13,241 research outputs found
Investigative Report of HTNS Shenzhen
This document is part of a digital collection provided by the Martin P. Catherwood Library, ILR School, Cornell University, pertaining to the effects of globalization on the workplace worldwide. Special emphasis is placed on labor rights, working conditions, labor market changes, and union organizing.CLW_2012_Report_Investigative_Report_of_HTNS_Shenzhen.pdf: 68 downloads, before Oct. 1, 2020
EUROnu-WP6 2010 Report
This is a summary of the work done by the Working Package 6 (Physics) of the
EU project "EUROnu" during the second year of activity of the project.Comment: 82 pages, 51 eps figure
On Ladder Logic Bombs in Industrial Control Systems
In industrial control systems, devices such as Programmable Logic Controllers
(PLCs) are commonly used to directly interact with sensors and actuators, and
perform local automatic control. PLCs run software on two different layers: a)
firmware (i.e. the OS) and b) control logic (processing sensor readings to
determine control actions). In this work, we discuss ladder logic bombs, i.e.
malware written in ladder logic (or one of the other IEC 61131-3-compatible
languages). Such malware would be inserted by an attacker into existing control
logic on a PLC, and either persistently change the behavior, or wait for
specific trigger signals to activate malicious behaviour. For example, the LLB
could replace legitimate sensor readings with manipulated values. We see the
concept of LLBs as a generalization of attacks such as the Stuxnet attack. We
introduce LLBs on an abstract level, and then demonstrate several designs based
on real PLC devices in our lab. In particular, we also focus on stealthy LLBs,
i.e. LLBs that are hard to detect by human operators manually validating the
program running in PLCs. In addition to introducing vulnerabilities on the
logic layer, we also discuss countermeasures and we propose two detection
techniques.Comment: 11 pages, 14 figures, 2 tables, 1 algorith
Quire: Lightweight Provenance for Smart Phone Operating Systems
Smartphone apps often run with full privileges to access the network and
sensitive local resources, making it difficult for remote systems to have any
trust in the provenance of network connections they receive. Even within the
phone, different apps with different privileges can communicate with one
another, allowing one app to trick another into improperly exercising its
privileges (a Confused Deputy attack). In Quire, we engineered two new security
mechanisms into Android to address these issues. First, we track the call chain
of IPCs, allowing an app the choice of operating with the diminished privileges
of its callers or to act explicitly on its own behalf. Second, a lightweight
signature scheme allows any app to create a signed statement that can be
verified anywhere inside the phone. Both of these mechanisms are reflected in
network RPCs, allowing remote systems visibility into the state of the phone
when an RPC is made. We demonstrate the usefulness of Quire with two example
applications. We built an advertising service, running distinctly from the app
which wants to display ads, which can validate clicks passed to it from its
host. We also built a payment service, allowing an app to issue a request which
the payment service validates with the user. An app cannot not forge a payment
request by directly connecting to the remote server, nor can the local payment
service tamper with the request
Intrusion Detection And Prevention System: CGI Attacks
Over the past decade, the popularity of the Internet has been on the rise. The Internet is being used by its clients to access both static and dynamic data residing on remote servers. In the client-server interaction, the client asks the server to provide information, and, in addition, the server may also request that clients provide information such as in “web forms.” Therefore, the Internet is being used for many different purposes which also include the web servers collecting the information from the clients. Consequently, attacks on the web servers have been increasing over the years. Due to the fact that web servers are now able to produce dynamic web pages based on the received requests, the web servers are now more vulnerable to attack than ever before. One of the ways to produce the dynamic web page is Common Gateway Interface (CGI) technology. Attackers take the advantage of CGI scripts to perform an attack by sending illegitimate inputs to the web server. This report includes the findings and the results of the thorough research performed on the CGI-related web server attacks during the course of the project. In addition, this report contains a detailed explanation of the design and the implementation of the work done to develop an Intrusion Detection and Prevention System for CGI based web server attacks
- …