1,106 research outputs found
ClickPattern: A Pattern Lock System Resilient to Smudge and Side-channel Attacks
Pattern lock is a very popular mechanism to secure authenticated access to mobile terminals; this is mainly due to its ease of use and the fact that muscle memory endows it with an extreme memorability. Nonetheless, pattern lock is also very vulnerable to smudge and side channels attacks, thus its actual level of security has been often considered insufficient. In this paper we describe a mechanism that enhances pattern lock security with resilience to smudge and side channel attacks, maintains a comparable level of memorability and provides ease of use that is still comparable with Pattern Lock while outperforming other schemes proposed in the literature. To prove our claim, we have performed a usability test with 51 volunteers and we have compared our results with the other schemes
Do you Trust your Device? Open Challenges in IoT Security Analysis
Several critical contexts, such as healthcare, smart cities, drones, transportation, and agriculture, nowadays rely on IoT, or more in general embedded, devices that require comprehensive security analysis to ensure their integrity before deployment. Security concerns are often related to vulnerabilities that result from inad- equate coding or undocumented features that may create significant privacy issues for users and companies. Current analysis methods, albeit dependent on complex tools, may lead to superficial assessments due to compatibility issues, while authoritative entities struggle with specifying feasible firmware analysis requests for manufacturers within operational contexts. This paper urges the scientific community to collaborate with stakeholdersâmanufacturers, vendors, security analysts, and expertsâto forge a cooperative model that clari- fies manufacturer contributions and aligns analysis demands with operational constraints. Aiming at a modular approach, this paper highlights the crucial need to refine security analysis, ensuring more precise requirements, balanced expectations, and stronger partnerships between vendors and analysts. To achieve this, we propose a threat model based on the feasible interactions of actors involved in the security evaluation of a device, with a particular emphasis on the responsibilities and necessities of all entities involved
Detecting Exploit Primitives Automatically for Heap Vulnerabilities on Binary Programs
Automated Exploit Generation (AEG) is a well-known difficult task, especially
for heap vulnerabilities. Previous works first detected heap vulnerabilities
and then searched for exploitable states by using symbolic execution and
fuzzing techniques on binary programs. However, it is not always easy to
discovery bugs using fuzzing or symbolic technologies and solvable for internal
overflow of heap objects. In this paper, we present a solution DEPA to detect
exploit primitives based on primitive-crucial-behavior model for heap
vulnerabilities. The core of DEPA contains two novel techniques, 1)
primitive-crucial-behavior identification through pointer dependence analysis,
and 2) exploit primitive determination method which includes triggering both
vulnerabilities and exploit primitives. We evaluate DEPA on eleven real-world
CTF(capture the flag) programs with heap vulnerabilities and DEPA can discovery
arbitrary write and arbitrary jump exploit primitives for ten programs except
for program multi-heap. Results showed that primitive-crucial-behavior
identification and determining exploit primitives are accurate and effective by
using our approach. In addition, DEPA is superior to the state-of-the-art tools
in determining exploit primitives for the heap object internal overflowComment: 11 pages 9 figure
- âŠ