Visible to the public Biblio

Found 430 results

Filters: Keyword is Hardware  [Clear All Filters]
2021-09-16
Grusho, A., Nikolaev, A., Piskovski, V., Sentchilo, V., Timonina, E..  2020.  Endpoint Cloud Terminal as an Approach to Secure the Use of an Enterprise Private Cloud. 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC). :1–4.
Practical activities usually require the ability to simultaneously work with internal, distributed information resources and access to the Internet. The need to solve this problem necessitates the use of appropriate administrative and technical methods to protect information. Such methods relate to the idea of domain isolation. This paper considers the principles of implementation and properties of an "Endpoint Cloud Terminal" that is general-purpose software tool with built-in security instruments. This apparatus solves the problem by combining an arbitrary number of isolated and independent workplaces on one hardware unit, a personal computer.
Ayoub, Ahmed A., Aagaard, Mark D..  2020.  Application-Specific Instruction Set Architecture for an Ultralight Hardware Security Module. 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :69–79.
Due to the rapid growth of using Internet of Things (IoT) devices in the daily life, the need to achieve an acceptable level of security and privacy according to the real security risks for these devices is rising. Security risks may include privacy threats like gaining sensitive information from a device, and authentication problems from counterfeit or cloned devices. It becomes more challenging to add strong security features to extremely constrained devices compared to battery operated devices that have more computational and storage capabilities. We propose a novel application specific instruction-set architecture that allows flexibility on many design levels and achieves the required security level for the Electronic Product Code (EPC) passive Radio Frequency Identification (RFID) tag device. Our solution moves a major design effort from hardware to software, which largely reduces the final unit cost. The proposed architecture can be implemented with 4,662 gate equivalent units (GEs) for 65 nm CMOS technology excluding the memory and the cryptographic units. The synthesis results fulfill the requirements of extremely constrained devices and allow the inclusion of cryptographic units into the datapath of the proposed application-specific instruction set processor (ASIP).
Biswas, Ananda, Li, Zelong, Tyagi, Akhilesh.  2020.  Control Flow Integrity in IoT Devices with Performance Counters and DWT. 2020 IEEE International Symposium on Smart Electronic Systems (iSES) (Formerly iNiS). :171–176.
IoT devices are open to traditional control flow integrity (CFI) attacks resulting from buffer overflow and return-oriented programming like techniques. They often have limited computational capacity ruling out many of the traditional heavy-duty software countermeasures. In this work, we deploy hardware/software solutions to detect CFI attacks. Some of the medium capability IoT devices, for example based on Raspberry Pi, contain ARM Cortex A-53 (Pi 3) or Cortex A-73 (Pi 4) processors. These processors include hardware counters to count microarchitecture level events affecting performance. Lighter weight IoT devices, say based on ARM Cortex M4 or M7, include DWT (Debug, Watch & Trace) module. When control flow anomalies caused by attacks such as buffer overflow or return oriented programming (ROP) occur, they leave a microarchitectural footprint. Hardware counters reflect such footprints to flag control flow anomalies. This paper is geared towards buffer overflow and ROP control flow anomaly detection in embedded programs. The targeted program entities are main event loops and task/event handlers. The proposed anomaly detection mechanism is evaluated on ArduPilot [1] - a popular autopilot software on a Raspberry Pi 3 with PMU and DWT. A self-navigation program is evaluated on an iCreate Roomba platform with an ARM Cortex M4 processor with DWT only. We are able to achieve 97-99%+ accuracy with 1-10 micro-second time overhead per control flow anomaly check.
Yoon, JinYi, Lee, HyungJune.  2020.  PUFGAN: Embracing a Self-Adversarial Agent for Building a Defensible Edge Security Architecture. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :904–913.
In the era of edge computing and Artificial Intelligence (AI), securing billions of edge devices within a network against intelligent attacks is crucial. We propose PUFGAN, an innovative machine learning attack-proof security architecture, by embedding a self-adversarial agent within a device fingerprint- based security primitive, public PUF (PPUF) known for its strong fingerprint-driven cryptography. The self-adversarial agent is implemented using Generative Adversarial Networks (GANs). The agent attempts to self-attack the system based on two GAN variants, vanilla GAN and conditional GAN. By turning the attacking quality through generating realistic secret keys used in the PPUF primitive into system vulnerability, the security architecture is able to monitor its internal vulnerability. If the vulnerability level reaches at a specific value, PUFGAN allows the system to restructure its underlying security primitive via feedback to the PPUF hardware, maintaining security entropy at as high a level as possible. We evaluated PUFGAN on three different machine environments: Google Colab, a desktop PC, and a Raspberry Pi 2, using a real-world PPUF dataset. Extensive experiments demonstrated that even a strong device fingerprint security primitive can become vulnerable, necessitating active restructuring of the current primitive, making the system resilient against extreme attacking environments.
Dessouky, Ghada, Frassetto, Tommaso, Jauernig, Patrick, Sadeghi, Ahmad-Reza, Stapf, Emmanuel.  2020.  With Great Complexity Comes Great Vulnerability: From Stand-Alone Fixes to Reconfigurable Security. IEEE Security Privacy. 18:57–66.
The increasing complexity of modern computing devices has rendered security architectures vulnerable to recent side-channel and transient-execution attacks. We discuss the most relevant defenses as well as their drawbacks and how to overcome them for next-generation secure processor design.
Conference Name: IEEE Security Privacy
2021-09-07
Lenard, Teri, Bolboacă, Roland, Genge, Bela.  2020.  LOKI: A Lightweight Cryptographic Key Distribution Protocol for Controller Area Networks. 2020 IEEE 16th International Conference on Intelligent Computer Communication and Processing (ICCP). :513–519.
The recent advancement in the automotive sector has led to a technological explosion. As a result, the modern car provides a wide range of features supported by state of the art hardware and software. Unfortunately, while this is the case of most major components, in the same vehicle we find dozens of sensors and sub-systems built over legacy hardware and software with limited computational capabilities. This paper presents LOKI, a lightweight cryptographic key distribution scheme applicable in the case of the classical invehicle communication systems. The LOKI protocol stands out compared to already proposed protocols in the literature due to its ability to use only a single broadcast message to initiate the generation of a new cryptographic key across a group of nodes. It's lightweight key derivation algorithm takes advantage of a reverse hash chain traversal algorithm to generate fresh session keys. Experimental results consisting of a laboratory-scale system based on Vector Informatik's CANoe simulation environment demonstrate the effectiveness of the developed methodology and its seamless impact manifested on the network.
Schell, Oleg, Kneib, Marcel.  2020.  VALID: Voltage-Based Lightweight Intrusion Detection for the Controller Area Network. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :225–232.
The Controller Area Network (CAN), a broadcasting bus for intra-vehicle communication, does not provide any security mechanisms, although it is implemented in almost every vehicle. Attackers can exploit this issue, transmit malicious messages unnoticeably and cause severe harm. As the utilization of Message Authentication Codes (MACs) is only possible to a limited extent in resource-constrained systems, the focus is put on the development of Intrusion Detection Systems (IDSs). Due to their simple idea of operation, current developments are increasingly utilizing physical signal properties like voltages to realize these systems. Although the feasibility for CAN-based networks could be demonstrated, the least approaches consider the constrained resource-availability of vehicular hardware. To close this gap, we present Voltage-Based Lightweight Intrusion Detection (VALID), which provides physics-based intrusion detection with low resource requirements. By utilizing solely the individual voltage levels on the network during communication, the system detects unauthorized message transmissions without any sophisticated sampling approaches and feature calculations. Having performed evaluations on data from two real vehicles, we show that VALID is not only able to detect intrusions with an accuracy of 99.54 %, but additionally is capable of identifying the attack source reliably. These properties make VALID one of the most lightweight intrusion detection approaches that is ready-to-use, as it can be easily implemented on hardware already installed in vehicles and does not require any further components. Additionally, this allows existing platforms to be retrofitted and vehicular security systems to be improved and extended.
2021-09-01
Hardin, David S..  2020.  Verified Hardware/Software Co-Assurance: Enhancing Safety and Security for Critical Systems. 2020 IEEE International Systems Conference (SysCon). :1—6.
Experienced developers of safety-critical and security-critical systems have long emphasized the importance of applying the highest degree of scrutiny to a system's I/O boundaries. From a safety perspective, input validation is a traditional “best practice.” For security-critical architecture and design, identification of the attack surface has emerged as a primary analysis technique. One of our current research focus areas concerns the identification of and mitigation against attacks along that surface, using mathematically-based tools. We are motivated in these efforts by emerging application areas, such as assured autonomy, that feature a high degree of network connectivity, require sophisticated algorithms and data structures, are subject to stringent accreditation/certification, and encourage hardware/software co-design approaches. We have conducted several experiments employing a state-of-the-art toolchain, due to Russinoff and O'Leary, and originally designed for use in floating-point hardware verification, to determine its suitability for the creation of safety-critical/security-critical input filters. We focus first on software implementation, but extending to hardware as well as hardware/software co-designs. We have implemented a high-assurance filter for JSON-formatted data used in an Unmanned Aerial Vehicle (UAV) application. Our JSON filter is built using a table-driven lexer/parser, supported by mathematically-proven lexer and parser table generation technology, as well as verified data structures. Filter behavior is expressed in a subset of Algorithmic C, which defines a set of C++ header files providing support for hardware design, including the peculiar bit widths utilized in that discipline, and enables compilation to both hardware and software platforms. The Russinoff-O'Leary Restricted Algorithmic C (RAC) toolchain translates Algorithmic C source to the Common Lisp subset supported by the ACL2 theorem prover; once in ACL2, filter behavior can be mathematically verified. We describe how we utilize RAC to translate our JSON filter to ACL2, present proofs of correctness for its associated data types, and describe validation and performance results obtained through the use of concrete test vectors.
Kumar, Keshav, Ramkumar, K.R., Kaur, Amanpreet.  2020.  A Design Implementation and Comparative Analysis of Advanced Encryption Standard (AES) Algorithm on FPGA. 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO). :182—185.
As the technology is getting advanced continuously the problem for the security of data is also increasing. The hackers are equipped with new advanced tools and techniques to break any security system. Therefore people are getting more concern about data security. The data security is achieved by either software or hardware implementations. In this work Field Programmable Gate Arrays (FPGA) device is used for hardware implementation since these devices are less complex, more flexible and provide more efficiency. This work focuses on the hardware execution of one of the security algorithms that is the Advanced Encryption Standard (AES) algorithm. The AES algorithm is executed on Vivado 2014.2 ISE Design Suite and the results are observed on 28 nanometers (nm) Artix-7 FPGA. This work discusses the design implementation of the AES algorithm and the resources consumed in implementing the AES design on Artix-7 FPGA. The resources which are consumed are as follows-Slice Register (SR), Look-Up Tables (LUTs), Input/Output (I/O) and Global Buffer (BUFG).
Ahmed, MMeraj, Vashist, Abhishek, Pudukotai Dinakarrao, Sai Manoj, Ganguly, Amlan.  2020.  Architecting a Secure Wireless Interconnect for Multichip Communication: An ML Approach. 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST). :1—6.
Compute-intensive platforms such as micro-servers and embedded systems have already undergone a shift from a single-chip to multichip architecture to achieve better yield and lower cost. However, performance of multichip systems is limited by the latency and power-hungry chip-to-chip wired I/Os. On the other hand, wireless interconnections are emerging as an energy-efficient and low latency interconnect solution for such multichip systems as it can mask long multi-hop off-chip wired I/O communication. Despite efficient communication, the unguided on and off-chip wireless communication introduce security vulnerabilities in the system. In this work, we propose a reconfigurable, secure millimeter-wave (mm-Wave) wireless interconnection architecture (AReS) for multichip systems capable of detecting and defending against emerging threats including Hardware Trojans (HTs) and Denial-of-Service (DoS) using a Machine Learning (ML)-based approach. The ML-based approach is used to classify internal and external attack to enable the required defense mechanism. To serve this purpose, we design a reconfigurable Medium Access Control (MAC) and a suitable communication protocol to enable sustainable communication even under jamming attack from both internal and external attackers. The proposed architecture also reuses the in-built test infrastructure to detect and withstand a persistent jamming attack in a wireless multichip system. Through simulation, we show that, the proposed wireless interconnection can sustain chip-to-chip communication even under persistent jamming attack with an average 1.44xand 1.56x latency degradation for internal and external attacks respectively for application-specific traffic.
2021-08-18
Sravya, G., Kumar, Manchalla. O.V.P., Sudarsana Reddy, Y., Jamal, K., Mannem, Kiran.  2020.  The Ideal Block Ciphers - Correlation of AES and PRESENT in Cryptography. 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS). :1107—1113.
In this digital era, the usage of technology has increased rapidly and led to the deployment of more innovative technologies for storing and transferring the generated data. The most important aspect of the emerging communication technologies is to ensure the safety and security of the generated huge amount of data. Hence, cryptography is considered as a pathway that can securely transfer and save the data. Cryptography comprises of ciphers that act like an algorithm, where the data is encrypted at the source and decrypted at the destination. This paper comprises of two ciphers namely PRESENT and AES ciphers. In the real-time applications, AES is no more relevant especially for segmenting the organizations that leverage RFID, Sensors and IoT devices. In order to overcome the strategic issues faced by these organization, PRESENT ciphers work appropriately with its super lightweight block figure, which has the equivalent significance to both security and equipment arrangements. This paper compares the AES (Advance encryption standard) symmetric block cipher with PRESENT symmetric block cipher to leverage in the industries mentioned earlier, where the huge consumption of resources becomes a significant factor. For the comparison of different ciphers, the results of area, timing analysis and the waveforms are taken into consideration.
Oda, Maya, Ueno, Rei, Inoue, Akiko, Minematsu, Kazuhiko, Homma, Naofumi.  2020.  PMAC++: Incremental MAC Scheme Adaptable to Lightweight Block Ciphers. 2020 IEEE International Symposium on Circuits and Systems (ISCAS). :1—4.
This paper presents a new incremental parallelizable message authentication code (MAC) scheme adaptable to lightweight block ciphers for memory integrity verification. The highlight of the proposed scheme is to achieve both incremental update capability and sufficient security bound with lightweight block ciphers, which is a novel feature. We extend the conventional parallelizable MAC to realize the incremental update capability while keeping the original security bound. We prove that a comparable security bound can be obtained even if this change is incorporated. We also present a hardware architecture for the proposed MAC scheme with lightweight block ciphers and demonstrate the effectiveness through FPGA implementation. The evaluation results indicate that the proposed MAC hardware achieves 3.4 times improvement in the latency-area product for the tag update compared with the conventional MAC.
2021-08-12
Kim, Byoungkoo, Yoon, Seoungyong, Kang, Yousung, Choi, Dooho.  2020.  Secure IoT Device Authentication Scheme using Key Hiding Technology. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :1808—1810.
As the amount of information distributed and processed through IoT(Internet of Things) devices is absolutely increased, various security issues are also emerging. Above all, since IoT technology is directly applied to our real life, there is a growing concern that the dangers of the existing cyberspace can be expanded into the real world. In particular, leaks of keys necessary for authentication and data protection of IoT devices are causing economic and industrial losses through illegal copying and data leakage. Therefore, this paper introduces the research trend of hardware and software based key hiding technology to respond to these security threats, and proposes IoT device authentication techniques using them. The proposed method fundamentally prevents the threat of exposure of the authentication key due to various security vulnerabilities by properly integrating hardware and software based key hiding technologies. That is, this paper provides a more reliable IoT device authentication scheme by using key hiding technology for authentication key management.
Jung, Junyoung, Cho, Jinsung, Lee, Ben.  2020.  A Secure Platform for IoT Devices based on ARM Platform Security Architecture. 2020 14th International Conference on Ubiquitous Information Management and Communication (IMCOM). :1—4.
Recent IoT services are being used in various fields such as smart homes, smart factories, smart cars and industrial systems. These various IoT services are implemented through hyper-connected IoT devices, and accordingly, security requirements of these devices are being highlighted. In order to satisfy the security requirements of IoT devices, various studies have been conducted such as HSM, Security SoC, and TrustZone. In particular, ARM proposed Platform Security Architecture (PSA), which is a security architecture that provide execution isolation to safely manage and protect the computing resources of low- end IoT devices. PSA can ensure confidentiality and integrity of IoT devices based on its structural features, but conversely, it has the problem of increasing development difficulty in using the security functions of PSA. To solve this problem, this paper analyzes the security requirements of an IoT platform and proposes secure platform based on PSA. To evaluate the proposed secure platform, a PoC implementation is provided based on hardware prototype consisting of FPGA. Our experiments with the PoC implementation verify that the proposed secure platform offers not only high security but also convenience of application development for IoT devices.
2021-08-11
Gaikwad, Nikhil B., Ugale, Hrishikesh, Keskar, Avinash, Shivaprakash, N. C..  2020.  The Internet-of-Battlefield-Things (IoBT)-Based Enemy Localization Using Soldiers Location and Gunshot Direction. IEEE Internet of Things Journal. 7:11725–11734.
The real-time information of enemy locations is capable to transform the outcome of combat operations. Such information gathered using connected soldiers on the Internet of Battlefield Things (IoBT) is highly beneficial to create situational awareness (SA) and to plan an effective war strategy. This article presents the novel enemy localization method that uses the soldier's own locations and their gunshot direction. The hardware prototype has been developed that uses a triangulation for an enemy localization in two soldiers and a single enemy scenario. 4.24±1.77 m of average localization error and ±4° of gunshot direction error has been observed during this prototype testing. This basic model is further extended using three-stage software simulation for multiple soldiers and multiple enemy scenarios with the necessary assumptions. The effective algorithm has been proposed, which differentiates between the ghost and true predictions by analyzing the groups of subsequent shooting intents (i.e., frames). Four different complex scenarios are tested in the first stage of the simulation, around three to six frames are required for the accurate enemy localization in the relatively simple cases, and nine frames are required for the complex cases. The random error within ±4° in gunshot direction is included in the second stage of the simulation which required almost double the number of frames for similar four cases. As the number of frames increases, the accuracy of the proposed algorithm improves and better ghost point elimination is observed. In the third stage, two conventional clustering algorithms are implemented to validate the presented work. The comparative analysis shows that the proposed algorithm is faster, computationally simple, consistent, and reliable compared with others. Detailed analysis of hardware and software results for various scenarios has been discussed in this article.
Morales-Caporal, Roberto, Reyes-Galaviz, Adrián S., Federico Casco-Vásquez, J., Martínez-Hernández, Haydee P..  2020.  Development and Implementation of a Relay Switch Based on WiFi Technology. 2020 17th International Conference on Electrical Engineering, Computing Science and Automatic Control (CCE). :1—6.
This article presents the design and development of a relay switch (RS) to handle electrical loads up to 20A using WiFi technology. The hardware design and the implementation methodology are explained, both for the power supply and for the wireless communication that are embedded in the same small printed circuit board. In the same way, the design of the implemented firmware to operate the developed RS is shown. An ESP-12E module is used to achieve wireless communication of the RS, which can be manipulated through a web page using an MQTT protocol or via and iOS or Arduino app. The developed RS presents at least three differentiators in relation to other similar devices on the market: it can handle a higher electrical load, has a design in accordance with national and international security standards and can use different cybersecurity strategies for wireless communication with the purpose of safe and reliable use. Experimental results using a lamp and a single-phase motor as electrical loads demonstrate an excellent performance and reliability of the developed relay switch.
2021-08-03
Kuai, Jun, He, Jiaji, Ma, Haocheng, Zhao, Yiqiang, Hou, Yumin, Jin, Yier.  2020.  WaLo: Security Primitive Generator for RT-Level Logic Locking and Watermarking. 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST). :01—06.
Various hardware security solutions have been developed recently to help counter hardware level attacks such as hardware Trojan, integrated circuit (IC) counterfeiting and intellectual property (IP) clone/piracy. However, existing solutions often provide specific types of protections. While these solutions achieve great success in preventing even advanced hardware attacks, the compatibility of among these hardware security methods are rarely discussed. The inconsistency hampers with the development of a comprehensive solution for hardware IC and IP from various attacks. In this paper, we develop a security primitive generator to help solve the compatibility issue among different protection techniques. Specifically, we focus on two modern IC/IP protection methods, logic locking and watermarking. A combined locking and watermarking technique is developed based on enhanced finite state machines (FSMs). The security primitive generator will take user-specified constraints and automatically generate an FSM module to perform both logic locking and watermarking. The generated FSM can be integrated into any designs for protection. Our experimental results show that the generator can facilitate circuit protection and provide the flexibility for users to achieve a better tradeoff between security levels and design overheads.
2021-08-02
Longueira-Romerc, Ángel, Iglesias, Rosa, Gonzalez, David, Garitano, Iñaki.  2020.  How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics 2020 IEEE 18th International Conference on Industrial Informatics (INDIN). 1:153—158.
Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a successful attack could have economical, physical or even human consequences, since many of them are used to control critical applications. A standardized and general accepted security testing framework is needed to provide guidance, common reporting forms and the possibility to compare the results along the time. This can be achieved by introducing security metrics into the evaluation or assessment process. If carefully designed and chosen, metrics could provide a quantitative, repeatable and reproducible value that would reflect the level of security protection of the ES. This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security evaluation of ES. In this review, more than 500 metrics were collected and analyzed. Then, they were reduced to 169 metrics that have the potential to be applied to ES security evaluation. As expected, the 77.5% of them is related exclusively to software, and only the 0.6% of them addresses exclusively hardware security. This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics so as to quantify the security level of an ES.
2021-07-27
Meadows, B., Edwards, N., Chang, S.-Y..  2020.  On-Chip Randomization for Memory Protection Against Hardware Supply Chain Attacks to DRAM. 2020 IEEE Security and Privacy Workshops (SPW). :171—180.
Dynamic Random Access Memory (DRAM) is widely used for data storage and, when a computer system is in operation, the DRAM can contain sensitive information such as passwords and cryptographic keys. Therefore, the DRAM is a prime target for hardware-based cryptanalytic attacks. These attacks can be performed in the supply chain to capture default key mechanisms enabling a later cyber attack or predisposition the system to remote effects. Two prominent attack classes against memory are the Cold Boot attack which recovers the data from the DRAM even after a supposed power-down and Rowhammer attack which violates memory integrity by influencing the stored bits to flip. In this paper, we propose an on-chip technique that obfuscates the memory addresses and data and provides a fast detect-response to defend against these hardware-based security attacks on DRAM. We advance the prior hardware security research by making two contributions. First, the key material is detected and erased before the Cold Boot attacker can extract the memory data. Second, our solution is on-chip and does not require nor depend on additional hardware or software which are open to additional supply chain attack vectors. We analyze the efficacy of our scheme through circuit simulation and compare the results to the previous mitigation approaches based on DRAM write operations. Our simulation and analysis results show that purging key information used for address and data randomization can be achieved much faster and with lower power than with typical DRAM write techniques used for sanitizing memory content. We demonstrate through circuit simulation of the key register design a technique that clears key information within 2.4ns which is faster by more than two orders magnitude compared to typical DRAM write operations for 180nm technology, and with a power consumption of 0.15 picoWatts.
2021-07-08
Cesconetto, Jonas, Silva, Luís A., Valderi Leithardt, R. Q., Cáceres, María N., Silva, Luís A., Garcia, Nuno M..  2020.  PRIPRO:Solution for user profile control and management based on data privacy. 2020 15th Iberian Conference on Information Systems and Technologies (CISTI). :1—6.
Intelligent environments work collaboratively, bringing more comfort to human beings. The intelligence of these environments comes from technological advances in sensors and communication. IoT is the model developed that allows a wide and intelligent communication between devices. Hardware reduction of IoT devices results in vulnerabilities. Thus, there are numerous concerns regarding the security of user information, since mobile devices are easily trackable over the Internet. Care must be taken regarding the information in user profiles. Mobile devices are protected by a permission-based mechanism, which limits third-party applications from accessing sensitive device resources. In this context, this work aims to present a proposal for materialization of application for the evolution of user profiles in intelligent environments. Having as parameters the parameters presented in the proposed taxonomy. The proposed solution is the development of two applications, one for Android devices, responsible for allowing or blocking some features of the device. And another in Cloud, responsible for imposing the parameters and privacy criteria, formalizing the profile control module (PRIPRO - PRIvacy PROfiles).
Sato, Masaya, Taniguchi, Hideo, Nakamura, Ryosuke.  2020.  Virtual Machine Monitor-based Hiding Method for Access to Debug Registers. 2020 Eighth International Symposium on Computing and Networking (CANDAR). :209—214.
To secure a guest operating system running on a virtual machine (VM), a monitoring method using hardware breakpoints by a virtual machine monitor is required. However, debug registers are visible to guest operating systems; thus, malicious programs on a guest operating system can detect or disable the monitoring method. This paper presents a method to hide access to debug registers from programs running on a VM. Our proposed method detects programs' access to debug registers and disguises the access as having succeeded. The register's actual value is not visible or modifiable to programs, so the monitoring method is hidden. This paper presents the basic design and evaluation results of our method.
2021-07-07
Al-hamouri, Rahaf, Al-Jarrah, Heba, Al-Sharif, Ziad A., Jararweh, Yaser.  2020.  Measuring the Impacts of Virtualization on the Performance of Thread-Based Applications. 2020 Seventh International Conference on Software Defined Systems (SDS). :131–138.
The following topics are dealt with: cloud computing; software defined networking; cryptography; telecommunication traffic; Internet of Things; authorisation; software radio; cryptocurrencies; data privacy; learning (artificial intelligence).
Hussain, Rashid.  2020.  Peripheral View of IoT based Miniature Devices Security Paradigm. 2020 Global Conference on Wireless and Optical Technologies (GCWOT). :1–7.
Tunnel approach to the security and privacy aspects of communication networks has been an issue since the inception of networking technologies. Neither the technology nor the regulatory and legal frame works proactively play a significant role towards addressing the ever escalating security challenges. As we have move to ubiquitous computing paradigm where information secrecy and privacy is coupled with new challenges of human to machine and machine to machine interfaces, a transformational model for security should be visited. This research is attempted to highlight the peripheral view of IoT based miniature device security paradigm with focus on standardization, regulations, user adaptation, software and applications, low computing resources and power consumption, human to machine interface and privacy.
2021-06-30
Xu, Yue, Ni, Ming, Ying, Fei, Zhang, Jingwen.  2020.  Security Optimization Based on Mimic Common Operating Environment for the Internet of Vehicles. 2020 2nd International Conference on Computer Communication and the Internet (ICCCI). :18—23.
The increasing vehicles have brought convenience to people as well as many traffic problems. The Internet of Vehicles (IoV) is an extension of the intelligent transportation system based on the Internet of Things (IoT), which is the omnibearing network connection among “Vehicles, Loads, Clouds”. However, IoV also faces threats from various known and unknown security vulnerabilities. Traditional security defense methods can only deal with known attacks, while there is no effective way to deal with unknown attacks. In this paper, we show an IoV system deployed on a Mimic Common Operating Environment (MCOE). At the sensing layer, we introduce a lightweight cryptographic algorithm, LBlock, to encrypt the data collected by the hardware. Thus, we can prevent malicious tampering of information such as vehicle conditions. At the application layer, we firstly put the IoV system platform into MCOE to make it dynamic, heterogeneous and redundant. Extensive experiments prove that the sensing layer can encrypt data reliably and energy-efficiently. And we prove the feasibility and security of the Internet of Vehicles system platform on MCOE.
2021-06-28
Zhang, Ning, Lv, Zhiqiang, Zhang, Yanlin, Li, Haiyang, Zhang, Yixin, Huang, Weiqing.  2020.  Novel Design of Hardware Trojan: A Generic Approach for Defeating Testability Based Detection. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :162–173.
Hardware design, especially the very large scale integration(VLSI) and systems on chip design(SOC), utilizes many codes from third-party intellectual property (IP) providers and former designers. Hardware Trojans (HTs) are easily inserted in this process. Recently researchers have proposed many HTs detection techniques targeting the design codes. State-of-art detections are based on the testability including Controllability and Observability, which are effective to all HTs from TrustHub, and advanced HTs like DeTrust. Meanwhile, testability based detections have advantages in the timing complexity and can be easily integrated into recently industrial verification. Undoubtedly, the adversaries will upgrade their designs accordingly to evade these detection techniques. Designing a variety of complex trojans is a significant way to perfect the existing detection, therefore, we present a novel design of HTs to defeat the testability based detection methods, namely DeTest. Our approach is simple and straight forward, yet it proves to be effective at adding some logic. Without changing HTs malicious function, DeTest decreases controllability and observability values to about 10% of the original, which invalidates distinguishers like clustering and support vector machines (SVM). As shown in our practical attack results, adversaries can easily use DeTest to upgrade their HTs to evade testability based detections. Combined with advanced HTs design techniques like DeTrust, DeTest can evade previous detecions, like UCI, VeriTrust and FANCI. We further discuss how to extend existing solutions to reduce the threat posed by DeTest.