Towards a robust, effective and resource efficient machine learning technique for IoT security monitoring.

The application of Deep Neural Networks (DNNs) for monitoring cyberattacks in Internet of Things (IoT) systems has gained significant attention in recent years. However, achieving optimal detection performance through DNN training has posed challenges due to computational intensity and vulnerability to adversarial samples. To address these issues, this paper introduces an optimization method that combines regularization and simulated micro-batching. This approach enables the training of DNNs in a robust, efficient, and resource-friendly manner for IoT security monitoring. Experimental results demonstrate that the proposed DNN model, including its performance in Federated Learning (FL) settings, exhibits improved attack detection and resistance to adversarial perturbations compared to benchmark baseline models and conventional Machine Learning (ML) methods typically employed in IoT security monitoring. Notably, the proposed method achieves significant reductions of 79.54% and 21.91% in memory and time usage, respectively, when compared to the benchmark baseline in simulated virtual worker environments. Moreover, in realistic testbed scenarios, the proposed method reduces memory footprint by 6.05% and execution time by 15.84%, while maintaining accuracy levels that are superior or comparable to state-of-the-art methods. These findings validate the feasibility and effectiveness of the proposed optimization method for enhancing the efficiency and robustness of DNN-based IoT security monitoring

Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces

Embedded devices are becoming more widespread, interconnected, and web-enabled than ever. However, recent studies showed that these devices are far from being secure. Moreover, many embedded systems rely on web interfaces for user interaction or administration. Unfortunately, web security is known to be difficult, and therefore the web interfaces of embedded systems represent a considerable attack surface. In this paper, we present the first fully automated framework that applies dynamic firmware analysis techniques to achieve, in a scalable manner, automated vulnerability discovery within embedded firmware images. We apply our framework to study the security of embedded web interfaces running in Commercial Off-The-Shelf (COTS) embedded devices, such as routers, DSL/cable modems, VoIP phones, IP/CCTV cameras. We introduce a methodology and implement a scalable framework for discovery of vulnerabilities in embedded web interfaces regardless of the vendor, device, or architecture. To achieve this goal, our framework performs full system emulation to achieve the execution of firmware images in a software-only environment, i.e., without involving any physical embedded devices. Then, we analyze the web interfaces within the firmware using both static and dynamic tools. We also present some interesting case-studies, and discuss the main challenges associated with the dynamic analysis of firmware images and their web interfaces and network services. The observations we make in this paper shed light on an important aspect of embedded devices which was not previously studied at a large scale. We validate our framework by testing it on 1925 firmware images from 54 different vendors. We discover important vulnerabilities in 185 firmware images, affecting nearly a quarter of vendors in our dataset. These experimental results demonstrate the effectiveness of our approach

Xcs: Cross channel scripting and its impact on web applications

ABSTRACT We study the security of embedded web servers used in consumer electronic devices, such as security cameras and photo frames, and for IT infrastructure, such as wireless access points and lights-out management systems. All the devices we examine turn out to be vulnerable to a variety of web attacks, including cross site scripting (XSS) and cross site request forgery (CSRF). In addition, we show that consumer electronics are particularly vulnerable to a nasty form of persistent XSS where a non-web channel such as NFS or SNMP is used to inject a malicious script. This script is later used to attack an unsuspecting user who connects to the device's web server. We refer to web attacks which are mounted through a non-web channel as cross channel scripting (XCS). We propose a client-side defense against certain XCS which we implement as a browser extension

Towards a robust, effective and resource-efficient machine learning technique for IoT security monitoring.

Internet of Things (IoT) devices are becoming increasingly popular and an integral part of our everyday lives, making them a lucrative target for attackers. These devices require suitable security mechanisms that enable robust and effective detection of attacks. Machine learning (ML) and its subdivision Deep Learning (DL) methods offer a promise, but they can be computationally expensive in providing better detection for resource-constrained IoT devices. Therefore, this research proposes an optimization method to train ML and DL methods for effective and efficient security monitoring of IoT devices. It first investigates the feasibility of the Light Gradient Boosting Machine (LGBM) for attack detection in IoT environments, proposing an optimization procedure to obtain its effective counterparts. The trained LGBM can successfully discern attacks and regular traffic in various IoT benchmark datasets used in this research. As LGBM is a traditional ML technique, it may be difficult to learn complex network traffic patterns present in IoT datasets. Therefore, we further examine Deep Neural Networks (DNNs), proposing an effective and efficient DNN-based security solution for IoT security monitoring to leverage more resource savings and accurate attack detection. Investigation results are promising, as the proposed optimization method exploits the mini-batch gradient descent with simulated micro-batching in building effective and efficient DNN-based IoT security solutions. Following the success of DNN for effective and efficient attack detection, we further exploit it in the context of adversarial attack resistance. The resulting DNN is more resistant to adversarial samples than its benchmark counterparts and other conventional ML methods. To evaluate the effectiveness of our proposal, we considered on-device learning in federated learning settings, using decentralized edge devices to augment data privacy in resource-constrained environments. To this end, the performance of the method was evaluated against various realistic IoT datasets (e.g. NBaIoT, MNIST) on virtual and realistic testbed set-ups with GB-BXBT-2807 edge-computing-like devices. The experimental results show that the proposed method can reduce memory and time usage by 81% and 22% in the simulated environment of virtual workers compared to its benchmark counterpart. In the realistic testbed scenario, it saves 6% of memory footprints with a reduction of execution time by 15%, while maintaining a better and state-of-the-art accuracy

Architecture for grid-enabled instrumentation in extreme environments

Technological progress in recent decades has led to sensor networks and robotic explorers becoming principal tools for investigation of remote or "hostile" environments where it is difficult, if not impossible for humans to intervene. These situations include deep ocean and space environments where the devices can be subject to extreme pressures, temperatures and radiation levels. It is a costly enterprise to deploy an instrument in such settings and therefore reliable operation and ease of use are requisite features to build into the basic fabric of the machine. This thesis describes the design and implementation of a modular machine system based on a peer-to-peer, decentralised network topology where the power supply and electronic hardware resources are distributed homogeneously throughout a network of nodes. Embedded within each node is a minimal, low-power single board computer on which a real-time operating system and MicroCANopen protocol stack are operating to realise a standard interface to the network. The network is based on a grid paradigm where nodes act as resource producers and consumers, sharing information so that the machine system as a whole can perform tasks. The resulting architecture supports "plug-and-play" flexibility, to allow users or system developers to reconfigure or expand its capabilities by adding/removing nodes at a later time. An immediate application of this instrument is in-situ sampling of microbes in extreme aqueous habitats. The microbial sampler is targeted at providing improved sampling capabilities when performing physical, chemical and biological investigations in deep- ocean hydrothermal vent environments. At these depths the instrument is subject to immense pressures of many thousand pounds per square inch, where superheated, corrosive, mineral-loaded vent fluids mix with near-freezing seawater. In the longer term, it is anticipated that this flexible, open interface architecture on which the microbial sampler instrument is based will be applicable more generally to other sectors, including commercial and scientific markets.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

CONSIDERING SAFETY AND SECURITY IN AV FUNCTIONS

Autonomous vehicles (AVs) are coming to our streets. Due to the presence of highly complex software systems in AVs, a new hazard analysis technique is needed to meet stringent safety standards. Also, safety and security are inter-dependent and inter-related aspects of AV. They are focused on shielding the vehicles from deliberate attacks (security issue) as well as accidental failures (safety concern), that might lead to loss of lives and injuries to the occupants. So, the current research work has two key components: functional safety and cybersecurity of the autonomous systems. For the safety analysis, we have applied System Theoretic Process Analysis (STPA), which is built on Systems Theoretic Accident Modeling and Processes (STAMP). STAMP is a powerful tool that can identify, define, analyze, and mitigate hazards from the earliest conceptual stage of development to the operation of a system. Applying STPA to autonomous vehicles demonstrates STPA's applicability to preliminary hazard analysis, alternative available, developmental tests, organizational design, and functional design of each unique safety operation. This thesis describes the STPA process used to generate system design requirements for an Autonomous Emergency Braking (AEB) system using a top-down analysis approach for the system safety. The research makes the following contributions to practicing STPA for safety and security: 1. It describes the incorporation of safety and security analysis in one process and discusses the benefits of this; 2. It provides an improved, structural approach for scenario analysis, concentrating on safety and security; 3. It demonstrates the utility of STPA for gap analysis of existing designs in the automotive domain; 4. It provides lessons learned throughout the process of applying STPA and STPA-Sec. Controlling a physical process is associated with dependability requirements in a cyber-physical system (CPS). Cyberattacks can lead to the dependability requirements not being in the acceptable range. Thus, monitoring of the cyber-physical system becomes inevitable for the detection of the deviations in the system from normal operation. One of the main issues is understanding the rationale behind these variations in a reliable manner. Understanding the reason for the variation is crucial in the execution of accurate and time-based control resolution, for mitigating the cyberattacks as well as other reasons of reduced dependability. Currently, we are using evidential networks to solve the reliability issue. In the present work, we are presenting a cyber-physical system analysis where the evidential networks are used for the detection of attacks. The results obtained from the STPA analysis, which provides the technical safety requirements, can be combined with the EN analysis, which can be used efficiently to detect the quality of the used sensor to justify whether the CPS is suitable for the safe and secure design

LUX-ZEPLIN (LZ) Technical Design Report

In this Technical Design Report (TDR) we describe the LZ detector to be built at the Sanford Underground Research Facility (SURF). The LZ dark matter experiment is designed to achieve sensitivity to a WIMP-nucleon spin-independent cross section of three times ten to the negative forty-eighth square centimeters

Reining in the Functional Verification of Complex Processor Designs with Automation, Prioritization, and Approximation

Our quest for faster and efficient computing devices has led us to processor designs with enormous complexity. As a result, functional verification, which is the process of ascertaining the correctness of a processor design, takes up a lion's share of the time and cost spent on making processors. Unfortunately, functional verification is only a best-effort process that cannot completely guarantee the correctness of a design, often resulting in defective products that may have devastating consequences.Functional verification, as practiced today, is unable to cope with the complexity of current and future processor designs. In this dissertation, we identify extensive automation as the essential step towards scalable functional verification of complex processor designs. Moreover, recognizing that a complete guarantee of design correctness is impossible, we argue for systematic prioritization and prudent approximation to realize fast and far-reaching functional verification solutions. We partition the functional verification effort into three major activities: planning and test generation, test execution and bug detection, and bug diagnosis. Employing a perspective we refer to as the automation, prioritization, and approximation (APA) approach, we develop solutions that tackle challenges across these three major activities. In pursuit of efficient planning and test generation for modern systems-on-chips, we develop an automated process for identifying high-priority design aspects for verification. In addition, we enable the creation of compact test programs, which, in our experiments, were up to 11 times smaller than what would otherwise be available at the beginning of the verification effort. To tackle challenges in test execution and bug detection, we develop a group of solutions that enable the deployment of automatic and robust mechanisms for catching design flaws during high-speed functional verification. By trading accuracy for speed, these solutions allow us to unleash functional verification platforms that are over three orders of magnitude faster than traditional platforms, unearthing design flaws that are otherwise impossible to reach. Finally, we address challenges in bug diagnosis through a solution that fully automates the process of pinpointing flawed design components after detecting an error. Our solution, which identifies flawed design units with over 70% accuracy, eliminates weeks of diagnosis effort for every detected error.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/137057/1/birukw_1.pd

Application of bit-slice microprocessors to digital correlation in spread spectrum communication systems

This thesis describes the application of commercially available microprocessors and other VLSI devices to high-speed real-time digital correlation in spread spectrum and related communication applications. Spread spectrum communications are a wide-band secure communication system that generate a very broad spectral bandwidth signal that is therefore hard to detect in noise. They are capable of rejecting intentional or unintentional jamming, and are insensitive to the multipath and fading that affects conventional high frequency systems. The bandwidth of spread spectrum systems must be large to obtain a significant performance improvement. This means that the sequence rate must be fast and therefore very fast microprocessors will be required when they are used to perform spread spectrum correlation. Since multiplication cannot be performed efficiently by microprocessors considerable work, since 1974, has been published in the literature which is devoted to minimising the requirement of multiplications in digital correlation and other signal processing algorithms. These fast techniques are investigated and implemented using general-purpose microprocessors. The restricted-bandwidth problem in microprocessor-based digital correlator has been discussed. A new implementation is suggested which uses bit-slice devices to maintain the flexibility of microprocessor-based digital correlation without sacrificing speed. This microprocessor-based system has been found to be efficient in implementing the correlation process at the baseband in the digital domain as well as the post-correlation signal processing- demodulation, detection and tracking, especiaJIy for low rate signals. A charge coupled-device is used to obtain spectral density function. An all-digital technique which is programmable for any binary waveform and can be used for achieving initial acquisition and maintaining synchronisation in spread spectrum communications is described. Many of the practical implementation problems are discussed. The receiver performance, which is measured in terms of the acquisition time and the bit-error rate, is also presented and results are obtained which are close to those predicted in the system simulations