883 research outputs found
LLM for SoC Security: A Paradigm Shift
As the ubiquity and complexity of system-on-chip (SoC) designs increase
across electronic devices, the task of incorporating security into an SoC
design flow poses significant challenges. Existing security solutions are
inadequate to provide effective verification of modern SoC designs due to their
limitations in scalability, comprehensiveness, and adaptability. On the other
hand, Large Language Models (LLMs) are celebrated for their remarkable success
in natural language understanding, advanced reasoning, and program synthesis
tasks. Recognizing an opportunity, our research delves into leveraging the
emergent capabilities of Generative Pre-trained Transformers (GPTs) to address
the existing gaps in SoC security, aiming for a more efficient, scalable, and
adaptable methodology. By integrating LLMs into the SoC security verification
paradigm, we open a new frontier of possibilities and challenges to ensure the
security of increasingly complex SoCs. This paper offers an in-depth analysis
of existing works, showcases practical case studies, demonstrates comprehensive
experiments, and provides useful promoting guidelines. We also present the
achievements, prospects, and challenges of employing LLM in different SoC
security verification tasks.Comment: 42 page
A survey on android security: development and deployment hindrance and best practices
Android OS is the most popular mobile OS for the past few years. Vulnerabilities arise with respect to the increasing functionality of Android OS, impolitic app development practices of developers, end-user incautious and interestingly remediation for the vulnerabilities has been introduced frequently as well. To mitigate security risk factor Google has been updated, deprecated and restricted many system level APIs for 3rd party developers. Considering the consequences, this paper provides a wide overview of Android’s system level app development, privacy issues, and guideline for the developers about what measure they should consider while developing apps. We also discussed the historical development of Android OS and the end-users role to maintain privacy and to minimize security risks
The Design of Secure Mobile Databases: An Evaluation of Alternative Secure Access Models
This research considers how mobile databases can be designed to be both secure and usable. A mobile database is one that is accessed and manipulated via mobile information devices over a wireless medium. A prototype mobile database was designed and then tested against secure access control models to determine if and how these models performed in securing a mobile database. The methodology in this research consisted of five steps. Initially, a preliminary analysis was done to delineate the environment the prototypical mobile database would be used in. Requirements definitions were established to gain a detailed understanding of the users and function of the database system. Conceptual database design was then employed to produce a database design model. In the physical database design step, the database was denormalized in order to reflect some unique computing requirements of the mobile environment. Finally, this mobile database design was tested against three secure access control models and observations made
Recommendations for Applying Security-Centric Technology Utilizing a Layered Approach in the Era of Ubiquitous Computing: (A Guide for the Small Business Enterprise).
The purpose of this work is to advise and assist Small Business in applying security centric technology to better manage and secure their information assets. Computer Crimes and Incursions are growing exponentially, in complexity, and in their sinister application. In the face of this onslaught small businesses, indeed organizations everywhere, need to accept this as a business constant or reality, identify the threats, acknowledge the vulnerabilities, and make plans to meet these challenges
The future of Cybersecurity in Italy: Strategic focus area
This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management
- …