380 Hits in 3.7 sec

Deriving ChaCha20 key streams from targeted memory analysis

Peter McLaren, William J. Buchanan, Gordon Russell, Zhiyuan Tan
2019 Journal of Information Security and Applications  
Although many symmetric key stream ciphers are fairly resistant to side-channel attacks, cryptographic artefacts may exist in memory.  ...  The user of a virtual machine would not be alerted to the capturing of the encryption key, as the method runs from an extraction of the running memory.  ...  As virtualized environments enable access to virtual machine resources from more privileged levels such as hypervisors or hypervisor consoles, applications operating at that level can extract live virtual  ... 
doi:10.1016/j.jisa.2019.102372 fatcat:4jxghyy35vgr5cfqavpnpxbh34

A Secure Model For Efficient Live Migration of Containers

Zeynep Mavus, Pelin Angin
2019 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner.  ...  In this work, we propose a secure model for efficient live migration of containers.  ...  Virtual machines and containers are utilized to create a virtual environment for cloud services.  ... 
doi:10.22667/jowua.2019.09.30.021 dblp:journals/jowua/MavusA19 fatcat:q3sv3jam2fb5vl2uuq3xj3lgde

Rasefiberry: Secure and efficient Raspberry-Pi based gateway for smarthome IoT architecture

Vincent Simadiputra, Nico Surantha
2021 Bulletin of Electrical Engineering and Informatics  
Internet-of-Things or IoT technology becomes essential in everyday lives.  ...  In this research, researchers implemented snort as intrusion detection system (IDS), openHab as IoT gateway applications, and well-known encryption algorithms for file encryption in Raspberry PI 3B+ model  ...  Evaluation test for IDS and Encryption engine function consists of Malicious PC is a virtual host in a virtual box installed with Kali Linux VM.  ... 
doi:10.11591/eei.v10i2.2741 fatcat:oehmcl43ybd57ootqbgemwcoaa

A Survey of Honeypots and Honeynets for Internet of Things, Industrial Internet of Things, and Cyber-Physical Systems [article]

Javier Franco, Ahmet Aris, Berk Canberk, A. Selcuk Uluagac
2021 arXiv   pre-print
The Internet of Things (IoT), the Industrial Internet of Things (IIoT), and Cyber-Physical Systems (CPS) have become essential for our daily lives in contexts such as our homes, buildings, cities, health  ...  Honeypots and honeynets can prove essential to understand and defend against attacks on IoT, IIoT, and CPS environments by attracting attackers and deceiving them into thinking that they have gained access  ...  CONCLUSION In this paper, we provided a comprehensive survey of honeypots and honeynets for IoT, IIoT, and CPS environments.  ... 
arXiv:2108.02287v1 fatcat:l4b23mylyfd6xjtfhrtsrin3zq

Efficient Retrieval of Key Material for Inspecting Potentially Malicious Traffic in the Cloud

John T. Saxon, Behzad Bordbar, Keith Harrison
2015 2015 IEEE International Conference on Cloud Engineering  
Cloud providers must detect malicious traffic in and out of their network, virtual or otherwise.  ...  This inevitably requires reading the memory space of the entire process, or worse the OS, in a live environment where performance is paramount.  ...  Particularly of note we found the RSA key from the SSH daemon running on the Ubuntu instance in all tests.  ... 
doi:10.1109/ic2e.2015.26 dblp:conf/ic2e/SaxonBH15 fatcat:dfbfs3lxkracnfvhfdwlqcumaa

Getting started with GENI

Jonathon Duerig, Jeremy Reed, Xiongqi Wu, Robert Ricci, Leigh Stoller, Matt Strum, Gary Wong, Charles Carpenter, Zongming Fei, James Griffioen, Hussamuddin Nasir
2012 Computer communication review  
GENI, the Global Environment for Network Innovations, is a National Science Foundation project to create a "virtual laboratory at the frontiers of network science and engineering for exploring future internets  ...  The "VM" types give you a virtual environment which can either be exclusive or shared.  ...  data, it also provides a computational environment for viewing archives that recreates the same look-andfeel the user had when viewing the live data.  ... 
doi:10.1145/2096149.2096161 fatcat:wqwkhl5egbahnlsublytfgpiiy

Protecting applications with transient authentication

Mark D. Corner, Brian D. Noble
2003 Proceedings of the 1st international conference on Mobile systems, applications and services - MobiSys '03  
Applications can be protected transparently by encrypting in-memory state when the user departs and decrypting this state when the user returns.  ...  We describe our ports of three applications-PGP, SSH, and Mozilla-to this API.  ...  This work is supported in part by the Intel Corporation; Novell, Inc.; the National Science Foundation under grant CCR-0208740; and the Defense Advanced Projects Agency (DARPA) and Air Force Materiel Command  ... 
doi:10.1145/1066116.1066117 fatcat:57tn6pfll5gztktuozzqq4ywsu

Virtual ghost

John Criswell, Nathan Dautenhahn, Vikram Adve
2014 Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14  
For network downloads, Virtual Ghost experiences a 45% reduction in bandwidth at most for small files and nearly no reduction in bandwidth for large files and web traffic.  ...  Unlike previous solutions, Virtual Ghost does not use a higher privilege level than the kernel.  ...  our ghosting ssh client described in Section 6.  ... 
doi:10.1145/2541940.2541986 dblp:conf/asplos/CriswellDA14 fatcat:7pxay34gyzegrdsgi6ny2i7zje

NDynamic Framework for Secure VM Migration over Cloud Computing

2017 Journal of Information Processing Systems  
The data in migration is in the form of plaintext, the intruder can analyze packet movement and can control hosts traffic.  ...  In the centralized cloud controlled environment, the decision-making and monitoring play crucial role where in the host controller (HC) manages the resources across hosts in data center (DC).  ...  Acknowledgement We would like to convey our thanks and gratitude towards the Head of Department Computer Science and Engineering, all the staff members of KL University who have been a source of inspiration in  ... 
doi:10.3745/jips.01.0015 fatcat:ac45lkffwrcihh5daflo4yzafq

TLSkex: Harnessing virtual machine introspection for decrypting TLS communication

Benjamin Taubmann, Christoph Frädrich, Dominik Dusold, Hans P. Reiser
2016 Digital Investigation. The International Journal of Digital Forensics and Incident Response  
Afterwards, the master key is used to decrypt the TLS session. In contrast to other solutions, TLSkex neither manipulates the network connection nor the communicating application.  ...  Nowadays, many applications by default use encryption of network traffic to achieve a higher level of privacy and confidentiality.  ...  The described traffic decryption method has the only objective to provide a mean that eases the investigation of eventual security incidents within a target virtualized environment.  ... 
doi:10.1016/j.diin.2016.01.014 fatcat:tzzvbfi6xzhi5keqgwdmce37zy

Performance Analysis of Encryption in Securing the Live Migration of Virtual Machines

Yaohui Hu, Sanket Panhale, Tianlin Li, Emine Kaynar, Danny Chan, Umesh Deshpande, Ping Yang, Kartik Gopalan
2015 2015 IEEE 8th International Conference on Cloud Computing  
While VM Migration is critical for load balancing, consolidation, and server maintenance in virtualized datacenters, it can also increase security risks.  ...  In this paper, we present a study of the impact of AES and 3DES encryption algorithms on two widely used live VM migration approaches -pre-copy and postcopy. Our key findings are as follows.  ...  Acknowledgment This work is supported in part by the National Science Foundation through grant CNS-1320689.  ... 
doi:10.1109/cloud.2015.87 dblp:conf/IEEEcloud/HuPLKCDYG15 fatcat:gme3zhdc2jhjpgl4iwswxw2ufy

Protecting Networks from Modern Threats with Next-Generation Firewalls

Rutvik Patel
2021 International Journal of Darshan Institute on Engineering Research & Emerging Technology  
We went through the attacks in great detail since they are among the most common and can harm the device.  ...  We conducted various tests of next-generation firewalls in the following section, reviewing and reporting.  ...  There are two types of unknown threats: The best way to detect these unknown threats is to have files that contain such threats run in a secure and virtual environment.  ... 
doi:10.32692/ijdi-eret/10.1.2021.2105 fatcat:zenn6uj6bvch5pcqq64lceszgm

A survey of methods for encrypted traffic classification and analysis

Petr Velan, Milan Čermák, Pavel Čeleda, Martin Drašar
2015 International Journal of Network Management  
The first contains only data labelled SSH and non-SSH, the second contains traffic from Skype, QQ, SSH, SSL and MSN protocols.  ...  A private, artificially created data set with Skype traffic was used. Other traffic with SSL, SSH, HTTP, SCP, SFTP, VoIP, BitTorrent and other services, was used to test the robustness of the method.  ...  or by Virtual Private Networks (VPN).  ... 
doi:10.1002/nem.1901 fatcat:k4ntvq6lyraq5elxrt2xzxz324

MMS: An autonomic network-layer foundation for network management

Hemant Gogineni, Albert Greenberg, David Maltz, T. Eugene Ng, Hong Yan, Hui Zhang
2010 IEEE Journal on Selected Areas in Communications  
Unfortunately, computer networks today lack an autonomic mechanism that enables such communications, and the stopgap solutions used in practice are seriously flawed.  ...  The MMS includes special recovery APIs that can be extremely useful in practice.  ...  We have also realized that in practice, a management communication subsystem can be under threats of compute and memory resource starvation.  ... 
doi:10.1109/jsac.2010.100103 fatcat:n3wi5p6nibfsrpmeogl67dhibu

A Comparative UAV Forensic Analysis: Static and Live Digital Evidence Traceability Challenges

Fahad E. Salamh, Umit Karabiyik, Marcus K. Rogers, Eric T. Matson
2021 Drones  
Additionally, this study discusses potential drone anti-forensic techniques and their association with the type of use, environment, attack vector, and level of expertise.  ...  This work underlines static and live digital evidence traceability challenges to further enhance the UAV incident response plan.  ...  In regard to the UAV network, intrusion attacks require live monitoring of traffic, including automated detection systems.  ... 
doi:10.3390/drones5020042 fatcat:sd4jzxgvrbdwhe5vqtzpuu364m
« Previous Showing results 1 — 15 out of 380 results