46 Hits in 3.9 sec

Enlisting Hardware Architecture to Thwart Malicious Code Injection [chapter]

Ruby B. Lee, David K. Karig, John P. McGregor, Zhijie Shi
2004 Lecture Notes in Computer Science  
In this paper, we describe a hardware-based secure return address stack (SRAS), which prevents malicious code injection involving procedure return address corruption.  ...  Software vulnerabilities that enable the injection and execution of malicious code in pervasive Internet-connected computing devices pose serious threats to cyber security.  ...  Conclusion Malicious parties utilize buffer overflow vulnerabilities to inject and execute hostile code in an innocent user's machine by corrupting procedure return addresses in the memory stack.  ... 
doi:10.1007/978-3-540-39881-3_21 fatcat:wef5dfoagfftxke54pbua5wfaa

Taxonomy of Cloud Security

Sanchika Gupta, Padam Kumar
2013 International Journal of Computer Science Engineering and Applications  
Cloud computing is envisioned as the next generation architecture for IT Enterprises, and has proliferated itself due to the advantages it provides.Cloud computing provides solutions for carrying out efficient  ...  The pay per usage concept of Cloud computing increases the resource utilisation of a vendor's computing power and resources; at the same time,it results in reduced hardware costs forits users.  ...  CL-1: VT-1: EV-3: SQL injection: The SQL injection is a technique used by attackers in which malicious SQL queries are inserted into the web hosted by the infrastructure layer in a Cloud system.  ... 
doi:10.5121/ijcsea.2013.3505 fatcat:laoqx3yeazah7blsprybzc3ofi

Moving Target Defense for Cloud Infrastructures: Lessons from Botnets [chapter]

Wei Peng, Feng Li, Xukai Zou
2013 High Performance Cloud Auditing and Applications  
This chapter (1) explores the evolution in botnet technologies from the early static architectures to the recent dynamic and resilient architectures that employ various moving target defense (MTD) techniques  ...  While providing elasticity to clients through on-demand service and cost-effectiveness to service providers through efficient resource allocation, current cloud infrastructures are largely homogeneously  ...  Asprox botnet [92] launches SQL injection attacks [13] against vulnerable pages based on Microsoft Active Server Page (MSASP) to inject malicious scripts for propagating malware.  ... 
doi:10.1007/978-1-4614-3296-8_2 fatcat:fh4ki3lduzf53dm2j5gyv6o7hm

Dymo: Tracking Dynamic Code Identity [chapter]

Bob Gilbert, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna
2011 Lecture Notes in Computer Science  
As a result, when a running process is altered, for example, because of an exploit or through injected, malicious code, its identity is not updated to reflect this change.  ...  Code identity is a primitive that allows an entity to recognize a known, trusted application as it executes.  ...  Due to the NDIS architecture, the injection component executes in an arbitrary thread context.  ... 
doi:10.1007/978-3-642-23644-0_2 fatcat:gdm6sb4d5jhrvovrb3z5jyspya

Meet the Sherlock Holmes' of Side Channel Leakage: A Survey of Cache SCA Detection Techniques

Ayaz Akram, Maria Mushtaq, Muhammad Khurram Bhatti, Vianney Lapotre, Guy Gogniat
2020 IEEE Access  
Since, these attacks exploit the caching hardware vulnerabilities, they are fast and dangerous.  ...  To the best of our knowledge, this is the first work to do such a study. We believe that this paper will prove useful to researchers in the area of systems security.  ...  The authors would also like to thank the anonymous reviewers for their valuable feedback.  ... 
doi:10.1109/access.2020.2980522 fatcat:m56pih7ntbdubci2slah7hlkci

Hardware Security of Fog End-Devices for the Internet of Things

Ismail Butun, Alparslan Sari, Patrik Österberg
2020 Sensors  
review, including but not limited to Hardware Security Module, Physically Unclonable Function, System on a Chip, and Tamper Resistant Memory.  ...  As such, the fog devices also need to be secured against cyber-attacks, not only software-wise, but also from hardware alterations and manipulations.  ...  These may be subjected to malicious Hardware Trojan (HT) inserted by the untrusted chip manufacturers.  ... 
doi:10.3390/s20205729 pmid:33050165 pmcid:PMC7601476 fatcat:d7s5tovoefcoxl4jdxntyo6uxu

Trustworthy and Privacy-Aware Sensing for Internet of Things [article]

Ihtesham Haider, Bernhard Rinner
2018 arXiv   pre-print
This work introduces two hardware-based lightweight security mechanisms to ensure sensed data trustworthiness (i.e., sensed data protection and sensor node protection) and usage privacy of the sensors  ...  ~latency, storage, hardware, and communication incurred by our security mechanisms.  ...  Secure Camera Architecture & Prototype The key idea underlying the secure camera architecture is to leverage an on-chip PUF to extract the node's fingerprint from the hardware, which serves as basis for  ... 
arXiv:1808.08549v1 fatcat:gfid27dmb5ao3hbbn2jsc2jzbu

SDN Security Review: Threat Taxonomy, Implications, and Open Challenges

Mohamed Rahouti, Kaiqi Xiong, Yufeng Xin, Senthil Kumar Jagatheesaperumal, Moussa Ayyash, Maliha Shaheed
2022 IEEE Access  
This layout is aimed to enable researchers to focus on the challenges that breach security in SDN communications.  ...  A specific focus is put forward to address the challenges in securing SDN-based communications, with efforts taken up to address them.  ...  A summary of the contributions of this survey is enlisted as follows: TABLE 1.  ... 
doi:10.1109/access.2022.3168972 fatcat:wdjp2kzohjbhvefsjebln2buly

SoK: Understanding BFT Consensus in the Age of Blockchains [article]

Gang Wang
2021 IACR Cryptology ePrint Archive  
For each representative protocol, we conduct an in-depth discussion of its most important architectural building blocks as well as the key techniques they used.  ...  Due to trust issues, it is hard to design a resilient system in practical situations because of the existence of various faults.  ...  With trusted hardware, it is possible to remove the ability of a (malicious) participant to equivocate without requiring communication among other participants.  ... 
dblp:journals/iacr/Wang21c fatcat:wggbkbi25fg43fieebp4qzlk3m

Defense Advanced Research Projects Agency (Darpa) Fiscal Year 2015 Budget Estimates

Department Of Defense Comptroller's Office
2014 Zenodo  
Additionally, DARPA's investment would include the Prosthetic Hand Proprioception and Touch Interfaces (using Haptix sensors) to develop human implantable microsystems to give amputees the ability to have  ...  The Defense Advanced Research Projects Agency (DARPA) FY2015 amounted to $2.9 billion in the President's request to support high-risk, high-reward research.  ...  -Demonstrate the capability to wrap C2 software codes as a means to thwart cyber attack.  ... 
doi:10.5281/zenodo.1215345 fatcat:fjzhmynqjbaafk67q2ckcblj2m

A Survey on Software-Defined Wireless Sensor Networks: Challenges and Design Requirements

Hlabishi I. Kobo, Adnan M. Abu-Mahfouz, Gerhard P. Hancke
2017 IEEE Access  
The SDN approach to WSNs seeks to alleviate most of the challenges and ultimately foster efficiency and sustainability in WSNs.  ...  Moreover, it delves into some of the challenges facing this paradigm, as well as the major SDWSN design requirements that need to be considered to address these challenges.  ...  On the Transport layer, the adversary floods connection requests to a particular node to consume its resources. Attacks on the application layer include data corruption and malicious code.  ... 
doi:10.1109/access.2017.2666200 fatcat:ez7r7ej6hnfybiifhebrmupxdu

Throughput and Error State Performance of AMC Scheme in 3G Wireless Systems

KannaRao Shatarasi KannaRao Shatarasi
2013 IOSR Journal of Computer Engineering  
In this technique it is possible to switch the modulation order and coding rate in order to better match the channel conditions.  ...  The aim of this paper is to increase the transmission data rate which the high order modulation scheme with low coding redundancy is used.  ...  I would like to express my best and special thanks to you, my younger brother , for your support and a lovely gift. MR.  ... 
doi:10.9790/0661-0960104 fatcat:rqf5wioj45gxxj6cha7lgg33ci

I'm not sure if we're okay

Mark E. Fioravanti, Matt Bishop, Richard Ford
2016 Proceedings of the 2016 New Security Paradigms Workshop on - NSPW  
We argue that this idea of mutual uncertainty is a new paradigm which opens the way to novel solutions in the space.  ...  However, with these defensive countermeasures, typically the defender has the ability to derive full knowledge of the system (as is the case in, for example, Instruction Set Randomization), but the attacker  ...  The authors would like to thank Dr.  ... 
doi:10.1145/3011883.3011889 dblp:conf/nspw/FioravantiBF16 fatcat:3c4dlo662rgb7l2x2kegwwevli

Revisiting Client Puzzles for State Exhaustion Attacks Resilience [article]

Mohammad A. Noureddine and Ahmed Fawaz and Tamer Basar and William H. Sanders
2018 arXiv   pre-print
Our results show that client puzzles are effective at boosting the tolerance of the TCP handshake channel to state exhaustion DDoS attacks by rate limiting the flood rate of malicious attackers while allocating  ...  Our results illustrate the benefits that the servers and clients amass from the deployment of TCP client puzzles and incentivize their adoption as means to enhance tolerance to multi-vectored DDoS attacks  ...  TVA: A DoSlimiting Network Architecture. IEEE/ACM Trans. Netw. 16, 6, 1267-1280.  ... 
arXiv:1807.11892v1 fatcat:7bdugvyq6fgajook3smkeojlpe

Architectural Tactics for Big Data Cybersecurity Analytic Systems: A Review [article]

Faheem Ullah, M. Ali Babar
2018 arXiv   pre-print
support in the literature (b) empirical investigation is required to evaluate the impact of codified architectural tactics (c) a good deal of research effort should be invested to explore the trade-offs  ...  Objective: This paper reports a systematic review aimed at identifying the most frequently reported quality attributes and architectural tactics for Big Data Cybersecurity Analytic Systems.  ...  critical for security analytics and the architectural tactics for achieving the emphasized quality attributes; (ii) Generating initial codes: After gaining the understanding, initial codes were assigned  ... 
arXiv:1802.03178v1 fatcat:m6yigyrqrvcpdhg7qxncdh3lsi
« Previous Showing results 1 — 15 out of 46 results