159 research outputs found
Forensic Analysis of WhatsApp Messenger on Android Smartphones
We present the forensic analysis of the artifacts left on Android devices by
\textit{WhatsApp Messenger}, the client of the WhatsApp instant messaging
system. We provide a complete description of all the artifacts generated by
WhatsApp Messenger, we discuss the decoding and the interpretation of each one
of them, and we show how they can be correlated together to infer various types
of information that cannot be obtained by considering each one of them in
isolation.
By using the results discussed in this paper, an analyst will be able to
reconstruct the list of contacts and the chronology of the messages that have
been exchanged by users. Furthermore, thanks to the correlation of multiple
artifacts, (s)he will be able to infer information like when a specific contact
has been added, to recover deleted contacts and their time of deletion, to
determine which messages have been deleted, when these messages have been
exchanged, and the users that exchanged them.Comment: (c)2014. This manuscript version is made available under the
CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0
Forensic Analysis of the ChatSecure Instant Messaging Application on Android Smartphones
We present the forensic analysis of the artifacts generated on Android
smartphones by ChatSecure, a secure Instant Messaging application that provides
strong encryption for transmitted and locally-stored data to ensure the privacy
of its users.
We show that ChatSecure stores local copies of both exchanged messages and
files into two distinct, AES-256 encrypted databases, and we devise a technique
able to decrypt them when the secret passphrase, chosen by the user as the
initial step of the encryption process, is known.
Furthermore, we show how this passphrase can be identified and extracted from
the volatile memory of the device, where it persists for the entire execution
of ChatSecure after having been entered by the user, thus allowing one to carry
out decryption even if the passphrase is not revealed by the user.
Finally, we discuss how to analyze and correlate the data stored in the
databases used by ChatSecure to identify the IM accounts used by the user and
his/her buddies to communicate, as well as to reconstruct the chronology and
contents of the messages and files that have been exchanged among them.
For our study we devise and use an experimental methodology, based on the use
of emulated devices, that provides a very high degree of reproducibility of the
results, and we validate the results it yields against those obtained from real
smartphones
Maximizing Profit in Green Cellular Networks through Collaborative Games
In this paper, we deal with the problem of maximizing the profit of Network
Operators (NOs) of green cellular networks in situations where
Quality-of-Service (QoS) guarantees must be ensured to users, and Base Stations
(BSs) can be shared among different operators. We show that if NOs cooperate
among them, by mutually sharing their users and BSs, then each one of them can
improve its net profit. By using a game-theoretic framework, we study the
problem of forming stable coalitions among NOs. Furthermore, we propose a
mathematical optimization model to allocate users to a set of BSs, in order to
reduce costs and, at the same time, to meet user QoS for NOs inside the same
coalition. Based on this, we propose an algorithm, based on cooperative game
theory, that enables each operator to decide with whom to cooperate in order to
maximize its profit. This algorithms adopts a distributed approach in which
each NO autonomously makes its own decisions, and where the best solution
arises without the need to synchronize them or to resort to a trusted third
party. The effectiveness of the proposed algorithm is demonstrated through a
thorough experimental evaluation considering real-world traffic traces, and a
set of realistic scenarios. The results we obtain indicate that our algorithm
allows a population of NOs to significantly improve their profits thanks to the
combination of energy reduction and satisfaction of QoS requirements.Comment: Added publisher info and citation notic
Securing Coding-Based Cloud Storage Against Pollution Attacks
The widespread diffusion of distributed and cloud storage solutions has changed dramatically the way users, system designers, and service providers manage their data. Outsourcing data on remote storage provides indeed many advantages in terms of both capital and operational costs. The security of data outsourced to the cloud, however, still represents one of the major concerns for all stakeholders. Pollution attacks, whereby a set of malicious entities attempt to corrupt stored data, are one of the many risks that affect cloud data security. In this paper we deal with pollution attacks in coding-based block-level cloud storage systems, i.e., systems that use linear codes to fragment, encode, and disperse virtual disk sectors across a set of storage nodes to achieve desired levels of redundancy, and to improve reliability and availability without sacrificing performance. Unfortunately, the effects of a pollution attack on linear coding can be disastrous, since a single polluted fragment can propagate pervasively in the decoding phase, thus hampering the whole sector. In this work we show that, using rateless codes, we can design an early pollution detection algorithm able to spot the presence of an attack while fetching the data from cloud storage during the normal disk reading operations. The alarm triggers a procedure that locates the polluting nodes using the proposed detection mechanism along with statistical inference. The performance of the proposed solution is analyzed under several aspects using both analytical modelling and accurate simulation using real disk traces. Our results show that the proposed approach is very robust and is able to effectively isolate the polluters, even in harsh conditions, provided that enough data redundancy is used
Exploiting Rateless Codes in Cloud Storage Systems
devices (virtual disks) that can be directly accessed and used as if they were raw physical disks. In this paper we devise ENIGMA, an architecture for the back-end of BLCS systems able to provide adequate levels of access and transfer performance, availability, integrity, and confidentiality, for the data it stores. ENIGMA exploits LT rateless codes to store fragments of sectors on storage nodes organized in clusters. We quantitatively evaluate how the various ENIGMA system parameters affect the performance, availability, integrity, and confidentiality of virtual disks. These evaluations are carried out by using both analytical modeling (for availability, integrity, and confidentiality) and discrete event simulation (for performance), and by considering a set of realistic operational scenarios. Our results indicate that it is possible to simultaneously achieve all the objectives set forth for BLCS systems by using ENIGMA, and that a careful choice of the various system parameters is crucial to achieve a good compromise among them. Moreover, they also show that LT coding-based BLCS systems outperform traditional BLCS systems in all the aspects mentioned before
- …