).
2021-06-01
Chen, Zhanhao, Cao, Yinzhi.  2020.  JSKernel: Fortifying JavaScript against Web Concurrency Attacks via a Kernel-Like Structure. 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :64—75.
As portals to the Internet, web browsers constitute prominent targets for attacks. Existing defenses that redefine web APIs typically capture information related to a single JavaScript function. Thus, they fail to defend against the so-called web concurrency attacks that use multiple interleaved functions to trigger a browser vulnerability. In this paper, we propose JSKernel, the first generic framework that introduces a kernel concept into JavaScript to defend against web concurrency attacks. The JavaScript kernel, inspired from operating system concepts, enforces the execution order of JavaScript events and threads to fortify security. We implement a prototype of JSKernel deployable as add-on extensions to three widely used web browsers, namely Google Chrome, Mozilla Firefox, and Microsoft Edge. These open-source extensions are available at (https://github.com/jskernel2019/jskernel) along with a usability demo at (https://jskernel2019.github.io/). Our evaluation shows the prototype to be robust to web concurrency attacks, fast, and backward compatible with legacy websites.
Xu, Meng, Kashyap, Sanidhya, Zhao, Hanqing, Kim, Taesoo.  2020.  Krace: Data Race Fuzzing for Kernel File Systems. 2020 IEEE Symposium on Security and Privacy (SP). :1643—1660.
Data races occur when two threads fail to use proper synchronization when accessing shared data. In kernel file systems, which are highly concurrent by design, data races are common mistakes and often wreak havoc on the users, causing inconsistent states or data losses. Prior fuzzing practices on file systems have been effective in uncovering hundreds of bugs, but they mostly focus on the sequential aspect of file system execution and do not comprehensively explore the concurrency dimension and hence, forgo the opportunity to catch data races.In this paper, we bring coverage-guided fuzzing to the concurrency dimension with three new constructs: 1) a new coverage tracking metric, alias coverage, specially designed to capture the exploration progress in the concurrency dimension; 2) an evolution algorithm for generating, mutating, and merging multi-threaded syscall sequences as inputs for concurrency fuzzing; and 3) a comprehensive lockset and happens-before modeling for kernel synchronization primitives for precise data race detection. These components are integrated into Krace, an end-to-end fuzzing framework that has discovered 23 data races in ext4, btrfs, and the VFS layer so far, and 9 are confirmed to be harmful.
Abhinav, P Y, Bhat, Avakash, Joseph, Christina Terese, Chandrasekaran, K.  2020.  Concurrency Analysis of Go and Java. 2020 5th International Conference on Computing, Communication and Security (ICCCS). :1—6.
There has been tremendous progress in the past few decades towards developing applications that receive data and send data concurrently. In such a day and age, there is a requirement for a language that can perform optimally in such environments. Currently, the two most popular languages in that respect are Go and Java. In this paper, we look to analyze the concurrency features of Go and Java through a complete programming language performance analysis, looking at their compile time, run time, binary sizes and the language's unique concurrency features. This is done by experimenting with the two languages using the matrix multiplication and PageRank algorithms. To the extent of our knowledge, this is the first work which used PageRank algorithm to analyse concurrency. Considering the results of this paper, application developers and researchers can hypothesize on an appropriate language to use for their concurrent programming activity.Results of this paper show that Go performs better for fewer number of computation but is soon taken over by Java as the number of computations drastically increase. This trend is shown to be the opposite when thread creation and management is considered where Java performs better with fewer computation but Go does better later on. Regarding concurrency features both Java with its Executor Service library and Go had their own advantages that made them better for specific applications.
2021-05-03
Lehniger, Kai, Aftowicz, Marcin J., Langendorfer, Peter, Dyka, Zoya.  2020.  Challenges of Return-Oriented-Programming on the Xtensa Hardware Architecture. 2020 23rd Euromicro Conference on Digital System Design (DSD). :154–158.
This paper shows how the Xtensa architecture can be attacked with Return-Oriented-Programming (ROP). The presented techniques include possibilities for both supported Application Binary Interfaces (ABIs). Especially for the windowed ABI a powerful mechanism is presented that not only allows to jump to gadgets but also to manipulate registers without relying on specific gadgets. This paper purely focuses on how the properties of the architecture itself can be exploited to chain gadgets and not on specific attacks or a gadget catalog.
2021-04-09
Yamato, K., Kourai, K., Saadawi, T..  2020.  Transparent IDS Offloading for Split-Memory Virtual Machines. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :833—838.
To enable virtual machines (VMs) with a large amount of memory to be flexibly migrated, split migration has been proposed. It divides a large-memory VM into small pieces and transfers them to multiple hosts. After the migration, the VM runs across those hosts and exchanges memory data between hosts using remote paging. For such a split-memory VM, however, it becomes difficult to securely run intrusion detection systems (IDS) outside the VM using a technique called IDS offloading. This paper proposes VMemTrans to support transparent IDS offloading for split-memory VMs. In VMemTrans, offloaded IDS can monitor a split-memory VM as if that memory were not distributed. To achieve this, VMemTrans enables IDS running in one host to transparently access VM's remote memory. To consider a trade-off, it provides two methods for obtaining memory data from remote hosts: self paging and proxy paging. We have implemented VMemTrans in KVM and compared the execution performance between the two methods.
2021-03-15
Chowdhuryy, M. H. Islam, Liu, H., Yao, F..  2020.  BranchSpec: Information Leakage Attacks Exploiting Speculative Branch Instruction Executions. 2020 IEEE 38th International Conference on Computer Design (ICCD). :529–536.
Recent studies on attacks exploiting processor hardware vulnerabilities have raised significant concern for information security. Particularly, transient execution attacks such as Spectre augment microarchitectural side channels with speculative executions that lead to exfiltration of secretive data not intended to be accessed. Many prior works have demonstrated the manipulation of branch predictors for triggering speculative executions, and thereafter leaking sensitive information through processor microarchitectural components. In this paper, we present a new class of microarchitectural attack, called BranchSpec, that performs information leakage by exploiting state changes of branch predictors in speculative path. Our key observation is that, branch instruction executions in speculative path alter the states of branch pattern history, which are not restored even after the speculatively executed branches are eventually squashed. Unfortunately, this enables adversaries to harness branch predictors as the transmitting medium in transient execution attacks. More importantly, as compared to existing speculative attacks (e.g., Spectre), BranchSpec can take advantage of much simpler code patterns in victim's code base, making the impact of such exploitation potentially even more severe. To demonstrate this security vulnerability, we have implemented two variants of BranchSpec attacks: a side channel where a malicious spy process infers cross-boundary secrets via victim's speculatively executed nested branches, and a covert channel that communicates secrets through intentionally perturbing the branch pattern history structure via speculative branch executions. Our evaluation on Intel Skylake- and Coffee Lake-based processors reveals that these information leakage attacks are highly accurate and successful. To the best of our knowledge, this is the first work to reveal the information leakage threat due to speculative state update in branch predictor. Our studies further broaden the attack surface of processor microarchitecture, and highlight the needs for branch prediction mechanisms that are secure in transient executions.
Cortiñas, C. T., Vassena, M., Russo, A..  2020.  Securing Asynchronous Exceptions. 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). :214–229.

Language-based information-flow control (IFC) techniques often rely on special purpose, ad-hoc primitives to address different covert channels that originate in the runtime system, beyond the scope of language constructs. Since these piecemeal solutions may not compose securely, there is a need for a unified mechanism to control covert channels. As a first step towards this goal, we argue for the design of a general interface that allows programs to safely interact with the runtime system and the available computing resources. To coordinate the communication between programs and the runtime system, we propose the use of asynchronous exceptions (interrupts), which, to the best of our knowledge, have not been considered before in the context of IFC languages. Since asynchronous exceptions can be raised at any point during execution-often due to the occurrence of an external event-threads must temporarily mask them out when manipulating locks and shared data structures to avoid deadlocks and, therefore, breaking program invariants. Crucially, the naive combination of asynchronous exceptions with existing features of IFC languages (e.g., concurrency and synchronization variables) may open up new possibilities of information leakage. In this paper, we present MACasync, a concurrent, statically enforced IFC language that, as a novelty, features asynchronous exceptions. We show how asynchronous exceptions easily enable (out of the box) useful programming patterns like speculative execution and some degree of resource management. We prove that programs in MACasync satisfy progress-sensitive non-interference and mechanize our formal claims in the Agda proof assistant.

Bresch, C., Lysecky, R., Hély, D..  2020.  BackFlow: Backward Edge Control Flow Enforcement for Low End ARM Microcontrollers. 2020 Design, Automation Test in Europe Conference Exhibition (DATE). :1606–1609.
This paper presents BackFlow, a compiler-based toolchain that enforces indirect backward edge control flow integrity for low-end ARM Cortex-M microprocessors. BackFlow is implemented within the Clang/LLVM compiler and supports the ARM instruction set and its subset Thumb. The control flow integrity generated by the compiler relies on a bitmap, where each set bit indicates a valid pointer destination. The efficiency of the framework is benchmarked using an STM32 NUCLEO F446RE microcontroller. The obtained results show that the control flow integrity solution incurs an execution time overhead ranging from 1.5 to 4.5%.
Piessens, F..  2020.  Security across abstraction layers: old and new examples. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :271–279.
A common technique for building ICT systems is to build them as successive layers of bstraction: for instance, the Instruction Set Architecture (ISA) is an abstraction of the hardware, and compilers or interpreters build higher level abstractions on top of the ISA.The functionality of an ICT application can often be understood by considering only a single level of abstraction. For instance the source code of the application defines the functionality using the level of abstraction of the source programming language. Functionality can be well understood by just studying this source code.Many important security issues in ICT system however are cross-layer issues: they can not be understood by considering the system at a single level of abstraction, but they require understanding how multiple levels of abstraction are implemented. Attacks may rely on, or exploit, implementation details of one or more layers below the source code level of abstraction.The purpose of this paper is to illustrate this cross-layer nature of security by discussing old and new examples of cross-layer security issues, and by providing a classification of these issues.
2021-01-15
Pete, I., Hughes, J., Chua, Y. T., Bada, M..  2020.  A Social Network Analysis and Comparison of Six Dark Web Forums. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :484—493.

With increasing monitoring and regulation by platforms, communities with criminal interests are moving to the dark web, which hosts content ranging from whistle-blowing and privacy, to drugs, terrorism, and hacking. Using post discussion data from six dark web forums we construct six interaction graphs and use social network analysis tools to study these underground communities. We observe the structure of each network to highlight structural patterns and identify nodes of importance through network centrality analysis. Our findings suggest that in the majority of the forums some members are highly connected and form hubs, while most members have a lower number of connections. When examining the posting activities of central nodes we found that most of the central nodes post in sub-forums with broader topics, such as general discussions and tutorials. These members play different roles in the different forums, and within each forum we identified diverse user profiles.

2020-11-17
Benhani, E. M., Bossuet, L..  2018.  DVFS as a Security Failure of TrustZone-enabled Heterogeneous SoC. 2018 25th IEEE International Conference on Electronics, Circuits and Systems (ICECS). :489—492.
Today, most embedded systems use Dynamic Voltage and Frequency Scaling (DVFS) to minimize energy consumption and maximize performance. The DVFS technique works by regulating the important parameters that govern the amount of energy consumed in a system, voltage and frequency. For the implementation of this technique, the operating system (OS) includes software applications that dynamically control a voltage regulator or a frequency regulator or both. In this paper, we demonstrate for the first time a malicious use of the frequency regulator against a TrustZone-enabled System-on-Chip (SoC). We demonstrate a use of frequency scaling to create covert channel in a TrustZone-enabled heterogeneous SoC. We present four proofs of concept to transfer sensitive data from a secure entity in the SoC to a non-secure one. The first proof of concept is from a secure ARM core to outside of SoC. The second is from a secure ARM core to a non-secure one. The third is from a non-trusted third party IP embedded in the programmable logic part of the SoC to a non-secure ARM core. And the last proof of concept is from a secure third party IP to a non-secure ARM core.
2020-10-06
Meng, Ruijie, Zhu, Biyun, Yun, Hao, Li, Haicheng, Cai, Yan, Yang, Zijiang.  2019.  CONVUL: An Effective Tool for Detecting Concurrency Vulnerabilities. 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). :1154—1157.

Concurrency vulnerabilities are extremely harmful and can be frequently exploited to launch severe attacks. Due to the non-determinism of multithreaded executions, it is very difficult to detect them. Recently, data race detectors and techniques based on maximal casual model have been applied to detect concurrency vulnerabilities. However, the former are ineffective and the latter report many false negatives. In this paper, we present CONVUL, an effective tool for concurrency vulnerability detection. CONVUL is based on exchangeable events, and adopts novel algorithms to detect three major kinds of concurrency vulnerabilities. In our experiments, CONVUL detected 9 of 10 known vulnerabilities, while other tools only detected at most 2 out of these 10 vulnerabilities. The 10 vulnerabilities are available at https://github.com/mryancai/ConVul.