A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf
.
Filters
Securing networked embedded systems code through distributed systems analysis
2017
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)
Things and Cloud Computing are increasing the importance of techniques to analyze and understand Networked Embedded Systems. ...
outra, uma ferramenta que chamamos de DistViewer, usa os grafos gerados pelo arcabouço para fornecer uma visão inter-programa do sistema distribuído. ix Abstract New technologies such as the Internet of ...
The instance SIoT described in Section 4.2 detects memory accesses that are vulnerable to buer overow attacks. ...
doi:10.23919/inm.2017.7987383
dblp:conf/im/TeixeiraNO17
fatcat:zacdqtdyqncj5nf5irwv7rsdgi
HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
[article]
2020
arXiv
pre-print
We evaluate SRI's effectiveness by comparing the performance of micro-fuzzing with SRI, measured by the number of AC vulnerabilities detected, to simply using empty values as seed inputs. ...
In this paper, we present HotFuzz, a framework for automatically discovering AC vulnerabilities in Java libraries. ...
The views and conclusions contained herein are those of the authors and should not be interpreted as representing the official policies or endorsements, either expressed or implied, of any government agency ...
arXiv:2002.03416v1
fatcat:zb72iomeabdmjiig2yn5vdgsz4
Spectre is here to stay: An analysis of side-channels and speculative execution
[article]
2019
arXiv
pre-print
For (1) we introduce a mathematical meta-model that clarifies the source of side-channels in simulations and CPUs. ...
In the face of this reality, we have shifted the security model of the Chrome web browser and V8 to process isolation. ...
Acknowledgements Our work on Spectre was a close collaboration among dozens of engineers across several companies. We ...
arXiv:1902.05178v1
fatcat:yfsanonptreebphbefhyydfen4
POW-HOW: An enduring timing side-channel to evade online malware sandboxes
[article]
2021
arXiv
pre-print
Specifically, we leverage the asymptotic behavior of the computational cost of PoW algorithms when they run on some classes of hardware platforms to effectively detect a non bare-metal environment of the ...
In this paper, we show how an attacker can evade detection on such online services by incorporating a Proof-of-Work (PoW) algorithm into a malware sample. ...
Side-channel Measurement Various techniques have been proposed to detect if applications are running inside a sandbox/virtualizer/emulator. ...
arXiv:2109.02979v2
fatcat:2pgzanyjtrdjbmz7pqhz7qmcdi
The Meaning of Attack-Resistant Systems
[article]
2015
arXiv
pre-print
Can we quantify and show that these defense mechanisms provide formal security guarantees, albeit partial, even in the presence of exploitable vulnerabilities?". ...
In our setting, a program may contain exploitable vulnerabilities, such as buffer overflows, but appropriate defense mechanisms built into the program or the operating system render such vulnerabilities ...
On the other hand, in the past years several attacks have been published against implementation of many of those defense mechanisms: some of these attacks leverage side-channels (i.e. timing side-channels ...
arXiv:1502.04023v3
fatcat:fqpbykjrore5tib655lozlpfaq
High performance distributed Denial-of-Service resilient web cluster architecture
2008
NOMS 2008 - 2008 IEEE Network Operations and Management Symposium
WARD is better-suited to handling overload conditions in dynamic web content, which are known to stress compute resources more than the network. ...
This dissertation proposes a web hosting architecture consisting of a grid of clusters, to provide high-performance in the presence of standard overload conditions as well as resilience during attacks. ...
Vulnerability to Attacks This section characterizes the effectiveness of layer-7 DDoS attacks in overwhelming the server resources on an e-commerce application. ...
doi:10.1109/noms.2008.4575272
dblp:conf/noms/RanjanK08
fatcat:442lbj36gnbfdnpo2a4wsd4lgy
Trend Towards the Use of Complex Networks in Cloud Computing Environment
2015
International Journal of Hybrid Information Technology
Computation in cloud is completed with the aim to reach maximum resource utilization with higher availability at minimized cost. ...
Its main focus may be the analysis of small networks to that particular of system with thousands or millions of node. ...
The flip side is that such networks are vulnerable to deliberate attacks on the hubs [7] . ...
doi:10.14257/ijhit.2015.8.3.26
fatcat:yonoeg54pjfrjpxvcgg6ala5pa
Research challenges towards the Future Internet
2011
Computer Communications
This calls for extraordinary research efforts at all levels of the protocol stack to address the challenges of existing and future networked applications and services in terms of scalability, mobility, ...
, identified by members of the journal editorial board to stimulate further research activities in these areas. ...
resolution video is played back across screens of two mobile devices placed side by side. ...
doi:10.1016/j.comcom.2011.09.001
fatcat:wuuutbnyafglditfge46ejs2yu
A Decentralized and Proactive Architecture based on the Cyber Physical System Paradigm for Smart Transmission Grids Modelling, Monitoring and Control
2016
Technology and Economics of Smart Grids and Sustainable Energy
More specifically, the idea is to conceptualize a holistic architecture that enables the computing resources to deliver much more automation that the sum of its individually self-managed components, allowing ...
Moreover, it allows TSO to develop content-based data extraction and aggregation from a host of pervasive sensors network and to exploit distributed embedded computing resources aimed at solving large-scale ...
The idea is to conceptualize a holistic framework based on a collection of interactive web services, which enables the computing resources to deliver much more automation that the sum of its individually ...
doi:10.1007/s40866-016-0006-1
fatcat:u4p7ahyf2rco3i7u7uacvh25ay
D3.1 Final System Architecture, Programming Interfaces And Security Framework Specification
2018
Zenodo
This deliverable provides the specification of the architecture, APIs and the security framework designed by the Superfluidity project. ...
application (e.g., a web server). ...
Prevention control reduces the vulnerabilities e.g., by reducing the number of possible targets and/or hiding some of them. Detection takes action on incidents already in progress. ...
doi:10.5281/zenodo.1230494
fatcat:sockptarwjhq7gciqicfzemm5i
A Survey on Security and Privacy of 5G Technologies: Potential Solutions, Recent Advancements and Future Directions
2019
IEEE Communications Surveys and Tutorials
of detection and MMSE channel estimation. ...
Ring-fencing provide flexibility to run in all conditions. Side channel attacks due to same set of primary hardware. ...
doi:10.1109/comst.2019.2933899
fatcat:bulfng6levdelgmel7oxoi6pna
Efficient Testing of Recovery Code Using Fault Injection
2011
ACM Transactions on Computer Systems
We present a framework for writing precise triggers that inject desired faults, in the form of error return codes and corresponding side effects, at the boundary between applications and libraries. ...
In this article, we present a library-level fault injection engine that enables the productive use of fault injection for software testing. ...
ACKNOWLEDGMENTS We thank Radu Banabic for his help on the experimental section of this article. ...
doi:10.1145/2063509.2063511
fatcat:lvwuz2cwbfagtbhyas3wfh3si4
Virtual and Augmented Reality
2018
IEEE Computer Graphics and Applications
Distinguish different vulnerabilities associated with computer systems.
4. Reproduce and detect vulnerable scenarios in existing software. ...
Web architecture and its security challenges Overview of the web architecture; essential aspects of http; focus on serverside scripting and client-side scripting for delivering dynamic web pages. ...
Identify the sources of vulnerability in a cyber physical system systematically via attack surfaces 4. ...
doi:10.1109/mcg.2018.021951630
fatcat:qbnwukkylvf7dacyk2ko5fval4
TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications
2019
IEEE Communications Surveys and Tutorials
Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. ...
According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential ...
The impact of the use of side channels depends on when the side channel will be used. The first case consists on the use of the side channel during the TLS handshake. ...
doi:10.1109/comst.2019.2914453
fatcat:lwwk7pbogfeidhc4t6wth5gvne
Security and Privacy Issues in Autonomous Vehicles: A Layer-Based Survey
2022
IEEE Open Journal of the Communications Society
We examine different attacks launched in a layer-based approach. We conceptualize the architecture of AVs in a four-layered model. ...
They collect huge troves of information, which needs to be protected from breaches. In this work, we investigate security challenges and privacy concerns in AVs. ...
In addition, parts of this paper, specifically Sections I, II, IV, and V, were made possible by NPRP grants NPRP13S-0205-200270 from the Qatar National Research VOLUME 3, 2022 ...
doi:10.1109/ojcoms.2022.3169500
fatcat:dfiozub5kfag7gcdygumj7ieuy
« Previous
Showing results 1 — 15 out of 713 results