13,765 research outputs found
Unified Description for Network Information Hiding Methods
Until now hiding methods in network steganography have been described in
arbitrary ways, making them difficult to compare. For instance, some
publications describe classical channel characteristics, such as robustness and
bandwidth, while others describe the embedding of hidden information. We
introduce the first unified description of hiding methods in network
steganography. Our description method is based on a comprehensive analysis of
the existing publications in the domain. When our description method is applied
by the research community, future publications will be easier to categorize,
compare and extend. Our method can also serve as a basis to evaluate the
novelty of hiding methods proposed in the future.Comment: 24 pages, 7 figures, 1 table; currently under revie
An Empirical Study on Android-related Vulnerabilities
Mobile devices are used more and more in everyday life. They are our cameras,
wallets, and keys. Basically, they embed most of our private information in our
pocket. For this and other reasons, mobile devices, and in particular the
software that runs on them, are considered first-class citizens in the
software-vulnerabilities landscape. Several studies investigated the
software-vulnerabilities phenomenon in the context of mobile apps and, more in
general, mobile devices. Most of these studies focused on vulnerabilities that
could affect mobile apps, while just few investigated vulnerabilities affecting
the underlying platform on which mobile apps run: the Operating System (OS).
Also, these studies have been run on a very limited set of vulnerabilities.
In this paper we present the largest study at date investigating
Android-related vulnerabilities, with a specific focus on the ones affecting
the Android OS. In particular, we (i) define a detailed taxonomy of the types
of Android-related vulnerability; (ii) investigate the layers and subsystems
from the Android OS affected by vulnerabilities; and (iii) study the
survivability of vulnerabilities (i.e., the number of days between the
vulnerability introduction and its fixing). Our findings could help OS and apps
developers in focusing their verification & validation activities, and
researchers in building vulnerability detection tools tailored for the mobile
world
- …