To see the other types of publications on this topic, follow the link: Untrusted Code.
Journal articles on the topic 'Untrusted Code'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 49 journal articles for your research on the topic 'Untrusted Code.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Lampson, Butler. "Making untrusted code useful." Communications of the ACM 54, no. 11 (November 2011): 92. http://dx.doi.org/10.1145/2018396.2018418.
Full text
2
Patel, Parveen, Andrew Whitaker, David Wetherall, Jay Lepreau, and Tim Stack. "Upgrading transport protocols using untrusted mobile code." ACM SIGOPS Operating Systems Review 37, no. 5 (December 2003): 1–14. http://dx.doi.org/10.1145/1165389.945447.
Full text
3
Sewell, Peter, and Jan Vitek. "Secure composition of untrusted code: box π, wrappers, and causality types." Journal of Computer Security 11, no. 2 (April 1, 2003): 135–87. http://dx.doi.org/10.3233/jcs-2003-11202.
Full text
4
Bugerya, A. B., V. Yu Efimov, I. I. Kulagin, V. A. Padaryan, M. A. Solovev, and A. Yu Tikhonov. "A software complex for revealing malicious behavior in untrusted binary code." Proceedings of the Institute for System Programming of the RAS 31, no. 6 (2019): 33–64. http://dx.doi.org/10.15514/ispras-2019-31(6)-3.
Full text
5
Liu, Hua Xiao, and Ying Jin. "Enumeration Based Security Behavior Model Checking Algorithm." Applied Mechanics and Materials 20-23 (January 2010): 808–13. http://dx.doi.org/10.4028/www.scientific.net/amm.20-23.808.
Full textAbstract:
Model Carrying Code(MCC) provides a way to safe execution of untrusted code by taking both mobile code producer and consumers into consideration, where it checks mobile code security by comparing security related program behavior model with security policies. In this paper an enumeration based algorithm to checking security related behavior with respect to security policy has been given, where security behavior has been modeled as extended context free grammar and the security policy has been specified as extended FSA. Solutions to dealing with loops and recursions have been introduced. A program has been developed for implementing the algorithm, and several experiments have been done. It has been indicated that our algorithm can effectively check small scale security behavior models on the basis of simple security policies.
6
Howard, Heidi, Fritz Alder, Edward Ashton, Amaury Chamayou, Sylvan Clebsch, Manuel Costa, Antoine Delignat-Lavaud, et al. "Confidential Consortium Framework: Secure Multiparty Applications with Confidentiality, Integrity, and High Availability." Proceedings of the VLDB Endowment 17, no. 2 (October 2023): 225–40. http://dx.doi.org/10.14778/3626292.3626304.
Full textAbstract:
Confidentiality, integrity protection, and high availability, abbreviated to CIA, are essential properties for trustworthy data systems. The rise of cloud computing and the growing demand for multiparty applications however means that building modern CIA systems is more challenging than ever. In response, we present the Confidential Consortium Framework (CCF), a general-purpose foundation for developing secure stateful CIA applications. CCF combines centralized compute with decentralized trust, supporting deployment on untrusted cloud infrastructure and transparent governance by mutually untrusted parties. CCF leverages hardware-based trusted execution environments for remotely verifiable confidentiality and code integrity. This is coupled with state machine replication backed by an auditable immutable ledger for data integrity and high availability. CCF enables each service to bring its own application logic, custom multiparty governance model, and deployment scenario, decoupling the operators of nodes from the consortium that governs them. CCF is open-source and available now at https://github.com/microsoft/CCF.
7
Han, Jideng, Zhaoxin Zhang, Yuejin Du, Wei Wang, and Xiuyuan Chen. "ESFuzzer: An Efficient Way to Fuzz WebAssembly Interpreter." Electronics 13, no. 8 (April 15, 2024): 1498. http://dx.doi.org/10.3390/electronics13081498.
Full textAbstract:
WebAssembly code is designed to run in a sandboxed environment, such as a web browser, providing a high level of security and isolation from the underlying operating system and hardware. This enables the execution of untrusted code in a web browser without compromising the security and integrity of the user’s system. This paper discusses the challenges associated with using fuzzing tools to identify vulnerabilities or bugs in WebAssembly interpreters. Our approach, known as ESFuzzer, introduces an efficient method for fuzzing WebAssembly interpreters using an Equivalent-Statement concept and the Stack Repair Algorithm. The samples generated by our approach successfully passed code validation. In addition, we developed effective mutation strategies to enhance the efficacy of our approach. ESFuzzer has demonstrated its ability to generate code that achieves 100% WebAssembly validation testing and achieves code coverage that is more than twice that of libFuzzer. Furthermore, the 24-h experiment results show that ESFuzzer performs ten times more efficiently than libFuzzer.
8
FERRARI, GIANLUIGI, EUGENIO MOGGI, and ROSARIO PUGLIESE. "MetaKlaim: a type safe multi-stage language for global computing." Mathematical Structures in Computer Science 14, no. 3 (May 20, 2004): 367–95. http://dx.doi.org/10.1017/s0960129504004165.
Full textAbstract:
This paper describes the design and semantics of METAKLAIM, which is a higher order distributed process calculus equipped with staging mechanisms. METAKLAIM integrates METAML (an extension of SML for multi-stage programming) and KLAIM (a Kernel Language for Agents Interaction and Mobility), to permit interleaving of meta-programming activities (such as assembly and linking of code fragments), dynamic checking of security policies at administrative boundaries and ‘traditional’ computational activities on a wide area network (such as remote communication and code mobility). METAKLAIM exploits a powerful type system (including polymorphic types á la system F) to deal with highly parameterised mobile components and to enforce security policies dynamically: types are metadata that are extracted from code at run-time and are used to express trustiness guarantees. The dynamic type checking ensures that the trustiness guarantees of wide area network applications are maintained whenever computations interoperate with potentially untrusted components.
9
Mitropoulos, Dimitris, and Diomidis Spinellis. "Fatal injection: a survey of modern code injection attack countermeasures." PeerJ Computer Science 3 (November 27, 2017): e136. http://dx.doi.org/10.7717/peerj-cs.136.
Full textAbstract:
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. Currently, CIAs are considered one of the most damaging classes of application attacks since they can severely affect an organisation’s infrastructure and cause financial and reputational damage to it. In this paper we examine and categorize the countermeasures developed to detect the various attack forms. In particular, we identify two distinct categories. The first incorporates static program analysis tools used to eliminate flaws that can lead to such attacks during the development of the system. The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. Our analysis is based on nonfunctional characteristics that are considered critical when creating security mechanisms. Such characteristics involve usability, overhead, implementation dependencies, false positives and false negatives. Our categorization and analysis can help both researchers and practitioners either to develop novel approaches, or use the appropriate mechanisms according to their needs.
10
Gourdin, Léo, Benjamin Bonneau, Sylvain Boulmé, David Monniaux, and Alexandre Bérard. "Formally Verifying Optimizations with Block Simulations." Proceedings of the ACM on Programming Languages 7, OOPSLA2 (October 16, 2023): 59–88. http://dx.doi.org/10.1145/3622799.
Full textAbstract:
CompCert (ACM Software System Award 2021) is the first industrial-strength compiler with a mechanically checked proof of correctness. Yet, CompCert remains a moderately optimizing C compiler. Indeed, some optimizations of “gcc -O1” such as Lazy Code Motion (LCM) or Strength Reduction (SR) were still missing: developing these efficient optimizations together with their formal proofs remained a challenge. Cyril Six et al. have developed efficient formally verified translation validators for certifying the results of superblock schedulers and peephole optimizations. We revisit and generalize their approach into a framework (integrated into CompCert) able to validate many more optimizations: an enhanced superblock scheduler, but also Dead Code Elimination (DCE), Constant Propagation (CP), and more noticeably, LCM and SR. In contrast to other approaches to translation validation, we co-design our untrusted optimizations and their validators. Our optimizations provide hints, in the forms of invariants or CFG morphisms , that help keep the formally verified validators both simple and efficient. Such designs seem applicable beyond CompCert.
11
Markin, Dmitry Olegovich, Sergey Mikhailovich Makeev, and Thaj Trung Ho. "Security threat level estimation for untrusted software based on TrustZone technology." Proceedings of the Institute for System Programming of the RAS 34, no. 1 (2022): 35–48. http://dx.doi.org/10.15514/ispras-2022-34(1)-3.
Full textAbstract:
The paper proposes a model for assessing the security of information processed by untrusted software from the components of the TrustZone technology. The results of vulnerability analysis of TrustZone technology implementations are presented. The structure of the trustlets security analysis tool has been developed. The paper deals with the problem of assessing the credibility of foreign-made software and hardware based on processors with the ARM architecture. The main results of the work are the classification of trustlets using their threat level assessment and the model of security threat level estimation of information processed by trustlets. Trustlets are software that operates in a trusted execution environment based on TrustZone technology in computers with ARM processors. An assessment of the security of information processed by trustlets for some implementations of trusted execution environments was carried out. The structural scheme of the analysis tool that allows identifying potentially dangerous code constructs in binary files of trustlets is presented. Also analysis tool's algorithm performing syntactic analysis of trustlet data is described. The calculation of the security assessment is carried out on the basis of a set of features proposed by authors. Calculated security assessment levels can be used to classify trustlets that are part of «trusted» operating systems based on TrustZone technology. The levels of potential threat to the security of the information they process are used to differ trustlets during certification tests and vulnerability search. It is advisable to use the results of the work in the interests of conducting certification tests of computer software based on processors with ARM architecture.
12
Pasupuleti, Syam Kumar. "Privacy-Preserving Public Auditing and Data Dynamics for Secure Cloud Storage Based on Exact Regenerated Code." International Journal of Cloud Applications and Computing 9, no. 4 (October 2019): 1–20. http://dx.doi.org/10.4018/ijcac.2019100101.
Full textAbstract:
Cloud storage allows users to store their data in the cloud to avoid local storage and management costs. Since the cloud is untrusted, the integrity of stored data in the cloud has become an issue. To address this problem, several public auditing schemes have been designed to verify integrity of the data in the cloud. However, these schemes have two drawbacks: public auditing may reveal sensitive data to verifier and does not address the data recovery problem efficiently. This article proposes a new privacy-preserving public auditing scheme with data dynamics to secure the data in the cloud based on an exact regenerated code. This scheme encodes the data for availability, then masks the encoded blocks with randomness for privacy of data and enables a public auditor to verify the integrity of the data. Further, this scheme also supports dynamic data updates. In addition, security and performance analysis proves that proposed scheme is provably secure and efficient.
13
Mironov, Denis Dmitrievich, Daniil Alekseevich Sigalov, and Maxim Petrovich Malkov. "Research into Occurrence of Insecurely-Serialized Objects in Client-Side Code of Web-Applications." Proceedings of the Institute for System Programming of the RAS 35, no. 1 (2023): 223–36. http://dx.doi.org/10.15514/ispras-2023-35(1)-14.
Full textAbstract:
This paper studies the occurrence of insecure deserialization in communication between client-side code and the server-side of a web application. Special attention was paid to serialized objects sent from JavaScript client-side code. Specific patterns of using serialized objects within the client-side JavaScript code were identified and unique classes were formulated, whose main goal is to facilitate manual and automatic analysis of web applications. A tool that detects a serialized object in the client-side code of a web page has been designed and implemented. This tool is capable of finding encoded serialized objects as well as serialized objects encoded using several sequentially applied encodings. For found samples of serialized objects, the tool determines the context in which the found object appears on the page. For objects inside JavaScript code, the tool identifies the previously mentioned classes by mapping the vertices of the abstract syntax tree (AST) of the code. Web application endpoints were checked for whether programming objects were deserialized on the server side, after obtaining the results of the study. As a result of this check, previously unknown vulnerabilities were found, which were reported to the developers of this software. One of them was identified as CVE-2022-24108. Based on the results of this research, a method was proposed to facilitate both manual and automated searches for vulnerabilities of the "Deserialization of untrusted data". The proposed algorithm was tested on more than 50,000 web application pages from the Alexa Top 1M list, as well as on 20,000 web application pages from Bug Bounty programs.
14
Andrici, Cezar-Constantin, Ștefan Ciobâcă, Cătălin Hriţcu, Guido Martínez, Exequiel Rivas, Éric Tanter, and Théo Winterhalter. "Securing Verified IO Programs Against Unverified Code in F*." Proceedings of the ACM on Programming Languages 8, POPL (January 5, 2024): 2226–59. http://dx.doi.org/10.1145/3632916.
Full textAbstract:
We introduce SCIO*, a formally secure compilation framework for statically verified programs performing input-output (IO). The source language is an F* subset in which a verified program interacts with its IO-performing context via a higher-order interface that includes refinement types as well as pre- and post-conditions about past IO events. The target language is a smaller F* subset in which the compiled program is linked with an adversarial context that has an interface without refinement types, pre-conditions, or concrete post-conditions. To bridge this interface gap and make compilation and linking secure we propose a formally verified combination of higher-order contracts and reference monitoring for recording and controlling IO operations. Compilation uses contracts to convert the logical assumptions the program makes about the context into dynamic checks on each context-program boundary crossing. These boundary checks can depend on information about past IO events stored in the state of the monitor. But these checks cannot stop the adversarial target context before it performs dangerous IO operations. Therefore linking in SCIO* additionally forces the context to perform all IO actions via a secure IO library, which uses reference monitoring to dynamically enforce an access control policy before each IO operation. We prove in F* that SCIO* soundly enforces a global trace property for the compiled verified program linked with the untrusted context. Moreover, we prove in F* that SCIO* satisfies by construction Robust Relational Hyperproperty Preservation, a very strong secure compilation criterion. Finally, we illustrate SCIO* at work on a simple web server example.
15
De Nicola, Rocco, and Michele Loreti. "Modelling global computations with Klaim." Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences 366, no. 1881 (July 31, 2008): 3737–45. http://dx.doi.org/10.1098/rsta.2008.0148.
Full textAbstract:
A new area of research, known as Global Computing, is by now well established. It aims at defining new models of computation based on code and data mobility over wide-area networks with highly dynamic topologies, and at providing infrastructures to support coordination and control of components originating from different, possibly untrusted, fault-prone, malicious or selfish sources. In this paper, we present our contribution to the field of Global Computing that is centred on Kernel Language for Agents Interaction and Mobility ( Klaim ). Klaim is an experimental language specifically designed to programme distributed systems consisting of several mobile components that interact through multiple distributed tuple spaces. We present some of the key notions of the language and discuss how its formal semantics can be exploited to reason about qualitative and quantitative aspects of the specified systems.
16
Kolosick, Matthew, Shravan Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, and Deian Stefan. "Isolation without taxation: near-zero-cost transitions for WebAssembly and SFI." Proceedings of the ACM on Programming Languages 6, POPL (January 16, 2022): 1–30. http://dx.doi.org/10.1145/3498688.
Full textAbstract:
Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. Mozilla, for example, uses SFI to harden the Firefox browser by sandboxing third-party libraries, and companies like Fastly and Cloudflare use SFI to safely co-locate untrusted tenants on their edge clouds. While there have been significant efforts to optimize and verify SFI enforcement, context switching in SFI systems remains largely unexplored: almost all SFI systems use heavyweight transitions that are not only error-prone but incur significant performance overhead from saving, clearing, and restoring registers when context switching. We identify a set of zero-cost conditions that characterize when sandboxed code has sufficient structured to guarantee security via lightweight zero-cost transitions (simple function calls). We modify the Lucet Wasm compiler and its runtime to use zero-cost transitions, eliminating the undue performance tax on systems that rely on Lucet for sandboxing (e.g., we speed up image and font rendering in Firefox by up to 29.7% and 10% respectively). To remove the Lucet compiler and its correct implementation of the Wasm specification from the trusted computing base, we (1) develop a static binary verifier , VeriZero, which (in seconds) checks that binaries produced by Lucet satisfy our zero-cost conditions, and (2) prove the soundness of VeriZero by developing a logical relation that captures when a compiled Wasm function is semantically well-behaved with respect to our zero-cost conditions. Finally, we show that our model is useful beyond Wasm by describing a new, purpose-built SFI system, SegmentZero32, that uses x86 segmentation and LLVM with mostly off-the-shelf passes to enforce our zero-cost conditions; our prototype performs on-par with the state-of-the-art Native Client SFI system.
17
Lescisin, Michael, and Qusay H. Mahmoud. "Evaluation of Dynamic Analysis Tools for Software Security." International Journal of Systems and Software Security and Protection 9, no. 3 (July 2018): 34–59. http://dx.doi.org/10.4018/ijsssp.2018070102.
Full textAbstract:
This article discusses the development of secure software by means of dynamic analysis tools. A secure software-based system should have security checks and balances integrated throughout its entire development lifecycle, including its deployment phase. Therefore, this article covers both using software security tools for testing code in development as well as monitoring code in deployment to ensure that it is operating securely. The security issues discussed in this article will be split into two categories – memory safety issues and input validation issues. Memory safety issues concern problems of unauthorized memory access such as buffer overflows, stack overflows, use-after-free, double-free, memory leaks, etc. Although not strictly a memory safety issue, concurrency issues, such as data races, will be considered as memory safety issues in this article. Input validation issues concern problems where untrusted input is directly passed to handlers which are designed to handle both data and commands. Examples of this include path traversal, SQL injection, command injection, JavaScript/HTML injection, etc. As a result of this significant difference between these two types of security vulnerabilities, two sets of tools are evaluated with one set focusing on memory safety issues and the other on input validation issues. This article explores the benefits and limitations of current software dynamic analysis tools by evaluating them against both the authors test cases as well as the OWASP Benchmark for Security Automation and proposes solutions for implementing secure software applications.
18
Kushwaha, Satpal Singh, Sandeep Joshi, and Amit Kumar Gupta. "An efficient approach to secure smart contract of Ethereum blockchain using hybrid security analysis approach." Journal of Discrete Mathematical Sciences and Cryptography 26, no. 5 (2023): 1499–517. http://dx.doi.org/10.47974/jdmsc-1815.
Full textAbstract:
The technology behind blockchain is quickly becoming one of the most crucial innovations in recent years. The Smart contracts are digital agreements, made in between two untrusted parties. Smart contracts are self-executable small piece of code that gets executed due to some predefined triggering conditions. Smart contracts store cryptocurrencies as their balances and deal in cryptocurrencies on network transactions. Because of this, smart contracts are constantly open to the possibility of being attacked. A single security vulnerability can make the smart contract very much insecure. The immutability property of the blockchain ensures that, once a smart contract has been placed on the blockchain, cannot be modified in any way. So, the smart contract must be analyzed for any kind of security vulnerability before its deployment on the blockchain. Existing analysis approaches detect vulnerabilities with high false positive rates. Our proposed approach analyses the smart contracts using a hybrid combination of pattern matching and symbolic execution, which produces results with a low false positive rate. We have performed a comparative analysis of our proposed approach to prove its efficiency with the existing research approaches on a data set of 453 smart contracts with tagged vulnerabilities.
19
Mondal, Anupam, Shreya Gangopadhyay, Durba Chatterjee, Harishma Boyapally, and Debdeep Mukhopadhyay. "PReFeR : P hysically Re lated F unction bas e d R emote Attestation Protocol." ACM Transactions on Embedded Computing Systems 22, no. 5s (September 9, 2023): 1–23. http://dx.doi.org/10.1145/3609104.
Full textAbstract:
Remote attestation is a request-response based security service that permits a trusted entity (verifier) to check the current state of an untrusted remote device (prover). The verifier initiates the attestation process by sending an attestation challenge to the prover; the prover responds with its current state, which establishes its trustworthiness. Physically Unclonable Function (PUF) offers an attractive choice for hybrid attestation schemes owing to its low overhead security guarantees. However, this comes with the limitation of secure storage of the PUF model or large challenge-response database on the verifier end. To address these issues, in this work, we propose a hybrid attestation framework, named PReFeR , that leverages a new class of hardware primitive known as Physically Related Function (PReF) to remotely attest low-end devices without the requirement of secure storage or heavy cryptographic operations. It comprises a static attestation scheme that validates the memory state of the remote device prior to code execution, followed by a dynamic run-time attestation scheme that asserts the correct code execution by evaluating the content of special registers present in embedded systems, known as hardware performance counters (HPC). The use of HPCs in the dynamic attestation scheme mitigates the popular class of attack known as the time-of-check-time-of-use (TOCTOU) attack, which has broken several state-of-the-art hybrid attestation schemes. We demonstrate our protocol and present our experimental results using a prototype implementation on Digilent Cora Z7 board, a low-cost embedded platform, specially designed for IoT applications.
20
Fei, Shufan, Zheng Yan, Wenxiu Ding, and Haomeng Xie. "Security Vulnerabilities of SGX and Countermeasures." ACM Computing Surveys 54, no. 6 (July 2021): 1–36. http://dx.doi.org/10.1145/3456631.
Full textAbstract:
Trusted Execution Environments (TEEs) have been widely used in many security-critical applications. The popularity of TEEs derives from its high security and trustworthiness supported by secure hardware. Intel Software Guard Extensions (SGX) is one of the most representative TEEs that creates an isolated environment on an untrusted operating system, thus providing run-time protection for the execution of security-critical code and data. However, Intel SGX is far from the acme of perfection. It has become a target of various attacks due to its security vulnerabilities. Researchers and practitioners have paid attention to the security vulnerabilities of SGX and investigated optimization solutions in real applications. Unfortunately, existing literature lacks a thorough review of security vulnerabilities of SGX and their countermeasures. In this article, we fill this gap. Specifically, we propose two sets of criteria for estimating security risks of existing attacks and evaluating defense effects brought by attack countermeasures. Furthermore, we propose a taxonomy of SGX security vulnerabilities and shed light on corresponding attack vectors. After that, we review published attacks and existing countermeasures, as well as evaluate them by employing our proposed criteria. At last, on the strength of our survey, we propose some open challenges and future directions in the research of SGX security.
21
Miladinović, Danko, Adrian Milaković, Maja Vukasović, Žarko Stanisavljević, and Pavle Vuletić. "Secure Multiparty Computation Using Secure Virtual Machines." Electronics 13, no. 5 (March 5, 2024): 991. http://dx.doi.org/10.3390/electronics13050991.
Full textAbstract:
The development of new processor capabilities which enable hardware-based memory encryption, capable of isolating and encrypting application code and data in memory, have led to the rise of confidential computing techniques that protect data when processed on untrusted computing resources (e.g., cloud). Before confidential computing technologies, applications that needed data-in-use protection, like outsourced or secure multiparty computation, used purely cryptographic techniques, which had a large negative impact on the processing performance. Processing data in trusted enclaves protected by confidential computing technologies promises to protect data-in-use while possessing a negligible performance penalty. In this paper, we have analyzed the state-of-the-art in the field of confidential computing and present a Confidential Computing System for Artificial Intelligence (CoCoS.ai), a system for secure multiparty computation, which uses virtual machine-based trusted execution environments (in this case, AMD Secure Encrypted Virtualization (SEV)). The security of the proposed solution, as well as its performance, have been formally analyzed and measured. The paper reveals many gaps not reported previously that still exist in the current confidential computing solutions for the secure multiparty computation use case, especially in the processes of creating new secure virtual machines and their attestation, which are tailored for single-user use cases.
22
Song, Fuyuan, Yiwei Liu, Siyao Ma, Qin Jiang, Xiang Zhang, and Zhangjie Fu. "Enabling Efficient and Privacy-Preserving Task Allocation with Temporal Access Control for Mobile Crowdsensing." Electronics 12, no. 14 (July 10, 2023): 3016. http://dx.doi.org/10.3390/electronics12143016.
Full textAbstract:
The increasing proliferation of GPS-enabled mobile devices, including Unmanned Aerial Vehicles (UAVs), smartphones, and laptops, has resulted in a significant upsurge in the outsourcing of spatial data to cloud servers for storage and computation purposes, such as task allocation and location-based services. However, the reliance on untrusted cloud servers introduces the risk of privacy breaches, as these servers possess the ability to deduce and access users’ private information based on task content and query requirements. Existing privacy-preserving task-allocation schemes offer only coarse-grained and non-temporal access control, which restricts their applicability in scenarios involving multiple users and time-series data, such as trajectory and time-related routes. To overcome these challenges, this paper proposes an Efficient and Privacy-Preserving Task Allocation with Temporal Access Control (EPTA-T) scheme for mobile crowdsensing. By leveraging the techniques of Gray code and randomizable matrix multiplication, EPTA-T achieves efficient and privacy-preserving task allocation in mobile crowdsensing. Specifically, EPTA-T supports fine-grained and temporal access control through the utilization of an attribute-based access tree and function integration. The formal security analysis demonstrated that EPTA-T effectively guarantees data privacy and query privacy throughout the task allocation process. Extensive experiments conducted using a real-world dataset indicated that the EPTA-T scheme surpassed the performance of the state-of-the-art scheme.
23
Mercadier, Darius, Viet Sang Nguyen, Matthieu Rivain, and Aleksei Udovenko. "OBSCURE: Versatile Software Obfuscation from a Lightweight Secure Element." IACR Transactions on Cryptographic Hardware and Embedded Systems 2024, no. 2 (March 12, 2024): 588–629. http://dx.doi.org/10.46586/tches.v2024.i2.588-629.
Full textAbstract:
Software obfuscation is a powerful tool to protect the intellectual property or secret keys inside programs. Strong software obfuscation is crucial in the context of untrusted execution environments (e.g., subject to malware infection) or to face potentially malicious users trying to reverse-engineer a sensitive program. Unfortunately, the state-of-the-art of pure software-based obfuscation (including white-box cryptography) is either insecure or infeasible in practice.This work introduces OBSCURE, a versatile framework for practical and cryptographically strong software obfuscation relying on a simple stateless secure element (to be embedded, for example, in a protected hardware chip or a token). Based on the foundational result by Goyal et al. from TCC 2010, our scheme enjoys provable security guarantees, and further focuses on practical aspects, such as efficient execution of the obfuscated programs, while maintaining simplicity of the secure element. In particular, we propose a new rectangular universalization technique, which is also of independent interest. We provide an implementation of OBSCURE taking as input a program source code written in a subset of the C programming language. This ensures usability and a broad range of applications of our framework. We benchmark the obfuscation on simple software programs as well as on cryptographic primitives, hence highlighting the possible use cases of the framework as an alternative to pure software-based white-box implementations.
24
Alazzam, Farouq Ahmad Faleh, Ali Jabbar Salih, Maher Ali Moh`d Amoush, and Fadiah Sami Ali Khasawneh. "The Nature of Electronic Contracts Using Blockchain Technology – Currency Bitcoin as an Example." Revista de Gestão Social e Ambiental 17, no. 5 (July 4, 2023): e03330. http://dx.doi.org/10.24857/rgsa.v17n5-014.
Full textAbstract:
Purpose: This study aimed to assess the extent of the use and the safety of dealing withBitcoin through blockchain technology. Method/approach: Bitcoin model applied for electronic contracts. The method of functional-cost analysis for technical and economic analysis of system development for NFT creation is used in work. Theoretical framework: Bitcoin is a currency that depends on modern technological techniques with many advantages because they are used to send and receive money over the Internet and can be used in legitimate and illegal businesses. Therefore, quick international measures must be taken to regulate them legally through unified international conventions that regulate the ways of legal dealing with them. Results and Conclusions: International laws must govern and regulate the use of Bitcoin, as it is a currency traded over the Internet and can be used in legitimate and illegal businesses. And that the smart contract, which is executable code that runs on top of the blockchain to facilitate, execute and enforce an agreement between untrusted parties without the involvement of a trusted third party, can be used, especially since the International legislation lacks a legal regulation of virtual currencies. Research implications: The findings indicated the importance of stipulating special laws that regulate the use of Bitcoin. Originality/value: This work can provide possible solutions to reduce the risks of using Bitcoin, such as stipulating laws and regulations to regulate their use internationally.
25
Mekterović, Igor, Ljiljana Brkić, and Marko Horvat. "Scaling Automated Programming Assessment Systems." Electronics 12, no. 4 (February 13, 2023): 942. http://dx.doi.org/10.3390/electronics12040942.
Full textAbstract:
The first automated assessment of student programs was reported more than 60 years ago, but this topic remains relevant and highly topical among computer science researchers and teachers. In the last decade, several factors have contributed to the popularity of this approach, such as the development of massive online courses, where large numbers of students can hardly be assessed manually, the COVID-19 pandemic with a strong online presence and physical relocation of students, and the ever-increasing shortage of personnel in the field CS. Modern Automated Programming Assessment Systems (APASs) are nowadays implemented as web applications. For such web applications, especially those that support immediate (on-demand) program assessments and feedback, it can be quite a challenge to implement the various system modules in a secure and scalable manner. Over the past six years, we have developed and actively deployed “Edgar”—a state-of-the-art APAS that enables immediate program evaluation and feedback in any programming language (SQL, C, Java, etc.). In this article, we look at the APAS web application architecture with a focus on scalability issues. We review fundamental features such as dynamic analysis and untrusted code execution, as well as more complex cases such as static analysis and plagiarism detection, and we summarize the lessons learned over the previous six years of research. We identify scalability challenges, show how they have been addressed in APAS Edgar, and then propose general architectural solutions, building blocks and patterns to address those challenges.
26
Morales-Sandoval, Miguel, José A. Molina, Heidy M. Marin-Castro, and Jose Luis Gonzalez-Compean. "Blockchain support for execution, monitoring and discovery of inter-organizational business processes." PeerJ Computer Science 7 (September 29, 2021): e731. http://dx.doi.org/10.7717/peerj-cs.731.
Full textAbstract:
In an Inter-Organizational Business Process (IOBP), independent organizations (collaborators) exchange messages to perform business transactions. With process mining, the collaborators could know what they are actually doing from process execution data and take actions for improving the underlying business process. However, process mining assumes that the knowledge of the entire process is available, something that is difficult to achieve in IOBPs since process execution data generally is not shared among the collaborating entities due to regulations and confidentiality policies (exposure of customers’ data or business secrets). Additionally, there is an inherently lack-of-trust problem in IOBP as the collaborators are mutually untrusted and executed IOBP can be subject to dispute on counterfeiting actions. Recently, Blockchain has been suggested for IOBP execution management to mitigate the lack-of-trust problem. Independently, some works have suggested the use of Blockchain to support process mining tasks. In this paper, we study and address the problem of IOBP mining whose management and execution is supported by Blockchain. As contribution, we present an approach that takes advantage of Blockchain capabilities to tackle, at the same time, the lack-of-trust problem (management and execution) and confident execution data collection for process mining (discovery and conformance) of IOBPs. We present a method that (i) ensures the business rules for the correct execution and monitoring of the IOBP by collaborators, (ii) creates the event log, with data cleaning integrated, at the time the IOBP executes, and (iii) produces useful event log in XES and CSV format for the discovery and conformance checking tasks in process mining. By a set of experiments on real IOBPs, we validate our method and evaluate its impact in the resulting discovered models (fitness and precision metrics). Results revealed the effectiveness of our method to cope with both the lack-of-trust problem in IOBPs at the time that contributes to collect the data for process mining. Our method was implemented as a software tool available to the community as open-source code.
27
Sunitha, Surarapu, Nampalli Shirisha, Batchu Teja Sai Satish, Koyalakonda Vishnu, and Timmanayanapeta Sankalp. "BLOCKCHAIN-BASED ACCESS CONTROL SYSTEM FOR CLOUD STORAGE." YMER Digital 21, no. 06 (June 16, 2022): 446–50. http://dx.doi.org/10.37896/ymer21.06/43.
Full textAbstract:
In this paper, we present a model of a multi-client framework for access control to datasets put away in an untrusted cloud climate. Distributed storage like some other untrusted climate needs the capacity to get share data. Our methodology gives an entrance command over the information put away in the cloud the supplier investment. The fundamental device of the access control instrument is a ciphertext-strategy trait-based encryption plot with dynamic credits. Utilizing a blockchain-based decentralized record, our framework gives a permanent log of all significant security occasions, for example, key age, access strategy task, change or repudiation, and access demand. We propose a bunch of cryptographic conventions guaranteeing the security of cryptographic tasks requiring mystery or private keys. Just ciphertexts of hash codes are moved through the blockchain record. The model of our framework is executed utilizing shrewd agreements and tried on the Ethereum blockchain stage. Keywords- cloud storage; attribute-based access control; ciphertext-policy attribute-based encryption; blockchain
28
Guo, Zhongfu, Xinsheng Ji, Wei You, Mingyan Xu, Yu Zhao, Zhimo Cheng, Deqiang Zhou, and Lingwei Wang. "LERMS: A Low-Latency and Reliable Downlink Packet-Level Encoding Transmission Method in Untrusted 5GA Edge Network." Entropy 25, no. 7 (June 21, 2023): 966. http://dx.doi.org/10.3390/e25070966.
Full textAbstract:
The increasing demand for end-to-end low-latency and high-reliability transmissions between edge computing nodes and user elements in 5G Advance edge networks has brought new challenges to the transmission of data. In response, this paper proposes LERMS, a packet-level encoding transmission scheme designed for untrusted 5GA edge networks that may encounter malicious transmission situations such as data tampering, discarding, and eavesdropping. LERMS achieves resiliency against such attacks by using 5GA Protocol data unit (PDU) coded Concurrent Multipath Transfer (CMT) based on Lagrangian interpolation and Raptor’s two-layer coding, which provides redundancy to eliminate the impact of an attacker’s malicious behavior. To mitigate the increased queuing delay resulting from encoding in data blocks, LERMS is queue-aware with variable block length. Its strategy is modeled as a Markov chain and optimized using a matrix method. Numerical results demonstrate that LERMS achieves the optimal trade-off between delay and reliability while providing resiliency against untrusted edge networks.
29
Xu, Yang, Guojun Wang, Jidian Yang, Ju Ren, Yaoxue Zhang, and Cheng Zhang. "Towards Secure Network Computing Services for Lightweight Clients Using Blockchain." Wireless Communications and Mobile Computing 2018 (November 13, 2018): 1–12. http://dx.doi.org/10.1155/2018/2051693.
Full textAbstract:
The emerging network computing technologies have significantly extended the abilities of the resource-constrained IoT devices through the network-based service sharing techniques. However, such a flexible and scalable service provisioning paradigm brings increased security risks to terminals due to the untrustworthy exogenous service codes loading from the open network. Many existing security approaches are unsuitable for IoT environments due to the high difficulty of maintenance or the dependencies upon extra resources like specific hardware. Fortunately, the rise of blockchain technology has facilitated the development of service sharing methods and, at the same time, it appears a viable solution to numerous security problems. In this paper, we propose a novel blockchain-based secure service provisioning mechanism for protecting lightweight clients from insecure services in network computing scenarios. We introduce the blockchain to maintain all the validity states of the off-chain services and edge service providers for the IoT terminals to help them get rid of untrusted or discarded services through provider identification and service verification. In addition, we take advantage of smart contracts which can be triggered by the lightweight clients to help them check the validities of service providers and service codes according to the on-chain transactions, thereby reducing the direct overhead on the IoT devices. Moreover, the adoptions of the consortium blockchain and the proof of authority consensus mechanism also help to achieve a high throughput. The theoretical security analysis and evaluation results show that our approach helps the lightweight clients get rid of untrusted edge service providers and insecure services effectively with acceptable latency and affordable costs.
30
Kulkarni, Pallavi, Rajashri Khanai, Dattaprasad Torse, Nalini Iyer, and Gururaj Bindagi. "Neural Crypto-Coding Based Approach to Enhance the Security of Images over the Untrusted Cloud Environment." Cryptography 7, no. 2 (May 4, 2023): 23. http://dx.doi.org/10.3390/cryptography7020023.
Full textAbstract:
The cloud provides on-demand, high-quality services to its users without the burden of managing hardware and software. Though the users benefit from the remote services provided by the cloud, they do not have their personal data in their physical possession. This certainly poses new security threats for personal and confidential data, bringing the focus back on trusting the use of the cloud for sensitive data. The benefits of the cloud outweigh the concerns raised earlier, and with an increase in cloud usage, it becomes more important for security services to evolve in order to address the ever-changing threat landscape. Advanced encryption standard (AES), being one of the most widely used encryption techniques, has inherent disadvantages related to the secret key that is shared, and predictable patterns in subkey generation. In addition, since cloud storage involves data transfer over a wireless channel, it is important to address the effect of noise and multipath propagation on the transmitted data. Catering to this problem, we propose a new approach—the secure and reliable neural cryptcoding (SARNC) technique—which provides a superior algorithm, dealing with better encryption techniques combined with channel coding. A chain is as strong as the weakest link and, in the case of symmetric key encryption, the weakest link is the shared key. In order to overcome this limitation, we propose an approach wherein the key used for cryptographic purposes is different from the key shared between the sender and the receiver. The shared key is used to derive the secret private key, which is generated by the neural key exchange protocol. In addition, the proposed approach emphasizes strengthening the sub-key generation process and integrating advanced encryption standard (AES) with low-density parity check (LDPC) codes to provide end-to-end security and reliability over wireless channels. The proposed technique was tested against research done in related areas. A comparative study shows a significant improvement in PSNR, MSE, and the structural similarity index (SSIM). The key strength analysis was carried out to understand the strength and weaknesses of the keys generated.
31
Ayeni, Bakare K., Junaidu B. Sahalu, and Kolawole R. Adeyanju. "Detecting Cross-Site Scripting in Web Applications Using Fuzzy Inference System." Journal of Computer Networks and Communications 2018 (August 1, 2018): 1–10. http://dx.doi.org/10.1155/2018/8159548.
Full textAbstract:
With improvement in computing and technological advancements, web-based applications are now ubiquitous on the Internet. However, these web applications are becoming prone to vulnerabilities which have led to theft of confidential information, data loss, and denial of data access in the course of information transmission. Cross-site scripting (XSS) is a form of web security attack which involves the injection of malicious codes into web applications from untrusted sources. Interestingly, recent research studies on the web application security centre focus on attack prevention and mechanisms for secure coding; recent methods for those attacks do not only generate high false positives but also have little considerations for the users who oftentimes are the victims of malicious attacks. Motivated by this problem, this paper describes an “intelligent” tool for detecting cross-site scripting flaws in web applications. This paper describes the method implemented based on fuzzy logic to detect classic XSS weaknesses and to provide some results on experimentations. Our detection framework recorded 15% improvement in accuracy and 0.01% reduction in the false-positive rate which is considerably lower than that found in the existing work by Koli et al. Our approach also serves as a decision-making tool for the users.
32
Saraswathy, K. S., and S. S. Sujatha. "Using Attribute-Based Access Control, Efficient Data Access in the Cloud with Authorized Search." International journal of electrical and computer engineering systems 13, no. 7 (September 30, 2022): 569–75. http://dx.doi.org/10.32985/ijeces.13.7.9.
Full textAbstract:
The security and privacy issues regarding outsourcing data have risen significantly as cloud computing has grown in demand. Consequently, since data management has been delegated to an untrusted cloud server in the data outsourcing phase, data access control has been identified as a major problem in cloud storage systems. To overcome this problem, in this paper, the access control of cloud storage using an Attribute-Based Access Control (ABAC) approach is utilized. First, the data must be stored in the cloud and security must be strong for the user to access the data. This model takes into consideration some of the attributes of the cloud data stored in the authentication process that the database uses to maintain data around the recorded collections with the user's saved keys. The clusters have registry message permission codes, usernames, and group names, each with its own set of benefits. In advance, the data should be encrypted and transferred to the service provider as it establishes that the data is still secure. But in some cases, the supplier's security measures are disrupting. This result analysis the various parameters such as encryption time, decryption time, key generation time, and also time consumption. In cloud storage, the access control may verify the various existing method such as Ciphertext Policy Attribute-Based Encryption (CP-ABE) and Nth Truncated Ring Units (NTRU). The encryption time is 15% decreased by NTRU and 31% reduced by CP-ABE. The decryption time of the proposed method is 7.64% and 14% reduced by the existing method.
33
Wharton, Tracy, Emily Costello, Vincent Lafronza, and Oscar Espinosa. "BARRIERS TO VACCINE UPTAKE IDENTIFIED BY COMMUNITY-BASED ORGANIZATIONS FOR INSITUTIONALLY UNDERSERVED GROUPS." Innovation in Aging 6, Supplement_1 (November 1, 2022): 474–75. http://dx.doi.org/10.1093/geroni/igac059.1837.
Full textAbstract:
Abstract Through a competitive proposal process for a recent funding opportunity, 38 community based organizations submitted proposals that addressed vaccine hesitancy among adults who are members of racial or ethnic minority communities. Proposals were required to include discussion of barriers identified in the community of focus and evidence to support all assertions. Submissions ranged from single employee projects to large collaborative networks, and were submitted from all regions of the US, including both tribal and territorial areas, including more than 45 ethnic and language groups. Barriers were coded by two reviewers and six (6) primary themes were identified: access related to transportation, distance, or time; lack of culturally responsive materials or sensitivity of providers; structural issues such as poor data collection, historical inequity, mistrust, or systemic racism; messages coming from untrusted sources; misinformation or no information available; and differing cultural perspectives. The most commonly identified issues were related to mistrust, historical structural issues or fear and racism (n=23), and lack of access due to transportation, distance, or time (n=17). This group of proposals for funding represent a small cross-section of communities who continue to have significant pockets of unvaccinated persons. While it is possible to see themes for barriers that are encountered in increasing vaccination rates among adults, communities demonstrate extremely nuanced realities, filtered through a range of culturally and paradigmatically different ways of knowing. Success in public health initiatives requires intensive focus on the variance across these different perspectives and careful attention to appropriately focus outreach and messaging.
34
Birman, Ken. "Session details: Safely executing untrusted code." ACM SIGOPS Operating Systems Review 37, no. 5 (December 2003). http://dx.doi.org/10.1145/3262203.
Full text
35
VAN STRYDONCK, THOMAS, FRANK PIESSENS, and DOMINIQUE DEVRIESE. "Linear capabilities for fully abstract compilation of separation-logic-verified code." Journal of Functional Programming 31 (2021). http://dx.doi.org/10.1017/s0956796821000022.
Full textAbstract:
Abstract Separation logic is a powerful program logic for the static modular verification of imperative programs. However, dynamic checking of separation logic contracts on the boundaries between verified and untrusted modules is hard because it requires one to enforce (among other things) that outcalls from a verified to an untrusted module do not access memory resources currently owned by the verified module. This paper proposes an approach to dynamic contract checking by relying on support for capabilities, a well-studied form of unforgeable memory pointers that enables fine-grained, efficient memory access control. More specifically, we rely on a form of capabilities called linear capabilities for which the hardware enforces that they cannot be copied. We formalize our approach as a fully abstract compiler from a statically verified source language to an unverified target language with support for linear capabilities. The key insight behind our compiler is that memory resources described by spatial separation logic predicates can be represented at run time by linear capabilities. The compiler is separation-logic-proof-directed: it uses the separation logic proof of the source program to determine how memory accesses in the source program should be compiled to linear capability accesses in the target program. The full abstraction property of the compiler essentially guarantees that compiled verified modules can interact with untrusted target language modules as if they were compiled from verified code as well. This article is an extended version of one that was presented at ICFP 2019 (Van Strydonck et al., 2019).
36
"A Hardware Sandbox Using Processor Virtualization for Untrusted Native Code." Applied Mechanics and Materials 519-520 (February 2014): 368–72. http://dx.doi.org/10.4028/www.scientific.net/amm.519-520.368.
Full text
37
Georges, Aïna Linn, Armaël Guéneau, Thomas Van Strydonck, Amin Timany, Alix Trieu, Dominique Devriese, and Lars Birkedal. "Cerise: Program Verification on a Capability Machine in the Presence of Untrusted Code." Journal of the ACM, September 14, 2023. http://dx.doi.org/10.1145/3623510.
Full textAbstract:
A capability machine is a type of CPU allowing fine-grained privilege separation using capabilities , machine words that represent certain kinds of authority. We present a mathematical model and accompanying proof methods that can be used for formal verification of functional correctness of programs running on a capability machine, even when they invoke and are invoked by unknown (and possibly malicious) code. We use a program logic called Cerise for reasoning about known code, and an associated logical relation, for reasoning about unknown code. The logical relation formally captures the capability safety guarantees provided by the capability machine. The Cerise program logic, logical relation, and all the examples considered in the paper have been mechanized using the Iris program logic framework in the Coq proof assistant. The methodology we present underlies recent work of the authors on formal reasoning about capability machines [15, 33, 37], but was left somewhat implicit in those publications. In this paper we present a pedagogical introduction to the methodology, in a simpler setting (no exotic capabilities), and starting from minimal examples. We work our way up to new results about a heap-based calling convention and implementations of sophisticated object-capability patterns of the kind previously studied for high-level languages with object-capabilities, demonstrating that the methodology scales to such reasoning.
38
Jiang, Zhuhan, Jiansheng Huang, and Rezina Akhter. "Protection Tiers and Their Applications for Evaluating Untrusted Code on A Linux-Based Web Server." Journal of Communications, 2015. http://dx.doi.org/10.12720/jcm.10.11.918-925.
Full text
39
Kristensen, Mads Darø. "Scavenger - Mobile Remote Execution." DAIMI Report Series 37, no. 587 (January 1, 2008). http://dx.doi.org/10.7146/dpb.v37i587.7223.
Full textAbstract:
<p>This report describes the design and implementation of a mobile, peerto- peer, remote execution system called Scavenger. A peer running Scavenger is capable of automatically discovering available, unused computing resources in its vicinity, and, by means of mobile code, utilising these resources to its own good.<br />Designing a system such as Scavenger a number of challenges are raised. In this report only the two main challenges are presented: service discovery and mobile code security.<br />Service discovery in a fixed network is a well-documented process, but mobile service discovery is less so. Scavenger assumes nothing about its operating environment—it may be executing services on stationary as well as mobile peers—and it therefore needs a highly flexible service discovery protocol.</p><p>When working with mobile code, security becomes paramount since peers are executing unknown (and thus untrusted) code. Scavenger uses the Python programming language for its mobile code, and Python does not, like for example Java, have any built-in security models that enable the user to sandbox a Python process. When using such an ”insecure” programming language in a mobile code setting, other means of securing the code must be employed. This report describes the development of such a safe execution environment where mobile Python may be executed in a secure manner.</p>
40
Olivieri, Luca, Luca Negrini, Vincenzo Arceri, Thomas Jensen, and Fausto Spoto. "Design and Implementation of Static Analyses for Tezos Smart Contracts." Distributed Ledger Technologies: Research and Practice, January 29, 2024. http://dx.doi.org/10.1145/3643567.
Full textAbstract:
Once deployed in blockchain, smart contracts become immutable: attackers can exploit bugs and vulnerabilities in their code, that cannot be replaced with a bug-free version. For this reason, the verification of smart contracts before they are deployed in blockchain is important. However, the development of verification tools is not easy, especially if one wants to obtain guarantees by using formal methods. This paper describes the development, from scratch, of a static analyzer based on abstract interpretation for the verification of real-world Tezos smart contracts. The analyzer is generic with respect to the property under analysis. This paper shows taint analysis as a concrete instantiation of the analyzer, at different levels of precision, to detect untrusted cross-contract invocations.
41
Todo, Yosuke, and Takanori Isobe. "Hybrid Code Lifting on Space-Hard Block Ciphers." IACR Transactions on Symmetric Cryptology, September 9, 2022, 368–402. http://dx.doi.org/10.46586/tosc.v2022.i3.368-402.
Full textAbstract:
There is a high demand for whitebox cryptography from the practical use of encryption in untrusted environments. It has been actively discussed for two decades since Chow et al. presented the whitebox implementation of DES and AES. The goal is to resist the key extraction from the encryption program and mitigate the code lifting of the program. At CCS2015, Bogdanov and Isobe proposed space-hard block ciphers as a dedicated design of whitebox block ciphers. It ensures that the key extraction is as difficult as the key recovery in the standard blackbox model. Moreover, to mitigate code lifting, they introduce space hardness, a kind of leakage-resilient security with the incompressibility of a huge program. For space-hard ciphers, code lifting (a partial leakage of the entire program) is useless to copy the functionality.In this paper, we consider a new attack model of space-hard block ciphers called hybrid code lifting. Space-hard block ciphers are intended to ensure security under a size-bounded leakage. However, they do not consider attackers (in the standard blackbox model) receiving the leakage by code lifting. If such attackers can recover the encryption program of a space-hard block cipher, such a cipher does not always satisfy the intention. We analyze Yoroi proposed in TCHES 2021. We introduce the canonical representation of Yoroi. Using the representation enables the recovery of the programs of Yoroi-16 and Yoroi-32 with 233 and 265.6 complexities, respectively, in spite of slight leakage. The canonical representation causes another attack against Yoroi. It breaks an authors’ security claim about the “longevity”. We additionally analyzed SPNbox proposed in Asiacrypt 2016. As a result, considering security on the hybrid code lifting, the original number of rounds is insufficient to achieve 128-bit security under quarter-size leakage.
42
Muhammed, Younus Ameen, and Raghad Zuhair Yousif Al-Maqdici. "Robust security model utilizing 4D hyper-digital chaotic sequence for Joint-polar coding and SCMA scheme based IoT applications." Engineering Research Express, December 14, 2023. http://dx.doi.org/10.1088/2631-8695/ad15b6.
Full textAbstract:
Abstract The rapid growth of Internet of Things (IoT) devices, driven by the emergence of 5G technology, necessitates faster and more secure connections for real-time data transfer. To address this, a combined approach called JPC-SCMA, which involves integrating Polar Code (PC) with sparse code multiple access (SCMA), is proposed to ensure efficient and reliable communication while minimizing errors. PC enhance hardware efficiency and throughput in 5G networks, serving as effective channel coding. SCMA enables users to decode shared resource communications, but this method introduces security concerns, especially for untrusted users. This study introduces a novel security technique for JPC-SCMA in IoT systems. It employs lightweight cipher-based security methods and a 4D-hyperdigital chaotic key generator to create necessary key sets. Simulation results confirm the effectiveness of the proposed secure system, achieving zero Bit Error Rate (BER) at SNR=9 with a small SNR penalty (1.5 dB at 10-4 BER) compared to the less secure system. The security model generates a robust key space (~10220 bits), thwarting exhaustive attacks. Model efficiency is validated through metrics such as Entropy, Similarity, correlation, Number of Pixel Changes Rate, and stands for Unified Average Change Intensity, especially when transmitting multiple digital images.
43
Schneider, Moritz, Aritra Dhar, Ivan Puddu, Kari Kostiainen, and Srdjan Čapkun. "Composite Enclaves: Towards Disaggregated Trusted Execution." IACR Transactions on Cryptographic Hardware and Embedded Systems, November 19, 2021, 630–56. http://dx.doi.org/10.46586/tches.v2022.i1.630-656.
Full textAbstract:
The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized hardware, which is readily available across modern datacenters through disaggregated infrastructure. On the other hand, trusted execution environments (TEEs), one of the most promising recent developments in hardware security, can only protect code confined in the CPU, limiting TEEs’ potential and applicability to a handful of applications. We observe that the TEEs’ hardware trusted computing base (TCB) is fixed at design time, which in practice leads to using untrusted software to employ peripherals in TEEs. Based on this observation, we propose composite enclaves with a configurable hardware and software TCB, allowing enclaves access to multiple computing and IO resources. Finally, we present two case studies of composite enclaves: i) an FPGA platform based on RISC-V Keystone connected to emulated peripherals and sensors, and ii) a large-scale accelerator. These case studies showcase a flexible but small TCB (2.5 KLoC for IO peripherals and drivers), with a low-performance overhead (only around 220 additional cycles for a context switch), thus demonstrating the feasibility of our approach and showing that it can work with a wide range of specialized hardware.
44
Sayar, Imen, Alexandre Bartel, Eric Bodden, and Yves Le Traon. "An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities." ACM Transactions on Software Engineering and Methodology, August 5, 2022. http://dx.doi.org/10.1145/3554732.
Full textAbstract:
Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code execution (RCE) if the data to deserialize is originating from an untrusted source. Deserialization vulnerabilities are so critical that they are in OWASP’s list of top 10 security risks for web applications. This is mainly caused by faults in the development process of applications and by flaws in their dependencies, i.e., flaws in the libraries used by these applications. No previous work has studied deserialization attacks in-depth: How are they performed? How are weaknesses introduced and patched? And for how long are vulnerabilities present in the codebase? To yield a deeper understanding of this important kind of vulnerability, we perform two main analyses: one on attack gadgets, i.e., exploitable pieces of code, present in Java libraries, and one on vulnerabilities present in Java applications. For the first analysis, we conduct an exploratory large-scale study by running 256 515 experiments in which we vary the versions of libraries for each of the 19 publicly available exploits. Such attacks rely on a combination of gadgets present in one or multiple Java libraries. A gadget is a method which is using objects or fields that can be attacker-controlled. Our goal is to precisely identify library versions containing gadgets and to understand how gadgets have been introduced and how they have been patched. We observe that the modification of one innocent-looking detail in a class – such as making it public – can already introduce a gadget. Furthermore, we noticed that among the studied libraries, 37.5% are not patched, leaving gadgets available for future attacks. For the second analysis, we manually analyze 104 deserialization vulnerabilities CVEs to understand how vulnerabilities are introduced and patched in real-life Java applications. Results indicate that the vulnerabilities are not always completely patched or that a workaround solution is proposed. With a workaround solution, applications are still vulnerable since the code itself is unchanged.
45
Nagy, Roland, Krisztián Németh, Dorottya Papp, and Levente Buttyán. "Rootkit Detection on Embedded IoT Devices." Acta Cybernetica, August 4, 2021. http://dx.doi.org/10.14232/actacyb.288834.
Full textAbstract:
IoT systems are subject to cyber attacks, including infecting embedded IoT devices with rootkits. Rootkits are malicious software that typically run with elevated privileges, which makes their detection challenging. In this paper, we address this challenge: we propose a rootkit detection approach for embedded IoT devices that takes advantage of a trusted execution environment (TEE), which is often supported on popular IoT platforms, such as ARM based embedded boards. The TEE provides an isolated environment for our rootkit detection algorithms, and prevents the rootkit from interfering with their execution even if the rootkit has root privileges on the untrusted part of the IoT device. Our rootkit detection algorithms identify modifications made by the rootkit to the code of the operating system kernel, to system programs, and to data influencing the control flow (e.g., hooking system calls), as well as inconsistencies created by the rootkit in certain kernel data structures (e.g., those responsible to handle process related information). We also propose algorithms to detect rootkit components in the persistent storage of the device. Besides describing our approach and algorithms in details, we also report on a prototype implementation and on the evaluation of our design and implementation, which is based on testing our prototype with rootkits that we developed for this purpose.
46
Broby, Daniel, Andrea Bracciali, and Siham Lamssaoui. "A Decentralized Marketing Model for the Online Accommodation Rental Market." Journal of Business Thought, September 2, 2022, 1–12. http://dx.doi.org/10.18311/jbt/2022/30650.
Full textAbstract:
This paper presents an infrastructure redesign of the online accommodation rental marketing model. The decentralized marketplace it proposes represents a significant Business Model Innovation (BMI) and a new normative marketing tool. We suggest it has the potential to be disruptive from an International Marketing (IM) perspective, shifting the focus from owners as agents, to a shared one with renters and agents. This is supportive of the paradigm where marketing is focused on facilitating and maintaining relationships. Using code that we developed, we illustrate how a decentralized application (dAirBnB) can promote disintermediation and can be built to optimize price discovery. Utilizing block chain technology, we show how trust originates from the distributed consensus enforced by a network of peers. This trusted interaction is facilitated between untrusted parties over the internet, thereby changing the marketing relationship. In this respect, the application and the business model are inextricably linked. Enabled by the technology, we propose a monetization of reputation, which introduces the concept of good behaviour as an asset in a marketing context. We explore the implications of this for both BMI and IM. Our approach would increase the quality and quantity of information in online rentals, both major dimensions of marketing advantage. The dominant position of AirBnB represents a limitation on the implementation of our approach and would be an area for policy makers to focus on.
47
Cui, Jinhua, Shweta Shinde, Satyaki Sen, Prateek Saxena, and Pinghai Yuan. "Dynamic Binary Translation for SGX Enclaves." ACM Transactions on Privacy and Security, May 2, 2022. http://dx.doi.org/10.1145/3532862.
Full textAbstract:
Enclaves, such as those enabled by Intel SGX, offer a hardware primitive for shielding user-level applications from the OS. While enclaves are a useful starting point, code running in the enclave requires additional checks whenever control or data is transferred to/from the untrusted OS. The enclave-OS interface on SGX, however, can be extremely large if we wish to run existing unmodified binaries inside enclaves. This paper presents Ratel , a dynamic binary translation engine running inside SGX enclaves on Linux. Ratel offers complete interposition , the ability to interpose on all executed instructions in the enclave and monitor all interactions with the OS. Instruction-level interposition offers a general foundation for implementing a large variety of inline security monitors in the future. We take a principled approach in explaining why complete interposition on SGX is challenging. We draw attention to 5 design decisions in SGX that create fundamental trade-offs between performance and ensuring complete interposition, and we explain how to resolve them in the favor of complete interposition. To illustrate the utility of the Ratel framework, we present the first attempt to offer binary compatibility with existing software on SGX. We report that Ratel offers binary compatibility with over 200 programs we tested, including micro-benchmarks and real applications such as Linux shell utilities. Runtimes for two programming languages, namely Python and R, tested with standard benchmarks work out-of-the-box on Ratel without any specialized handling.
48
Wu Xiao-Dong and Huang Duan. "Plug-and-play discrete modulation continuous variable quantum key distribution based on non-Gaussian state-discrimination detection." Acta Physica Sinica, 2023, 0. http://dx.doi.org/10.7498/aps.72.20222253.
Full textAbstract:
modulation continuous variable quantum key distribution can generate local oscillator light locally without using two independent lasers, and both signal light and local oscillator are generated from the same laser, which can effectively ensure the practical security of the system and have a good same frequency characteristic. In addition, this scheme has good compatibility with efficient error correction codes, and can achieve high reconciliation efficiency even at low signal-to-noise ratio. However, the plug-and-play configuration based on the untrusted source model exists large excess noise, which seriously limits the maximum transmission distance of the discrete modulation scheme. To solve this problem, we propose a plug-and-play discrete modulation continuous variable quantum key distribution based on non-Gaussian state-discrimination detection. That is to say a non-Gaussian state-discrimination detector is deployed at the receiver. With adaptive measurement method and Bayesian inference, four non-orthogonal coherent states which are based on four-state discrete modulation can be unconditionally distinguished under the condition that the error probability is lower than the standard quantum limit. We analyze the security of the proposed protocol by considering both asymptotic limit and finite-size effect. Simulation results show that the secret key rate and maximum transmission distance are significantly enhanced by using no-Gaussian state-discrimination detection even under the impact of the untrusted source noise compared with the original plug-and-play discrete modulation continuous variable quantum key distribution. These results indicate that the proposed scheme can effectively reduce the negative influence of the untrust source noise on the performance of the plug-and-play discrete modulation continuous variable quantum key distribution protocol. The proposed protocol can not only guarantee the practical security of the continuous variable quantum key distribution system, but also achieve more efficient and longer transmission distance quantum key distribution.
49
Li, Shimin, Xin Wang, and Rui Xue. "Toward Both Privacy and Efficiency of Homomorphic MACs for Polynomial Functions and Its Applications." Computer Journal, May 22, 2021. http://dx.doi.org/10.1093/comjnl/bxab042.
Full textAbstract:
Abstract Homomorphic message authentication codes (MACs) allow a user to outsource data to an untrusted server and verify the correctness of returned computation results over the outsourced data. Many cloud applications need delegation computations over outsourced data with dual capabilities. On one hand, they need to keep the outsourced data secret such that the server cannot trace and infer any sensitive information from the computation results. On the other hand, the user should be able to efficiently verify the computation results. Unfortunately, the state-of-the-art homomorphic MAC schemes are not so desirable due to either poor privacy or low verification efficiency. In this paper, we first put forward a new cryptographic primitive called privacy-preserving homomorphic MACs (PHMAC) that simultaneously provides data privacy and efficient verification. Then, we present a PHMAC construction capable for the evaluation of polynomials of fixed degree $d\geq 1$, in which the tag does not reveal any information of underlying authenticated data while being verifiable in constant time (in an amortized sense). As an application, we give a generic construction of homomorphic authenticated encryption (HAE) from proposed PHMAC and homomorphic encryption. Benefited from the functionalities of underlying PHMAC scheme, the derived HAE enjoys stronger authenticity and supports larger classes of functions than that of Lai et al. (Verifiable Computation on Outsourced Encrypted Data. In Computer Security—ESORICS 2014—19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7–11, Part I, pp. 273–291. Springer, Berlin). Such HAE enables verifiable delegation computations over growing outsourced encrypted data in an efficient way.