7,504 research outputs found
Domain Name System Security and Privacy: Old Problems and New Challenges
The domain name system (DNS) is an important protocol in today's Internet
operation, and is the standard naming convention between domain names, names
that are easy to read, understand, and remember by humans, to IP address of
Internet resources. The wealth of research activities on DNS in general and
security and privacy in particular suggest that all problems in this domain are
solved. Reality however is that despite the large body of literature on various
aspects of DNS, there are still many challenges that need to be addressed. In
this paper, we review the various activities in the research community on DNS
operation, security, and privacy, and outline various challenges and open
research directions that need to be tackled
ConsiDroid: A Concolic-based Tool for Detecting SQL Injection Vulnerability in Android Apps
In this paper, we present a concolic execution technique for detecting SQL
injection vulnerabilities in Android apps, with a new tool we called
ConsiDroid. We extend the source code of apps with mocking technique, such that
the execution of original source code is not affected. The extended source code
can be treated as Java applications and may be executed by SPF with concolic
execution. We automatically produce a DummyMain class out of static analysis
such that the essential functions are called sequentially and, the events
leading to vulnerable functions are triggered. We extend SPF with taint
analysis in ConsiDroid. For making taint analysis possible, we introduce a new
technique of symbolic mock classes in order to ease the propagation of tainted
values in the code. An SQL injection vulnerability is detected through
receiving a tainted value by a vulnerable function. Besides, ConsiDroid takes
advantage of static analysis to adjust SPF in order to inspect only suspicious
paths. To illustrate the applicability of ConsiDroid, we have inspected
randomly selected 140 apps from F-Droid repository. From these apps, we found
three apps vulnerable to SQL injection. To verify their vulnerability, we
analyzed the apps manually based on ConsiDroid's reports by using Robolectric
On Mitigation of Side-Channel Attacks in 3D ICs: Decorrelating Thermal Patterns from Power and Activity
Various side-channel attacks (SCAs) on ICs have been successfully
demonstrated and also mitigated to some degree. In the context of 3D ICs,
however, prior art has mainly focused on efficient implementations of classical
SCA countermeasures. That is, SCAs tailored for up-and-coming 3D ICs have been
overlooked so far. In this paper, we conduct such a novel study and focus on
one of the most accessible and critical side channels: thermal leakage of
activity and power patterns. We address the thermal leakage in 3D ICs early on
during floorplanning, along with tailored extensions for power and thermal
management. Our key idea is to carefully exploit the specifics of material and
structural properties in 3D ICs, thereby decorrelating the thermal behaviour
from underlying power and activity patterns. Most importantly, we discuss
powerful SCAs and demonstrate how our open-source tool helps to mitigate them.Comment: Published in Proc. Design Automation Conference, 201
Privacy in Social Media: Identification, Mitigation and Applications
The increasing popularity of social media has attracted a huge number of
people to participate in numerous activities on a daily basis. This results in
tremendous amounts of rich user-generated data. This data provides
opportunities for researchers and service providers to study and better
understand users' behaviors and further improve the quality of the personalized
services. Publishing user-generated data risks exposing individuals' privacy.
Users privacy in social media is an emerging task and has attracted increasing
attention in recent years. These works study privacy issues in social media
from the two different points of views: identification of vulnerabilities, and
mitigation of privacy risks. Recent research has shown the vulnerability of
user-generated data against the two general types of attacks, identity
disclosure and attribute disclosure. These privacy issues mandate social media
data publishers to protect users' privacy by sanitizing user-generated data
before publishing it. Consequently, various protection techniques have been
proposed to anonymize user-generated social media data. There is a vast
literature on privacy of users in social media from many perspectives. In this
survey, we review the key achievements of user privacy in social media. In
particular, we review and compare the state-of-the-art algorithms in terms of
the privacy leakage attacks and anonymization algorithms. We overview the
privacy risks from different aspects of social media and categorize the
relevant works into five groups 1) graph data anonymization and
de-anonymization, 2) author identification, 3) profile attribute disclosure, 4)
user location and privacy, and 5) recommender systems and privacy issues. We
also discuss open problems and future research directions for user privacy
issues in social media.Comment: This survey is currently under revie
oo7: Low-overhead Defense against Spectre Attacks via Program Analysis
The Spectre vulnerability in modern processors has been widely reported. The
key insight in this vulnerability is that speculative execution in processors
can be misused to access the secrets. Subsequently, even though the
speculatively executed instructions are squashed, the secret may linger in
micro-architectural states such as cache, and can potentially be accessed by an
attacker via side channels. In this paper, we propose oo7, a static analysis
approach that can mitigate Spectre attacks by detecting potentially vulnerable
code snippets in program binaries and protecting them against the attack by
patching them. Our key contribution is to balance the concerns of
effectiveness, analysis time and run-time overheads. We employ control flow
extraction, taint analysis, and address analysis to detect tainted conditional
branches and speculative memory accesses. oo7 can detect all fifteen
purpose-built Spectre-vulnerable code patterns, whereas Microsoft compiler with
Spectre mitigation option can only detect two of them. We also report the
results of a large-scale study on applying oo7 to over 500 program binaries
(average binary size 261 KB) from different real-world projects. We protect
programs against Spectre attack by selectively inserting fences only at
vulnerable conditional branches to prevent speculative execution. Our approach
is experimentally observed to incur around 5.9% performance overheads on
SPECint benchmarks.Comment: To appear in IEEE Transactions on Software Engineering, 202
A Survey of Techniques for Improving Security of GPUs
Graphics processing unit (GPU), although a powerful performance-booster, also
has many security vulnerabilities. Due to these, the GPU can act as a
safe-haven for stealthy malware and the weakest `link' in the security `chain'.
In this paper, we present a survey of techniques for analyzing and improving
GPU security. We classify the works on key attributes to highlight their
similarities and differences. More than informing users and researchers about
GPU security techniques, this survey aims to increase their awareness about GPU
security vulnerabilities and potential countermeasures
Hardware Trojan Detection through Information Flow Security Verification
Semiconductor design houses are increasingly becoming dependent on third
party vendors to procure intellectual property (IP) and meet time-to-market
constraints. However, these third party IPs cannot be trusted as hardware
Trojans can be maliciously inserted into them by untrusted vendors. While
different approaches have been proposed to detect Trojans in third party IPs,
their limitations have not been extensively studied. In this paper, we analyze
the limitations of the state-of-the-art Trojan detection techniques and
demonstrate with experimental results how to defeat these detection mechanisms.
We then propose a Trojan detection framework based on information flow security
(IFS) verification. Our framework detects violation of IFS policies caused by
Trojans without the need of white-box knowledge of the IP. We experimentally
validate the efficacy of our proposed technique by accurately identifying
Trojans in the trust-hub benchmarks. We also demonstrate that our technique
does not share the limitations of the previously proposed Trojan detection
techniques.Comment: 10 pages, 8 Figure
Identification of Optimal Locations for Sampling Ground Water for Pesticides in the Mississippi Delta Region of Eastern Arkansas
Concerns about the presence of pesticides in the Mississippi River Valley alluvial aquifer in the Arkansas Delta have generated the need to develop a map of ground water vulnerability for this region comprised of approximately 10 million acres. Based on the availability of digital data and the scale of this study. we used a modified Pesticide DRASTIC model in a GRASS GIS environment to identify areas that were physically more sensitive to pesticide contamination than other areas within the Delta. Spatial distribution of pesticide loading was estimated from pesticide application rates in different crops and crop distribution map interpreted from satellite imagery. Relative ground water vulnerability index was expressed as a product of aquifer sensitivity index and pesticide loading index. The resulting map showing the spatial distribution of relative ground water vulnerability index values was intended for use in selecting optimal locations for sampling ground water for pesticides in the Arkansas Delta and for aid in implementing the Arkansas Agricultural Chemical Ground-Water Management Plan. The most sensitive areas in the Delta are distributed mostly along major streams where a combination of shallow depth to ground water, thin confining unit, permeable soils, and high recharge rate usually prevails. It is also in many of these areas where large acres of crops are grown, and pesticides are used. Consequently, many areas along major streams are also most vulnerable. These vulnerable areas may be targeted by planners and governmental agencies for further detailed evaluation. Uncertainties in the methodology and mapped input data, plus the dynamic nature of model factors, require continued and improved efforts in ground water vulnerability assessment for the Arkansas Delta
Exploitation Techniques and Defenses for Data-Oriented Attacks
Data-oriented attacks manipulate non-control data to alter a program's benign
behavior without violating its control-flow integrity. It has been shown that
such attacks can cause significant damage even in the presence of control-flow
defense mechanisms. However, these threats have not been adequately addressed.
In this SoK paper, we first map data-oriented exploits, including Data-Oriented
Programming (DOP) attacks, to their assumptions/requirements and attack
capabilities. We also compare known defenses against these attacks, in terms of
approach, detection capabilities, overhead, and compatibility. Then, we
experimentally assess the feasibility of a detection approach that is based on
the Intel Processor Trace (PT) technology. PT only traces control flows, thus,
is generally believed to be not useful for data-oriented security. However, our
work reveals that data-oriented attacks (in particular the recent DOP attacks)
may generate side-effects on control-flow behavior in multiple dimensions,
which manifest in PT traces. Based on this evaluation, we discuss challenges
for building deployable data-oriented defenses and open research questions
- …