106,400 research outputs found
EHAP-ORAM: Efficient Hardware-Assisted Persistent ORAM System for Non-volatile Memory
Oblivious RAM (ORAM) protected access pattern is essential for secure NVM. In
the ORAM system, data and PosMap metadata are maps in pairs to perform secure
access. Therefore, we focus on the problem of crash consistency in the ORAM
system. Unfortunately, using traditional software-based support for ORAM system
crash consistency is not only expensive, it can also lead to information leaks.
At present, there is no relevant research on the specific crash consistency
mechanism supporting the ORAM system. To support crash consistency without
damaging ORAM system security and compromising the performance, we propose
EHAP-ORAM. Firstly, we analyze the access steps of basic ORAM to obtain the
basic requirements to support the ORAM system crash consistency. Secondly,
improve the ORAM controller. Thirdly, for the improved hardware system, we
propose several persistence protocols supporting the ORAM system crash
consistency. Finally, we compared our persistent ORAM with the system without
crash consistency support, non-recursive and recursive EHAP-ORAM only incurs
3.36% and 3.65% performance overhead. The results show that EHAP-ORAM not only
supports effective crash consistency with minimal performance and hardware
overhead but also is friendly to NVM lifetime
Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks
Malicious software is abundant in a world of innumerable computer users, who
are constantly faced with these threats from various sources like the internet,
local networks and portable drives. Malware is potentially low to high risk and
can cause systems to function incorrectly, steal data and even crash. Malware
may be executable or system library files in the form of viruses, worms,
Trojans, all aimed at breaching the security of the system and compromising
user privacy. Typically, anti-virus software is based on a signature definition
system which keeps updating from the internet and thus keeping track of known
viruses. While this may be sufficient for home-users, a security risk from a
new virus could threaten an entire enterprise network. This paper proposes a
new and more sophisticated antivirus engine that can not only scan files, but
also build knowledge and detect files as potential viruses. This is done by
extracting system API calls made by various normal and harmful executable, and
using machine learning algorithms to classify and hence, rank files on a scale
of security risk. While such a system is processor heavy, it is very effective
when used centrally to protect an enterprise network which maybe more prone to
such threats.Comment: 6 page
Analysis of the consequences of car to micromobility user side impact crashes
Mobility has changed in recent years in cities worldwide, th.anks to tb.e strong rise in vehicles of micromobility. Bicycle riding is the most widespread micromobility transport mode, followed by stand-up electric scooters (e-scooters). This increase in its use has also led to an increase in related crashes. Both cyclists and e-scooter riders are vulnerable road users and are lik.ely to sustain severe injuries in crashes, especially with motor vehicles. The crashes consequences involving cyclists and other micromobility users have already investigated using numerical simulation software, such as MADYMO and PC-Crash. Most of them have been focused on bicycles and electric bicycles, whereas only few of tbem have analyzed e-scooter crashes consequences. Posirisuk: et al. [1] carried out a computational prediction ofhead-ground impact k:inematics :in e-scooter falls. Ptak et al. [2] analyzed the e-scooter user kinematics after a crash against SUV when the e-scooter chives into the sidefront
of tbe vehicle, a side B-pillar crash and a frontal impact initiated by tbe e-scooter to tbe front-end of the vehicle. However, they did not study the consequ.ences of a car to e-scooter side impact crashes. Xu et al. [3] did study these crashes but considering electric self-balancing scooters that are less widespread than e-scooters. Current study focuses on the consequences of a car to micromobility user (cyclist and e-scooter rider) side impact crashes. The analysis is based on numerical simulations with PC-Crash software
Recommended from our members
Building Reliable Software for Persistent Memory
Persistent memory (PMEM) technologies preserve data across power cycles and provide performance comparable to DRAM. In emerging computer systems, PMEM will operate on the main memory bus, becoming byte-addressable and cache-coherent. One key feature enabled by persistent memory is to allow software directly accessing durable data using the CPU’s load/store instructions, even from the user-space.However, building reliable software for persistent memory faces new challenges from two aspects: crash consistency and fault tolerance. Maintaining crash consistency requires the ability to recover data integrity in the event of system crashes. Using load/store instructions to access durable data introduces a new programming paradigm, that is prone to new types of programming errors. Fault tolerance involves detecting and recovering from persistent memory errors, including memory media errors and scribbles from software bugs. With direct access, file systems and user-space applications have to explicitly manage these errors, instead of relying on convenient functions from lower I/O stacks.We identify unique challenges in improving reliability for PMEM-based software and propose solutions. The thesis first introduces NOVA-Fortis, a fault-tolerant PMEM file system incorporating replication, checksums, and parity for protecting the file system’s metadata and the user’s file data. NOVA-Fortis is both fast and resilient in the face of corruption due to media errors and software bugs.NOVA-Fortis only protects file data via the read() and write() system calls. When an application memory-maps a PMEM file, NOVA-Fortis has to disable file data protection because mmap() leaves the file system unaware of updates made to the file. For protecting memory-mapped PMEM data, we present Pangolin, a fault-tolerant persistent object library to protect an application’s objects from persistent memory errors.Writing programs to ensure crash consistency in PMEM remains challenging. Recovery bugs arise as a new type of programming error, preventing a post-crash PMEM file from recovering to a consistent state. Thus, we design two debugging tools for persistent memory programming: PmemConjurer and PmemSanitizer. PmemConjurer is a static analyzer using symbolic execution to find recovery bugs without running a compiled program. PmemSanitizer contains compiler instrumentation and run-time recovery bug analysis, compensating PmemConjurer with multi-threading support and store reordering tests
Automatically Discovering, Reporting and Reproducing Android Application Crashes
Mobile developers face unique challenges when detecting and reporting crashes
in apps due to their prevailing GUI event-driven nature and additional sources
of inputs (e.g., sensor readings). To support developers in these tasks, we
introduce a novel, automated approach called CRASHSCOPE. This tool explores a
given Android app using systematic input generation, according to several
strategies informed by static and dynamic analyses, with the intrinsic goal of
triggering crashes. When a crash is detected, CRASHSCOPE generates an augmented
crash report containing screenshots, detailed crash reproduction steps, the
captured exception stack trace, and a fully replayable script that
automatically reproduces the crash on a target device(s). We evaluated
CRASHSCOPE's effectiveness in discovering crashes as compared to five
state-of-the-art Android input generation tools on 61 applications. The results
demonstrate that CRASHSCOPE performs about as well as current tools for
detecting crashes and provides more detailed fault information. Additionally,
in a study analyzing eight real-world Android app crashes, we found that
CRASHSCOPE's reports are easily readable and allow for reliable reproduction of
crashes by presenting more explicit information than human written reports.Comment: 12 pages, in Proceedings of 9th IEEE International Conference on
Software Testing, Verification and Validation (ICST'16), Chicago, IL, April
10-15, 2016, pp. 33-4
- …