The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security by isolation is a longstanding, widely applied, and useful paradigm for achieving security goals such as data and code integrity, confidentiality, and availability. Security by isolation can be used to create Trusted Execution Environments. These environments provide specific security guarantees to the information processing taking place therein. In an Industrial Control System secure control...
This paper proposes a chronological probability model of photovoltaic (PV) generation on the basis of conditional probability and nonparametric kernel density estimation. In addition to randomness of PV power, the correlation of PV powers between adjacent time points and the uncertainty of start and end moments of PV output can be represented. The proposed model can be employed to produce random PV...
Nowadays, there is a trend to integrate trusted computing concepts into autonomic systems. In this context, the Trusted Execution Environment (TEE) was designed to enrich the previously defined trusted platforms. TEE is commonly known as an isolated processing environment in which applications can be securely executed irrespective of the rest of the system. In this work, we propose an architecture...
Memory analysis is now used routinely for incident response and forensic applications. Current memory analysis techniques are very effective in finding kernel artifacts of significance to the forensic investigator. However, the analysis of user space applications has not received enough attention so far. We identify the lack of pagefile support in analysis and acquisition as a major hurdle in the...
Mobile devices have become so prevalent in human's life. Mobile operating systems (MOS) will be the next big thing in operating systems to provide security protection to mobile devices. Compared to desktop operating systems, MOS are so new in their life cycle. In this paper, we present the future directions to develop MOS to protect devices and data. We also discuss approaches that could be used to...
In a spliced blurred image, the spliced region and the original image may have different blur types. Splicing localization in this image is challenging when a forger uses image resizing as anti-forensics to remove the splicing traces anomalies. In this paper, we overcome this problem by proposing a method for splicing localization based on partial blur type inconsistency. In this method, after the...
Access to information in a timely manner is becoming more and more important in military operations. This also includes exchange of information between different security domains. Traditionally security domains have been physically separated to avoid loss of confidentiality. Information exchange between domains has been limited to specialized solutions or manual intervention. In this paper we present...
Nowadays, contact less payment solutions with credit cards based on a mobile phone have significant advantages in transaction speed and users' convenience. Especially, for merchants, a smartphone can be one of an acceptance payment solutions because it is easy for them to use with little additional price if they could use their own smartphone as it is. However, there are still many concerns on using...
Page-based virtual memory improves programmer productivity, security, and memory utilization, but incurs performance overheads due to costly page table walks after TLB misses. This overhead can reach 50% for modern workloads that access increasingly vast memory with stagnating TLB sizes.
Security concerns are widely seen as an obstacle to the adoption of cloud computing solutions and although a wealth of law and regulation has emerged, the technical basis for enforcing and demonstrating compliance lags behind. Our Cloud Safety Net project aims to show that Information Flow Control (IFC) can augment existing security mechanisms and provide continuous enforcement of extended. Finer-grained...
In this paper, we point out that SRM (Spatial-domain Rich Model), the most successful steganalysis framework of digital images possesses a similar architecture to CNN (convolutional neural network). The reasonable expectation is that the steganalysis performance of a well-trained CNN should be comparable to or even better than that of the hand-coded SRM. However, a CNN without pre-training always...
Moving target defense is an area of network security research in which machines are moved logically around a network in order to avoid detection. This is done by leveraging the immense size of the IPv6 address space and the statistical improbability of two machines selecting the same IPv6 address. This defensive technique forces a malicious actor to focus on the reconnaissance phase of their attack...
A Hypervisor at the same time agrees a single system to run two or additional operating systems. To gather forensic proof of examined activities or attacks against the system, the evidence kept in logs of a system plays an important role. In this paper, we have analyzed logs, snapshots and also the network connectivity of guest and host operating systems. We have studied different virtualization systems...
With the wide application of embedded technology and its products, much attention has been turned to the development of program to improve the safety and reliability of embedded devices. In this paper, we present a construct program of embedded trusted computing environment based on QEMU virtual machine architecture. The proposed program, simulates functions of trusted cryptographic modules by software,...
Hypervisors are becoming increasingly ubiquitous with the growing proliferation of virtualized data centers. As a result, attackers are exploring vectors to attack hypervisors, against which an attack may be executed via several attack vectors such as device drivers, virtual machine exit events, or hyper calls. Hyper calls enable intrusions in hypervisors through their hyper call interfaces. Despite...
To reduce CPU, memory and bandwidth usage as cloud platform security consumption, and to prevent vulnerabilities that brought in by VM based antivirus software, we propose an agentless processes monitoring architecture for cloud platform. To demonstrate this architecture, we modified KVM kernel, programed OpenStack plugins, added security module on both management and compute node in a cloud platform...
Air Traffic Management (ATM) in the FAA's NEXTGEN as well as the European SESAR has embraced the concept of System Wide Information Management (SWIM) as the means to improve data exchange between various applications in different domains such as flight data management, weather and aeronautical information management. Enabling SWIM is a challenging change for ATM. Although many building blocks are...
Defocus blur has been used as a cue in image splicing detection. At present, existing methods mainly rely on consistency checking of defocus kernels estimated along suspicious edges (and other reference edges if applicable). However, the texture, nearby edges, light fields as well as noises will influence the information of defocus blur at the natural edges in a certain range, resulting in inconsistent...
To ensure that the potential evidence is readily available in an acceptable form when an incident or a crime occurs, we propose a resource-based event reconstruction prototype that corresponds to different phases of digital forensics framework, and demonstrate its feasibility by assessing the applicability of existing open-source applications to the proposed prototype. The feasibility study results...
Checking the integrity of an application is necessary to determine if the latter will behave as expected. The method defined by the Trusted Computing Group consists in evaluating the fingerprints of the hardware and software components of a platform required for the proper functioning of the application to be assessed. However, this only ensures that a process was working correctly at load-time but...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.