The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Software memory disclosure attacks, such as buffer over-read, often work quietly and may cause leakage of secrets. The well-known OpenSSL Heartbleed vulnerability leaked out millions of servers' private keys, and caused most of Internet services insecure during that time. Existing solutions are either hard to apply to large code bases, or too heavyweight (e.g. by involving a hypervisor software or...
Computational methods have become an important part of gene delivery research, as they allow researchers to experiment with different models of cellular processes. Models of the gene delivery process based on telecommunication theory make this experimentation especially efficient. Therefore, this paper presents a specialised FPGA-accelerated heterogeneous architecture for simulating the gene delivery...
Many of the defenses proposed to defend against exploitation of memory corruption vulnerabilities rely on the randomization of addresses in the process space of a binary. Oxymoron is an exploit mitigation mechanism for x86 processors that relies on reorganizing the instructions in an Executable and Linkable Format(ELF) file to enable randomization at a page level. Sigreturn Oriented Programming(SROP)...
To reduce CPU, memory and bandwidth usage as cloud platform security consumption, and to prevent vulnerabilities that brought in by VM based antivirus software, we propose an agentless processes monitoring architecture for cloud platform. To demonstrate this architecture, we modified KVM kernel, programed OpenStack plugins, added security module on both management and compute node in a cloud platform...
Many recent data intensive parallel systems builds with cost effective hardware and combine compute and storage facilities. Since bandwidth-bisecting networks are the norm, distributing jobs near data provides significant performance improvements. However, the data locality information is not easily available to the programmer. It requires interaction with file system internals, or the adoption of...
Web rootkits Trojan, which can download virus from remote control server and hide in BIOS, is very harmful to web security. Reverse assembly analysis on web rootkit Trojan can help virus analyzer to trace malicious code and find some immunization methods. The paper presents deeply reverse analysis methods of web rootkit Trojan according to malicious assembly codes. The MASM assembly instructions in...
This paper presents a study on long latency failures using accelerated fault injection. The data collected from the experiments are used to analyze the significance, causes, and characteristics of long latency failures caused by soft errors in the processor and the memory. The results indicate that a non-negligible portion of soft errors in the code and data memory lead to long latency failures. The...
Private computing on public platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP must secure its encryption keys to ensure that application isolation is robust and reliable. To this end we offer a protection scheme for PCPP encryption keys. In this paper we first discuss a commonly used key storage...
As more and more embedded network devices appear, in order to meet changes of the function requirement or to fix bugs of software, these devices need to be online-updated at any moment. However, the online-update which updates the applications or the kernel of the embedded devices should be completed in the bootloader for safety considerations. Restricted by the storage capacity, the embedded device...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.