Visible to the public Biblio

Filters: Author is Suarez-Tangil, Guillermo  [Clear All Filters]
Alberca, Carlos, Pastrana, Sergio, Suarez-Tangil, Guillermo, Palmieri, Paolo.  2016.  Security Analysis and Exploitation of Arduino Devices in the Internet of Things. Proceedings of the ACM International Conference on Computing Frontiers. :437–442.

The pervasive presence of interconnected objects enables new communication paradigms where devices can easily reach each other while interacting within their environment. The so-called Internet of Things (IoT) represents the integration of several computing and communications systems aiming at facilitating the interaction between these devices. Arduino is one of the most popular platforms used to prototype new IoT devices due to its open, flexible and easy-to-use architecture. Ardunio Yun is a dual board microcontroller that supports a Linux distribution and it is currently one of the most versatile and powerful Arduino systems. This feature positions Arduino Yun as a popular platform for developers, but it also introduces unique infection vectors from the security viewpoint. In this work, we present a security analysis of Arduino Yun. We show that Arduino Yun is vulnerable to a number of attacks and we implement a proof of concept capable of exploiting some of them.

Deo, Amit, Dash, Santanu Kumar, Suarez-Tangil, Guillermo, Vovk, Volodya, Cavallaro, Lorenzo.  2016.  Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection. Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security. :71–82.

Malware evolves perpetually and relies on increasingly so- phisticated attacks to supersede defense strategies. Data-driven approaches to malware detection run the risk of becoming rapidly antiquated. Keeping pace with malware requires models that are periodically enriched with fresh knowledge, commonly known as retraining. In this work, we propose the use of Venn-Abers predictors for assessing the quality of binary classification tasks as a first step towards identifying antiquated models. One of the key benefits behind the use of Venn-Abers predictors is that they are automatically well calibrated and offer probabilistic guidance on the identification of nonstationary populations of malware. Our framework is agnostic to the underlying classification algorithm and can then be used for building better retraining strategies in the presence of concept drift. Results obtained over a timeline-based evaluation with about 90K samples show that our framework can identify when models tend to become obsolete.