Secure Virtualization and Multicore Platforms State-of-the-Art report

SVaM

The Effects of Introspection on Computer Security Policies

What does it mean to be an expert? And what makes an expert more capable than a non-expert when it comes to evaluating and articulating their impressions about something as commonly practiced as food tasting? How do we explain those behaviors that humans perform very well, but don\u27t quite know why? Studies have shown that there exists a class of activities that we as humans execute well intuitively, but that we perform much worse upon introspection. Evidence supports the claim that the act of introspection actually causes us to do more poorly at these tasks. My goal is to apply this idea to computer security. At present, designs for most security policy interfaces leave much to be desired. This lack of usability leaves these systems in need of improvement, possibly causing users to become more vulnerable than they otherwise would have. My research includes a user study on the privacy policies of the interface for a social networking website similar to Facebook. Evidence from the study supports the claim that the act of introspecting upon one\u27s personal security policy actually makes one worse at making policy decisions

Robust and secure monitoring and attribution of malicious behaviors

Worldwide computer systems continue to execute malicious software that degrades the systemsâ performance and consumes network capacity by generating high volumes of unwanted traffic. Network-based detectors can effectively identify machines participating in the ongoing attacks by monitoring the traffic to and from the systems. But, network detection alone is not enough; it does not improve the operation of the Internet or the health of other machines connected to the network. We must identify malicious code running on infected systems, participating in global attack networks. This dissertation describes a robust and secure approach that identifies malware present on infected systems based on its undesirable use of network. Our approach, using virtualization, attributes malicious traffic to host-level processes responsible for the traffic. The attribution identifies on-host processes, but malware instances often exhibit parasitic behaviors to subvert the execution of benign processes. We then augment the attribution software with a host-level monitor that detects parasitic behaviors occurring at the user- and kernel-level. User-level parasitic attack detection happens via the system-call interface because it is a non-bypassable interface for user-level processes. Due to the unavailability of one such interface inside the kernel for drivers, we create a new driver monitoring interface inside the kernel to detect parasitic attacks occurring through this interface. Our attribution software relies on a guest kernelâ s data to identify on-host processes. To allow secure attribution, we prevent illegal modifications of critical kernel data from kernel-level malware. Together, our contributions produce a unified research outcome --an improved malicious code identification system for user- and kernel-level malware.Ph.D.Committee Chair: Giffin, Jonathon; Committee Member: Ahamad, Mustaque; Committee Member: Blough, Douglas; Committee Member: Lee, Wenke; Committee Member: Traynor, Patric

Exhibiting respect: Investigating ethical practice for the display of human remains in museums

Museums have long displayed human remains from archaeological and other contexts to educate the public about human health, spiritual beliefs, and customs, and to encourage reflection about death and dying. However, since the 1950s, repatriation movements and decolonizing dialogues have inspired global discussions about who has the right to retain and display human remains. Subsequent changes in attitude are now reflected in international ethical guidelines and accords that emphasize “respect” for human remains and for originating communities. Most museums will no longer display Indigenous Ancestors, but whether and how to display other human remains presents an unresolved ethical dilemma. Should other archaeological human remains be exhibited without consent? If so, how can they be displayed respectfully? Do visitors wish to see human remains in museums? This dissertation is a pilot study that examined three dimensions of these ethical challenges: 1) how has the display of human remains changed over time—particularly in Anglo-North America and Western Europe?; 2) how does the public in North America feel about the display of human remains?; and 3) how can human remains be displayed “with respect”? I focused on Anglo-North America and Western Europe as instrumental case studies to illuminate these emerging issues due to their accessibility, recent ethical dialogue, and changing museum practices in these regions. My research explored these questions using the principles of New Museology and radical transparency: i.e., proactively engaging the public and encouraging them to participate in ethical decision-making. In this work, I: 1) explore ethical changes and challenges for museums in relation to the display of human remains; 2) facilitate public engagement with ethical discourse about the display of human remains; 3) explore the concept of “respectful display” of human remains; and 4) make recommendations for museum professionals deciding whether to display of human remains. These issues are particularly important as museums strive to decolonize and become more inclusive

Proposing a secure component-based-application logic and system’s integration testing approach

Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue

Towards Tracking Data Flows in Cloud Architectures

As cloud services become central in an increasing number of applications, they process and store more personal and business-critical data. At the same time, privacy and compliance regulations such as GDPR, the EU ePrivacy regulation, PCI, and the upcoming EU Cybersecurity Act raise the bar for secure processing and traceability of critical data. Especially the demand to provide information about existing data records of an individual and the ability to delete them on demand is central in privacy regulations. Common to these requirements is that cloud providers must be able to track data as it flows across the different services to ensure that it never moves outside of the legitimate realm, and it is known at all times where a specific copy of a record that belongs to a specific individual or business process is located. However, current cloud architectures do neither provide the means to holistically track data flows across different services nor to enforce policies on data flows. In this paper, we point out the deficits in the data flow tracking functionalities of major cloud providers by means of a set of practical experiments. We then generalize from these experiments introducing a generic architecture that aims at solving the problem of cloud-wide data flow tracking and show how it can be built in a Kubernetes-based prototype implementation.Comment: 11 pages, 5 figures, 2020 IEEE 13th International Conference on Cloud Computing (CLOUD