The Internet of Hackable Things

The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connectivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge in security: education

Thermoelastic properties of α\alpha-iron from first-principles

We calculate the thermomechanical properties of $\alpha$-iron, and in particular its isothermal and adiabatic elastic constants, using first-principles total-energy and lattice-dynamics calculations, minimizing the quasi-harmonic vibrational free energy under finite strain deformations. Particular care is made in the fitting procedure for the static and temperature-dependent contributions to the free energy, in discussing error propagation for the two contributions separately, and in the verification and validation of pseudopotential and all-electron calculations. We find that the zero-temperature mechanical properties are sensitive to the details of the calculation strategy employed, and common semi-local exchange-correlation functionals provide only fair to good agreement with experimental elastic constants, while their temperature dependence is in excellent agreement with experiments in a wide range of temperature almost up to the Curie transition.Comment: Accepted as regular article in Phys. Rev.

Analysis and evaluation of SafeDroid v2.0, a framework for detecting malicious Android applications

Android smartphones have become a vital component of the daily routine of millions of people, running a plethora of applications available in the official and alternative marketplaces. Although there are many security mechanisms to scan and filter malicious applications, malware is still able to reach the devices of many end-users. In this paper, we introduce the SafeDroid v2.0 framework, that is a flexible, robust, and versatile open-source solution for statically analysing Android applications, based on machine learning techniques. The main goal of our work, besides the automated production of fully sufficient prediction and classification models in terms of maximum accuracy scores and minimum negative errors, is to offer an out-of-the-box framework that can be employed by the Android security researchers to efficiently experiment to find effective solutions: the SafeDroid v2.0 framework makes it possible to test many different combinations of machine learning classifiers, with a high degree of freedom and flexibility in the choice of features to consider, such as dataset balance and dataset selection. The framework also provides a server, for generating experiment reports, and an Android application, for the verification of the produced models in real-life scenarios. An extensive campaign of experiments is also presented to show how it is possible to efficiently find competitive solutions: the results of our experiments confirm that SafeDroid v2.0 can reach very good performances, even with highly unbalanced dataset inputs and always with a very limited overhead

Starshapedeness for fully-nonlinear equations in Carnot groups

In this paper we establish the starshapedness of the level sets of the capacitary potential of a large class of fully-nonlinear equations for condensers in Carnot groups, once a natural notion of starshapedness has been introduced. Our main result is Theorem 1.2 below.Comment: Accepted for publication in the Journal of the London Mathematical Societ

An object based algebra for specifying a fault tolerant software architecture

AbstractIn this paper we present an algebra of actors extended with mechanisms to model crash failures and their detection. We show how this extended algebra of actors can be successfully used to specify distributed software architectures. The main components of a software architecture can be specified following an object-oriented style and then they can be composed using asynchronous message passing or more complex interaction patterns. This formal specification can be used to show that several requirements of a software system are satisfied at the architectural level despite failures. We illustrate this process by means of a case study: the specification of a software architecture for intelligent agents which supports a fault tolerant anonymous interaction protocol

DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far