Visible to the public End to End Computing

SoS Newsletter- Advanced Book Block

End to End Computing

End to end computing security focuses on the concept of uninterrupted protection of data traveling between two communicating partners. Generally, encryption is the method of choice. The research cited here addresses mobile cloud, human factors, and geo-social networks.

  • "An Anonymous End-to-End Communication Protocol for Mobile Cloud Environments," Ardagna, C.A.; Conti, M.; Leone, M.; STEFA, J., Services Computing, IEEE Transactions on, vol.PP, no.99, pp.1,1 2014. (ID#:14-1245) Available at: The increasing spread of mobile cloud computing paradigm is changing the traditional mobile communication infrastructure. Today, smartphones can rely on virtual (software) "clones" in the cloud, offering backup/recovery solutions as well as the possibility to offload computations. As a result, clones increase the communication and computation capabilities of smartphones, making their limited batteries last longer. Unfortunately, mobile cloud introduces new privacy risks, since personal information of the communicating users is distributed among several parties (e.g., cellular network operator, cloud provider). In this paper, the authors propose a solution implementing an end-to-end anonymous communication protocol between two users in the network, which leverages properties of social networks and ad hoc wireless networks. They consider an adversary model where each party observing a portion of the communication possibly colludes with others to uncover the identity of communicating users. They then extensively analyze and assess the performance of their solution by comparing it to Tor on a real testbed of 36 smartphones and relative clones running on Amazon EC2 platform.
  • "Modeling Human-in-the-Loop Security Analysis and Decision-Making Processes," Schumann, M.A.; Drusinsky, D.; Michael, J.B.; Wijesekera, D., Software Engineering, IEEE Transactions on, vol.40, no.2, pp.154,166, Feb. 2014. (ID#:14-1246) Available at: This paper presents a novel application of computer-assisted formal methods for systematically specifying, documenting, statically and dynamically checking, and maintaining human-centered workflow processes. This approach provides for end-to-end verification and validation of process workflows, which is needed for process workflows that are intended for use in developing and maintaining high-integrity systems. We demonstrate the technical feasibility of our approach by applying it on the development of the US government's process workflow for implementing, certifying, and accrediting cross-domain computer security solutions. Our approach involves identifying human-in-the-loop decision points in the process activities and then modeling these via statechart assertions. We developed techniques to specify and enforce workflow hierarchies, which was a challenge due to the existence of concurrent activities within complex workflow processes. Some of the key advantages of our approach are: it results in development of a model that is executable, supporting both upfront and runtime checking of process-workflow requirements; aids comprehension and communication among stakeholders and process engineers; and provides for incorporating accountability and risk management into the engineering of process workflows.
  • Carbunar, B.; Rahman, M.; Ballesteros, J.; Rishe, N.; Vasilakos, A.V., "${rm PROFIL}_{R}$: Toward Preserving Privacy and Functionality in Geosocial Networks," Information Forensics and Security, IEEE Transactions on , vol.9, no.4, pp.709,718, April 2014. (ID#:14-1247) Available at: Profit is the main participation incentive for social network providers. Its reliance on user profiles, built from a wealth of voluntarily revealed personal information, exposes users to a variety of privacy vulnerabilities. In this paper, the authors propose to take first steps toward addressing the conflict between profit and privacy in geosocial networks. They introduce ${rm PROFIL}_{R}$, a framework for constructing location centric profiles (LCPs), aggregates built over the profiles of users that have visited discrete locations (i.e., venues). ${rm PROFIL}_{R}$ endows users with strong privacy guarantees and providers with correctness assurances. In addition to a venue centric approach, they propose a decentralized solution for computing real time LCP snapshots over the profiles of colocated users. An Android implementation shows that ${rm PROFIL}_{R}$ is efficient; the end-to-end overhead is small even under strong privacy and correctness assurances.
  • "Software Crash Analysis for Automatic Exploit Generation on Binary Programs," Shih-Kun Huang; Min-Hsiang Huang; Po-Yen Huang; Han-Lin Lu; Chung-Wei Lai, Reliability, IEEE Transactions on, vol.63, no.1, pp.270,289, March 2014. (ID#:14-1248) Available at: This paper presents a new method, capable of automatically generating attacks on binary programs from software crashes. The authors analyze software crashes with a symbolic failure model by performing concolic executions following the failure directed paths, using a whole system environment model and concrete address mapped symbolic memory in S2 E. They propose a new selective symbolic input method and lazy evaluation on pseudo symbolic variables to handle symbolic pointers and speed up the process. This is an end-to-end approach able to create exploits from crash inputs or existing exploits for various applications, including most of the existing benchmark programs, and several large scale applications, such as a word processor (Microsoft office word), a media player (mpalyer), an archiver (unrar), or a pdf reader (foxit). They can deal with vulnerability types including stack and heap overflows, format string, and the use of uninitialized variables. Notably, these applications have become software fuzz testing targets, but still require a manual process with security knowledge to produce mitigation-hardened exploits. Using this method to generate exploits is an automated process for software failures without source code. The proposed method is simpler, more general, faster, and can be scaled to larger programs than existing systems. We produce the exploits within one minute for most of the benchmark programs, including mplayer. They also transform existing exploits of Microsoft office word into new exploits within four minutes. The best speedup is 7,211 times faster than the initial attempt. For heap overflow vulnerability, we can automatically exploit the unlink() macro of glibc, which formerly requires sophisticated hacking efforts.


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.