Visible to the public Biblio

Filters: Keyword is Linux OS  [Clear All Filters]
2022-01-25
Jha, Ashish, Novikova, Evgeniya S., Tokarev, Dmitry, Fedorchenko, Elena V..  2021.  Feature Selection for Attacker Attribution in Industrial Automation amp; Control Systems. 2021 IV International Conference on Control in Technical Systems (CTS). :220–223.
Modern Industrial Automation & Control Systems (IACS) are essential part of the critical infrastructures and services. They are used in health, power, water, and transportation systems, and the impact of cyberattacks on IACS could be severe, resulting, for example, in damage to the environment, public or employee safety or health. Thus, building IACS safe and secure against cyberattacks is extremely important. The attacker model is one of the key elements in risk assessment and other security related information system management tasks. The aim of the study is to specify the attacker's profile based on the analysis of network and system events. The paper presents an approach to the selection of attacker's profile attributes from raw network and system events of the Linux OS. To evaluate the approach the experiments were performed on data collected within the Global CPTC 2019 competition.
2020-03-16
Tahat, Amer, Joshi, Sarang, Goswami, Pronnoy, Ravindran, Binoy.  2019.  Scalable Translation Validation of Unverified Legacy OS Code. 2019 Formal Methods in Computer Aided Design (FMCAD). :1–9.

Formally verifying functional and security properties of a large-scale production operating system is highly desirable. However, it is challenging as such OSes are often written in multiple source languages that have no formal semantics - a prerequisite for formal reasoning. To avoid expensive formalization of the semantics of multiple high-level source languages, we present a lightweight and rigorous verification toolchain that verifies OS code at the binary level, targeting ARM machines. To reason about ARM instructions, we first translate the ARM Specification Language that describes the semantics of the ARMv8 ISA into the PVS7 theorem prover and verify the translation. We leverage the radare2 reverse engineering tool to decode ARM binaries into PVS7 and verify the translation. Our translation verification methodology is a lightweight formal validation technique that generates large-scale instruction emulation test lemmas whose proof obligations are automatically discharged. To demonstrate our verification methodology, we apply the technique on two OSes: Google's Zircon and a subset of Linux. We extract a set of 370 functions from these OSes, translate them into PVS7, and verify the correctness of the translation by automatically discharging hundreds of thousands of proof obligations and tests. This took 27.5 person-months to develop.