110 research outputs found

    Using crowdsourced geospatial data to aid in nuclear proliferation monitoring

    Get PDF
    In 2014, a Defense Science Board Task Force was convened in order to assess and explore new technologies that would aid in nuclear proliferation monitoring. One of their recommendations was for the director of National Intelligence to explore ways that crowdsourced geospatial imagery technologies could aid existing governmental efforts. Our research builds directly on this recommendation and provides feedback on some of the most successful examples of crowdsourced geospatial data (CGD). As of 2016, Special Operations Command (SOCOM) has assumed the new role of becoming the primary U.S. agency responsible for counter-proliferation. Historically, this institution has always been reliant upon other organizations for the execution of its myriad of mission sets. SOCOM's unique ability to build relationships makes it particularly suited to the task of harnessing CGD technologies and employing them in the capacity that our research recommends. Furthermore, CGD is a low cost, high impact tool that is already being employed by commercial companies and non-profit groups around the world. By employing CGD, a wider whole-of-government effort can be created that provides a long term, cohesive engagement plan for facilitating a multi-faceted nuclear proliferation monitoring process.http://archive.org/details/usingcrowdsource1094551570Major, United States ArmyMajor, United States ArmyApproved for public release; distribution is unlimited

    Novel Attacks and Defenses in the Userland of Android

    Get PDF
    In the last decade, mobile devices have spread rapidly, becoming more and more part of our everyday lives; this is due to their feature-richness, mobility, and affordable price. At the time of writing, Android is the leader of the market among operating systems, with a share of 76% and two and a half billion active Android devices around the world. Given that such small devices contain a massive amount of our private and sensitive information, the economic interests in the mobile ecosystem skyrocketed. For this reason, not only legitimate apps running on mobile environments have increased dramatically, but also malicious apps have also been on a steady rise. On the one hand, developers of mobile operating systems learned from security mistakes of the past, and they made significant strides in blocking those threats right from the start. On the other hand, these high-security levels did not deter attackers. In this thesis, I present my research contribution about the most meaningful attack and defense scenarios in the userland of the modern Android operating system. I have emphasized "userland'' because attack and defense solutions presented in this thesis are executing in the userspace of the operating system, due to the fact that Android is slightly different from traditional operating systems. After the necessary technical background, I show my solution, RmPerm, in order to enable Android users to better protect their privacy by selectively removing permissions from any app on any Android version. This operation does not require any modification to the underlying operating system because we repack the original application. Then, using again repackaging, I have developed Obfuscapk; it is a black-box obfuscation tool that can work with every Android app and offers a free solution with advanced state of the art obfuscation techniques -- especially the ones used by malware authors. Subsequently, I present a machine learning-based technique that focuses on the identification of malware in resource-constrained devices such as Android smartphones. This technique has a very low resource footprint and does not rely on resources outside the protected device. Afterward, I show how it is possible to mount a phishing attack -- the historically preferred attack vector -- by exploiting two recent Android features, initially introduced in the name of convenience. Although a technical solution to this problem certainly exists, it is not solvable from a single entity, and there is the need for a push from the entire community. But sometimes, even though there exists a solution to a well-known vulnerability, developers do not take proper precautions. In the end, I discuss the Frame Confusion vulnerability; it is often present in hybrid apps, and it was discovered some years ago, but I show how it is still widespread. I proposed a methodology, implemented in the FCDroid tool, for systematically detecting the Frame Confusion vulnerability in hybrid Android apps. The results of an extensive analysis carried out through FCDroid on a set of the most downloaded apps from the Google Play Store prove that 6.63% (i.e., 1637/24675) of hybrid apps are potentially vulnerable to Frame Confusion. The impact of such results on the Android users' community is estimated in 250.000.000 installations of vulnerable apps

    Practical whole-system provenance capture

    Get PDF
    Data provenance describes how data came to be in its present form. It includes data sources and the transformations that have been applied to them. Data provenance has many uses, from forensics and security to aiding the reproducibility of scientific experiments. We present CamFlow, a whole-system provenance capture mechanism that integrates easily into a PaaS offering. While there have been several prior whole-system provenance systems that captured a comprehensive, systemic and ubiquitous record of a system’s behavior, none have been widely adopted. They either A) impose too much overhead, B) are designed for long-outdated kernel releases and are hard to port to current systems, C) generate too much data, or D) are designed for a single system. CamFlow addresses these shortcoming by: 1) leveraging the latest kernel design advances to achieve efficiency; 2) using a self-contained, easily maintainable implementation relying on a Linux Security Module, NetFilter, and other existing kernel facilities; 3) providing a mechanism to tailor the captured provenance data to the needs of the application; and 4) making it easy to integrate provenance across distributed systems. The provenance we capture is streamed and consumed by tenant-built auditor applications. We illustrate the usability of our implementation by describing three such applications: demonstrating compliance with data regulations; performing fault/intrusion detection; and implementing data loss prevention. We also show how CamFlow can be leveraged to capture meaningful provenance without modifying existing applications.Engineering and Applied Science

    Systemunterstützung für moderne Speichertechnologien

    Get PDF
    Trust and scalability are the two significant factors which impede the dissemination of clouds. The possibility of privileged access to customer data by a cloud provider limits the usage of clouds for processing security-sensitive data. Low latency cloud services rely on in-memory computations, and thus, are limited by several characteristics of Dynamic RAM (DRAM) such as capacity, density, energy consumption, for example. Two technological areas address these factors. Mainstream server platforms, such as Intel Software Guard eXtensions (SGX) und AMD Secure Encrypted Virtualisation (SEV) offer extensions for trusted execution in untrusted environments. Various technologies of Non-Volatile RAM (NV-RAM) have better capacity and density compared to DRAM and thus can be considered as DRAM alternatives in the future. However, these technologies and extensions require new programming approaches and system support since they add features to the system architecture: new system components (Intel SGX) and data persistence (NV-RAM). This thesis is devoted to the programming and architectural aspects of persistent and trusted systems. For trusted systems, an in-depth analysis of new architectural extensions was performed. A novel framework named EActors and a database engine named STANlite were developed to effectively use the capabilities of trusted~execution. For persistent systems, an in-depth analysis of prospective memory technologies, their features and the possible impact on system architecture was performed. A new persistence model, called the hypervisor-based model of persistence, was developed and evaluated by the NV-Hypervisor. This offers transparent persistence for legacy and proprietary software, and supports virtualisation of persistent memory.Vertrauenswürdigkeit und Skalierbarkeit sind die beiden maßgeblichen Faktoren, die die Verbreitung von Clouds behindern. Die Möglichkeit privilegierter Zugriffe auf Kundendaten durch einen Cloudanbieter schränkt die Nutzung von Clouds bei der Verarbeitung von sicherheitskritischen und vertraulichen Informationen ein. Clouddienste mit niedriger Latenz erfordern die Durchführungen von Berechnungen im Hauptspeicher und sind daher an Charakteristika von Dynamic RAM (DRAM) wie Kapazität, Dichte, Energieverbrauch und andere Aspekte gebunden. Zwei technologische Bereiche befassen sich mit diesen Faktoren: Etablierte Server Plattformen wie Intel Software Guard eXtensions (SGX) und AMD Secure Encrypted Virtualisation (SEV) stellen Erweiterungen für vertrauenswürdige Ausführung in nicht vertrauenswürdigen Umgebungen bereit. Verschiedene Technologien von nicht flüchtigem Speicher bieten bessere Kapazität und Speicherdichte verglichen mit DRAM, und können daher in Zukunft als Alternative zu DRAM herangezogen werden. Jedoch benötigen diese Technologien und Erweiterungen neuartige Ansätze und Systemunterstützung bei der Programmierung, da diese der Systemarchitektur neue Funktionalität hinzufügen: Systemkomponenten (Intel SGX) und Persistenz (nicht-flüchtiger Speicher). Diese Dissertation widmet sich der Programmierung und den Architekturaspekten von persistenten und vertrauenswürdigen Systemen. Für vertrauenswürdige Systeme wurde eine detaillierte Analyse der neuen Architekturerweiterungen durchgeführt. Außerdem wurden das neuartige EActors Framework und die STANlite Datenbank entwickelt, um die neuen Möglichkeiten von vertrauenswürdiger Ausführung effektiv zu nutzen. Darüber hinaus wurde für persistente Systeme eine detaillierte Analyse zukünftiger Speichertechnologien, deren Merkmale und mögliche Auswirkungen auf die Systemarchitektur durchgeführt. Ferner wurde das neue Hypervisor-basierte Persistenzmodell entwickelt und mittels NV-Hypervisor ausgewertet, welches transparente Persistenz für alte und proprietäre Software, sowie Virtualisierung von persistentem Speicher ermöglicht

    Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications

    Get PDF
    The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage. On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them. Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways. First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation. Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels. Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty

    CA-ARBAC: privacy preserving using context-aware role-based access control on Android permission system

    Get PDF
    Existing mobile platforms are based on manual way of granting and revoking permissions to applications. Once the user grants a given permission to an application, the application can use it without limit, unless the user manually revokes the permission. This has become the reason for many privacy problems because of the fact that a permission that is harmless at some occasion may be very dangerous at another condition. One of the promising solutions for this problem is context-aware access control at permission level that allows dynamic granting and denying of permissions based on some predefined context. However, dealing with policy configuration at permission level becomes very complex for the user as the number of policies to configure will become very large. For instance, if there are A applications, P permissions, and C contexts, the user may have to deal with A × P × C number of policy configurations. Therefore, we propose a context-aware role-based access control model that can provide dynamic permission granting and revoking while keeping the number of policies as small as possible. Although our model can be used for all mobile platforms, we use Android platform to demonstrate our system. In our model, Android applications are assigned roles where roles contain a set of permissions and contexts are associated with permissions. Permissions are activated and deactivated for the containing role based on the associated contexts. Our approach is unique in that our system associates contexts with permissions as opposed to existing similar works that associate contexts with roles. As a proof of concept, we have developed a prototype application called context-aware Android role-based access control. We have also performed various tests using our application, and the result shows that our model is working as desired

    Is health care seeking behaviour affected by response to chest pain amongst South Asians and Whites?

    Get PDF
    Coronary heart disease (CHD) is the leading cause of death in the UK. Despite this declines in death rates have been experienced within the UK since the 1970’s but these declines have not been experienced by South Asians. Studies on access have highlighted inconsistencies between South Asians and Whites. The present study was conducted to explore factors which may affect health care seeking behaviour following symptoms of angina amongst South Asians and Whites. 40 face to face interviews were conducted using a purposive sample from a quantitative survey (Chaturvedi et al, 1997). This sub-sample consisted of White and South Asian male and female participants aged between 35-55 years. A further 4 focus groups were conducted with another purposive sample of White and South Asian males and females aged between 35-55 years. This second sample was selected using the same sampling frame (Chaturvedi et al, 1997). Focus groups were only conducted with those participants who had not taken part in the individual face to face interviews. The individual face to face interviews consisted of 10 South Asian male and 10 South Asian female participants and 10 White male and 10 White female participants. The focus groups consisted of 5-6 participants each. The focus groups were homogenous for ethnicity and sex. The epistemological framework used to guide the analysis was social constructionism. Results indicated that trust was an important factor which affected health care seeking behaviour amongst South Asians and Whites. South Asians had high trust of their GP, were over reliant on the GP and had lower expectations following chest pain. White participants had low trust of their GP, were less reliant on the GP and had high expectation following symptoms of chest pain. Issues of trust affected response to symptoms of angina, with Whites stating that they were less likely to delay seeking health care during an acute crisis compared to South Asians who stated they would phone the GP for advice before going to A&E. Conclusion Access to appropriate health care following chest pain is likely to result from patient related factors which include response to chest pain, expectation from the health service following chest pain and most importantly an overly trusting GP patient relationship

    CA-ARBAC: privacy preserving using context-aware role-based access control on Android permission system

    Get PDF
    Existing mobile platforms are based on manual way of granting and revoking permissions to applications. Once the user grants a given permission to an application, the application can use it without limit, unless the user manually revokes the permission. This has become the reason for many privacy problems because of the fact that a permission that is harmless at some occasion may be very dangerous at another condition. One of the promising solutions for this problem is context-aware access control at permission level that allows dynamic granting and denying of permissions based on some predefined context. However, dealing with policy configuration at permission level becomes very complex for the user as the number of policies to configure will become very large. For instance, if there are A applications, P permissions, and C contexts, the user may have to deal with A × P × C number of policy configurations. Therefore, we propose a context-aware role-based access control model that can provide dynamic permission granting and revoking while keeping the number of policies as small as possible. Although our model can be used for all mobile platforms, we use Android platform to demonstrate our system. In our model, Android applications are assigned roles where roles contain a set of permissions and contexts are associated with permissions. Permissions are activated and deactivated for the containing role based on the associated contexts. Our approach is unique in that our system associates contexts with permissions as opposed to existing similar works that associate contexts with roles. As a proof of concept, we have developed a prototype application called context-aware Android role-based access control. We have also performed various tests using our application, and the result shows that our model is working as desired

    On the Impact of the Cellular Modem on the Security of Mobile Phones

    Get PDF
    Mobile Kommunikation, Mobiltelefone und Smartphones sind ein wesentlicher Bestandteil unseres täglichen Lebens geworden. Daher ist es essentiell, dass diese sicher und zuverlässig funktionieren. Mobiltelefone und Mobilfunknetze sind hoch komplexe Systeme. Solche Systeme abzusichern ist eine anspruchsvolle Aufgabe. Vorangegangene Arbeiten haben sich meist auf die mobilen Endgeräte, im Speziellen auf die Betriebssysteme sowie Endanwendungen, konzentriert. Die vorliegende Doktorarbeit untersucht einen neuen Weg im Bereich Mobilfunksicherheit. Im Fokus steht das Modem als Schnittstelle zum Mobilfunknetz. Das Mobilfunkmodem ist die Komponente, welche die Funkverbindungzum Mobilfunknetz herstellt und ist nach unserer Auffassung eine der Schlüsselkomponenten bei der Untersuchung und Verbesserung der Mobilfunksicherheit. Mobilfunkmodems sind proprietär und können nur mit extrem hohem Aufwand untersucht werden. Für den Einbau zusätzlicher Sicherungsmaßnahmengilt dasselbe. Aus diesen Gründen analysiert diese Arbeit nicht das Innenleben eines Modems, sondern dessen Schnittstelle zum mobilen Betriebssystem. In dieser Arbeit untersuchen wir daher die folgende von uns aufgestellte These: Die Sicherheit mobiler Endgeräte sowie der Mobilfunknetze hängt direkt mit der Sicherheit der Modemschnittstelle zusammen. Diesen Zusammenhang legen wir anhand von drei Schritten dar. Im ersten Schritt führen wir eine Untersuchung der Modemschnittstelle durch. Basierend auf den Ergebnissen der Untersuchung führen wir mehrere Sicherheitsanalysen von Short-Message-Service- (SMS) Implementierungen von verschiedenen Telefontypen durch. Im zweiten Schritt untersuchen wir die Möglichkeiten, die sich Schadcode auf mobilen Endgeräten zu Nutze machen kann. Für diese Untersuchung entwickeln wir ein Proof-of-Concept-Botnetz, welches mittels des Modems verdeckt kommuniziert. Im dritten Schritt implementieren wir, basierend auf den Ergebnissen der vorangegangenen Schritte, einen Schutzmechanismus zur Absicherung des Modems gegen bösartige Zugriffe. Durch unsere Untersuchungen sind wir zu mehreren Ergebnissen gekommen. Die Software für den Empfang von SMS-Nachrichten beinhaltet oftmals (zum Teil kritische) Sicherheitsprobleme. Diese Sicherheitsprobleme haben auch Auswirkungen auf andere Komponenten der Endgeräte. Mit unserem mobilen Botnetz zeigen wir, welche Möglichkeiten Schadcode auf Mobiltelefonen grundsätzlich zur Verfügung stehen. Durch den von uns entwickelten Schutzmechanismus der Modemschnittstelle bestätigen wir unsere anfangs formulierte These. Die Absicherung der Modemschnittstelle verhindert die zuvor präsentierten Angriffe und zeigt hierdurch, dass die Modemschnittstelle einen entscheidenden Faktor der Mobilfunksicherheit darstellt.Cellular communication and especially mobile handsets are an essential part of our daily lives. Therefore, they need to be secure and work reliably. But mobile handsets and cellular networks are highly complex systems and securing them is a challenging task. Previously, most efforts concentrated on the handsets. These efforts only focused on the mobile phone operating system and applications in order to improve cellular system security. This thesis takes a new path and targets the cellular modem as the route to improve the security of mobile handsets and cellular networks. We target the modem since it is one of the essential parts of a mobile handset. It is the component that provides the radio link to the cellular network. This makes the modem a key element in the task to secure mobile phones. But cellular modems are proprietary and closed systems that cannot be easily analyzed in the full or even modified to improve security. Therefore, this thesis investigates the security of the cellular modem at its border to the mobile phone operating system. We suspect that the security of mobile handsets and cellular network strongly depends on the security of the modem interface. This is our hypothesis, which we seek to prove in this work. We solve this in three steps. In the first step, we analyze the interaction between the cellular modem and the other parts of a modern mobile phone. Based on the analysis we develop two novel vulnerability analysis methods. Using this methods we conduct vulnerability analysis of the Short Message Service implementations on various mobile phones. In the second step, we investigate the possible capabilities that malware has through unhindered access to the cellular modem. For this, we develop a cellular botnet where the bots utilize the modem for stealthy communication. In the third step, we use the results from the previous analysis steps to improve the security at the cellular modem interface. In our analysis step, we abused the cellular modem for vulnerability analysis.We discovered several security and reliability issues in the telephony softwares tack of common mobile phones. Using our cellular botnet implementation, we show how malware can abuse access to the cellular modem interface for various kinds of unwanted activities. In the final step, we show that through improving the security at the cellular modem interface the security of mobile handsets as well as the security of cellular networks can be increased. Throughout this thesis we show that the cellular modem has a significant impact on mobile phone security
    corecore