Tag-Protector: An Effective and Dynamic Detection of Illegal Memory Accesses Through Compile-time Code Instrumentation

Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A lightweight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application’s source code at compile time in order to detect illegal spatial and temporal memory accesses. It is based on creating tags to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, run-time intrusion prevention evaluator (RIPE), detecting all the bugs successfully. The performance and memory overheads are further analyzed by instrumenting and executing real-world applications from various renowned benchmark suites. In addition, the proposed solution is also tested to analyze the performance overhead for multithreaded applications in multicore environments. Overall our technique can detect a wide range of memory bugs and attacks with reduced performance overhead and higher detection rate as compared to the similar existing countermeasures when tested under the same experimental setup

IoTDevID: A Behavior-Based Device Identification Method for the IoT

Device identification is one way to secure a network of IoT devices, whereby devices identified as suspicious can subsequently be isolated from a network. In this study, we present a machine learning-based method, IoTDevID, that recognizes devices through characteristics of their network packets. As a result of using a rigorous feature analysis and selection process, our study offers a generalizable and realistic approach to modelling device behavior, achieving high predictive accuracy across two public datasets. The model's underlying feature set is shown to be more predictive than existing feature sets used for device identification, and is shown to generalize to data unseen during the feature selection process. Unlike most existing approaches to IoT device identification, IoTDevID is able to detect devices using non-IP and low-energy protocols

Why aren't users using protection? Investigating the usability of smartphone locking

One of the main reasons why smartphone users do not adopt screen locking mechanisms is due to the inefficiency of entering a PIN/pattern each time they use their phone. To address this problem we designed a context-sensitive screen locking application which asked participants to enter a PIN/pattern only when necessary, and evaluated its impact on efficiency and satisfaction. Both groups of participants, who prior to the study either locked or did not lock their phone, adopted our application and felt that unlocking their phone only when necessary was more efficient, did not annoy them and offered a reasonable level of security. Participants responded positively to the option of choosing when a PIN/pattern is required in different contexts. Therefore, we recommend that designers of smartphone locking mechanisms should consider ceding a reasonable level of control over security settings to users to increase adoption and convenience, while keeping smartphones reasonably secure