Biblio

The authors present dynamic reencryption of return addresses to mitigate their leakage. The authors' method enforces programs to save return addresses as encrypted and renew the encryption states with fresh keys before or after vulnerable operations. When a function returns, it should restore the return address from its encryption using the most recent key not to cause a crash. Under the protection of their method, return addresses and keys may leak, but the disclosed bits become garbage because keys govern all return addresses through encryption, while changing before control-flow proceeds into a vulnerable region. As a result, it becomes probabilistically infeasible to build exploits for intercepting control-flow by using leaked return addresses or keys. They implemented the proposed method as an extension of the LLVM compiler that inserts reencryption code where necessary. They also have confirmed its effectiveness against information leak attacks carried out in the early stage of blind return-oriented programming (BROP). The performance overhead ranges below 11.6% for processor-intensive programs and 4.12% or less for web servers.

Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets) collected across the entire code space. In this paper, we propose to address ROP attacks from a different angle-shrinking available code space at runtime. We present ROPStarvation , a generic and transparent ROP countermeasure that defend against all types of ROP attacks with almost zero run-time overhead. ROPStarvation does not aim to completely stop ROP attacks, instead it attempts to significantly increase the bar by decreasing the possibility of launching a successful ROP exploit in reality. Moreover, shrinking available code space at runtime is lightweight that makes ROPStarvation practical for being deployed with high performance requirement. Results show that ROPStarvation successfully reduces the code space of target applications by 85%. With the reduced code segments, ROPStarvation decreases the probability of building a valid ROP gadget chain by 100% and 83% respectively, with the assumptions that whether the adversary knows the vulnerable applications are protected by ROPStarvation . Evaluations on the SPEC CPU2006 benchmark show that ROPStarvation introduces nearly zero (0.2% on average) run-time performance overhead.

Mobile and web application security, particularly the areas of data privacy, has raised much concerns from the public in recent years. Most applications, or apps for short, are installed without disclosing full information to users and clearly stating what the application has access to, which often raises concern when users become aware of unnecessary information being collected. Unfortunately, most users have little to no technical expertise in regards to what permissions should be turned on and can only rely on their intuition and past experiences to make relatively uninformed decisions. To solve this problem, we developed DroidNet, which is a crowd-sourced Android recommendation tool and framework. DroidNet alleviates privacy concerns and presents users with high confidence permission control recommendations based on the decision from expert users who are using the same apps. This paper explains the general framework, principles, and model behind DroidNet while also providing an experimental setup design which shows the effectiveness and necessity for such a tool.

Software Defined Networking (SDN) is a major paradigm in controlling and managing number of heterogeneous networks. It's a real challenge however to secure such complex networks which are heterogeneous in network security. The centralization of the intelligence in network presents both an opportunity as well as security threats. This paper focuses on various potential security challenges at the various levels of SDN architecture such as Denial of service (DoS) attack and its countermeasures. The paper shows the detection of DoS attck with S-FlowRT.

While there has been considerable research on making power grid Supervisory Control and Data Acquisition (SCADA) systems resilient to attacks, the problem of transitioning these technologies into deployed SCADA systems remains largely unaddressed. We describe our experience and lessons learned in deploying an intrusion-tolerant SCADA system in two realistic environments: a red team experiment in 2017 and a power plant test deployment in 2018. These experiences resulted in technical lessons related to developing an intrusion-tolerant system with a real deployable application, preparing a system for deployment in a hostile environment, and supporting protocol assumptions in that hostile environment. We also discuss some meta-lessons regarding the cultural aspects of transitioning academic research into practice in the power industry.

Supervisory Control and Data Acquisition (SCADA)networks are widely deployed in modern industrial control systems (ICSs)such as energy-delivery systems. As an increasing number of field devices and computing nodes get interconnected, network-based cyber attacks have become major cyber threats to ICS network infrastructure. Field devices and computing nodes in ICSs are subjected to both conventional network attacks and specialized attacks purposely crafted for SCADA network protocols. In this paper, we propose a deep-learning-based network intrusion detection system for SCADA networks to protect ICSs from both conventional and SCADA specific network-based attacks. Instead of relying on hand-crafted features for individual network packets or flows, our proposed approach employs a convolutional neural network (CNN)to characterize salient temporal patterns of SCADA traffic and identify time windows where network attacks are present. In addition, we design a re-training scheme to handle previously unseen network attack instances, enabling SCADA system operators to extend our neural network models with site-specific network attack traces. Our results using realistic SCADA traffic data sets show that the proposed deep-learning-based approach is well-suited for network intrusion detection in SCADA systems, achieving high detection accuracy and providing the capability to handle newly emerged threats.

This article is devoted to the development of a platform for reliable storage of information on supplies based on blockchain technology. The article discusses the main approaches to the work of decentralized applications, as well as the main problems.

Supply chain management (SCM) is fundamental for gaining financial, environmental and social benefits in the supply chain industry. However, traditional SCM mechanisms usually suffer from a wide scope of issues such as lack of information sharing, long delays for data retrieval, and unreliability in product tracing. Recent advances in blockchain technology show great potential to tackle these issues due to its salient features including immutability, transparency, and decentralization. Although there are some proof-of-concept studies and surveys on blockchain-based SCM from the perspective of logistics, the underlying technical challenges are not clearly identified. In this paper, we provide a comprehensive analysis of potential opportunities, new requirements, and principles of designing blockchain-based SCM systems. We summarize and discuss four crucial technical challenges in terms of scalability, throughput, access control, data retrieval and review the promising solutions. Finally, a case study of designing blockchain-based food traceability system is reported to provide more insights on how to tackle these technical challenges in practice.

The Named Data Network (NDN) is a promising network paradigm for content distribution based on caching. However, it may put consumer privacy at risk, as the adversary may identify the content, the name and the signature (namely a certificate) through side-channel timing responses from the cache of the routers. The adversary may identify the content name and the consumer node by distinguishing between cached and un- cached contents. In order to mitigate the timing attack, effective countermeasure methods have been proposed by other authors, such as random caching, random freshness, and probabilistic caching. In this work, we have implemented a timing attack scenario to evaluate the efficiency of these countermeasures and to demonstrate how the adversary can be detected. For this goal, a brute force timing attack scenario based on a real topology was developed, which is the first brute force attack model applied in NDN. Results show that the adversary nodes can be effectively distinguished from other legitimate consumers during the attack period. It is also proposed a multi-level mechanism to detect an adversary node. Through this approach, the content distribution performance can be mitigated against the attack.

Software metrics help developers discover and fix mistakes. However, despite promising empirical evidence, vulnerability discovery metrics are seldom relied upon in practice. In prior research, the effectiveness of these metrics has typically been expressed using precision and recall of a prediction model that uses the metrics as explanatory variables. These prediction models, being black boxes, may not be perceived as useful by developers. However, by systematically interpreting the models and metrics, we can provide developers with nuanced insights about factors that have led to security mistakes in the past. In this paper, we present a preliminary approach to using vulnerability discovery metrics to provide insightful feedback to developers as they engineer software. We collected ten metrics (churn, collaboration centrality, complexity, contribution centrality, nesting, known offender, source lines of code, \# inputs, \# outputs, and \# paths) from six open-source projects. We assessed the generalizability of the metrics across two contextual dimensions (application domain and programming language) and between projects within a domain, computed thresholds for the metrics using an unsupervised approach from literature, and assessed the ability of these unsupervised thresholds to classify risk from historical vulnerabilities in the Chromium project. The observations from this study feeds into our ongoing research to automatically aggregate insights from the various analyses to generate natural language feedback on security. We hope that our approach to generate automated feedback will accelerate the adoption of research in vulnerability discovery metrics.

In this paper we investigate the feasibility of denial-of-service (DoS) attacks on shared caches in multicore platforms. With carefully engineered attacker tasks, we are able to cause more than 300X execution time increases on a victim task running on a dedicated core on a popular embedded multicore platform, regardless of whether we partition its shared cache or not. Based on careful experimentation on real and simulated multicore platforms, we identify an internal hardware structure of a non-blocking cache, namely the cache writeback buffer, as a potential target of shared cache DoS attacks. We propose an OS-level solution to prevent such DoS attacks by extending a state-of-the-art memory bandwidth regulation mechanism. We implement the proposed mechanism in Linux on a real multicore platform and show its effectiveness in protecting against cache DoS attacks.

Security of VMs is now becoming a hot topic due to their outsourcing in cloud computing paradigm. All VMs present on the network are connected to each other, making exploited VMs danger to other VMs. and threats to organization. Rejuvenation of virtualization brought the emergence of hyper-visor based security services like VMI (Virtual machine introspection). As there is a greater chance for any intrusion detection system running on the same system, of being dis-abled by the malware or attacker. Monitoring of VMs using VMI, is one of the most researched and accepted technique, that is used to ensure computer systems security mostly in the paradigm of cloud computing. This thesis presents a work that is to integrate LibVMI with Volatility on a KVM, a Linux based hypervisor, to introspect memory of VMs. Both of these tools are used to monitor the state of live VMs. VMI capability of monitoring VMs is combined with the malware analysis and virtual honeypots to achieve the objective of this project. A testing environment is deployed, where a network of VMs is used to be introspected using Volatility plug-ins. Time execution of each plug-in executed on live VMs is calculated to observe the performance of Volatility plug-ins. All these VMs are deployed as Virtual Honeypots having honey-pots configured on them, which is used as a detection mechanism to trigger alerts when some malware attack the VMs. Using STIX (Structure Threat Information Expression), extracted IOCs are converted into the understandable, flexible, structured and shareable format.

The denial-of-service (DoS) attack is a very common type of cyber attack that can affect critical cyber-physical systems, such as smart grids, by hampering the monitoring and control of the system, for example, creating unavailability of data from the attacked zone. While developing countermeasures can help reduce such risks, it is essential to develop techniques to recover from such scenarios if they occur by estimating the state of the system. Considering the continuous data-stream from the PMUs as time series, this work exploits the bus-to-bus cross-correlations to estimate the state of the system's components under attack using the PMU data of the rest of the buses. By applying this technique, the state of the power system can be estimated under various DoS attack sizes with great accuracy. The estimation accuracy in terms of the mean squared error (MSE) has been used to identify the relative vulnerability of the PMUs of the grid and the most vulnerable time for the DoS attack.

Side-channel attacks allow an adversary to uncover secret program data by observing the behavior of a program with respect to a resource, such as execution time, consumed memory or response size. Side-channel vulnerabilities are difficult to reason about as they involve analyzing the correlations between resource usage over multiple program paths. We present DifFuzz, a fuzzing-based approach for detecting side-channel vulnerabilities related to time and space. DifFuzz automatically detects these vulnerabilities by analyzing two versions of the program and using resource-guided heuristics to find inputs that maximize the difference in resource consumption between secret-dependent paths. The methodology of DifFuzz is general and can be applied to programs written in any language. For this paper, we present an implementation that targets analysis of Java programs, and uses and extends the Kelinci and AFL fuzzers. We evaluate DifFuzz on a large number of Java programs and demonstrate that it can reveal unknown side-channel vulnerabilities in popular applications. We also show that DifFuzz compares favorably against Blazer and Themis, two state-of-the-art analysis tools for finding side-channels in Java programs.

A frequent problem of Internet services are Sybil attacks, i.e., malicious users create numerous fake identities for themselves. To avoid this, many services employ obstacles like Captchas to force (potentially malicious) users to invest human attention in creating new identities for the service. However, this only makes it more difficult but not impossible to create fake identities. Sybil attacks are especially encountered as a problem in decentralized systems since no single trust anchor is available to judge new users as honest or malicious. The avoidance of a single centralized trust-anchor, however, is desirable in many cases. As a consequence, various decentralized Sybil detection approaches have been proposed. The most promising ones are based on leveraging the trust relationships embedded within social graphs. While most of these approaches are focusing on detecting large existing groups of Sybil identities, our approach Detasyr instead restricts the creation of numerous Sybil identities. For that, tickets are distributed through the social graph and have to be collected, allowing for decentralized and privacy preserving authorization. Additionally, it offers a proof of authorization to users that are considered to be honest, allowing them to display their authorization towards others.

The construction and improvement of the underwater acoustic network is the premise and guarantee for the development of the marine industry. Because the underwater nodes need to work for a long time, it is especially important to ensure that the nodes have a long standby capacity. In general, the node is in a low-power standby state waiting for a wake-up signal. When the node detects the wakeup signal, it will resume normal operation. In this paper, we propose a signal design based on the m-sequence. which can detect the hidden awakening signal in the complex environment with low SNR and small Doppler shift. Simulation and experimental data indicate that when the input SNR is as low as -11 dB and the signal has a small Doppler shift, the system can still achieve a detection probability of 100% and ensure that the false alarm probability is lower than 10-6.

Two-factor authentication (2FA) defends against password compromise by a remote attacker. We surveyed 4,275 students, faculty, and staff at Brigham Young University to measure user sentiment about Duo 2FA one year after the university adopted it. The results were mixed. A majority of the participants felt more secure using Duo and felt it was easy to use. About half of all participants reported at least one instance of being locked out of their university account because of an inability to authenticate with Duo. We found that students and faculty generally had more negative perceptions of Duo than staff. The survey responses reveal some pain points for Duo users. In response, we offer recommendations that reduce the frequency of 2FA for users. We also suggest UI changes that draw more attention to 2FA methods that do not require WiFi, the "Remember Me" setting, and the help utility.

A spectral-resource-utilization-efficient and highly resilient coarse granular routing optical network architecture is proposed. The improvement in network resiliency is realized by a novel concept named loop inflation that aims to enhance the geographical diversity of a working path and its redundant path. The trade-off between the inflation and the growth in circumference length of loops is controlled by the Simulated Annealing technique. Coarse granular routing is combined with resilient path design to realize higher spectral resource utilization. The routing scheme defines virtual direct links (VDLs) bridging distant nodes to alleviate the spectrum narrowing effect at the nodes traversed, allowing optical channels to be more densely accommodated by the fibers installed. Numerical experiments elucidate that the proposed networks successfully achieve a 30+0/0 route diversity improvement and a 12% fiber number reduction over conventional networks.

The contemporary power distribution system is facing an increase in extreme weather events, cybersecurity threats and even physical threats such as terrorism. Therefore there is a growing interest towards resiliency estimation and improvement. In this paper the resiliency enhancement strategy by means of Distributed Energy Resources and Automated Switches is presented. Resiliency scores are calculated using Analytical Hierarchy Process. The developed algorithm was validated on the modified IEEE 123 node system. It provides the most resiliency feasible network that satisfies the primary goal of serving the critical loads.

Software Defined Networking (SDN) is very popular due to the benefits it provides such as scalability, flexibility, monitoring, and ease of innovation. However, it needs to be properly protected from security threats. One major attack that plagues the SDN network is the distributed denial-of-service (DDoS) attack. There are several approaches to prevent the DDoS attack in an SDN network. We have evaluated a few machine learning techniques, i.e., J48, Random Forest (RF), Support Vector Machine (SVM), and K-Nearest Neighbors (K-NN), to detect and block the DDoS attack in an SDN network. The evaluation process involved training and selecting the best model for the proposed network and applying it in a mitigation and prevention script to detect and mitigate attacks. The results showed that J48 performs better than the other evaluated algorithms, especially in terms of training and testing time.

Recently, the increase of different services makes the design of routing protocols more difficult in mobile ad hoc networks (MANETs), e.g., how to guarantee the QoS of different types of traffics flows in MANETs with resource constrained and malicious nodes. opportunistic routing (OR) can make full use of the broadcast characteristics of wireless channels to improve the performance of MANETs. In this paper, we propose a traffic-differentiated secure opportunistic routing from a game theoretic perspective, DSOR. In the proposed scheme, we use a novel method to calculate trust value, considering node's forwarding capability and the status of different types of flows. According to the resource status of the network, we propose a service price and resource price for the auction model, which is used to select optimal candidate forwarding sets. At the same time, the optimal bid price has been proved and a novel flow priority decision for transmission is presented, which is based on waiting time and requested time. The simulation results show that the network lifetime, packet delivery rate and delay of the DSOR are better than existing works.

This paper investigates the temperature demagnetization modeling method for permanent magnets (PM) in permanent magnet synchronous linear motor (PMSLM). First, the PM characteristics are presented, and finite element analysis (FEA) is conducted to show the magnetic distribution under different temperatures. Second, demagnetization degrees and remanence of the five PMs' experiment sample are actually measured in stove at temperatures varying from room temperature to 300 °C, and to obtain the real data for next-step modeling. Third, machine learning algorithm called extreme learning machine (ELM) is introduced to map the nonlinear relationships between temperature and demagnetization characteristics of PM and build the demagnetization models. Finally, comparison experiments between linear modeling method, polynomial modeling method, and ELM can certify the effectiveness and advancement of this proposed method.

This paper presents a new class of high-performance permanent micro-magnets based on the controlled assembly of cobalt nanorods for the electromagnetic transduction of MEMS. Micromagnets are fabricated using a low temperature fabrication process that yields a dense material exhibiting high coercive field and remanence to saturation magnetization ratio. The cartography of the magnetic induction produced by the sub-millimeter size magnets was obtained using a scanning Hall effect micro-probe microscope. Silicon microcantilevers placed in the vicinity of these magnets were successfully actuated using the Lorentz force with low currents. The good signal to noise ratio measured at resonance demonstrates the potentiality of these nanostructured micro-magnets.

Previous efforts to detect cross-instance cloud remanence have consisted of searching current instance unallocated space for fragments easily attributable to a prior user or instance, and results were necessarily dependent on the specific instances tested and the search terms employed by the investigator. In contrast, this work developed, tested, and applied a general method to detect potential cross-instance cloud remanence that does not depend on specific instances or search terms. This method collects unallocated space from multiple cloud virtual machine instances based on the same cloud provider template. Empty sectors and sectors which also appear in the allocated space of that instance are removed from the candidate remanence list, and the remaining sectors are compared to sectors from instances based on other templates from that same provider; a matching sector indicate potential cross-instance remanence. Matching sectors are further evaluated by considering contiguous sectors and mapping back to the source file from the other instance template, providing additional evidence that the recovered fragments may in fact be content from another instance. This work first found that unallocated space from multiple cloud instances based on the same template is not empty, random, nor identical - in itself an indicator of possible cross-instance remanence. This work also found sectors in unallocated space of multiple instances that matched contiguous portions of files from instances created from other templates, providing a focused area for determining whether cross-instance data remanence exists. This work contributes a general method to indicate potential cross-instance cloud data remanence which is not dependent on a specific provider or infrastructure, instance details, or the presence of specific user-attributable remnant fragments. A tool to implement the method was developed, validated, and then run on Amazon's AWS cloud service.

Community structure detection in social networks has become a big challenge. Various methods in the literature have been presented to solve this challenge. Recently, several methods have also been proposed to solve this challenge based on a mapping-reduction model, in which data and algorithms are divided between different process nodes so that the complexity of time and memory of community detection in large social networks is reduced. In this paper, a mapping-reduction model is first proposed to detect the structure of communities. Then the proposed framework is rewritten according to a new mechanism called distributed cache memory; distributed cache memory can store different values associated with different keys and, if necessary, put them at different computational nodes. Finally, the proposed rewritten framework has been implemented using SPARK tools and its implementation results have been reported on several major social networks. The performed experiments show the effectiveness of the proposed framework by varying the values of various parameters.