Integrity protection for code-on-demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent’s perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand(CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection

Securing dynamic itineraries for mobile agent applications

In this paper we present a novel mechanism for the protection of dynamic itineraries for mobile agent applications. Itineraries that are decided as the agent goes are essential in complex applications based on mobile agents, but no approach has been presented until now to protect them. We have conceived a cryptographic scheme for shielding dynamic itineraries from tampering, impersonation and disclosure. By using trust strategically, our scheme provides a balanced trade-off between flexibility and security. Our protection scheme has been thought always bearing in mind a feasible implementation, and thus facilitates the development of applications that make use of it. An example application based on a real healthcare scenario is also presented to show its operation

xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs

In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), intentionally controlling the status LEDs to carry any type of data ('covert-channel') has never studied before. A malicious code is executed on the LAN switch or router, allowing full control of the status LEDs. Sensitive data can be encoded and modulated over the blinking of the LEDs. The generated signals can then be recorded by various types of remote cameras and optical sensors. We provide the technical background on the internal architecture of switches and routers (at both the hardware and software level) which enables this type of attack. We also present amplitude and frequency based modulation and encoding schemas, along with a simple transmission protocol. We implement a prototype of an exfiltration malware and discuss its design and implementation. We evaluate this method with a few routers and different types of LEDs. In addition, we tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and also discuss different detection and prevention countermeasures. Our experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED

Mitigating Adversarial Attacks in Federated Learning with Trusted Execution Environments

The main premise of federated learning (FL) is that machine learning model updates are computed locally to preserve user data privacy. This approach avoids by design user data to ever leave the perimeter of their device. Once the updates aggregated, the model is broadcast to all nodes in the federation. However, without proper defenses, compromised nodes can probe the model inside their local memory in search for adversarial examples, which can lead to dangerous real-world scenarios. For instance, in image-based applications, adversarial examples consist of images slightly perturbed to the human eye getting misclassified by the local model. These adversarial images are then later presented to a victim node's counterpart model to replay the attack. Typical examples harness dissemination strategies such as altered traffic signs (patch attacks) no longer recognized by autonomous vehicles or seemingly unaltered samples that poison the local dataset of the FL scheme to undermine its robustness. Pelta is a novel shielding mechanism leveraging Trusted Execution Environments (TEEs) that reduce the ability of attackers to craft adversarial samples. Pelta masks inside the TEE the first part of the back-propagation chain rule, typically exploited by attackers to craft the malicious samples. We evaluate Pelta on state-of-the-art accurate models using three well-established datasets: CIFAR-10, CIFAR-100 and ImageNet. We show the effectiveness of Pelta in mitigating six white-box state-of-the-art adversarial attacks, such as Projected Gradient Descent, Momentum Iterative Method, Auto Projected Gradient Descent, the Carlini & Wagner attack. In particular, Pelta constitutes the first attempt at defending an ensemble model against the Self-Attention Gradient attack to the best of our knowledge. Our code is available to the research community at https://github.com/queyrusi/Pelta.Comment: 12 pages, 4 figures, to be published in Proceedings 23rd International Conference on Distributed Computing Systems. arXiv admin note: substantial text overlap with arXiv:2308.0437

Robot Protection in the Hazardous Environments

Rescue missions for chemical, biological, radiological, nuclear, and explosive (CBRNE) incidents are highly risky and sometimes it is impossible for rescuers to perform, while these accidents vary dramatically in features and protection requirements. The purpose of this chapter is to present several protection approaches for rescue robots in the hazardous conditions. And four types of rescue robots are presented, respectively. First, design factors and challenges of the rescue robots are analyzed and indicated for these accidents. Then the rescue robots with protective modification are presented, respectively, meeting individual hazardous requirements. And finally several tests are conducted to validate the effectiveness of these modified robots. It is clear that these well-designed robots can work efficiently for the CBRNE response activities

Double-walled carbon nanotube-based polymer composites for electromagnetic protection.

In this paper, we present a microwave absorber based on carbon nanotubes (CNT) dispersed inside a BenzoCycloButenw (BCB) polymer. The high aspect ratio and remarkable conductive characteristics of CNT give rise to good absorbing properties for electromagnetic protecting in microelectronic devices with very low concentration. In this article, nanocomposites are prepared using a solution-mixing method and are then evaluated and modeled by means of coplanar test structures. First, CNT concentrations are quantified by image processing. The nanocomposites implemented with coplanar test waveguides are then characterized using a vector network analyzer from 40 MHz to 20 GHz. An algorithm is developed to calculate the propagation constant "γ" constant "α", and relative effective complex permittivity (εreff = εreff' - jεreff'') for each CNT concentration. The extracted effective parameters are verified using the electromagnetic FEM-based Ansoft’s® high frequency structure simulator (HFSS). Power absorption (PA) of 7 dB at 15 GHz is obtained with only 0.37 weight percent of CNT concentration in the polymer matrix. The resulting engineerable and controllable composite provides consequently a novel degree of freedom to design and optimize innovative microwave components

Explosive Detection Equipment and Technology for Border Security

This report contains a brief survey of Explosives Detection Technology,as it is applied for inspection of goods and passengers at borders, and explains the role of European legislation and the European Commission¿s research programs in this field. It describes the techniques of trace and bulk explosives detection that are in use, the latest techniques that are in development and the characteristics of explosives that are, or might be, used to provide a signature for exploitation in detection technology. References to academic reviews are included for those wishing to study the subject in greater depth. Some additional details are given concerning plastic and liquid explosives, which are a threat of particular current importance. The report also contains a brief account of relevant European trade, safety and security legislation, a description of recent policy initiatives and tables of related European Commission funded research projects. Contact details of commercial companies selling explosive detection products are also provided.JRC.G.6-Sensors, radar technologies and cybersecurit

Markov Decision Processes with Applications in Wireless Sensor Networks: A Survey

Wireless sensor networks (WSNs) consist of autonomous and resource-limited devices. The devices cooperate to monitor one or more physical phenomena within an area of interest. WSNs operate as stochastic systems because of randomness in the monitored environments. For long service time and low maintenance cost, WSNs require adaptive and robust methods to address data exchange, topology formulation, resource and power optimization, sensing coverage and object detection, and security challenges. In these problems, sensor nodes are to make optimized decisions from a set of accessible strategies to achieve design goals. This survey reviews numerous applications of the Markov decision process (MDP) framework, a powerful decision-making tool to develop adaptive algorithms and protocols for WSNs. Furthermore, various solution methods are discussed and compared to serve as a guide for using MDPs in WSNs