73,882 research outputs found
Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities
Recent advances in Internet of Things (IoT) have enabled myriad domains such
as smart homes, personal monitoring devices, and enhanced manufacturing. IoT is
now pervasive---new applications are being used in nearly every conceivable
environment, which leads to the adoption of device-based interaction and
automation. However, IoT has also raised issues about the security and privacy
of these digitally augmented spaces. Program analysis is crucial in identifying
those issues, yet the application and scope of program analysis in IoT remains
largely unexplored by the technical community. In this paper, we study privacy
and security issues in IoT that require program-analysis techniques with an
emphasis on identified attacks against these systems and defenses implemented
so far. Based on a study of five IoT programming platforms, we identify the key
insights that result from research efforts in both the program analysis and
security communities and relate the efficacy of program-analysis techniques to
security and privacy issues. We conclude by studying recent IoT analysis
systems and exploring their implementations. Through these explorations, we
highlight key challenges and opportunities in calibrating for the environments
in which IoT systems will be used.Comment: syntax and grammar error are fixed, and IoT platforms are updated to
match with the submissio
Build It, Break It, Fix It: Contesting Secure Development
Typical security contests focus on breaking or mitigating the impact of buggy
systems. We present the Build-it Break-it Fix-it BIBIFI contest which aims to
assess the ability to securely build software not just break it. In BIBIFI
teams build specified software with the goal of maximizing correctness
performance and security. The latter is tested when teams attempt to break
other teams submissions. Winners are chosen from among the best builders and
the best breakers. BIBIFI was designed to be open-ended - teams can use any
language tool process etc. that they like. As such contest outcomes shed light
on factors that correlate with successfully building secure software and
breaking insecure software. During we ran three contests involving a total of
teams and two different programming problems. Quantitative analysis from these
contests found that the most efficient build-it submissions used CC but
submissions coded in a statically-typed language were less likely to have a
security flaw build-it teams with diverse programming-language knowledge also
produced more secure code. Shorter programs correlated with better scores.
Break-it teams that were also build-it teams were significantly better at
finding security bugs
Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development
The big data industry is facing new challenges as concerns about privacy
leakage soar. One of the remedies to privacy breach incidents is to encapsulate
computations over sensitive data within hardware-assisted Trusted Execution
Environments (TEE). Such TEE-powered software is called secure enclaves. Secure
enclaves hold various advantages against competing for privacy-preserving
computation solutions. However, enclaves are much more challenging to build
compared with ordinary software. The reason is that the development of TEE
software must follow a restrictive programming model to make effective use of
strong memory encryption and segregation enforced by hardware. These
constraints transitively apply to all third-party dependencies of the software.
If these dependencies do not officially support TEE hardware, TEE developers
have to spend additional engineering effort in porting them. High development
and maintenance cost is one of the major obstacles against adopting TEE-based
privacy protection solutions in production. In this paper, we present our
experience and achievements with regard to constructing and continuously
maintaining a third-party library supply chain for TEE developers. In
particular, we port a large collection of Rust third-party libraries into Intel
SGX, one of the most mature trusted computing platforms. Our supply chain
accepts upstream patches in a timely manner with SGX-specific security
auditing. We have been able to maintain the SGX ports of 159 open-source Rust
libraries with reasonable operational costs. Our work can effectively reduce
the engineering cost of developing SGX enclaves for privacy-preserving data
processing and exchange
Abstractions for AI-Based User Interfaces and Systems
Novel user interfaces based on artificial intelligence, such as
natural-language agents, present new categories of engineering challenges.
These systems need to cope with uncertainty and ambiguity, interface with
machine learning algorithms, and compose information from multiple users to
make decisions. We propose to treat these challenges as language-design
problems. We describe three programming language abstractions for three core
problems in intelligent system design. First, hypothetical worlds support
nondeterministic search over spaces of alternative actions. Second, a feature
type system abstracts the interaction between applications and learning
algorithms. Finally, constructs for collaborative execution extend hypothetical
worlds across multiple machines while controlling access to private data. We
envision these features as first steps toward a complete language for
implementing AI-based interfaces and applications
State of the Software Development Life-Cycle for the Internet-of-Things
Software has a longstanding association with a state of crisis considering
its success rate. The explosion of Internet-connected devices,
Internet-of-Things, adds to the complexity of software systems. The particular
characteristics of these systems, such as being large-scale and its
heterogeneity, pose increasingly new challenges. In this paper, we first
briefly introduce the IoT paradigm and the current state of art of software
development. Then, we delve into the particularities of developing software for
IoT systems and systems of systems, given an overview of what are the current
methodologies and tools for design, develop and test such systems. The findings
are discussed, revealing open issues and research directions, and reveal that
the nowadays IoT software development practices are still lagging behind of
what are the current best practices.Comment: 38 page
Secondary use of data in EHR systems
We show how to use aspect-oriented programming to separate security and trust
issues from the logical design of mobile, distributed systems. The main
challenge is how to enforce various types of security policies, in particular
predictive access control policies - policies based on the future behavior of a
program. A novel feature of our approach is that advice is able to analyze the
future use of data. We consider a number of different security policies,
concerning both primary and secondary use of data, some of which can only be
enforced by analysis of process continuations.Comment: 40 page
A Logic Programming Approach for Formal Verification of NetBill Security and Transactions Protocol
Use of formal techniques for verifying the security features of electronic
commerce protocols would facilitate, the enhancement of reliability of such
protocols, thereby increasing their usability. This paper projects the
application of logic programming techniques for formal verification of a well
referred security and transactions protocol, the NetBill. The paper uses ALSP
(Action Language for Security Protocols) as an efficient formal specification
language and SMODELS a model generator to formally analyze and plan attacks on
the protocol.Comment: ICSCI-09, Hyderabad. Indi
Java Card: an analysis of the most successful smart card operating system to date
To explain why the Java Card operating system has become the most successful smart card operating system to date, we analyze the realized features of the current Java Card version, we argue it could be enhanced by adding a number of intended features and we discuss a set of complementary features that have been suggested. No technology can be successful without the right people and the right circumstances, so we provide some insights in the personal and historical historic aspects of the success of Java Car
Finding Tizen security bugs through whole-system static analysis
Tizen is a new Linux-based open source platform for consumer devices
including smartphones, televisions, vehicles, and wearables. While Tizen
provides kernel-level mandatory policy enforcement, it has a large collection
of libraries, implemented in a mix of C and C++, which make their own security
checks. In this research, we describe the design and engineering of a static
analysis engine which drives a full information flow analysis for apps and a
control flow analysis for the full library stack. We implemented these static
analyses as extensions to LLVM, requiring us to improve LLVM's native analysis
features to get greater precision and scalability, including knotty issues like
the coexistence of C++ inheritance with C function pointer use. With our tools,
we found several unexpected behaviors in the Tizen system, including paths
through the system libraries that did not have inline security checks. We show
how our tools can help the Tizen app store to verify important app properties
as well as helping the Tizen development process avoid the accidental
introduction of subtle vulnerabilities
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries
The ability to identify authors of computer programs based on their coding
style is a direct threat to the privacy and anonymity of programmers. While
recent work found that source code can be attributed to authors with high
accuracy, attribution of executable binaries appears to be much more difficult.
Many distinguishing features present in source code, e.g. variable names, are
removed in the compilation process, and compiler optimization may alter the
structure of a program, further obscuring features that are known to be useful
in determining authorship. We examine programmer de-anonymization from the
standpoint of machine learning, using a novel set of features that include ones
obtained by decompiling the executable binary to source code. We adapt a
powerful set of techniques from the domain of source code authorship
attribution along with stylistic representations embedded in assembly,
resulting in successful de-anonymization of a large set of programmers.
We evaluate our approach on data from the Google Code Jam, obtaining
attribution accuracy of up to 96% with 100 and 83% with 600 candidate
programmers. We present an executable binary authorship attribution approach,
for the first time, that is robust to basic obfuscations, a range of compiler
optimization settings, and binaries that have been stripped of their symbol
tables. We perform programmer de-anonymization using both obfuscated binaries,
and real-world code found "in the wild" in single-author GitHub repositories
and the recently leaked Nulled.IO hacker forum. We show that programmers who
would like to remain anonymous need to take extreme countermeasures to protect
their privacy.Comment: 15 page
- …