Secure Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements

International audienc

UniASM: Binary Code Similarity Detection without Fine-tuning

Binary code similarity detection (BCSD) is widely used in various binary analysis tasks such as vulnerability search, malware detection, clone detection, and patch analysis. Recent studies have shown that the learning-based binary code embedding models perform better than the traditional feature-based approaches. In this paper, we proposed a novel transformer-based binary code embedding model, named UniASM, to learn representations of the binary functions. We designed two new training tasks to make the spatial distribution of the generated vectors more uniform, which can be used directly in BCSD without any fine-tuning. In addition, we proposed a new tokenization approach for binary functions, increasing the token's semantic information while mitigating the out-of-vocabulary (OOV) problem. The experimental results show that UniASM outperforms state-of-the-art (SOTA) approaches on the evaluation dataset. We achieved the average scores of recall@1 on cross-compilers, cross-optimization-levels and cross-obfuscations are 0.72, 0.63, and 0.77, which is higher than existing SOTA baselines. In a real-world task of known vulnerability searching, UniASM outperforms all the current baselines.Comment: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

Enchancing RFID data quality and reliability using approximate filtering techniques

Radio Frequency Identification (RFID) is an emerging auto-identification technology that uses radio waves to identify and track physical objects without the line of sight. While delivering significant improvements in various aspects, such as, stock management and inventory accuracy, there are serious data management issues that affect RFID data quality in preparing reliable solutions. The raw read rate in real world RFID deployments is often in the 60-70% range and naturally unreliable because of redundant and false readings. The redundant readings result in unnecessary storage and affect the efficiency of data processing. Furthermore, false readings that focused on false positive readings generated by cloned tag could be mistakenly considered as valid and affects the final results and decisions. Therefore, two approaches to enhance the RFID data quality and reliability were proposed. A redundant reading filtering approach based on modified Bloom Filter is presented as the existing Bloom Filter based approaches are quite intricate. Meanwhile, even though tag cloning has been identified as one of the serious RFID security issue, it only received little attention in the literature. Therefore we developed a lightweight anti-cloning approach based on modified Count- Min sketch vector and tag reading frequency from e-pedigree in observing identical Electronic Product Code (EPC) of the low cost tag in local site and distributed region in supply chain. Experimental results showed, that the first proposed approach, Duplicate Filtering Hash (DFH) achieved the lowest false positive rate of 0.06% and the highest true positive rate of 89.94% as compared to other baseline approaches. DFH is 71.1% faster than d-Left Time Bloom Filter (DLTBF) while reducing amount of hashing and achieved 100% true negative rate. The second proposed approach, Managing Counterfeit Hash (MCH) performs fastest and 25.7% faster than baseline protocol (BASE) and achieved 99% detection accuracy while DeClone 64% and BASE 77%. Thus, this study successfully proposed approaches that can enhance the RFID data quality and reliability

Expertise and Trust-Aware Social Web Service Recommendation

With the increasing number of Web services, the personalized recommendation of Web services has become more and more important. Fortunately, the social network popularity nowadays brings a good alternative for social recommendation to avoid the data sparsity problem that is not treated very well in the collaborative filtering approach. Since the social network provides a big data about the users, the trust concept has become necessary to filter this abundance and to foster the successful interactions between the users. In this paper, we firstly propose a trusted friend detection mechanism in a social network. The dynamic of the users’ interactions over time and the similarity of their interests have been considered. Secondly, we propose a Web service social recommendation mechanism which considers the expertise of the trusted friends according to their past invocation histories and the active user’s query. The experiments of each mechanism produced satisfactory results

Automated Framework to Improve User?s Awareness and to Categorize Friends on Online Social Networks

The popularity of online social networks has brought up new privacy threats. These threats often arise after users willingly, but unwittingly reveal their information to a wider group of people than they actually intended. Moreover, the well adapted ?friends-based? privacy control has proven to be ill-equipped to prevent dynamic information disclosure, such as in user text posts. Ironically, it fails to capture the dynamic nature of this data by reducing the problem to manual privacy management which is time-consuming, tiresome and error-prone task. This dissertation identifies an important problem with posting on social networks and proposes a unique two phase approach to the problem. First, we suggest an additional layer of security be added to social networking sites. This layer includes a framework for natural language to automatically check texts to be posted by the user and detect dangerous information disclosure so it warns the user. A set of detection rules have been developed for this purpose and tested with over 16,000 Facebook posts to confirm the detection quality. The results showed that our approach has an 85% detection rate which outperforms other existing approaches. Second, we propose utilizing trust between friends as currency to access dangerous posts. The unique feature of our approach is that the trust value is related to the absence of interaction on the given topic. To approach our goal, we defined trust metrics that can be used to determine trustworthy friends in terms of the given topic. In addition, we built a tool which calculates the metrics automatically, and then generates a list of trusted friends. Our experiments show that our approach has reasonably acceptable performance in terms of predicting friends? interactions for the given posts. Finally, we performed some data analysis on a small set of user interaction records on Facebook to show that friends? interaction could be triggered by certain topics

A Passive Testing Approach for Protocols in Wireless Sensor Networks

Smart systems are today increasingly developed with the number of wireless sensor devices drastically increasing. They are implemented within several contexts throughout our environment. Thus, sensed data transported in ubiquitous systems are important, and the way to carry them must be efficient and reliable. For that purpose, several routing protocols have been proposed for wireless sensor networks (WSN). However, one stage that is often neglected before their deployment is the conformance testing process, a crucial and challenging step. Compared to active testing techniques commonly used in wired networks, passive approaches are more suitable to the WSN environment. While some works propose to specify the protocol with state models or to analyze them with simulators and emulators, we here propose a logic-based approach for formally specifying some functional requirements of a novel WSN routing protocol. We provide an algorithm to evaluate these properties on collected protocol execution traces. Further, we demonstrate the efficiency and suitability of our approach by its application into common WSN functional properties, as well as specific ones designed from our own routing protocol. We provide relevant testing verdicts through a real indoor testbed and the implementation of our protocol. Furthermore, the flexibility, genericity and practicability of our approach have been proven by the experimental results

Phishing detection and traceback mechanism

 Isredza Rahmi A Hamid’s thesis entitled Phishing Detection and Trackback Mechanism. The thesis investigates detection of phishing attacks through email, novel method to profile the attacker and tracking the attack back to the origin

Combating cyber attacks in cloud computing using machine learning techniques.

An extensive investigative survey on Cloud Computing with the main focus on gaps that is slowing down Cloud adoption as well as reviewing the threat remediation challenges. Some experimentally supported thoughts on novel approaches to address some of the widely discussed cyber-attack types using machine learning techniques. The thoughts have been constructed in such a way so that Cloud customers can detect the cyber-attacks in their VM without much help from Cloud service provide