15,514 research outputs found
Securing Real-Time Internet-of-Things
Modern embedded and cyber-physical systems are ubiquitous. A large number of
critical cyber-physical systems have real-time requirements (e.g., avionics,
automobiles, power grids, manufacturing systems, industrial control systems,
etc.). Recent developments and new functionality requires real-time embedded
devices to be connected to the Internet. This gives rise to the real-time
Internet-of-things (RT-IoT) that promises a better user experience through
stronger connectivity and efficient use of next-generation embedded devices.
However RT- IoT are also increasingly becoming targets for cyber-attacks which
is exacerbated by this increased connectivity. This paper gives an introduction
to RT-IoT systems, an outlook of current approaches and possible research
challenges towards secure RT- IoT frameworks
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
In modern Commercial Off-The-Shelf (COTS) multicore systems, each core can
generate many parallel memory requests at a time. The processing of these
parallel requests in the DRAM controller greatly affects the memory
interference delay experienced by running tasks on the platform. In this paper,
we model a modern COTS multicore system which has a nonblocking last-level
cache (LLC) and a DRAM controller that prioritizes reads over writes. To
minimize interference, we focus on LLC and DRAM bank partitioned systems. Based
on the model, we propose an analysis that computes a safe upper bound for the
worst-case memory interference delay. We validated our analysis on a real COTS
multicore platform with a set of carefully designed synthetic benchmarks as
well as SPEC2006 benchmarks. Evaluation results show that our analysis is more
accurately capture the worst-case memory interference delay and provides safer
upper bounds compared to a recently proposed analysis which significantly
under-estimate the delay.Comment: Technical Repor
Software Grand Exposure: SGX Cache Attacks Are Practical
Side-channel information leakage is a known limitation of SGX. Researchers
have demonstrated that secret-dependent information can be extracted from
enclave execution through page-fault access patterns. Consequently, various
recent research efforts are actively seeking countermeasures to SGX
side-channel attacks. It is widely assumed that SGX may be vulnerable to other
side channels, such as cache access pattern monitoring, as well. However, prior
to our work, the practicality and the extent of such information leakage was
not studied.
In this paper we demonstrate that cache-based attacks are indeed a serious
threat to the confidentiality of SGX-protected programs. Our goal was to design
an attack that is hard to mitigate using known defenses, and therefore we mount
our attack without interrupting enclave execution. This approach has major
technical challenges, since the existing cache monitoring techniques experience
significant noise if the victim process is not interrupted. We designed and
implemented novel attack techniques to reduce this noise by leveraging the
capabilities of the privileged adversary. Our attacks are able to recover
confidential information from SGX enclaves, which we illustrate in two example
cases: extraction of an entire RSA-2048 key during RSA decryption, and
detection of specific human genome sequences during genomic indexing. We show
that our attacks are more effective than previous cache attacks and harder to
mitigate than previous SGX side-channel attacks
The MINERA Data Acquisition System and Infrastructure
MINERA (Main INjector ExpeRiment -A) is a new few-GeV neutrino
cross section experiment that began taking data in the FNAL NuMI (Fermi
National Accelerator Laboratory Neutrinos at the Main Injector) beam-line in
March of 2010. MINERA employs a fine-grained scintillator detector capable
of complete kinematic characterization of neutrino interactions. This paper
describes the MINERA data acquisition system (DAQ) including the read-out
electronics, software, and computing architecture.Comment: 34 pages, 16 figure
ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys
Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited
resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification based on the 802.15.4 standard, defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.Les xarxes de sensors tenen moltes aplicacions en el control i la monitoritzaciĂł de les propietats del medi ambient, com ara el so, lÂżacceleraciĂł, la vibraciĂł i la temperatura. A causa dels limitats recursos en la capacitat de cĂ lcul, la memòria i l'energia sĂłn vulnerables a molts tipus d'atacs. L'especificaciĂł ZigBee basada en l'estĂ ndard 802.15.4, defineix un conjunt de capes, adaptada especĂficament per a xarxes de sensors. Aquestes capes suporten missatgeria segura mitjançant criptografia simètrica. Aquest article presenta dues formes diferents per agafar la clau de xifrat en ZigBee: atac a distĂ ncia i atacs fĂsics. TambĂŠ les enquesta i classifica alguns atacs addicionals que es poden realitzar en les xarxes ZigBee: espionatge, falsificaciĂł, reproducciĂł i atacs DoS en les diferents capes. A partir d'aquesta anĂ lisi, es demostren algunes vulnerabilitats existents en l'esquema de seguretat en tecnologia ZigBee.Las redes de sensores tienen muchas aplicaciones en el control y la monitorizaciĂłn de las propiedades del medio ambiente, como el sonido, la aceleraciĂłn, la vibraciĂłn y la temperatura. Debido a los limitados recursos en la capacidad de cĂĄlculo, la memoria y la energĂa son vulnerables a muchos tipos de ataques. La especificaciĂłn ZigBee basada en el estĂĄndar 802.15.4, define un conjunto de capas, adaptada especĂficamente para redes de sensores. Estas capas soportan mensajerĂa segura mediante criptografĂa simĂŠtrica. Este artĂculo presenta dos formas diferentes para coger la clave de cifrado en ZigBee: ataque a distancia y ataques fĂsicos. TambiĂŠn las encuesta y clasifica algunos ataques adicionales que se pueden realizar en las redes ZigBee: espionaje, falsificaciĂłn, reproducciĂłn y ataques DoS en las diferentes capas. A partir de este anĂĄlisis, se demuestran algunas vulnerabilidades existentes en el esquema de seguridad en tecnologĂa ZigBee
- âŚ