1,633 research outputs found
Software-Based Side Channel Attacks and the Future of Hardened Microarchitecture
Side channel attack vectors found in microarchitecture of computing devices expose systems to potentially system-level breaches. This thesis consists of a comprehensive report on current exploits of this nature, describing their fundamental basis and usage, paving the way to further research into hardware mitigations that may be utilized to combat these and future vulnerabilities. It will discuss several modern software-based side channel attacks, describing the mechanisms they utilize to gain access to privileged information. Attack vectors will be exemplified, along with applicability to various architectures utilized in modern computing. Finally, discussion of how future architectural changes must successfully harden chips against attacks of this type will occur, ending with a reinforced call for development of these integral architectural revisions to resolve the threat
Systemization of Pluggable Transports for Censorship Resistance
An increasing number of countries implement Internet censorship at different
scales and for a variety of reasons. In particular, the link between the
censored client and entry point to the uncensored network is a frequent target
of censorship due to the ease with which a nation-state censor can control it.
A number of censorship resistance systems have been developed thus far to help
circumvent blocking on this link, which we refer to as link circumvention
systems (LCs). The variety and profusion of attack vectors available to a
censor has led to an arms race, leading to a dramatic speed of evolution of
LCs. Despite their inherent complexity and the breadth of work in this area,
there is no systematic way to evaluate link circumvention systems and compare
them against each other. In this paper, we (i) sketch an attack model to
comprehensively explore a censor's capabilities, (ii) present an abstract model
of a LC, a system that helps a censored client communicate with a server over
the Internet while resisting censorship, (iii) describe an evaluation stack
that underscores a layered approach to evaluate LCs, and (iv) systemize and
evaluate existing censorship resistance systems that provide link
circumvention. We highlight open challenges in the evaluation and development
of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy
Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK:
Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq
Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg
(DOI 10.1515/popets-2016-0028
Social networking and digital gaming media convergence : classification and its consequences for appropriation
Within the field of Information Systems, a good proportion of research is concerned with the work organisation and this has, to some extent, restricted the kind of application areas given consideration. Yet, it is clear that information and communication technology deployments beyond the work organisation are acquiring increased importance in our lives. With this in mind, we offer a field study of the appropriation of an online play space known as Habbo Hotel. Habbo Hotel, as a site of media convergence, incorporates social networking and digital gaming functionality. Our research highlights the ethical problems such a dual classification of technology may bring. We focus upon a particular set of activities undertaken within and facilitated by the space – scamming. Scammers dupe members with respect to their ‘Furni’, virtual objects that have online and offline economic value. Through our analysis we show that sometimes, online activities are bracketed off from those defined as offline and that this can be related to how the technology is classified by members – as a social networking site and/or a digital game. In turn, this may affect members’ beliefs about rights and wrongs. We conclude that given increasing media convergence, the way forward is to continue the project of educating people regarding the difficulties of determining rights and wrongs, and how rights and wrongs may be acted out with respect to new technologies of play online and offline
Application Adaptive Bandwidth Management Using Real-Time Network Monitoring.
Application adaptive bandwidth management is a strategy for ensuring secure and reliable network operation in the presence of undesirable applications competing for a network’s crucial bandwidth, covert channels of communication via non-standard traffic on well-known ports, and coordinated Denial of Service attacks. The study undertaken here explored the classification, analysis and management of the network traffic on the basis of ports and protocols used, type of applications, traffic direction and flow rates on the East Tennessee State University’s campus-wide network. Bandwidth measurements over a nine-month period indicated bandwidth abuse of less than 0.0001% of total network bandwidth. The conclusion suggests the use of the defense-in-depth approach in conjunction with the KHYATI (Knowledge, Host hardening, Yauld monitoring, Analysis, Tools and Implementation) paradigm to ensure effective information assurance
Random and Safe Cache Architecture to Defeat Cache Timing Attacks
Caches have been exploited to leak secret information due to the different
times they take to handle memory accesses. Cache timing attacks include
non-speculative cache side and covert channel attacks and cache-based
speculative execution attacks. We first present a systematic view of the attack
and defense space and show that no existing defense has addressed both
speculative and non-speculative cache timing attack families, which we do in
this paper. We propose Random and Safe (RaS) cache architectures to decorrelate
the cache state changes from memory requests. RaS fills the cache with ``safe''
cache lines that are likely to be used in the future, rather than with
demand-fetched, security-sensitive lines. RaS captures a group of safe
addresses during runtime and fetches addresses randomly displaced from these
addresses. Our proposed RaS architecture is flexible to allow
security-performance trade-offs. We show different designs of RaS architectures
that can defeat cache side-channel attacks and cache-based speculative
execution attacks. The RaS variant against cache-based speculative execution
attacks has 4.2% average performance overhead and other RaS variants against
both attack families have 7.9% to 45.2% average overhead. For some benchmarks,
RaS defenses improve the performance while providing security
Cyber Security Concerns in Social Networking Service
Today’s world is unimaginable without online social networks. Nowadays, millions of people connect with their friends and families by sharing their personal information with the help of different forms of social media. Sometimes, individuals face different types of issues while maintaining the multimedia contents like, audios, videos, photos because it is difficult to maintain the security and privacy of these multimedia contents uploaded on a daily basis. In fact, sometimes personal or sensitive information could get viral if that leaks out even unintentionally. Any leaked out content can be shared and made a topic of popular talk all over the world within few seconds with the help of the social networking sites. In the setting of Internet of Things (IoT) that would connect millions of devices, such contents could be shared from anywhere anytime. Considering such a setting, in this work, we investigate the key security and privacy concerns faced by individuals who use different social networking sites differently for different reasons. We also discuss the current state-of-the-art defense mechanisms that can bring somewhat long-term solutions to tackling these threats
- …