1,067 research outputs found
ScaRR: Scalable Runtime Remote Attestation for Complex Systems
The introduction of remote attestation (RA) schemes has allowed academia and
industry to enhance the security of their systems. The commercial products
currently available enable only the validation of static properties, such as
applications fingerprint, and do not handle runtime properties, such as
control-flow correctness. This limitation pushed researchers towards the
identification of new approaches, called runtime RA. However, those mainly work
on embedded devices, which share very few common features with complex systems,
such as virtual machines in a cloud. A naive deployment of runtime RA schemes
for embedded devices on complex systems faces scalability problems, such as the
representation of complex control-flows or slow verification phase.
In this work, we present ScaRR: the first Scalable Runtime Remote attestation
schema for complex systems. Thanks to its novel control-flow model, ScaRR
enables the deployment of runtime RA on any application regardless of its
complexity, by also achieving good performance. We implemented ScaRR and tested
it on the benchmark suite SPEC CPU 2017. We show that ScaRR can validate on
average 2M control-flow events per second, definitely outperforming existing
solutions.Comment: 14 page
RSSI Based Indoor Passive Localization for Intrusion Detection and Tracking
A real time system for intrusion detection and tracking based on wireless
sensor network technology is designed by using the IITH mote which is de-
veloped and designed in IIT Hyderabad as the communication module in the
network.This paper describes the Device-Free Passive Localization system
based on RSSI.The main objective of this paper is to design a DFP Local-
ization system that is easily redeployable, recon�gurable, easy to use, and
operates in real time.
In addition the detection of humans is to be done.The em-
bedded intrusion detection algorithm is designed so that it is able to cope
with the limited resources, in terms of computational power and available
memory space, of the microcontroller unit (MCU) found in the nodes. and
various challenges and problem faced during the real test bed deployment and
also proposed solutions to overcome them.We presented an alternative algo-
rithm based on the minimum Euclidean distance classi�er.our result shows
that the localization accuracy of this system is increased when using the
proposed algorith
6G White Paper on Machine Learning in Wireless Communication Networks
The focus of this white paper is on machine learning (ML) in wireless
communications. 6G wireless communication networks will be the backbone of the
digital transformation of societies by providing ubiquitous, reliable, and
near-instant wireless connectivity for humans and machines. Recent advances in
ML research has led enable a wide range of novel technologies such as
self-driving vehicles and voice assistants. Such innovation is possible as a
result of the availability of advanced ML models, large datasets, and high
computational power. On the other hand, the ever-increasing demand for
connectivity will require a lot of innovation in 6G wireless networks, and ML
tools will play a major role in solving problems in the wireless domain. In
this paper, we provide an overview of the vision of how ML will impact the
wireless communication systems. We first give an overview of the ML methods
that have the highest potential to be used in wireless networks. Then, we
discuss the problems that can be solved by using ML in various layers of the
network such as the physical layer, medium access layer, and application layer.
Zero-touch optimization of wireless networks using ML is another interesting
aspect that is discussed in this paper. Finally, at the end of each section,
important research questions that the section aims to answer are presented
Autoscopy: Detecting Pattern-Searching Rootkits via Control Flow Tracing
Traditional approaches to rootkit detection assume the execution of code at a privilege level below that of the operating system kernel, with the use of virtual machine technologies to enable the detection system itself to be immune from the virus or rootkit code. In this thesis, we approach the problem of rootkit detection from the standpoint of tracing and instrumentation techniques, which work from within the kernel and also modify the kernel\u27s run-time state to detect aberrant control flows. We wish to investigate the role of emerging tracing frameworks (Kprobes, DTrace etc.) in enforcing operating system security without the reliance on a full-blown virtual machine just for the purposes of such policing. We first build a novel rootkit prototype that uses pattern-searching techniques to hijack hooks embedded in dynamically allocated memory, which we present as a showcase of emerging attack techniques. We then build an intrusion detection system-- autoscopy, atop kprobes, that detects anomalous control flow patterns typically exhibited by rootkits within a running kernel. Furthermore, to validate our approach, we show that we were able to successfully detect 15 existing Linux rootkits. We also conduct performance analyses, which show the overhead of our system to range from 2% to 5% on a wide range of standard benchmarks. Thus by leveraging tracing frameworks within operating systems, we show that it is possible to introduce real-world security in devices where performance and resource constraints are tantamount to security considerations
Detecting Safety and Security Faults in PLC Systems with Data Provenance
Programmable Logic Controllers are an integral component for managing many
different industrial processes (e.g., smart building management, power
generation, water and wastewater management, and traffic control systems), and
manufacturing and control industries (e.g., oil and natural gas, chemical,
pharmaceutical, pulp and paper, food and beverage, automotive, and aerospace).
Despite being used widely in many critical infrastructures, PLCs use protocols
which make these control systems vulnerable to many common attacks, including
man-in-the-middle attacks, denial of service attacks, and memory corruption
attacks (e.g., array, stack, and heap overflows, integer overflows, and pointer
corruption). In this paper, we propose PLC-PROV, a system for tracking the
inputs and outputs of the control system to detect violations in the safety and
security policies of the system. We consider a smart building as an example of
a PLC-based system and show how PLC-PROV can be applied to ensure that the
inputs and outputs are consistent with the intended safety and security
policies
Trustworthy Wireless Personal Area Networks
In the Internet of Things (IoT), everyday objects are equipped with the ability to compute and communicate. These smart things have invaded the lives of everyday people, being constantly carried or worn on our bodies, and entering into our homes, our healthcare, and beyond. This has given rise to wireless networks of smart, connected, always-on, personal things that are constantly around us, and have unfettered access to our most personal data as well as all of the other devices that we own and encounter throughout our day. It should, therefore, come as no surprise that our personal devices and data are frequent targets of ever-present threats. Securing these devices and networks, however, is challenging. In this dissertation, we outline three critical problems in the context of Wireless Personal Area Networks (WPANs) and present our solutions to these problems.
First, I present our Trusted I/O solution (BASTION-SGX) for protecting sensitive user data transferred between wirelessly connected (Bluetooth) devices. This work shows how in-transit data can be protected from privileged threats, such as a compromised OS, on commodity systems. I present insights into the Bluetooth architecture, Intel’s Software Guard Extensions (SGX), and how a Trusted I/O solution can be engineered on commodity devices equipped with SGX.
Second, I present our work on AMULET and how we successfully built a wearable health hub that can run multiple health applications, provide strong security properties, and operate on a single charge for weeks or even months at a time. I present the design and evaluation of our highly efficient event-driven programming model, the design of our low-power operating system, and developer tools for profiling ultra-low-power applications at compile time.
Third, I present a new approach (VIA) that helps devices at the center of WPANs (e.g., smartphones) to verify the authenticity of interactions with other devices. This work builds on past work in anomaly detection techniques and shows how these techniques can be applied to Bluetooth network traffic. Specifically, we show how to create normality models based on fine- and course-grained insights from network traffic, which can be used to verify the authenticity of future interactions
- …