IoTSan: Fortifying the Safety of IoT Systems

Today's IoT systems include event-driven smart applications (apps) that interact with sensors and actuators. A problem specific to IoT systems is that buggy apps, unforeseen bad app interactions, or device/communication failures, can cause unsafe and dangerous physical states. Detecting flaws that lead to such states, requires a holistic view of installed apps, component devices, their configurations, and more importantly, how they interact. In this paper, we design IoTSan, a novel practical system that uses model checking as a building block to reveal "interaction-level" flaws by identifying events that can lead the system to unsafe states. In building IoTSan, we design novel techniques tailored to IoT systems, to alleviate the state explosion associated with model checking. IoTSan also automatically translates IoT apps into a format amenable to model checking. Finally, to understand the root cause of a detected vulnerability, we design an attribution mechanism to identify problematic and potentially malicious apps. We evaluate IoTSan on the Samsung SmartThings platform. From 76 manually configured systems, IoTSan detects 147 vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a previous effort. IoTSan detects the potential safety violations and also effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201

Afluentia: suporte à comunicação para afasia fluente

Aphasia is a language disorder caused by brain damage (eg, stroke) that affects a person’s ability to communicate. Involves different degrees of impairment and it can manifest by difficulties in speaking fluently or difficulty finding words (anomia), but can also entail impairment in spoken language comprehension, inability to repeat words or phrases, impairments in written expression (agraphia), in reading comprehension (alexia) or a combination of any of these difficulties. It can thus result in limitations in the way the person with aphasia interacts with others, for instance, to express how they are feeling as well as their needs, making it hard for them to have a more independent life or have their difficulties addressed. Additionally, this condition also has a strong impact in the life of those around them (e.g., family, carers) as the difficulties of communication, should anything happen, can lead to fear of leaving these patients unattended. Several challenges arise when addressing the communication needs of people with aphasia deriving from the diverse and idiosyncratic nature of their condition and although assisted communication tools have been proposed in the literature (e.g. using pictograms), the characteristics of aphasia often render them as partial solutions. In this sense, this project focuses on understanding the characteristics and needs of aphasic patients and also on the proposal of technology-mediated communication tools that address them in their daily lives. This work adopts a user-centered design and development approach to explore how people with aphasia can be supported in their day-today communication resorting to technology mediation. It was thus achieving an iterative design with the development and evaluation of a proof-of-concept solution for communication aspects, which was progressively implemented and refined having in consideration the identified requirements and the continuous evaluation of the proposed solutions, carried out with a focus group composed by a Speech and Language Therapist (SLT) and a Human Computer Interaction (HCI) Expert. After a first version of the system was achieved, an evaluation phase with Speech and Language Therapists with a strong experience with patients with aphasia took place in order to understand and validate the achieved application, which led to more refinement phases. At its current stage of development, evaluation results show a good level of usability and satisfaction and establish Afluentia as promising ground for further evolving the research on communication mediated by technology to support people with aphasia.A afasia é um distúrbio da linguagem provocada por danos cerebrais (por exemplo, acidente vascular cerebral) e que afeta a capacidade de comunicação de uma pessoa. Envolve diferentes graus de deficiência e pode-se manifestar por dificuldades em falar fluentemente ou dificuldade em encontrar palavras (anomia), mas também pode acarretar prejuízo na compreensão da linguagem falada, incapacidade de repetir palavras ou frases, deficiências na expressão escrita (agrafia), na compreensão da leitura (alexia) ou numa combinação de qualquer uma dessas dificuldades. Pode assim resultar em limitações na forma como a pessoa com afasia interage com outras para, por exemplo, exprimir como se está a sentir assim como as suas necessidades, impossibilitando que tenha uma vida mais independente ou tenha as suas dificuldades abordadas. Além disso, a afasia também tem um forte impacto na vida das pessoas ao redor do afásico (por exemplo, familiares, cuidadores), pois as dificuldades de comunicação da pessoa com afasia podem levar ao medo de deixála desacompanhada por aqueles que a rodeiam. Vários desafios surgem ao abordar as necessidades de comunicação de pessoas com afasia decorrentes da natureza diversa e idiossincrática da sua condição e embora ferramentas de comunicação assistida tenham sido propostas na literatura (por exemplo, usando pictogramas), as características da afasia geralmente tornam essas soluções parciais. Nesse sentido, este projeto foca-se na compreensão das características e necessidades dos pacientes afásicos e também na proposta de ferramentas de comunicação mediada por tecnologia que os abordem, no seu cotidiano. Este trabalho adota uma abordagem de design e desenvolvimento centrada no utilizador de modo explorar como as pessoas com afasia podem ser apoiadas na sua comunicação quotidiana recorrendo à mediação tecnológica. Foi assim conseguindo um design iterativo com desenvolvimento e avaliação de uma solução de prova de conceito para aspectos de comunicação, que foi progressivamente implementada e aperfeiçoada tendo em consideração os requisitos identificados e a avaliação contínua das soluções propostas, realizada com um grupo de foco composto por uma Terapeuta da Fala e um Especialista em Interacção Humano Computador. Após a obtenção de uma primeira versão do sistema, uma fase de avaliação com Terapeutas da Fala com forte experiência com pacientes com afasia também ocorreu de modo a entender e validar a aplicação alcançada, o que levou a mais fases de refinamento. Na sua atual fase de desenvolvimento, os resultados da avaliação mostram um bom nível de usabilidade e satisfação e definem o Afluentia como um terreno promissor para evoluir ainda mais a pesquisa em comunicação mediada por tecnologia de suporte a pessoas com afasia.Mestrado em Engenharia de Computadores e Telemátic

An Investigation into the Effect of Security on Performance in a VoIP Network

Voice over Internet Protocol (VoIP) is a communications technology that transmits voice over packet switched networks such as the Internet. VoIP has been widely adopted by home and business customers. When adding security to a VoIP system, the quality of service and performance of the system are at risk. This study has two main objectives, firstly it illustrates suitable methods to secure the signalling and voice traffic within a VoIP system, secondly it evaluates the performance of a VoIP system after implementing different security methods. This study is carried out on a pilot system using an asterisk based SIP (Session initiation Protocol) server (Asterisk, 2009). Since VoIP is intended for use over the Internet, VPNs (Virtual Private Networks) have been used in a tunnel configuration to provide the service. Additionally the performance of networks level IPSec (Internet Protocol Security) and application level ZRTP (Zimmerman Real Time Transport Protocol) security have been compared with no security. Registration, call setup and voice transmission packets have been captured and analysed. The results have then been extrapolated to the Internet

Perancangan Voice Over Internet Protocol (Voip) Menggunakan Virtual Private Network (Vpn) pada PT Care Technologies

Current technological developments to make a change from several sides. As intelecommunications are now developed with incoming. One of them is VoIP. VoIP is a technologycapable of passing voice in packet form. With this VoIP technology one can make telephonecommunication melaluit internet. To use this VoIP one can use the handphones are connected tolapop or PC. However, the use of VoIP has a disadvantage that can be done tapping at the timethe conversation is being conducted. VPN (Virtual Private Network) is a way of creating a privatenetwork are using a public network / Internet. With a VPN network, a user as if connected by pointto point that they are not. Consists of VPN-management protocols that can perform encryption andtunneling as PPTP (Point to Point Protocol), L2TP (Layer 2 Tunneling Protocol) and IPSec(Internet Protocol Security). With the capabilities of the VPN is expected that the wiretapping ofconversations being conducted by the user can be prevented

Large-Scale Measurement of Real-Time Communication on the Web

Web Real-Time Communication (WebRTC) is getting wide adoptions across the browsers (Chrome, Firefox, Opera, etc.) and platforms (PC, Android, iOS). It enables application developers to add real-time communications features (text chat, audio/video calls) to web applications using W3C standard JavaScript APIs, and the end users can enjoy real-time multimedia communication experience from the browser without the complication of installing special applications or browser plug-ins. As WebRTC based applications are getting deployed on the Internet by thousands of companies across the globe, it is very important to understand the quality of the real-time communication services provided by these applications. Important performance metrics to be considered include: whether the communication session was properly setup, what are the network delays, packet loss rate, throughput, etc. At Callstats.io, we provide a solution to address the above concerns. By integrating an JavaScript API into WebRTC applications, Callstats.io helps application providers to measure the Quality of Experience (QoE) related metrics on the end user side. This thesis illustrates how this WebRTC performance measurement system is designed and built and we show some statistics derived from the collected data to give some insight into the performance of today’s WebRTC based real-time communication services. According to our measurement, real-time communication over the Internet are generally performing well in terms of latency and loss. The throughput are good for about 30% of the communication sessions

BaseSAFE: Baseband SAnitized Fuzzing through Emulation

Rogue base stations are an effective attack vector. Cellular basebands represent a critical part of the smartphone's security: they parse large amounts of data even before authentication. They can, therefore, grant an attacker a very stealthy way to gather information about calls placed and even to escalate to the main operating system, over-the-air. In this paper, we discuss a novel cellular fuzzing framework that aims to help security researchers find critical bugs in cellular basebands and similar embedded systems. BaseSAFE allows partial rehosting of cellular basebands for fast instrumented fuzzing off-device, even for closed-source firmware blobs. BaseSAFE's sanitizing drop-in allocator, enables spotting heap-based buffer-overflows quickly. Using our proof-of-concept harness, we fuzzed various parsers of the Nucleus RTOS-based MediaTek cellular baseband that are accessible from rogue base stations. The emulator instrumentation is highly optimized, reaching hundreds of executions per second on each core for our complex test case, around 15k test-cases per second in total. Furthermore, we discuss attack vectors for baseband modems. To the best of our knowledge, this is the first use of emulation-based fuzzing for security testing of commercial cellular basebands. Most of the tooling and approaches of BaseSAFE are also applicable for other low-level kernels and firmware. Using BaseSAFE, we were able to find memory corruptions including heap out-of-bounds writes using our proof-of-concept fuzzing harness in the MediaTek cellular baseband. BaseSAFE, the harness, and a large collection of LTE signaling message test cases will be released open-source upon publication of this paper

Execution Offloading 기술을 사용한 모바일 기기를 위한 클라우드 보안 솔루션

학위논문 (석사)-- 서울대학교 대학원 : 전기·컴퓨터공학부, 2015. 8. 백윤흥.So far, security mechanisms for mobile devices have had difficulties to protect from malicious threats due to the limited resources of mobile devices. With the prevalence of cloud computing, one of promising solutions to overcome the difficulties is to exploit cloud environments, where a remote virtual machine performs the resource-consuming security analysis instead of a mobile device. However, existing cloud-based solutions are still insufficient because of the code coverage problem and security level degradation. Therefore, this thesis proposes a static and dynamic analysis based security solution called SORCloud. For dynamic analysis, it offloads a process of a suspicious application to a remote virtual machine for dynamic security analysis, by which SORCloud resolves two problems mentioned above. Through comprehensive experiments, we show how efficiently the proposed scheme works and detects malicious behaviorContents I. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 II. Background . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 III. RelatedWork . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.1 Androgaurd . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.2 Andriod-apktool . . . . . . . . . . . . . . . . . . . . . . . . 10 3.3 Dex2Jar . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.4 Dexter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.5 APKInspector . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.6 API monitor . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.7 offloading . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 IV. SorCloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.1 System Overview . . . . . . . . . . . . . . . . . . . . . . . 16 4.2 System Modules . . . . . . . . . . . . . . . . . . . . . . . . 17 4.3 Execution offloading . . . . . . . . . . . . . . . . . . . . . 18 4.3.1 Code Instrumentation . . . . . . . . . . . . . . . . . 18 4.3.2 Thread Migration . . . . . . . . . . . . . . . . . . . 21 4.4 Security Modules . . . . . . . . . . . . . . . . . . . . . . . 23 4.5 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . 25 4.6 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 4.6.1 Experimental setup . . . . . . . . . . . . . . . . . . 26 ii 4.6.2 Experimental results . . . . . . . . . . . . . . . . . 27 4.7 CONCLUSION . . . . . . . . . . . . . . . . . . . . . . . . 34 4.8 FUTURE WORK . . . . . . . . . . . . . . . . . . . . . . . 35 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 초록 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Maste

Independent verification of specification models for large software systems at the early phases of development lifecycle

One of the major challenges facing the software industry, in general and IV&V (Independent Verification and Validation) analysts in particular, is to find ways for analyzing dynamic behavior of requirement specifications of large software systems early in the development lifecycle. Such analysis can significantly improve the performance and reliability of the developed systems. This dissertation addresses the problem of developing an IV&V framework for extracting semantics of dynamic behavior from requirement specifications based on: (1) SART (Structured Analysis with Realtime) models, and (2) UML (Unified Modeling Language) models.;For SART, the framework presented here shows a direct mapping from SART specification models to CPN (Colored Petrinets) models. The semantics of the SART hierarchy at the individual levels are preserved in the mapping. This makes it easy for the analyst to perform the analysis and trace back to the corresponding SART model. CPN was selected because it supports rigorous dynamic analysis. A large scale case study based on a component of NASA EOS system was performed for a proof of the concept.;For UML specifications, an approach based on metamodels is presented. A special type of metamodel, called dynamic metamodel (DMM), is introduced. This approach holds several advantages over the direct mapping of UML to CPN. The mapping rules for generating DMM are not CPN specific, hence they would not change if a language other than CPN is used. Also it makes it more flexible to develop DMM because other types of models can be added to the existing UML models. A simple example of a pacemaker is used to illustrate the concepts of DMM