The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The number of on-chip embedded instruments required for testing, debugging, and monitoring integrated circuits (ICs) has increased dramatically. The IEEE 1687 (IJTAG) standard can allow efficient access to these embedded instruments by dynamically reconfiguring the scan chain using Segment Insertion Bits (SIBs). Unfortunately, instruments that require a large amount of test data and several accesses...
Security is a major issue nowadays for the embedded systems community. Untrustworthy authorities may use a wide range of attacks in order to retrieve critical information. This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) on ARM-based SoCs (e.g. Xilinx Zynq). Current DIFT implementations suffer from two major drawbacks. First, recovering required...
Security in embedded systems remains a major concern. Untrustworthy authorities use a wide range of software attacks. This demo introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) implementations on ARM-based SoCs. DIFT is a solution that consists in tracking the dissemination of data inside the system and allows to enforce some security properties. In this demo,...
As the Android app market keeps growing, there is a pressing need for automated tool supports to empower Android developers to produce quality apps with higher productivity. Yet existing tools for Android mostly aim at security and privacy protection, primarily targeting end users and security analysts. Towards filling this gap, we present DROIDFAX, a toolkit that targets the developers to help them...
Increased interest in security has resulted in greater demand for automated test systems to comply with security standards. Automated test systems have traditionally been operated in isolated environments because of their unique characteristics. However, changes in United States defense acquisition regulations require that defense contractors bring these test systems into compliance with National...
Internet of Things (IoT) services are increasingly deployed at the edge to access and control Things. The execution of such services needs to be monitored to provide information for security, service contract, and system operation management. Although different techniques have been proposed for deploying and executing IoT services in IoT gateways and edge servers, there is a lack of generic policy...
Attacks targeting software on embedded systems are becoming increasingly prevalent. Remote attestation is a mechanism that allows establishing trust in embedded devices. However, existing attestation schemes are either static and cannot detect control-flow attacks, or require instrumentation of software incurring high performance overheads. To overcome these limitations, we present LO-FAT, the first...
Many restructured power markets rely on Financial Transmission Rights (FTRs). FTRs are financial contracts that entitle the holder to a stream of revenues (or charges) based on the day-ahead hourly congestion price difference across an FTR related energy path. Holders obtain FTRs through an auction mechanism relying on the solution of a specially formulated OPF problem. FTR holders then receive or...
At school, ICT become a constituent element of the teaching process and learning and teachers should provide to all students the same opportunities and conditions at the level of digital literacy, particularly through new and different approaches of content. In this sense, this research aimed to find out whether the Internet is safe for children in the primary school and the most suitable preventive...
Dynamic Binary Modification (DBM) tools are useful for cross-platform execution of binaries and are powerful run time environments that allow execution optimizations, instrumentation and profiling. These tools have also been used as enablers for control-flow integrity verification, a process that consists in the observation and analysis of a program's execution path focusing on the detection of anomalies,...
In this paper, a method about how to identify insecure behaviors of browser extensions is proposed. Typically, the identification of insecure extension behaviors is based on knowledge which is got by investigating known malicious or vulnerable extensions. We present an automatic technique that can ease the laborious manual investigating process. Our technique mines the difference between the behavior...
After careful consideration of security problems of WiMAX network and based on the specification of the WiMAX itself, in this paper we have taken a novel approach to these issues by designing a WiMAX-based energy efficient intrusion detection system that has better performance and is more efficient. Our investigations indicate that this intrusion detection system can provide both an acceptable application...
The designed system is a multi-point home security system, which uses the micro-controller AT89S52 as the core. The system mainly realizes the detection alarms of the multi-point home security based on the star networking of sensors, including position detection alarms and type detection alarms. The system also can display real-time time(Normal situation), alarm type and alarm time (when alarming)by...
Service Oriented Architectures are nowadays used in a wide range of organizations to support critical daily operations. Although the underlying services should behave in a secure manner, they are often deployed with bugs that can be maliciously exploited. The characteristics of service-based environments open the door to security challenges that must be handled properly, including services under the...
Despite the growing attention to security concerns and advances in code verification tools, many memory errors still escape testing and plague production applications with security vulnerabilities. We present RCORE, an efficient dynamic program monitoring infrastructure to perform automated security vulnerability monitoring. Our approach is to perform extensive static analysis at compile time to automatically...
Mobile devices such as smartphones have gained more and more attention from security researchers and malware authors, the latter frequently attacking those platforms and stealing personal information. Vehicle on-board networks, in particular infotainment systems, are increasingly connected with such mobile devices and the internet and will soon make it possible to load and install third party applications...
It is difficult to develop a program that is completely free from vulnerabilities. Despite the application of many approaches to secure programs, vulnerability exploitations occur in real-world in large numbers. Exploitations of vulnerabilities may corrupt memory spaces and program states, lead to denial of services and authorization bypassing, and leak sensitive information. Monitoring at the program...
Extension of web browser capability has introduced variety of security problems. Attackers exploit vulnerabilities found in internals of web browsers or plugins to compromise the system and execute arbitrary code. In this paper, we present a filtering method which blocks malicious routines from being executed. Filtering is done by keeping a blacklist of dangerous routines and arguments separately...
An Agent-Based Provenance Architecture is described that supports the automated capture of provenance in a variety of domains, including physical and biological sciences, data ware-housing, workflow management systems, document management systems and geographic information systems. Disparate systems can store provenance of creation, ownership, transformation and other lineage using transparent, machine-understandable...
A survey of dynamic taint propagation (DTP) was provided. It summarized the advantages and disadvantages of several DTP techniques which are based on debugger, binary instrumentation and virtual machine, proposed a series of problems of DTP which are worth to further research and gave the development trends of DTP techniques.
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.