Material extrusion-based additive manufacturing: G-code and firmware attacks and Defense frameworks

Additive Manufacturing (AM) refers to a group of manufacturing processes that create physical objects by sequentially depositing thin layers. AM enables highly customized production with minimal material wastage, rapid and inexpensive prototyping, and the production of complex assemblies as single parts in smaller production facilities. These features make AM an essential component of Industry 4.0 or Smart Manufacturing. It is now used to print functional components for aircraft, rocket engines, automobiles, medical implants, and more. However, the increased popularity of AM also raises concerns about cybersecurity. Researchers have demonstrated strength degradation attacks on printed objects by injecting cavities in the design file which cause premature failure and catastrophic consequences such as failure of the attacked propeller of a drone during flight. Since a 3D printer is a cyber-physical system that connects the cyber and physical domains in a single process chain, it has a different set of vulnerabilities and security requirements compared to a conventional IT setup. My Ph.D. research focuses on the cybersecurity of one of the most popular AM processes, Material Extrusion or Fused Filament Fabrication (FFF). Although previous research has investigated attacks on printed objects by altering the design, these attacks often leave a larger footprint and are easier to detect. To address this limitation, I have focused on attacks at the intermediate stage of slicing through minimal manipulations at the individual sub-process level. By doing so, I have demonstrated that it is possible to implant subtle defects in printed parts that can evade detection schemes and bypass many quality assessment checks. In addition to exploring attacks through design files or network layer manipulations, I have also proposed firmware attacks that cause damage to the printed parts, the printer, and the printing facility. To detect sabotage attacks on FFF process, I have developed an attack detection framework that analyzes the cyber and physical domain state of the printing process and detects anomalies using a series of estimation and comparison algorithms in time, space, and frequency domains. An implementation case study confirms that cyber-physical security frameworks are an effective solution against sophisticated sabotage attacks. The increasing use of 3D printing technology to produce functional components underscores the growing importance of compliance and regulations in ensuring their quality and safety. Currently, there are no standards or best practices to guide a user in making a critical printing setup forensically ready. Therefore, I am proposing a novel forensic readiness framework for material extrusion-based 3D printing that will guide standards organizations in formulating compliance criteria for important 3D printing setups. I am optimistic that my offensive and defensive research endeavors presented in this thesis will serve as a valuable resource for researchers and industry practitioners in creating a safer and more secure future for additive manufacturing

An I/O Scheduling Algorithm for Solid State Disk Based on Request Size

对于同类型的I/O请求,基于闪存固态盘的请求响应时间与请求大小基本呈线性比例关系,并且固态盘的读写性能具有非对称性。针对该特性,提出一种基于请求大小的固态盘I/O调度(SIOS)算法,从I/O请求平均响应时间的角度提高固态盘设备的I/O性能。根据读写性能的非对称性,对读写请求进行分组并且优先处理读请求。在此基础上首先处理等待队列中的小请求,从而减少队列中请求的平均等待时间。采用SlC和MlC 2种类型的固态盘进行实验,在5种测试负载的驱动下与lInuX系统中的3种调度算法进行比较,对于SlC固态盘,SIOS平均响应时间分别减少18.4%、25.8%、14.9%、14.5%和13.1%,而对于MlC固态盘,平均响应时间分别减少16.9%、24.4%、13.1%、13.0%和13.7%,结果表明,SIOS能有效减少I/O请求的平均响应时间,提高固态盘存储系统的I/O性能。The response times are linear with the request sizes for flash-based Solid State Disk(SSD) with the same request type.Moreover, the read performance and write performance of flash-based SSD are asymmetric.Based on these characteristics, this paper proposes a Size-based I/O Scheduler(SIOS) for flash-based SSD to improve the I/O performance of SSD-based storage systems from the viewpoint of average response time.SIOS utilizes the asymmetric read and write performance characteristics of flash-based SSD and gives higher priority to the read requests.Moreover, by first processing the small requests in the I/O waiting queue, the average waiting times of the requests are reduced significantly.It implements SIOS in the Linux kernel and evaluates it with two kinds of SSD devices(SLC and MLC)driven by the five traces.Compared with the existing Linux disk I/O schedulers, evaluation results show that SIOS reduces average response times by 18.4%, 25.8%, 14.9%, 14.5% and 13.1% for SLC-based flash SSD, and reduces average response times by 16.9%, 24.4%, 13.1%, 13.0% and 13.7% for MLC-based flash SSD.Results show that compared with the state-of-the-arts, SIOS reduces the average response times significantly.Consequently, the I/O performance of the SSD-based storage systems is improved.国家自然科学基金青年科学基金资助项目“重复数据删除存储系统的数据重构性能和能效研究”(61100033

Internet Predictions

More than a dozen leading experts give their opinions on where the Internet is headed and where it will be in the next decade in terms of technology, policy, and applications. They cover topics ranging from the Internet of Things to climate change to the digital storage of the future. A summary of the articles is available in the Web extras section

Malware Resistant Data Protection in Hyper-connected Networks: A survey

Data protection is the process of securing sensitive information from being corrupted, compromised, or lost. A hyperconnected network, on the other hand, is a computer networking trend in which communication occurs over a network. However, what about malware. Malware is malicious software meant to penetrate private data, threaten a computer system, or gain unauthorised network access without the users consent. Due to the increasing applications of computers and dependency on electronically saved private data, malware attacks on sensitive information have become a dangerous issue for individuals and organizations across the world. Hence, malware defense is critical for keeping our computer systems and data protected. Many recent survey articles have focused on either malware detection systems or single attacking strategies variously. To the best of our knowledge, no survey paper demonstrates malware attack patterns and defense strategies combinedly. Through this survey, this paper aims to address this issue by merging diverse malicious attack patterns and machine learning (ML) based detection models for modern and sophisticated malware. In doing so, we focus on the taxonomy of malware attack patterns based on four fundamental dimensions the primary goal of the attack, method of attack, targeted exposure and execution process, and types of malware that perform each attack. Detailed information on malware analysis approaches is also investigated. In addition, existing malware detection techniques employing feature extraction and ML algorithms are discussed extensively. Finally, it discusses research difficulties and unsolved problems, including future research directions.Comment: 30 pages, 9 figures, 7 tables, no where submitted ye

The design and analysis of novel integrated phase-change photonic memory and computing devices

The current massive growth in data generation and communication challenges traditional computing and storage paradigms. The integrated silicon photonic platform may alleviate the physical limitations resulting from the use of electrical interconnects and the conventional von Neuman computing architecture, due to its intrinsic energy and bandwidth advantages. This work focuses on the development of the phase-change all-photonic memory (PPCM), a device potentially enabling the transition from the electrical to the optical domain by providing the (previously unavailable) non-volatile all-photonic storage functionality. PPCM devices allow for all-optical encoding of the information on the crystal fraction of a waveguide-implemented phase-change material layer, here Ge2Sb2Te5, which in turn modulates the transmitted signal amplitude. This thesis reports novel developments of the numerical methods necessary to emulate the physics of PPCM device operation and performance characteristics, illustrating solutions enabling the realization of a simulation framework modelling the inherently three-dimensional and self-influencing optical, thermal and phase-switching behaviour of PPCM devices. This thesis also depicts an innovative, fast and cost-effective method to characterise the key optical properties of phase-change materials (upon which the performance of PPCM devices depend), exploiting the reflection pattern of a purposely built layer stack, combined with a smart fit algorithm adapting potential solutions drawn from the scientific literature. The simulation framework developed in the thesis is used to analyse reported PPCM experimental results. Numerous sources of uncertainty are underlined, whose systematic analysis reduced to the peculiar non-linear optical properties of Ge2Sb2Te5. Yet, the data fit process validates both the simulation tool and the remaining physical assumptions, as the model captures the key aspects of the PPCM at high optical intensity, and reliably and accurately predicts its behaviour at low intensity, enabling to investigate its underpinning physical mechanisms. Finally, a novel PPCM memory architecture, exploiting the interaction of a much-reduced Ge2Sb2Te5 volume with a plasmonic resonant nanoantenna, is proposed and numerically investigated. The architecture concept is described and the memory functionality is demonstrated, underlining its potential energy and speed improvement on the conventional device by up to two orders of magnitude.Engineering and Physical Sciences Research Council (EPSRC

QoE over-the-top multimédia em redes sem fios

One of the goals of an operator is to improve the Quality of Experience (QoE) of a client in networks where Over-the-top (OTT) content is being delivered. The appearance of services like YouTube, Netflix or Twitch, where in the first case it contains more than 300 hours of video per minute in the platform, brings issues to the managed data networks that already exist, as well as challenges to fix them. Video traffic corresponds to 75% of the whole transmitted data on the Internet. This way, not only the Internet did become the ’de facto’ video transmission path, but also the general data traffic continues to exponentially increase, due to the desire to consume more content. This thesis presents two model proposals and architecture that aim to improve the users’ quality of experience, by predicting the amount of video in advance liable of being prefetched, as a way to optimize the delivery efficiency where the quality of service cannot be guaranteed. The prefetch is done in the clients’ closest cache server. For that, an Analytic Hierarchy Process (AHP) is used, where through a subjective method of attribute comparison, and from the application of a weighted function on the measured quality of service metrics, the amount of prefetch is achieved. Besides this method, artificial intelligence techniques are also taken into account. With neural networks, there is an attempt of selflearning with the behavior of OTT networks with more than 14.000 hours of video consumption under different quality conditions, to try to estimate the experience felt and maximize it, without the normal service delivery degradation. At last, both methods are evaluated and a proof of concept is made with users in a high speed train.Um dos objetivos de um operador é melhorar a qualidade de experiência do cliente em redes onde existem conteúdos Over-the-top (OTT) a serem entregues. O aparecimento de serviços como o YouTube, Netflix ou Twitch, onde no primeiro caso são carregadas mais de 300 horas de vídeo por minuto na plataforma, vem trazer problemas às redes de dados geridas que já existiam, assim como desafios para os resolver. O tráfego de vídeo corresponde a 75% de todos os dados transmitidos na Internet. Assim, não só a Internet se tornou o meio de transmissão de vídeo ’de facto’, como o tráfego de dados em geral continua a crescer exponencialmente, proveniente do desejo de consumir mais conteúdos. Esta tese apresenta duas propostas de modelos e arquitetura que pretendem melhorar a qualidade de experiência do utilizador, ao prever a quantidade de vídeo em avanço passível de ser précarregado, de forma a optimizar a eficiência de entrega das redes onde a qualidade de serviço não é possível de ser garantida. O pré-carregamento dos conteúdos é feito no servidor de cache mais próximo do cliente. Para tal, é utilizado um processo analítico hierárquico (AHP), onde através de um método subjetivo de comparação de atributos, e da aplicação de uma função de valores ponderados nas medições das métricas de qualidade de serviço, é obtida a quantidade a pré-carregar. Além deste método, é também proposta uma abordagem com técnicas de inteligência artificial. Através de redes neurais, há uma tentativa de auto-aprendizagem do comportamento das redes OTT com mais de 14.000 horas de consumo de vídeo sobre diferentes condições de qualidade, para se tentar estimar a experiência sentida e maximizar a mesma, sem degradação da entrega de serviço normal. No final, ambos os métodos propostos são avaliados num cenário de utilizadores num comboio a alta velocidade.Mestrado em Engenharia de Computadores e Telemátic

Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection

Cyber attacks are currently blooming, as the attackers reap significant profits from them and face a limited risk when compared to committing the "classical" crimes. One of the major components that leads to the successful compromising of the targeted system is malicious software. It allows using the victim's machine for various nefarious purposes, e.g., making it a part of the botnet, mining cryptocurrencies, or holding hostage the data stored there. At present, the complexity, proliferation, and variety of malware pose a real challenge for the existing countermeasures and require their constant improvements. That is why, in this paper we first perform a detailed meta-review of the existing surveys related to malware and its detection techniques, showing an arms race between these two sides of a barricade. On this basis, we review the evolution of modern threats in the communication networks, with a particular focus on the techniques employing information hiding. Next, we present the bird's eye view portraying the main development trends in detection methods with a special emphasis on the machine learning techniques. The survey is concluded with the description of potential future research directions in the field of malware detection

RF Integrated Circuits for Energy Autonomous Sensor Nodes.

The exponential growth in the semiconductor industry has enabled computers to pervade our everyday lives, and as we move forward many of these computers will have form factors much smaller than a typical laptop or smartphone. Sensor nodes will soon be deployed ubiquitously, capable of capturing information of their surrounding environment. The next step is to connect all these different nodes together into an entire interconnected system. This “Internet of Things” (IoT) vision has incredible potential to change our lives commercially, societally, and personally. The backbone of IoT is the wireless sensor node, many of which will operate under very rigorous energy constraints with small batteries or no batteries at all. It has been shown that in sensor nodes, radio communication is one of the biggest bottlenecks to ultra-low power design. This research explores ways to reduce energy consumption in radios for wireless sensor networks, allowing them to run off harvested energy, while maintaining qualities that will allow them to function in a real world, multi-user environment. Three different prototypes have been designed demonstrating these techniques. The first is a sensitivity-reduced nanowatt wake-up radio which allows a sensor node to actively listen for packets even when the rest of the node is asleep. CDMA codes and interference rejection reduce the potential for energy-costly false wake-ups. The second prototype is a full transceiver for a body-worn EKG sensor node. This transceiver is designed to have low instantaneous power and is able to receive 802.15.6 Wireless Body Area Network compliant packets. It uses asymmetric communication including a wake-up receiver based on the previous design, UWB transmitter and a communication receiver. The communication receiver has 10 physical channels to avoid interference and demodulates coherent packets which is uncommon for low power radios, but dictated by the 802.15.6 standard. The third prototype is a long range transceiver capable of >1km communication range in the 433MHz band and able to interface with an existing commercial radio. A digitally assisted baseband demodulator was designed which enables the ability to perform bit-level as well as packet-level duty cycling which increases the radio's energy efficiency.PhDElectrical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/110432/1/nerobert_1.pd

Efficient Management of Huge Data Sets on Cluster Computers

In a cluster computer a parallel file system is encharged to spread one single parallel file on the different computer's I/O nodes using a determined distribution function. In file I/O intensive parallel scientific applications with "semi-random temporal parallel file I/O acess patterns", this file is accessed at different addresses at the sametime by a number of processes that may vary between two consecutive iterations. In this thesis a set of "semi-random temporal parallel file I/O access patterns" generated by a phylogenetical application is categorized. For these patterns a partitioning function is proposed that guarantees at any time during execution access to the parallel file. This thesis shows the correlation existing between the type of I/O access patterns and the type and setting of two round robin based distribution functions so that the overall application's execution time can be reduced