ABSTRACT. Unmanned Aerial Vehicles (UAVs) are no longer exclusively military and scientific solutions. These vehicles have been growing in popularity among hobbyist and also as industrial solutions for specific activities. The flying characteristics and the absence of a crew on board of these devices allow them to perform a wide variety of activities, which can be inaccessible to humans or may threat their life. Despite the advantages, they also bring up major concerns regarding security breaches in the flight controller software, which may lead to security (e.g., vehicle hijacking by attackers), safety (e.g., crashing the vehicle into a planned area or building), or privacy (e.g., eavesdropping or stealing video footage) problems. GPS spoofing is one the main threat of UAVs. The predictability and knowledge of GPS signal properties, create conditions to attackers to assume control of the UAV and use it for their own objectives. In this paper the GPS spoofing effect on UAV is analyzed through a series of tests,under a simulation environment. The results are shown as deviation from the original trajectory and attack success, and analyzed over time and by attack type.

ABSTRACT. Near-future Internet-of-Things (IoT) systems are comprised of autonomous, highly interactive and moving objects that require frequent handshakes to exchange information in the order of one-second intervals. Prime examples of prominence are drones and self-driving cars. In these scenarios, data integrity, confidentiality, and privacy protection are of critical importance. Such systems run complex functions for data acquisition and distribution. There is a growing need to design practical methods for data protection of distributed information among such emerging IoT systems. This paper proposes Dynamic Policy-based Access Control (DynPolAC) as a model for protecting information in such networks. We construct a new access control policy language that satisfies system properties of highly dynamic IoT environments. Our access control engine is comprised of a rule parser and a checker to process policies and update them at run-time with minimum service disruption. DynPolAC achieves more than 7x performance speed improvements when compared to previously proposed methods.

ABSTRACT. The Internet of Things (IoT) is a network comprised of heterogeneous devices that can exchange data without requiring human-to-human or human-to-computer interactions. However, there are various vulnerabilities found due to the heterogeneity of the IoT network. Moreover, the mobility of IoT devices causes potential dynamic changes to the attack surfaces of IoT networks. As a result, static network security analysis approaches cannot capture these changes. In order to address this problem, we present an IoT security assessment approach by modelling different movement patterns of mobile IoT devices. Graphical security models are used in conjunction to evaluate the security of the IoT networks taking into account the mobility of the IoT devices. Further, we use various security metrics to analyze the security of the network to show the changing security posture when mobility is taken into account. The feasibility of the proposed approach is demonstrated by analyzing the security of an example mobile IoT network using three existing synthetic mobility models: Random Waypoint, Gauss-Markov and Reference Point Group. The experimental analysis shows the changing attack surface of the IoT networks when mobile devices are considered.

ABSTRACT. An array with spares on four sides and the restructuring algorithm for it were proposed in \cite{One-and-HalfKung}. However, the restructuring algorithm described in \cite{One-and-HalfKung} is too complicated to be realized in hardware. So, the neural algorithm and the neural network corresponding to it were proposed in \cite{DNC-Takanami}, However, the hardware overhead is not small and further, needs the clock for the state transition in the neural network, which leads to slow restructuring time. Here, we propose a method to improve such the situation. First, the array is considered to be an ($N+2$) $\times$ ($N+2$) array if four PEs are added to the four corners of the array and the spares are included. The ($N+2$) $\times$ ($N+2$) array is divided into four subarrays, each of which is of size ($N/2+1$)$\times$($N/2+1$), and the orthogonal side rotation introduced here is individually applied to each subarray. The reliabilities are given by computer simulation. They fairly increase, comparing with those in \cite{One-and-HalfKung}.

ABSTRACT. Metamorphic testing has been advocated as a possible approach to testing of systems that have no useful test oracles; but it has not often been applied in practice. Here we report some of the results of applying metamorphic testing to real-world e-commerce product search engines.

ABSTRACT. Threats posed by side-channel and covert-channel attacks exploiting the CPU cache to compromise the confidentiality of a system raise serious security concerns. This applies especially to systems offering shared hardware or resources to their customers. As eradicating this threat is practically impeded due to performance implications or financial cost of the current mitigation approaches, a detection mechanism might enhance the security of such systems. In the course of this work, we propose an approach towards side-channel attacks detection, considering the specificity of cache-based SCAs and their implementations.

ABSTRACT. Abstract—Approximate adders have become a focus of approximate circuit design. However, there has been a lack of appropriate methods to evaluate their reliability. The existing analytical methods for accurate circuits can not be applied to approximate circuits directly, and the Monte-Carlo simulation is time-consuming. Some metrics such as worst case error, error distance, mean error distance and normalized error distance have been used to describe the reliability characters and arithmetic performance of approximate circuits, but they can not directly calculate the reliability. This paper presents two methods for approximate adders reliability estimation based on the probabilistic transfer matrix (PTM) model. The first method takes the sum of the probabilities of all acceptable outputs as the probability of acceptable result corresponding to each input. The second method calculates the probability of acceptable result according to the deviation between the acceptable output and exact output. The reliability of approximate adders is calculated by combining the probabilities of the input vectors and those of the corresponding acceptable results. Experimental results demonstrate the validity and accuracy of the proposed methods.

ABSTRACT. The majority of malicious mobile attacks take advantage of vulnerabilities in mobile applications, such as sensitive data leakage via inadvertent or side channel, unsecured sensitive data storage, data transmission, and many others. Most of these mobile vulnerabilities can be detected in the mobile software testing phase. In this paper, we describe mobile software security risk assessment with program analysisbased approaches.

ABSTRACT. While cloud computing platform becomes popular and works as a platform for network function virtualization (NFV), the security of the cloud also becomes an important subject. However, although there are many works about security mechanisms, there has not been much research into what problems can occur when these conventional mechanisms are applied to the cloud system. Thus, we have given more attention to the robustness of communications resided in the cloud, not security mechanism itself, and found that security threats could arise from communication between cloud services and identification process. To cope with this problem, we propose three approaches: integrative identification system in a single cloud service, action-based token authorization, and partially encrypted communication between the identification system and cloud services. By implementing these approaches to open-source cloud computing platform, Openstack, we show that our approaches are feasible.

ABSTRACT. Software Fault Injection (SFI) is a widely used technique to experimentally assess the dependability of software systems. To provide a comprehensive view on the dependability of a software under test, SFI typically requires large numbers of experiments, which leads to long test latencies. In order to reduce the overall test duration for SFI, we propose FastFI, which (1) avoids redundant executions of common path prefixes for faults in the same injection location, (2) avoids test executions for faults that do not get activated, and (3) utilizes parallel processors by executing SFI tests concurrently. FastFI takes patch files that specify source code mutations as an input, conducts an automated source code analysis to identify the function they target, and then automatically parallelizes the execution of all mutants that target the same function. Our evaluation of FastFI on four PARSEC benchmarks shows a SFI test latency reduction of up to a factor of 26.

ABSTRACT. With the continuous sub-micron process scaling, reliability of integrated circuits has quickly become a first-order design concern. In modern computing systems, transient errors are increasingly likely to corrupt the computation by altering the control flow or sequencing of instructions, leading to catastrophic failures. Prior work on control flow checking provides good coverage but at a high cost. In this paper, by exploring regular control flow patterns found in most applications, we propose the optimization schemes for software signature control flow checking that could reduce the error detection overheads. Specifically, we leverage the fact that most applications have: (1) simple fan-in/ fan-out control flow patterns, and (2) most of control flows can be predicted during the compilation stage through static branch prediction heuristics. By exploiting these opportunities, we propose two techniques to reduce the number of inserted codes at common paths and simplify control flow checking of irregular patterns with minimal overheads. Experimental results on a variety of applications demonstrate that our approaches could reduce checking overhead by almost 2.5x on average while leading to similar fault coverage compared to traditional control flow checking.

ABSTRACT. In this paper, we present Full Duplication and Selective Comparison (FDSC), which is a new software-based technique for data error detection. The proposed technique merges the ideas of duplication and comparison mechanisms from two different techniques because they proved to be the best according to our previous empirical study “in press” [1]. In this way, FDSC benefits from improvements in overhead and fault detection ratio. We evaluate our technique by comparing it with the following three techniques: error detection by diverse data and duplicated instructions (〖ED〗^4 I), critical block duplication (CBD) and software implemented fault tolerance (SWIFT). Results show that code size and execution time overhead of FDSC improved by 43.5% and 22.2%, respectively compared to 〖ED〗^4 I. When compared to the average of CBD and SWIFT, results have shown the fault detection ratio of FDSC is improved by 33% with a minimum reduction in code size and execution time overhead.

ABSTRACT. This paper proposes a new class of convolutional codes that are used in RAID, and compares their tolerating capabilities with existing MDS codes, they can solve erasure situations that the existing MDS codes of the same rate fail to solve for RAID.

ABSTRACT. We propose a lightweight behavior rule specification-based monitoring technique with which misbehavior of an embedded IoT device manifested as a result of attacks exploiting the vulnerability exposed may be detected through automatic model checking and formal verification, regardless of whether the attack is known or unknown. We verify that our rule specification-based misbehavior detection technique outperforms contemporary anomaly-based misbehavior detection techniques for an unmanned aerial vehicle (UAV) cyber physical system.

ABSTRACT. In Software-Defined Networking (SDN) it is important to efficiently partition the rule table into sub-tables and distribute them to the multiple switches over the network. In this paper we proposed an optimal rule table distribution strategy by applying satisfiability (SAT)-based approach. N-coloring problem for partitioning is formulated as conjunctive normal form (CNF), and by repeatedly running SAT solver we can obtain maximum number of partitions.

ABSTRACT. Progress in IT has resulted in great improvements in convenience. However, IT can cause failures that have significant negative impacts such as system failures. In order to improve these circumstances, it is important to accumulate and analyze numerous past failure cases. In order to achieve this purpose, the authors have applied machine learning to a previously accumulated failure database. We have constructed a mechanism by which to calculate the degree of similarity between documents by two methods. One method uses the appearance frequency of words, and the second method uses the appearance probability of each topic extracted from the whole document. In the present paper, focusing on communications network failures, we realized a function by which to extract past failure cases similar to inquiry inputs, as new failures. A detailed analysis and comparison of these results extracted by these two methods are presented.

ABSTRACT. This paper proposes a method to protect block chains, which is transaction records in virtual currency such as Bitcoin, from majority voting attacks. In the proposed method, it is difficult to acquire consecutive blocks by increasing the difficulty level of the search problem for the node that acquired the block.

ABSTRACT. In this contribution, we provide insights on the practical feasibility, effectiveness, and validation of a software-based fault-tolerance architecture we developed for use aboard small satellites. We exploit thread-level coarse-grain lockstep to facilitate forward-error-correction and assures computational correctness on an FPGA-based MPSoC. It can be implemented using standard open-source and FPGA design tools, requires only standard COTS components, and is processor architecture and operating system agnostic.

ABSTRACT. Combinatorial Interaction Testing (CIT) is a well practiced strategy for testing of software systems. Ordinary CIT detects faults caused by interactions of parameters but cannot locate faulty interactions. This paper addresses the problem of adding fault localization capability to CIT. This is done by means of fault locating suites of test cases, which are named constrained locating arrays. An algorithm that derives a constrained locating array from a test suite for ordinary CIT is proposed. Experimental results show that the new algorithm can construct constrained locating arrays for fairly large sized problem instances in reasonable time.

ABSTRACT. Information on the identity of functions is typically removed when translating source code to executable form. Yet being able to recognize specific functions opens up a number of applications. In this paper, we investigate normalization-based approaches for the purposes of aiding the reverse engineer and as an enabler for the rejuvenation of legacy binaries. We iteratively refine our methods and report on their effectiveness. Our results show that a naive approach can be surprisingly effective in both problem domains. Further, our evaluation looks into more advanced normalization techniques and finds that their practicality varies significantly with the problem domain.

ABSTRACT. In NB-IoT systems, UEs with poor signal quality employ more repetitions to compensate for additional signal attenuation. Excessively high CE levels and repetitions of UEs lead to wastage of valuable wireless resources, whereas inadequate CE levels and repetitions result in data retrieval failure at the receiving end. Therefore, a machine learning-based adaptive repetition scheme for a 3GPP NB-IoT system is proposed in this work to effectively improve overall network transmission efficiency. The results of simulation show the effect of the discount factor γ on the convergence behavior of the proposed scheme, with a lower discount factor value denoting the myopic behavior of the proposed scheme, which results from the fact that it places more emphasis on immediate rewards. And the propose scheme is capable of effectively improving the average spectral efficiency.

ABSTRACT. Malware developers often use various obfuscation techniques to generate polymorphic and metamorphic versions of malicious programs. As a result, variants of a malware family generally exhibit resembling behavior, and most importantly, they possess certain common essential codes so to achieve the same designed purpose. Meantime, keeping up with new variants and generating signatures for each individual in a timely fashion has been costly and inefficient for anti-virus software companies. It motivates us the idea of no more dancing with variants. In this paper, we aim to find a malware family’s main characteristic operations or activities directly related to its intent. We propose a novel automatic dynamic Android profiling system and malware family runtime behavior signature generation method called Runtime API sequence Motif Mining Algorithm (RasMMA) based on the analysis of the sensitive and permission-related execution traces of the threads and processes of a set of variant APKs of a malware family. We show the effectiveness of using the generated family signature to detect new variants using real-world dataset. Moreover, current anti-malware tools usually treat detection models as a black box for classification and offer little explanations on how malwares behave and how they proceed step by step to infiltrate targeted system and achieve the goal. We take malware family DroidKungFu as a case study to illustrate that the generated family signature indeed captures key malicious activities of the family.

ABSTRACT. The prevalent use of mobile applications in enterprise computing requires more stringent yet flexible enforcement of security policies on the mobile devices. Existing enforcement mechanisms such as mobile device management system focus on the management of device features and cannot cover the diverse security policies of enterprise applications precisely. We address the challenge by proposing a novel security policy enforcement system based on Plugin framework. The system provides fine-grained security policy enforcement at each library call site in an application. With root privilege (targeting company-owned devices), fine-grained enforcement can be applied to any application. Without root privilege (targeting BYOD devices), fine-grained enforcement can be applied to the applications installed via the enforcement system.