An Empirical Study on Android-related Vulnerabilities

Mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. For this and other reasons, mobile devices, and in particular the software that runs on them, are considered first-class citizens in the software-vulnerabilities landscape. Several studies investigated the software-vulnerabilities phenomenon in the context of mobile apps and, more in general, mobile devices. Most of these studies focused on vulnerabilities that could affect mobile apps, while just few investigated vulnerabilities affecting the underlying platform on which mobile apps run: the Operating System (OS). Also, these studies have been run on a very limited set of vulnerabilities. In this paper we present the largest study at date investigating Android-related vulnerabilities, with a specific focus on the ones affecting the Android OS. In particular, we (i) define a detailed taxonomy of the types of Android-related vulnerability; (ii) investigate the layers and subsystems from the Android OS affected by vulnerabilities; and (iii) study the survivability of vulnerabilities (i.e., the number of days between the vulnerability introduction and its fixing). Our findings could help OS and apps developers in focusing their verification & validation activities, and researchers in building vulnerability detection tools tailored for the mobile world

Vulnerability Analysis Case Studies of Control Systems Human Machine Interfaces

This dissertation describes vulnerability research in the area of critical infrastructure security. The intent of this research is to develop a set of recommendations and guidelines for improving the security of Industrial Control System (ICS) and Supervisory Control and Data Acquisition systems software. Specifically, this research focuses on the Human- Machine Interface (HMI) software that is used on control panel workstations. This document covers a brief introduction to control systems security terminology in order to define the research area, a hypothesis for the research, and a discussion of the contribution that this research will provide to the field. Previous work in the area by other researchers is summarized, followed by a description of the vulnerability research, analysis, and creation of deliverables. Technical information on the details of a number of vulnerabilities is presented for a number of HMI vulnerabilities, for which either the author has performed the analysis, or from public vulnerability disclosures where sufficient information about the vulnerabilities is available. Following the body of technical vulnerability information, the common features and characteristics of known vulnerabilities in HMI software are discussed, and that information is used to propose a taxonomy of HMI vulnerabilities. Such a taxonomy can be used to classify HMI vulnerabilities and organize future work on identifying and mitigating such vulnerabilities in the future. Finally, the contributions of this work are presented, along with a summary of areas that have been identified as interesting future work

An assessment of the contemporary threat posed by network worm malware

The cost of a zero-day network worm outbreak has been estimated to be up to US$2.6 billion. Additionally zeroday network worm outbreaks have been observed that spread at a significant pace across the global Internet, with an observed infection level of more than 90 percent of vulnerable hosts within 10 minutes. The threat posed by such fast-spreading malware is therefore significant, particularly given the fact that network operator / administrator intervention is not likely to take effect within the typical epidemiological timescale of such infections. This paper presents a classification of wormable vulnerabilities, demonstrating a method to determine if a vulnerability is wormable, and presents a survey into the cause of the reduction of worm outbreaks in recent years, as well as their viability in the future. It then goes on to explore recent wormable vulnerabilities, and points out the issues with operating system security in relation to techniques used by zero-day worms

So You Think Your Router Is Safe?

A home router is a common item found in today’s household and is seen by most as just an Internet connection enabler. Users don’t realize how important this single device is in terms of privacy protection. The router is the centerpiece through which all the household Internet activities including ecommerce, tax filing and banking pass through. When this central device is compromised, users are at risk of having personal and confidential data exposed. Over the past decade, information security professionals have been shedding light on vulnerabilities plaguing consumer routers. Yet, most users are unaware of all the different ways a router can be compromised and tend to focus only on setting up a strong password to stop the neighbor from piggy backing on the Internet

Towards Adversarial Malware Detection: Lessons Learned from PDF-based Attacks

Malware still constitutes a major threat in the cybersecurity landscape, also due to the widespread use of infection vectors such as documents. These infection vectors hide embedded malicious code to the victim users, facilitating the use of social engineering techniques to infect their machines. Research showed that machine-learning algorithms provide effective detection mechanisms against such threats, but the existence of an arms race in adversarial settings has recently challenged such systems. In this work, we focus on malware embedded in PDF files as a representative case of such an arms race. We start by providing a comprehensive taxonomy of the different approaches used to generate PDF malware, and of the corresponding learning-based detection systems. We then categorize threats specifically targeted against learning-based PDF malware detectors, using a well-established framework in the field of adversarial machine learning. This framework allows us to categorize known vulnerabilities of learning-based PDF malware detectors and to identify novel attacks that may threaten such systems, along with the potential defense mechanisms that can mitigate the impact of such threats. We conclude the paper by discussing how such findings highlight promising research directions towards tackling the more general challenge of designing robust malware detectors in adversarial settings