57,247 research outputs found
Execution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal
of countering code-injection attacks. However, ISR seems to have lost its
appeal since code-injection attacks became less attractive because protection
mechanisms such as data execution prevention (DEP) as well as code-reuse
attacks became more prevalent.
In this paper, we show that ISR can be extended to also protect against
code-reuse attacks while at the same time offering security guarantees similar
to those of software diversity, control-flow integrity, and information hiding.
We present Scylla, a scheme that deploys a new technique for in-place code
encryption to hide the code layout of a randomized binary, and restricts the
control flow to a benign execution path. This allows us to i) implicitly
restrict control-flow targets to basic block entries without requiring the
extraction of a control-flow graph, ii) achieve execution integrity within
legitimate basic blocks, and iii) hide the underlying code layout under
malicious read access to the program. Our analysis demonstrates that Scylla is
capable of preventing state-of-the-art attacks such as just-in-time
return-oriented programming (JIT-ROP) and crash-resistant oriented programming
(CROP). We extensively evaluate our prototype implementation of Scylla and show
feasible performance overhead. We also provide details on how this overhead can
be significantly reduced with dedicated hardware support
Review on DNA Cryptography
Cryptography is the science that secures data and communication over the
network by applying mathematics and logic to design strong encryption methods.
In the modern era of e-business and e-commerce the protection of
confidentiality, integrity and availability (CIA triad) of stored information
as well as of transmitted data is very crucial. DNA molecules, having the
capacity to store, process and transmit information, inspires the idea of DNA
cryptography. This combination of the chemical characteristics of biological
DNA sequences and classical cryptography ensures the non-vulnerable
transmission of data. In this paper we have reviewed the present state of art
of DNA cryptography.Comment: 31 pages, 12 figures, 6 table
Contract-Based General-Purpose GPU Programming
Using GPUs as general-purpose processors has revolutionized parallel
computing by offering, for a large and growing set of algorithms, massive
data-parallelization on desktop machines. An obstacle to widespread adoption,
however, is the difficulty of programming them and the low-level control of the
hardware required to achieve good performance. This paper suggests a
programming library, SafeGPU, that aims at striking a balance between
programmer productivity and performance, by making GPU data-parallel operations
accessible from within a classical object-oriented programming language. The
solution is integrated with the design-by-contract approach, which increases
confidence in functional program correctness by embedding executable program
specifications into the program text. We show that our library leads to modular
and maintainable code that is accessible to GPGPU non-experts, while providing
performance that is comparable with hand-written CUDA code. Furthermore,
runtime contract checking turns out to be feasible, as the contracts can be
executed on the GPU
THE DYNAMIC CIPHERS – NEW CONCEPT OF LONG-TERM CONTENT PROTECTING
In the paper the original concept of a new cipher, targeted at this moment forcivil applications in technology (e.g. measurement and control systems) and business (e.g.content protecting, knowledge-based companies or long-term archiving systems) is presented.The idea of the cipher is based on one-time pads and linear feedback shift registers. Therapidly changing hardware and software environment of cryptographic systems has beentaken into account during the construction of the cipher. The main idea of this work is tocreate a cryptosystem that can protect content or data for a long time, even more than onehundred years. The proposed algorithm can also simulate a stream cipher which makes itpossible to apply it in digital signal processing systems such as those within audio and videodelivery or telecommunication.Content protection, Cryptosystem, Dynamic cryptography, Linear Feedback ShiftRegisters, Object-oriented programming, One-time pad, Random key, random number generators,Statistical evaluation of ciphers.
SWI-Prolog and the Web
Where Prolog is commonly seen as a component in a Web application that is
either embedded or communicates using a proprietary protocol, we propose an
architecture where Prolog communicates to other components in a Web application
using the standard HTTP protocol. By avoiding embedding in external Web servers
development and deployment become much easier. To support this architecture, in
addition to the transfer protocol, we must also support parsing, representing
and generating the key Web document types such as HTML, XML and RDF.
This paper motivates the design decisions in the libraries and extensions to
Prolog for handling Web documents and protocols. The design has been guided by
the requirement to handle large documents efficiently. The described libraries
support a wide range of Web applications ranging from HTML and XML documents to
Semantic Web RDF processing.
To appear in Theory and Practice of Logic Programming (TPLP)Comment: 31 pages, 24 figures and 2 tables. To appear in Theory and Practice
of Logic Programming (TPLP
FastFlow tutorial
FastFlow is a structured parallel programming framework targeting shared
memory multicores. Its layered design and the optimized implementation of the
communication mechanisms used to implement the FastFlow streaming networks
provided to the application programmer as algorithmic skeletons support the
development of efficient fine grain parallel applications. FastFlow is
available (open source) at SourceForge
(http://sourceforge.net/projects/mc-fastflow/). This work introduces FastFlow
programming techniques and points out the different ways used to parallelize
existing C/C++ code using FastFlow as a software accelerator. In short: this is
a kind of tutorial on FastFlow.Comment: 49 pages + cove
- …