43,507 research outputs found

    The primacy of microchips in the security design of embedded devices

    No full text
    The global embedded system market is projected to grow from 86.5Billionin2020to86.5 Billion in 2020 to 116.2 Billion by 2025. The increased prevalence of embedded devices and the boost in sophisticated attacks against them has made embedded system security an intricate and pressing issue. Embedded systems are at the center of many different electronic products, machines, and intelligent operations, despite being designed to focus on specific tasks and completing those tasks perfectly, they often pose security and privacy issues. For example, embedded systems such as widely deployed medical devices, are posing a pressing issue due to their inadequate security design. These devices once compromised, can lead to death and injury of patients in clinical environments. Another example is the Unmanned Aerial Vehicles (UAVs), also known as “drones”,with the promise of enabling many favorable applications. Besides military purpose, many industries are paying more attention to the commercial usage of drones. For example, Amazon announced its Air PrimeDelivery Service in 2013, aiming to deploy small drones to deliver lightweight packages. However, the further adoption of drones has been significantly impeded by an overwhelming public outcry over the security and privacy implications of drone technology. Additionally, Amazon’s Alexa and similar voice assistant devices are capable of recording every conversation. This appears to be by design in order to allow the device to be responsive to “wake up” commands such as “Hey Alexa!”. However, such capability without properly securing the collected data causes many security and privacy complications. The economic and mortality impacts of the vulnerabilities in devices as described above have been widely discussed, but there is limited in quest that has focused on identifying the root causes of these issues. In this dissertation, I have identified several critical issues that have roots in the security design of embedded devices. As an example, I have demonstrated that widely used Medical Infusion Pumps could easily be compromised since developers/manufacturers have utilized insecure username and password such as“admin” and “12345” as the main method of authentication on their product. To make things worse, they have also decided to transmit variety of sensitive data in plain text instead of utilizing modern encryption methods for data in transit. In another example, I have demonstrated how an additive manufacturing equipment such as a 3D printer and the designs residing on the printer can be easily compromised due to the lack of proper authentication and data security. While conducting these studies, it emerged that the underutilization of security protocols existing on microcontrollers within each embedded device is the root cause of many vulnerabilities. At this step, the question of “Why more capable security protocols despite being available on the microcontrollers aren’t being used?” replaced the “Why this device is vulnerable?”. It is evident that from the manufacturer’s perspective, the time to market of a product is crucial. To make things worse, often developers will sacrifice spending more time and paying attention to security components in favor of a faster release cycle. I have identified that the main issue descents during the design phase of such devices. Developers are frequently rushed to develop the main functionality of these devices and omit to forget the “Security by Design” principal. As a result, vast majority of embedded devices are being released to the public without implementing modern security protocols despite being supported by the underlining hardware.I have researched, designed, and developed an intuitive web-based tool capable of efficiently and effectively guiding developers and manufactures to identify the supported security protocols of hundreds of microcontrollers. I focus on multiple methods to collect, parse, analyze, and identify the available security protocols of hundreds of microcontrollers that are often time-consuming to identify and challenging to categorize for developers. The current process results in frustration and ultimately unawareness of many essential capabilities of microcontrollers such as elevated security protocols. The developed solution will determinately enable developers to save time, reduce error, fully utilize the hardware’s capability at their disposal, and ultimately increase the security posture of their final product. My approach revealed that, a web-based tool designed to return the supported cryptographic protocols based on the inputted microcontroller model with a simple and intuitive interface can facilitate the design phase of an embedded device without sacrificing security. I experimentally validate the correctness of the developed framework by obtaining a patient monitor, a form of medical device and reverse engineering it to 1. validating the presence or absence of secure authentication and encryption of data in transit 2. validating that the underlining hardware supports modern security protocols via utilizing the developed framework, and 3. concluding that despite the availability of a stronger security protocol, developers/manufactures have neglected to utilize these protocols.LimitedAuthor requested closed access (OA after 2yrs) in Vireo ETD syste

    Vulnerabilities, Cybersecurity, and the Role of Law and Regulation herein

    No full text
    Nowadays, it is not difficult to conjure up images of hacked power plants, remote-hijacked public transportation systems, etc. By exploiting hidden vulnerabilities, hackers are plundering business secrets, stealing digital consumers’ records, and trying to reshape the world inconspicuously. Most of society lacks awareness of software vulnerabilities. Software vendors seem unlikely to discuss flaws in their products publicly, and the related markets of vulnerabilities are often opaque. This thesis tries to introduce its readers to a structured discussion and analysis of software vulnerabilities vis-à-vis the challenges of cyberattacks. This thesis focuses on an analysis of software vulnerabilities and their relevance to cybersecurity from an economic perspective, and it discusses the role of law and regulation designed to address problems of vulnerabilities and cybersecurity utilizing the law and economics approach. A software vulnerability has its intrinsic value and a life cycle. There are people who search for these vulnerabilities - the bug hunters, and there are three markets for vulnerabilities - white, grey, and black. The assumption of profit maximization in traditional economics also applies to bug hunters. Moreover, this thesis finds that the nature of the white market vis-à-vis the grey or black market is much more competitive. Among the factors that influence the price level of a software vulnerability in the black market, the bounty price (white market price) is particularly worthy of attention. This thesis finds that the practice of governments to retain vulnerabilities is acceptable in the short run for the purpose of legal enforcement or intelligence, given the advanced encryption and anonymization technologies used by criminals. However, in the long run, government agencies should avoid vulnerability transactions. Furthermore, government agencies should give the utmost attention to how to protect their vulnerability stockpiles from being stolen. The empirical results of this thesis prove that a market failure exists at least to some extent in relation to vulnerabilities. There was no significant market pressure upon the software vendor even when the software had been proved seriously risky by a severe cyberattack. Possible avenues to correct this market failure could be found in private law, administrative law, or 2 other means of central intervention. This thesis advocates a solution of jointly using liability rules and safety regulation backed by a public fine (regulation backed by an administrative fine) for the harm caused by a vulnerability. More details are provided by means of an economic model. It is a combination of torts and regulation (ex-ante and ex-post), which is in line with the suggestions made in Shavell (1984), and Faure, Visscher & Weber (2016)

    Recurrence-based models for improving coverage within GPS and satellite-denied mobile sensor networks

    No full text
    Adversarial GPS-denial and coordinate spoofing, as well as satellite jamming, serve as common obstacles to disaster-recovery and military-based teams. While such teams are often supported by UAVs that connect multiple personnel by serving as relay devices, UAV position schemes that rely on centralized controllers are also disrupted by such hurdles, as GPS and satellite-based denial will effect the ability of UAVs to communicate with the controller and drones outside line of sight. In this thesis, we design and implement a drone-relay system that allows drones to cooperatively maximize coverage in a GPS-denied and satellite-denied scenario. Here, we define coverage as the ability of one entity to speak to another entity using a drone network as an intermediate relay system and is measured as the ratio of fulfilled entity-to-entity connections to all possible entity-to-entity connections. We maximize coverage over an extended experiment duration, consisting of 300–1000 timesteps, by devising algorithms that rely on a centralized controller with full knowledge of drone and ground entity position. Particle Swarm Optimization (85% coverage), Reinforcement Learning on a Recurrent Neural Network (75% coverage), and a Time-Series based Inference Optimizer (71% coverage) were amongst the best performing movement algorithms, improving upon movement models in related works by up to 40%. We then design a distributed backend that disperses commands from a centralized controller using a distributed drone-to-drone communication scheme, also collecting observations made by each drone and relaying them to the centralized controller. This backend is additionally integrated with failure recovery and security-based protocols to ensure recovery in drone-downtime and drone-compromised scenarios; both systems feature minimal overhead, allowing drone recovery from downtime in 7% of the simulated episode length and featuring a constant time-addition from encryption that does not increase as drone count increases. Finally, we remove all notions of centrality by designing and implementing a fully decentralized system, where drones operate in squads and house their own models and decision-making protocols. In this system, drone squads are able to share observations of their surroundings with neighboring drone squads to improve predictive performance. This final system complies with GPS and satellite-denial limitations as drones only perform observations in a surrounding vision radius, assuming a camera to be mounted on each drone, and drones can only send messages to neighbors in a transmission radius, avoiding the need of sending satellite-based messages.U of I OnlyAuthor requested U of Illinois access only (OA after 2yrs) in Vireo ETD syste

    Key technologies for safe and autonomous drones

    Get PDF
    Drones/UAVs are able to perform air operations that are very difficult to be performed by manned aircrafts. In addition, drones' usage brings significant economic savings and environmental benefits, while reducing risks to human life. In this paper, we present key technologies that enable development of drone systems. The technologies are identified based on the usages of drones (driven by COMP4DRONES project use cases). These technologies are grouped into four categories: U-space capabilities, system functions, payloads, and tools. Also, we present the contributions of the COMP4DRONES project to improve existing technologies. These contributions aim to ease drones’ customization, and enable their safe operation.This project has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 826610. The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Spain, Austria, Belgium, Czech Republic, France, Italy, Latvia, Netherlands. The total project budget is 28,590,748.75 EUR (excluding ESIF partners), while the requested grant is 7,983,731.61 EUR to ECSEL JU, and 8,874,523.84 EUR of National and ESIF Funding. The project has been started on 1st October 2019

    Sistema de bloqueio de computadores

    Get PDF
    Mestrado em Engenharia de Computadores e TelemáticaThe use of multiple computing devices per person is increasing more and more. Nowadays is normal that mobile devices like smartphones, tablets and laptops are present in the everyday life of a single person and in many cases people use these devices to perform important operations related with their professional life. This also presents a problem, as these devices come with the user in everyday life and the fact that often they have a high monetary value means that these devices are susceptible to theft. This thesis introduces a computer locking system that distinguishes itself from existing similar systems because (i) it is designed to work independently of the Operating System(s) installed on the laptop or mobile device, (ii) depends on a firrmware driver that implements the lock operation making it resistant to storage device formats or any other attack that uses software operations. It is also explored the operation of a device that has a firrmware that follows the Unified Extensible Firmware Interface (UEFI) specification as well as the development of drivers for this type of firrmware. It was also developed a security protocol and various cryptographic techniques where explored and implemented.O uso de vários dispositivos computacionais por pessoa está a aumentar cada vez mais. Hoje em dia é normal dispositivos móveis como o smartphone, tablet e computador portátil estarem presentes no quotidiano das pessoas e em muitos casos as pessoas necessitam de realizar tarefas na sua vida profissional nestes dispositivos. Isto apresenta também um problema, como estes dispositivos acompanham o utilizador no dia a dia e pelo facto de muitas vezes terem um valor monetário elevado faz com que estes dispositivos sejam suscetíveis a roubos. Esta tese introduz um sistema de bloqueio de computadores que se distingue dos sistemas similares existentes porque, (i) _e desenhado para funcionar independentemente do(s) sistema(s) operativo(s) instalado(s) no computador portátil ou no dispositivo móvel, (ii) depende de um driver do firrmware que concretiza a operação de bloqueio fazendo com que seja resistente contra formatação do dispositivo de armazenamento ou qualquer outro ataque que tenho por base a utilização de software. É explorado então o funcionamento de um dispositivo que tenha um firmware que respeita a especificação Unfied Extensible Firmware Interface (UEFI) assim como a programação de drivers para este tipo de firmware. Foi também desenvolvido um protocolo de segurança e são exploradas várias técnicas criptográficas passiveis de serem implementadas

    Implementation of an AES-based stream-cipher for the encryption of an embedded radio communication systems

    No full text
    RESUMEN: En los últimos años, el creciente volumen de datos a procesar ha ocasionado la investigación de maneras de optimizar los tiempos de ejecución de los sistemas, llegando a la conclusión de que la mejor manera es realizar de manera concurrente los procesos paralelizables. Surge así el concepto de procesador multinúcleo, utilizado en las GPU, y las FPGA, los cuales mejoran el rendimiento en tareas de procesado intensivo. Las CPU, aunque menos eficientes con las tareas paralelizables, siguen siendo la mejor opción a la hora de gestionar las interfaces de un sistema. Los sistemas embebidos integran CPU y FPGA o GPU para disponer de todas las ventajas de cada uno. Esta capacidad de procesado de datos es también aplicada al ámbito de las telecomunicaciones hoy en día. Por otro lado, y en el mismo panorama, las comunicaciones inalámbricas se están fomentando gracias a las numerosas ventajas que ofrecen con respecto a los enlaces por cable. No obstante, al estar expuesta la información en un canal no aislado, la necesidad de proteger la información y mantener la privacidad de otras maneras se ha vuelto motivo de estudio, desarrollando numerosos estándares de encriptación con este fin. En este trabajo se implementa un algoritmo de encriptación para proteger los datos transmitidos por un sistema de comunicaciones embebido para su aplicación en comunicaciones reales en los que interviene información clasificada.ABSTRACT: In recent years, the growing volume of data to be processed has led to the investigation of ways to optimize the execution times of the systems, coming to the conclusion that the best way is to perform concurrently the parallelizable processes. Thus, the concept of multi-core processor, used in GPUs, emerges along with FPGAs, improving performance in intensive data processing. CPUs, although less efficient with parallel tasks, are still the best option when managing interfaces on a system. Embedded systems integrate CPUs and FPGAs or GPUs to dispose of all the advantages of each of them. This data processing capacity is also used in the field of telecommunications today. On the other hand, and in the same scenario, wireless communications are being promoted thanks to the many advantages they offer over wired links. However, as information is exposed in a non-isolated channel, the need to protect information and maintain privacy in other ways has become a subject of study, developing numerous encryption standards for this purpose. In this project an encryption algorithm is implemented to protect the data transmitted by an embedded communications system for its application in real communications containing classified information.Máster en Ingeniería de Telecomunicació

    Differentially private partitioned variational inference

    Full text link
    Learning a privacy-preserving model from sensitive data which are distributed across multiple devices is an increasingly important problem. The problem is often formulated in the federated learning context, with the aim of learning a single global model while keeping the data distributed. Moreover, Bayesian learning is a popular approach for modelling, since it naturally supports reliable uncertainty estimates. However, Bayesian learning is generally intractable even with centralised non-private data and so approximation techniques such as variational inference are a necessity. Variational inference has recently been extended to the non-private federated learning setting via the partitioned variational inference algorithm. For privacy protection, the current gold standard is called differential privacy. Differential privacy guarantees privacy in a strong, mathematically clearly defined sense. In this paper, we present differentially private partitioned variational inference, the first general framework for learning a variational approximation to a Bayesian posterior distribution in the federated learning setting while minimising the number of communication rounds and providing differential privacy guarantees for data subjects. We propose three alternative implementations in the general framework, one based on perturbing local optimisation runs done by individual parties, and two based on perturbing updates to the global model (one using a version of federated averaging, the second one adding virtual parties to the protocol), and compare their properties both theoretically and empirically.Comment: Published in TMLR 04/2023: https://openreview.net/forum?id=55Bcghgic

    A Protocol for Cast-as-Intended Verifiability with a Second Device

    Full text link
    Numerous institutions, such as companies, universities, or non-governmental organizations, employ Internet voting for remote elections. Since the main purpose of an election is to determine the voters' will, it is fundamentally important to ensure that the final election result correctly reflects the voters' votes. To this end, modern secure Internet voting schemes aim for what is called end-to-end verifiability. This fundamental security property ensures that the correctness of the final result can be verified, even if some of the computers or parties involved are malfunctioning or corrupted. A standard component in this approach is so called cast-as-intended verifiability which enables individual voters to verify that the ballots cast on their behalf contain their intended choices. Numerous approaches for cast-as-intended verifiability have been proposed in the literature, some of which have also been employed in real-life Internet elections. One of the well established approaches for cast-as-intended verifiability is to employ a second device which can be used by voters to audit their submitted ballots. This approach offers several advantages - including support for flexible ballot/election types and intuitive user experience - and it has been used in real-life elections, for instance in Estonia. In this work, we improve the existing solutions for cast-as-intended verifiability based on the use of a second device. We propose a solution which, while preserving the advantageous practical properties sketched above, provides tighter security guarantees. Our method does not increase the risk of vote-selling when compared to the underlying voting protocol being augmented and, to achieve this, it requires only comparatively weak trust assumptions. It can be combined with various voting protocols, including commitment-based systems offering everlasting privacy

    The Metaverse: Survey, Trends, Novel Pipeline Ecosystem & Future Directions

    Full text link
    The Metaverse offers a second world beyond reality, where boundaries are non-existent, and possibilities are endless through engagement and immersive experiences using the virtual reality (VR) technology. Many disciplines can benefit from the advancement of the Metaverse when accurately developed, including the fields of technology, gaming, education, art, and culture. Nevertheless, developing the Metaverse environment to its full potential is an ambiguous task that needs proper guidance and directions. Existing surveys on the Metaverse focus only on a specific aspect and discipline of the Metaverse and lack a holistic view of the entire process. To this end, a more holistic, multi-disciplinary, in-depth, and academic and industry-oriented review is required to provide a thorough study of the Metaverse development pipeline. To address these issues, we present in this survey a novel multi-layered pipeline ecosystem composed of (1) the Metaverse computing, networking, communications and hardware infrastructure, (2) environment digitization, and (3) user interactions. For every layer, we discuss the components that detail the steps of its development. Also, for each of these components, we examine the impact of a set of enabling technologies and empowering domains (e.g., Artificial Intelligence, Security & Privacy, Blockchain, Business, Ethics, and Social) on its advancement. In addition, we explain the importance of these technologies to support decentralization, interoperability, user experiences, interactions, and monetization. Our presented study highlights the existing challenges for each component, followed by research directions and potential solutions. To the best of our knowledge, this survey is the most comprehensive and allows users, scholars, and entrepreneurs to get an in-depth understanding of the Metaverse ecosystem to find their opportunities and potentials for contribution

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research
    • …
    corecore