198 Hits in 6.8 sec

Java Card Combined Attacks with Localization-Agnostic Fault Injection [chapter]

Julien Lancia
2013 Lecture Notes in Computer Science  
In this paper, we present a paradigm for combined attacks on Java Cards that lowers the requirements on the localization precision of the fault injection.  ...  Finally, we demonstrate the eciency of our approach through fault injection simulation.  ...  as part of a combined Java Card attack.  ... 
doi:10.1007/978-3-642-37288-9_3 fatcat:3f75jbkmlvg3nifsbkw3g53lma

Secure and Trusted Application Execution on Embedded Devices [chapter]

Konstantinos Markantonakis, Raja Naeem Akram, Mehari G. Msgna
2015 Lecture Notes in Computer Science  
In this paper, we examine the security threats to embedded devices along with the associated prevention mechanisms.  ...  Such an agnostic view on the security and trust of the embedded devices can be pivotal in their adoption and trust acquisition from the general public and service providers.  ...  Modification to the runtime data is usually carried out by injecting a fault during the execution of the application.  ... 
doi:10.1007/978-3-319-27179-8_1 fatcat:qann2ltknrdgrpt4y665s5gk5u

Data-centric anomalies in sensor network deployments: analysis and detection

Giovani Rimon Abuaitah, Bin Wang
2012 2012 IEEE 9th International Conference on Mobile Ad-Hoc and Sensor Systems (MASS 2012)  
Sensor data are later processed, analyzed, visualized, and reasoned over with the help of several decision making tools.  ...  Training With Injected Faults. In this experiment, we injected a number of faults at different time windows during the beginning of the IBRL deployment.  ...  Then we injected a number of fault models designed in Chapter 4 to obtain a ground truth highly representative of the actual faults in the IBRL dataset. Training With Real Faults.  ... 
doi:10.1109/mass.2012.6708514 dblp:conf/mass/AbuaitahW12 fatcat:ycuwmpya6fbjro25s4ghx63epi

A Survey on Trust Metrics for Autonomous Robotic Systems [article]

Vincenzo DiLuoffo, William R.Michalson
2021 arXiv   pre-print
By using the numbering of the SAP score card and reference labels from NG score card, the result is a combined set of trust metric values that can be used in our model.  ...  The next technique is similar to an Attack graph but is called a Fault Tree.  ... 
arXiv:2106.15015v2 fatcat:wltnmhxl5vghnopdxs36v2gpcm

Software-Defined Networking: A Comprehensive Survey [article]

Diego Kreutz and Fernando M. V. Ramos and Paulo Verissimo and Christian Esteve Rothenberg and Siamak Azodolmolky and Steve Uhlig
2014 arXiv   pre-print
In particular, we address the design of switches and control platforms -- with a focus on aspects such as resiliency, scalability, performance, security and dependability -- as well as new opportunities  ...  As expected, one of the most common means of executing those attacks is through the network, either the Internet or the local area network.  ...  Vector 6 no Potential attack inflation. Vector 7 no Negative impact on fast recovery and fault diagnosis.  ... 
arXiv:1406.0440v3 fatcat:usdyjgdys5h3foowmq6qvih3e4

Cybersecurity: Past, Present and Future [article]

Shahid Alam
2022 arXiv   pre-print
With these improvements come new challenges, and one of the main challenges is security. The security of the new cyberspace is called cybersecurity.  ...  To keep pace with these advancements in cyber technologies there is a need to expand research and develop new cybersecurity methods and tools to secure these domains and environments.  ...  There are two approaches [Hsueh et al., 1997] used to inject the vulnerabilities into a chip: (1) Hardware Fault Injection: This approach requires an additional hardware to inject faults into the target  ... 
arXiv:2207.01227v1 fatcat:vfx54hq3ejc7dlfestj6dkstpa

An Exploratory Study of Experimental Tools for Wireless Sensor Networks

A.K. Dwivedi, O.P. Vyas
2011 Wireless Sensor Network  
standards agnostic, allowing the user to implement forms (for example, Java Cards, SunSPOT).  ...  point the user to a small number of probable causes. • FIND [143] is a novel method to detect nodes with data faults that neither assumes a particular sensing model nor requires costly event injections  ... 
doi:10.4236/wsn.2011.37025 fatcat:xmmujz25sbdwdo4kf56wuc42n4

Toward Engineering a Secure Android Ecosystem

Meng Xu, Chenxiong Qian, Sangho Lee, Taesoo Kim, Chengyu Song, Yang Ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee
2016 ACM Computing Surveys  
Unfortunately, these properties also leave Android vulnerable, attracting attacks for profit or fun. To mitigate these threats, numerous issue-specific solutions have been proposed.  ...  With the increasing number and complexity of security problems and solutions, we believe this is the right moment to step back and systematically re-evaluate the Android security architecture and security  ...  If users or developers choose to store it in external storage, such as SD Cards, a malicious app with write permission of SD Cards can easily tamper with the downloaded APK file and inject malicious code  ... 
doi:10.1145/2963145 fatcat:d5vhxpdywrevvbh4as6vvt576q

Software-Defined Networking: A Comprehensive Survey

Diego Kreutz, Fernando M. V. Ramos, Paulo Esteves Verissimo, Christian Esteve Rothenberg, Siamak Azodolmolky, Steve Uhlig
2015 Proceedings of the IEEE  
It is both difficult to configure the network according to predefined policies, and to reconfigure it to respond to faults, load and changes.  ...  In particular, we address the design of switches and control platforms -with a focus on aspects such as resiliency, scalability, performance, security and dependability -as well as new opportunities for  ...  As expected, one of the most common means of executing those attacks is through the network, either the Internet or the local area network.  ... 
doi:10.1109/jproc.2014.2371999 fatcat:azqmynutpfgl7lovrg7qxdnl2u

IoT Software Security Building Blocks [chapter]

Sunil Cheruvu, Anil Kumar, Ned Smith, David M. Wheeler
2019 Demystifying Internet of Things Security  
An attacker places code into the data used to trigger the fault and constructs the fault injection to force execution of, or redirection to, the injected code as part of the fault.  ...  The following five items represent the common attack pattern used in Step 4, exploitation: • Fault Injection: A fault injection creates or forces an execution fault in a process or thread; part of the  ... 
doi:10.1007/978-1-4842-2896-8_4 fatcat:5ffon6fjtnh6rfkpnbtwoxk7ou

A Comprehensive Survey on the Applications of Blockchain for Securing Vehicular Networks [article]

Tejasvi Alladi, Vinay Chamola, Nishad Sahu, Vishnu Venkatesh, Adit Goyal, Mohsen Guizani
2022 arXiv   pre-print
The security perspective focuses on security requirements and attacks.  ...  With any large-scale technological integration comes the challenge of providing security. Blockchain technology has been a popular choice of many studies for making the vehicular network more secure.  ...  It can also be in the form of GPS spoofing attacks, where adversaries inject false position data in location-based networks [57] . 6) Malicious Third Party (MTP) or bad-mouthing attack: Most blockchain-based  ... 
arXiv:2201.04803v1 fatcat:yhm4umjt45ho5fu7mbeu7g66sq

Advanced Methods for Botnet Intrusion Detection Systems [chapter]

Son T., Mohammed S.
2011 Intrusion Detection Systems  
In a botnet DDoS attack, the botmaster can command all its bots to attack a particular server (example: at a particular date, time and for a duration via a malicious or anonymous  ...  (Singh et al., 2008) discusses the use of email as C&C by using a combination of encryption and steganography in email content.  ...  Legitimate sites could be infected by a SQL injection attack which would then contain malicious iframe pointers to malicious servers.  ... 
doi:10.5772/15401 fatcat:sba5cb73kfcptkzkh7fqdc5pqu

Railgun: managing large streaming windows under MAD requirements [article]

Ana Sofia Gomes, João Oliveirinha, Pedro Cardoso, Pedro Bizarro
2021 arXiv   pre-print
As these applications need to run 'forever' and cope with large, spiky data loads, they further require to be run in a distributed setting.  ...  In this paper, we propose Railgun, a fault-tolerant, elastic, and distributed streaming system supporting real-time sliding windows for scenarios requiring high loads and millisecond-level latencies.  ...  Delayed windows are especially useful in bot-attacks scenarios.  ... 
arXiv:2106.12626v1 fatcat:otrohxszszay7dwp4cdmcrfqke

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things

João Costa Gondim, Robson de Oliveira Albuquerque, Anderson Clayton Alves Nascimento, Luis García Villalba, Tai-Hoon Kim
2016 Sensors  
The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker.  ...  Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure.  ...  This combination of traffic amplifying operation with weak access control makes SNMPv2c easily exploitable in AR-DDoS attacks.  ... 
doi:10.3390/s16111855 pmid:27827931 pmcid:PMC5134514 fatcat:dzivpnuvung5zfpoytibusm6fu


Arash Shaghaghi, Mohamed Ali Kaafar, Sanjay Jha
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
In fact, it has no reliance on pre-defined rules by an administrator and may be easily imported to protect SDN networks with different setups, forwarding devices, and controllers.  ...  The situation is likely to worsen in Software Defined Networks (SDNs) with the incompatibility of existing solutions, use of programmable soft switches and the potential of bringing down an entire network  ...  Packet dropping is used in attacks such Denial of Service (DoS) against network provider. WedgeTail detects packet dropping as follows: Detection: If A ⊆ E and card(A) < card(E). 4.  ... 
doi:10.1145/3052973.3053039 dblp:conf/ccs/ShaghaghiKJ17 fatcat:ry3jnuab45fudj7nvktfjgr5ui
« Previous Showing results 1 — 15 out of 198 results