The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Behavior-based analysis of dynamically executed binaries has become a widely used technique for the identification of suspected malware. Most solutions rely on function call patterns to determine whether a sample is exhibiting malicious behavior. These system and API calls are usually regarded individually and do not consider contextual information or process inter-dependencies. In addition, the patterns...
Memory error exploits rank among the most serious security threats. Of the plethora of memory error containment solutions proposed over the years, most have proven to be too weak in practice. Multi-Variant eXecution (MVX) solutions can potentially detect arbitrary memory error exploits via divergent behavior observed in diversified program variants running in parallel. However, none have found practical...
There is a clear, outstanding need for new security mechanisms that allow data to be managed and controlled within the cloud-enabled Internet of Things. Towards this, we propose an approach based on Information Flow Control (IFC) that allows: (1) the continuous, end-to-end enforcement of data flow policy, and (2) the generation of provenance-like audit logs to demonstrate policy adherence and contractual/regulatory...
Wireless Sensor Networks enable flexibility, low operational and maintenance costs, as well as scalability in a variety of scenarios. However, in the context of industrial monitoring scenarios the use of Wireless Sensor Networks can compromise the system's performance due to several factors, being one of them the presence of outliers in raw data. In order to improve the overall system's resilience,...
Existing VMI techniques have high overhead, and require customized introspection programs/tools for different guest OS versions - lack of generality. In this paper, we present Shadow Context, a system for close-to-real time manual-effort-free VMI. Shadow Context can meet several important real-world VMI needs which existing VMI techniques cannot. Compared to other automatic introspection tool generation...
Benchmarking numerous programs in a reasonable time requires the use of several (potentially multicore) computers. We experimented such a situation in the context of the MCC (Model Checking Contest @ Petri net) where we had to operate more than 52000 runs for the 2013 edition. This paper presents BenchKit, a tool to operate programs on sets of potentially parallel machines and to gather monitoring...
The increasing use of runtime-compiled applications provides an opportunity for coarse-grained reconfigurable architecture (CGRA) accelerators to be used in a user-transparent way. The challenge is to provide efficient runtime translation for CGRAs. Despite the apparent difficulties stemming from the heterogeneous nature of CGRAs, this paper demonstrates that it is possible to speed up runtime-compiled...
While provenance research is common in distributed systems, many proposed solutions do not address the security of systems and accountability of data stored in those systems. In this paper, we survey provenance solutions which were proposed to address the problems of system security and data accountability in distributed systems. From our survey, we derive a set of minimum requirements that are necessary...
Kernel drivers are usually provided in the form of loadable kernel extensions, which can be loaded/unloaded dynamically at runtime and execute with the same privilege as the core operating system kernel. The unrestricted security access from the drivers to the kernel is nevertheless a double-edged sword that makes them susceptible targets of trojan attacks. Given a benign driver, it is now easy to...
In self-adapting embedded real-time systems, operating systems and software provide mechanisms to self-adapt to changing requirements. Autonomous adaptation decisions introduce novel risks as they may lead to unforeseen system behavior that could not have been specified within a design-time model. However, as part of its functionality the operating system has to ensure the reliability of the entire...
Inadvertent data disclosure by insiders is considered as one of the biggest threats for corporate information security. Data loss prevention systems typically try to cope with this problem by monitoring access to confidential data and preventing their leakage or improper handling. Current solutions in this area, however, often provide limited means to enforce more complex security policies that for...
This paper provides an overview of some principles and mechanisms to securely operate mixed-criticality real-time systems on embedded platforms. Those principles are illustrated with PharOS a complete set of tools to design, implement and execute real-time systems on automotive embedded platforms. The keystone of this approach is a dynamic time-triggered methodology that supports full temporal isolation...
Conventional privilege separation can effectively reduce the TCB size by granting privilege to only the privileged compartments. However, since they this approach relies on process isolation to ensure security assurance, malware exploiting against kernel components can easily compromise. Meanwhile, the frequent inter-process communications between separated processes inevitably incur notable overhead...
Integrity measurement is a key issue in building trust in distributed systems. A good solution to integrity measurement has to provide both strong isolation between the measurement agent and the measurement target and time of check to time of use (TOCTTOU) consistency (i.e., the consistency between measured version and executed version throughout the lifetime of the target). Unfortunately, none of...
Automotive industrials aim to reduce quantity of execution control units (ECU) in order to control vehicle cost and energy consumption. Following this trend, next-generation of automotive body/engine controllers will integrate more real-time functions on a same ECU with different safety levels and application domains. To reach this new challenge, safety must therefore be improved to ensure no interference...
Traditional monitoring techniques are not suitable for embedded systems because they could incur significant overhead. This paper proposes a lightweight dynamic performance monitoring framework for embedded systems focusing on reducing the dynamic monitoring overhead. With the introduction of a target-host separation and cooperation model, the target (embedded) system only needs to perform minimal...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.