1,153 research outputs found
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Embedded devices are becoming more widespread, interconnected, and
web-enabled than ever. However, recent studies showed that these devices are
far from being secure. Moreover, many embedded systems rely on web interfaces
for user interaction or administration. Unfortunately, web security is known to
be difficult, and therefore the web interfaces of embedded systems represent a
considerable attack surface.
In this paper, we present the first fully automated framework that applies
dynamic firmware analysis techniques to achieve, in a scalable manner,
automated vulnerability discovery within embedded firmware images. We apply our
framework to study the security of embedded web interfaces running in
Commercial Off-The-Shelf (COTS) embedded devices, such as routers, DSL/cable
modems, VoIP phones, IP/CCTV cameras. We introduce a methodology and implement
a scalable framework for discovery of vulnerabilities in embedded web
interfaces regardless of the vendor, device, or architecture. To achieve this
goal, our framework performs full system emulation to achieve the execution of
firmware images in a software-only environment, i.e., without involving any
physical embedded devices. Then, we analyze the web interfaces within the
firmware using both static and dynamic tools. We also present some interesting
case-studies, and discuss the main challenges associated with the dynamic
analysis of firmware images and their web interfaces and network services. The
observations we make in this paper shed light on an important aspect of
embedded devices which was not previously studied at a large scale.
We validate our framework by testing it on 1925 firmware images from 54
different vendors. We discover important vulnerabilities in 185 firmware
images, affecting nearly a quarter of vendors in our dataset. These
experimental results demonstrate the effectiveness of our approach
Asymptotics of the instantons of Painleve I
The 0-instanton solution of Painlev\'e I is a sequence of complex
numbers which appears universally in many enumerative problems in algebraic
geometry, graph theory, matrix models and 2-dimensional quantum gravity. The
asymptotics of the 0-instanton for large were obtained by the
third author using the Riemann-Hilbert approach. For , the
-instanton solution of Painlev\'e I is a doubly-indexed sequence
of complex numbers that satisfies an explicit quadratic non-linear recursion
relation. The goal of the paper is three-fold: (a) to compute the asymptotics
of the 1-instanton sequence to all orders in by using the
Riemann-Hilbert method, (b) to present formulas for the asymptotics of
for fixed and to all orders in using resurgent analysis,
and (c) to confirm numerically the predictions of resurgent analysis. We point
out that the instanton solutions display a new type of Stokes behavior, induced
from the tritronqu\'ee Painlev\'e transcendents, and which we call the induced
Stokes phenomenon. The asymptotics of the 2-instanton and beyond exhibits new
phenomena not seen in 0 and 1-instantons, and their enumerative context is at
present unknown.Comment: 29 pages, 8 figure
CCTV-Exposure: An open-source system for measuring user's privacy exposure to mapped CCTV cameras based on geo-location (Extended Version)
In this work, we present CCTV-Exposure -- the first CCTV-aware solution to
evaluate potential privacy exposure to closed-circuit television (CCTV)
cameras. The objective was to develop a toolset for quantifying human exposure
to CCTV cameras from a privacy perspective. Our novel approach is trajectory
analysis of the individuals, coupled with a database of geo-location mapped
CCTV cameras annotated with minimal yet sufficient meta-information. For this
purpose, CCTV-Exposure model based on a Global Positioning System (GPS)
tracking was applied to estimate individual privacy exposure in different
scenarios. The current investigation provides an application example and
validation of the modeling approach. The methodology and toolset developed and
implemented in this work provide time-sequence and location-sequence of the
exposure events, thus making possible association of the exposure with the
individual activities and cameras, and delivers main statistics on individual's
exposure to CCTV cameras with high spatio-temporal resolution
Using feldspathic ceramic masses in frontal group restorations
Scop: Scopul acestui studiu a fost de a alege și aplica metoda cea mai optimă de
tratament a pacienţilor cu dereglări estetice a grupului frontal de dinţi.
Materiale și metode: În studiu au participat 15 pacienţi, dintre care 8 pacienţi
de sex F și 7 de sex M , ulterior ei au fost divizaţi în două loturi: — în primul lot au
fost incluși 10 pacienţi trataţi cu microproteze fixe (coroane) integral ceramice, în
cel de al doilea grup au fost incluși 5 pacienţi trataţi cu ajutorul vinirilor feldspatice.
Microprotezele au fost prelucrate cu acid ortofosforic 38% și fixate cu ciment
adeziv. Evaluarea clinică a restaurărilor s-a realizat la momentul iniţial și după 3,6
,12 luni de la tratament. Au fost analizate următoarele criterii: integritatea marginală,
sensibilitatea dinţilor, fracturile restaurărilor.
Rezultate: Reabilitările funcţionale și estetice au fost realizate cu ajutorul a
microprotezelor fixe integral ceramice și vinirelor feldspatice. Integritatea marginală
a fost păstrată la pacienţii cu ambele tipuri de restaurări. Pe parcursul timpului
evaluat ţesuturile moi nu au prezentat nici o modificare. Apariţia cariilor nu a fost
observată, precum și nici o modificare patologică periapicală si nici o sensibilitate.
La un pacient tratat cu vinire feldspatice, unghiul incizal distal a fost fracturat. Nu
s-au observat modificări semnificative între cele două grupuri de studiu. Concluzie: Satisfacţia pacientului și o bună integrare
a restaurărilor indirecte au confirmat succesul
acestei reabilitari. Cimentarea în limitele smalţului e
mai rezistentă la fracturare decît cimentarea în limitele
dentinei. Ambele tipuri de restaurări posedă o
capacitate de durabilitate în timp.Purpose: The purpose of this study was to choose
and apply optimal method of the treatment in patients
with esthetic disorders.
Materials and Methods: 15 patients were examined
and treated, 8 of them were males and 7 — females.
These patients were divided into two groups:
— the first group included 10 patients treated with
full ceramic crowns, and second group included 5 patients
treated by feldspathic veneers. All restorations
were etched, silanized and adhesively luted using a self-etching, dual-cure, fluoride-releasing cement.
Clinical evaluation of the restorations was performed
at baseline and 3,6,12 months after luting, where were
analyzed following criteria: marginal integrity, sensitivity
of teeth, fractures restorations.
Results: Functional and aesthetic rehabilitation
were achieved using a full ceramic crowns and
feldspathic veneers. Marginal integrity has been preserved
in patients with both types of restorations.
During evaluated time soft tissues didn’t present any
changes. No caries recurrence, no periapical pathology,
no sensitivity were observed. In a patient with
feldspathic veneers restoration, distal incisal angle
was fractured. No significant changes were observed
between these two groups of study.
Conclusion: The patient satisfaction and good
integration of indirect restorations confirmed the
success of this rehabilitation. Luting ceramic to
enamel provided higher fracture resistance than luting
to dentin. Both, and porcelain veneers, and dental
crowns are lifelong commitment
dump1030: open-source plug-and-play demodulator/decoder for 1030MHz uplink
Automatic Dependent Surveillance (ADS), Automatic Dependent
Surveillance-Broadcast (ADS-B), Secondary Surveillance Radars (SSR), and Mode S
are key air surveillance technologies representing a critical component of
next-generation air transportation systems. However, compared to 1090MHz
demodulators and decoders, which have plenty of implementations, the 1030MHz
uplink receivers are, in general, scarcely, if at all, represented.
In this paper, we present the development and evaluation of dump1030 -
cross-platform plug-and-play open-source implementation for decoding 1030MHz
uplink Mode A/C/S interrogations. We demonstrate and detail an agile
development process of building dump1030 by adapting a state-of-the-art
dump1090 design and implementation. In our repeated experiments, dump1030
achieves a high detection accuracy of 1030MHz interrogation signals based on
lab evaluation using synthetically-generated interrogation signals. We also
discuss a handful of practical use cases where dump1030 can find immediate
application and implementation, both in research and industrial settings
Cybersecurity of COSPAS-SARSAT and EPIRB: threat and attacker models, exploits, future research
COSPAS-SARSAT is an International programme for "Search and Rescue" (SAR)
missions based on the "Satellite Aided Tracking" system (SARSAT). It is
designed to provide accurate, timely, and reliable distress alert and location
data to help SAR authorities of participating countries to assist persons and
vessels in distress. Two types of satellite constellations serve COSPAS-SARSAT,
low earth orbit search and rescue (LEOSAR) and geostationary orbiting search
and rescue (GEOSAR). Despite its nearly-global deployment and critical
importance, unfortunately enough, we found that COSPAS-SARSAT protocols and
standard 406 MHz transmissions lack essential means of cybersecurity.
In this paper, we investigate the cybersecurity aspects of COSPAS-SARSAT
space-/satellite-based systems. In particular, we practically and successfully
implement and demonstrate the first (to our knowledge) attacks on COSPAS-SARSAT
406 MHz protocols, namely replay, spoofing, and protocol fuzzing on EPIRB
protocols. We also identify a set of core research challenges preventing more
effective cybersecurity research in the field and outline the main
cybersecurity weaknesses and possible mitigations to increase the system's
cybersecurity level
- …