Visible to the public Biblio

Filters: Keyword is Memory management  [Clear All Filters]
2021-06-01
Junchao, CHEN, Baorong, ZHAI, Yibing, DONG, Tao, WU, Kai, YOU.  2020.  Design Of TT C Resource Automatic Scheduling Interface Middleware With High Concurrency and Security. 2020 International Conference on Information Science, Parallel and Distributed Systems (ISPDS). :171—176.
In order to significantly improve the reliable interaction and fast processing when TT&C(Tracking, Telemetry and Command) Resource Scheduling and Management System (TRSMS) communicate with external systems which are diverse, multiple directional and high concurrent, this paper designs and implements a highly concurrent and secure middleware for TT&C Resource Automatic Scheduling Interface (TRASI). The middleware designs memory pool, data pool, thread pool and task pool to improve the efficiency of concurrent processing, uses the rule dictionary, communication handshake and wait retransmission mechanism to ensure the data interaction security and reliability. This middleware can effectively meet the requirements of TRASI for data exchange with external users and system, significantly improve the data processing speed and efficiency, and promote the information technology and automation level of Aerospace TT&C Network Management Center (TNMC).
2021-05-25
Karimov, Madjit, Tashev, Komil, Rustamova, Sanobar.  2020.  Application of the Aho-Corasick algorithm to create a network intrusion detection system. 2020 International Conference on Information Science and Communications Technologies (ICISCT). :1—5.
One of the main goals of studying pattern matching techniques is their significant role in real-world applications, such as the intrusion detection systems branch. The purpose of the network attack detection systems NIDS is to protect the infocommunication network from unauthorized access. This article provides an analysis of the exact match and fuzzy matching methods, and discusses a new implementation of the classic Aho-Korasik pattern matching algorithm at the hardware level. The proposed approach to the implementation of the Aho-Korasik algorithm can make it possible to ensure the efficient use of resources, such as memory and energy.
2021-05-20
Chibaya, Colin, Jowa, Viola Jubile, Rupere, Taurayi.  2020.  A HES for Low Speed Processors. 2020 2nd International Multidisciplinary Information Technology and Engineering Conference (IMITEC). :1—6.
Adaptation of e-commerce in third world countries requires more secure computing facilities. Online data is vulnerable and susceptible to active attacks. Hundreds of security mechanisms and services have been proposed to curb this challenge. However, available security mechanisms, sufficiently strong, are heavy for the machines used. To secure online data where machines' processing power and memory are deficient, a Hybrid Encryption Standard (HES) is proposed. The HES is built on the Data Encryption Standard (DES) algorithm and its siblings. The component units of the DES are redesigned towards reduced demands for processing power and memory. Precisely, white box designs of IP tables, PC tables, Expansion tables, Rotation tables, S-boxes and P-boxes are proposed, all aimed at reducing the processing time and memory demands. Evaluation of the performance of the HES algorithm against the performance of the traditional DES algorithm reveal that the HES out-performs the DES with regards to speed, memory demands, and general acceptance by novice practitioners in the cryptography field. In addition, reproducibility and flexibility are attractive features of the HES over the DES.
Mukwevho, Ndivho, Chibaya, Colin.  2020.  Dynamic vs Static Encryption Tables in DES Key Schedules. 2020 2nd International Multidisciplinary Information Technology and Engineering Conference (IMITEC). :1—5.
The DES is a symmetric cryptosystem which encrypts data in blocks of 64 bits using 48 bit keys in 16 rounds. It comprises a key schedule, encryption and decryption components. The key schedule, in particular, uses three static component units, the PC-1, PC-2 and rotation tables. However, can these three static components of the key schedule be altered? The DES development team never explained most of these component units. Understanding the DES key schedule is, thus, hard. In addition, reproducing the DES model with unknown component units is challenging, making it hard to adapt and bring implementation of the DES model closer to novice developers' context. We propose an alternative approach for re-implementing the DES key schedule using, rather, dynamic instead of static tables. We investigate the design features of the DES key schedule and implement the same. We then propose a re-engineering view towards a more white-box design. Precisely, generation of the PC-1, rotation and PC-2 tables is revisited to random dynamic tables created at run time. In our views, randomly generated component units eliminate the feared concerns regarding perpetrators' possible knowledge of the internal structures of the static component units. Comparison of the performances of the hybrid DES key schedule to that of the original DES key schedule shows closely related outcomes, connoting the hybrid version as a good alternative to the original model. Memory usage and CPU time were measured. The hybrid insignificantly out-performs the original DES key schedule. This outcome may inspire further researches on possible alterations to other DES component units as well, bringing about completely white-box designs to the DES model.
2021-05-05
Nienhuis, Kyndylan, Joannou, Alexandre, Bauereiss, Thomas, Fox, Anthony, Roe, Michael, Campbell, Brian, Naylor, Matthew, Norton, Robert M., Moore, Simon W., Neumann, Peter G. et al..  2020.  Rigorous engineering for hardware security: Formal modelling and proof in the CHERI design and implementation process. 2020 IEEE Symposium on Security and Privacy (SP). :1003—1020.

The root causes of many security vulnerabilities include a pernicious combination of two problems, often regarded as inescapable aspects of computing. First, the protection mechanisms provided by the mainstream processor architecture and C/C++ language abstractions, dating back to the 1970s and before, provide only coarse-grain virtual-memory-based protection. Second, mainstream system engineering relies almost exclusively on test-and-debug methods, with (at best) prose specifications. These methods have historically sufficed commercially for much of the computer industry, but they fail to prevent large numbers of exploitable bugs, and the security problems that this causes are becoming ever more acute.In this paper we show how more rigorous engineering methods can be applied to the development of a new security-enhanced processor architecture, with its accompanying hardware implementation and software stack. We use formal models of the complete instruction-set architecture (ISA) at the heart of the design and engineering process, both in lightweight ways that support and improve normal engineering practice - as documentation, in emulators used as a test oracle for hardware and for running software, and for test generation - and for formal verification. We formalise key intended security properties of the design, and establish that these hold with mechanised proof. This is for the same complete ISA models (complete enough to boot operating systems), without idealisation.We do this for CHERI, an architecture with hardware capabilities that supports fine-grained memory protection and scalable secure compartmentalisation, while offering a smooth adoption path for existing software. CHERI is a maturing research architecture, developed since 2010, with work now underway on an Arm industrial prototype to explore its possible adoption in mass-market commercial processors. The rigorous engineering work described here has been an integral part of its development to date, enabling more rapid and confident experimentation, and boosting confidence in the design.

2021-04-09
Yamato, K., Kourai, K., Saadawi, T..  2020.  Transparent IDS Offloading for Split-Memory Virtual Machines. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :833—838.
To enable virtual machines (VMs) with a large amount of memory to be flexibly migrated, split migration has been proposed. It divides a large-memory VM into small pieces and transfers them to multiple hosts. After the migration, the VM runs across those hosts and exchanges memory data between hosts using remote paging. For such a split-memory VM, however, it becomes difficult to securely run intrusion detection systems (IDS) outside the VM using a technique called IDS offloading. This paper proposes VMemTrans to support transparent IDS offloading for split-memory VMs. In VMemTrans, offloaded IDS can monitor a split-memory VM as if that memory were not distributed. To achieve this, VMemTrans enables IDS running in one host to transparently access VM's remote memory. To consider a trade-off, it provides two methods for obtaining memory data from remote hosts: self paging and proxy paging. We have implemented VMemTrans in KVM and compared the execution performance between the two methods.
2021-03-29
Zhang, S., Ma, X..  2020.  A General Difficulty Control Algorithm for Proof-of-Work Based Blockchains. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :3077–3081.
Designing an efficient difficulty control algorithm is an essential problem in Proof-of-Work (PoW) based blockchains because the network hash rate is randomly changing. This paper proposes a general difficulty control algorithm and provides insights for difficulty adjustment rules for PoW based blockchains. The proposed algorithm consists a two-layer neural network. It has low memory cost, meanwhile satisfying the fast-updating and low volatility requirements for difficulty adjustment. Real data from Ethereum are used in the simulations to prove that the proposed algorithm has better performance for the control of the block difficulty.
2021-03-09
Jindal, A. K., Shaik, I., Vasudha, V., Chalamala, S. R., Ma, R., Lodha, S..  2020.  Secure and Privacy Preserving Method for Biometric Template Protection using Fully Homomorphic Encryption. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1127–1134.

The rapid proliferation of biometrics has led to growing concerns about the security and privacy of the biometric data (template). A biometric uniquely identifies an individual and unlike passwords, it cannot be revoked or replaced since it is unique and fixed for every individual. To address this problem, many biometric template protection methods using fully homomorphic encryption have been proposed. But, most of them (i) are computationally expensive and practically infeasible (ii) do not support operations over real valued biometric feature vectors without quantization (iii) do not support packing of real valued feature vectors into a ciphertext (iv) require multi-shot enrollment of users for improved matching performance. To address these limitations, we propose a secure and privacy preserving method for biometric template protection using fully homomorphic encryption. The proposed method is computationally efficient and practically feasible, supports operations over real valued feature vectors without quantization and supports packing of real valued feature vectors into a single ciphertext. In addition, the proposed method enrolls the users using one-shot enrollment. To evaluate the proposed method, we use three face datasets namely LFW, FEI and Georgia tech face dataset. The encrypted face template (for 128 dimensional feature vector) requires 32.8 KB of memory space and it takes 2.83 milliseconds to match a pair of encrypted templates. The proposed method improves the matching performance by 3 % when compared to state-of-the-art, while providing high template security.

2021-02-08
Fauzan, A., Sukarno, P., Wardana, A. A..  2020.  Overhead Analysis of the Use of Digital Signature in MQTT Protocol for Constrained Device in the Internet of Things System. 2020 3rd International Conference on Computer and Informatics Engineering (IC2IE). :415–420.
This paper presents an overhead analysis of the use of digital signature mechanisms in the Message Queue Telemetry Transport (MQTT) protocol for three classes of constrained-device. Because the resources provided by constrained-devices are very limited, the purpose of this overhead analysis is to help find out the advantages and disadvantages of each class of constrained-devices after a security mechanism has been applied, namely by applying a digital signature mechanism. The objective of using this digital signature mechanism is for providing integrity, that if the payload sent and received in its destination is still original and not changed during the transmission process. The overhead analysis aspects performed are including analyzing decryption time, signature verification performance, message delivery time, memory and flash usage in the three classes of constrained-device. Based on the overhead analysis result, it can be seen that for decryption time and signature verification performance, the Class-2 device is the fastest one. For message delivery time, the smallest time needed for receiving the payload is Class-l device. For memory usage, the Class-2 device is providing the biggest available memory and flash.
2021-01-11
Chekashev, A., Demianiuk, V., Kogan, K..  2020.  Poster: Novel Opportunities in Design of Efficient Deep Packet Inspection Engines. 2020 IEEE 28th International Conference on Network Protocols (ICNP). :1–2.
Deep Packet Inspection (DPI) is an essential building block implementing various services on data plane [5]. Usually, DPI engines are centered around efficient implementation of regular expressions both from the required memory and lookup time perspectives. In this paper, we explore and generalize original approaches used for packet classifiers [7] to regular expressions. Our preliminary results establish a promising direction for the efficient implementation of DPI engines.
Awad, M. A., Ashkiani, S., Porumbescu, S. D., Owens, J. D..  2020.  Dynamic Graphs on the GPU. 2020 IEEE International Parallel and Distributed Processing Symposium (IPDPS). :739–748.
We present a fast dynamic graph data structure for the GPU. Our dynamic graph structure uses one hash table per vertex to store adjacency lists and achieves 3.4-14.8x faster insertion rates over the state of the art across a diverse set of large datasets, as well as deletion speedups up to 7.8x. The data structure supports queries and dynamic updates through both edge and vertex insertion and deletion. In addition, we define a comprehensive evaluation strategy based on operations, workloads, and applications that we believe better characterize and evaluate dynamic graph data structures.
2020-11-09
Göktaş, E., Kollenda, B., Koppe, P., Bosman, E., Portokalidis, G., Holz, T., Bos, H., Giuffrida, C..  2018.  Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure. 2018 IEEE European Symposium on Security and Privacy (EuroS P). :227–242.
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However, it can be completely bypassed by just-in-time code-reuse attacks that rely on information disclosure of code addresses via memory or side-channel exposure. To address this fundamental weakness, much recent research has focused on detecting and mitigating information disclosure. The assumption being that if we perfect such techniques, we will not only maintain layout secrecy but also stop code reuse. In this paper, we demonstrate that an advanced attacker can mount practical code-reuse attacks even in the complete absence of information disclosure. To this end, we present Position-Independent Code-Reuse Attacks, a new class of codereuse attacks relying on the relative rather than absolute location of code gadgets in memory. By means of memory massaging, the attacker first makes the victim program generate a rudimentary ROP payload (for instance, containing code pointers that target instructions "close" to relevant gadgets). Afterwards, the addresses in this payload are patched with small offsets via relative memory writes. To establish the practicality of such attacks, we present multiple Position-Independent ROP exploits against real-world software. After showing that we can bypass ASLR in current systems without requiring information disclosures, we evaluate the impact of our technique on other defenses, such as fine-grained ASLR, multi-variant execution, execute-only memory and re-randomization. We conclude by discussing potential mitigations.
2020-11-02
Wu, Yuming, Liu, Yutao, Liu, Ruifeng, Chen, Haibo, Zang, Binyu, Guan, Haibing.  2018.  Comprehensive VM Protection Against Untrusted Hypervisor Through Retrofitted AMD Memory Encryption. 2018 IEEE International Symposium on High Performance Computer Architecture (HPCA).

The confidentiality of tenant's data is confronted with high risk when facing hardware attacks and privileged malicious software. Hardware-based memory encryption is one of the promising means to provide strong guarantees of data security. Recently AMD has proposed its new memory encryption hardware called SME and SEV, which can selectively encrypt memory regions in a fine-grained manner, e.g., by setting the C-bits in the page table entries. More importantly, SEV further supports encrypted virtual machines. This, intuitively, has provided a new opportunity to protect data confidentiality in guest VMs against an untrusted hypervisor in the cloud environment. In this paper, we first provide a security analysis on the (in)security of SEV and uncover a set of security issues of using SEV as a means to defend against an untrusted hypervisor. Based on the study, we then propose a software-based extension to the SEV feature, namely Fidelius, to address those issues while retaining performance efficiency. Fidelius separates the management of critical resources from service provisioning and revokes the permissions of accessing specific resources from the un-trusted hypervisor. By adopting a sibling-based protection mechanism with non-bypassable memory isolation, Fidelius embraces both security and efficiency, as it introduces no new layer of abstraction. Meanwhile, Fidelius reuses the SEV API to provide a full VM life-cycle protection, including two sets of para-virtualized I/O interfaces to encode the I/O data, which is not considered in the SEV hardware design. A detailed and quantitative security analysis shows its effectiveness in protecting tenant's data from a variety of attack surfaces, and the performance evaluation confirms the performance efficiency of Fidelius.

2020-06-12
Domniţa, Dan, Oprişa, Ciprian.  2018.  A genetic algorithm for obtaining memory constrained near-perfect hashing. 2018 IEEE International Conference on Automation, Quality and Testing, Robotics (AQTR). :1—6.

The problem of fast items retrieval from a fixed collection is often encountered in most computer science areas, from operating system components to databases and user interfaces. We present an approach based on hash tables that focuses on both minimizing the number of comparisons performed during the search and minimizing the total collection size. The standard open-addressing double-hashing approach is improved with a non-linear transformation that can be parametrized in order to ensure a uniform distribution of the data in the hash table. The optimal parameter is determined using a genetic algorithm. The paper results show that near-perfect hashing is faster than binary search, yet uses less memory than perfect hashing, being a good choice for memory-constrained applications where search time is also critical.

2020-06-08
Huang, Jiamin, Lu, Yueming, Guo, Kun.  2019.  A Hybrid Packet Classification Algorithm Based on Hash Table and Geometric Space Partition. 2019 IEEE Fourth International Conference on Data Science in Cyberspace (DSC). :587–592.
The emergence of integrated space-ground network (ISGN), with more complex network conditions compared with tradition network, requires packet classification to achieve high performance. Packet classification plays an important role in the field of network security. Although several existing classification schemes have been proposed recently to improve classification performance, the performance of these schemes is unable to meet the high-speed packet classification requirement in ISGN. To tackle this problem, a hybrid packet classification algorithm based on hash table and geometric space partition (HGSP) is proposed in this paper. HGSP falls into two sections: geometric space partition and hash matching. To improve the classification speed under the same accuracy, a parallel structure of hash table is designed to match the huge packets for classifying. The experimental results demonstrate that the matching time of HGSP algorithm is reduced by 40%-70% compared with traditional Hicuts algorithm. Particularly, with the growth of ruleset, the advantage of HGSP algorithm will become more obvious.
2020-05-15
Ascia, Giuseppe, Catania, Vincenzo, Monteleone, Salvatore, Palesi, Maurizio, Patti, Davide, Jose, John.  2019.  Networks-on-Chip based Deep Neural Networks Accelerators for IoT Edge Devices. 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :227—234.
The need for performing deep neural network inferences on resource-constrained embedded devices (e.g., Internet of Things nodes) requires specialized architectures to achieve the best trade-off among performance, energy, and cost. One of the most promising architectures in this context is based on massive parallel and specialized cores interconnected by means of a Network-on-Chip (NoC). In this paper, we extensively evaluate NoC-based deep neural network accelerators by exploring the design space spanned by several architectural parameters including, network size, routing algorithm, local memory size, link width, and number of memory interfaces. We show how latency is mainly dominated by the on-chip communication whereas energy consumption is mainly accounted by memory (both on-chip and off-chip). The outcome of the analysis, thus, pushes toward a research line devoted to the optimization of the on-chip communication fabric and the memory subsystem for performance improvement and energy efficiency, respectively.
2020-03-30
Kim, Sejin, Oh, Jisun, Kim, Yoonhee.  2019.  Data Provenance for Experiment Management of Scientific Applications on GPU. 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS). :1–4.
Graphics Processing Units (GPUs) are getting popularly utilized for multi-purpose applications in order to enhance highly performed parallelism of computation. As memory virtualization methods in GPU nodes are not efficiently provided to deal with diverse memory usage patterns for these applications, the success of their execution depends on exclusive and limited use of physical memory in GPU environments. Therefore, it is important to predict a pattern change of GPU memory usage during runtime execution of an application. Data provenance extracted from application characteristics, GPU runtime environments, input, and execution patterns from runtime monitoring, is defined for supporting application management to set runtime configuration and predict an experimental result, and utilize resource with co-located applications. In this paper, we define data provenance of an application on GPUs and manage data by profiling the execution of CUDA scientific applications. Data provenance management helps to predict execution patterns of other similar experiments and plan efficient resource configuration.
2020-03-27
Jadidi, Mahya Soleimani, Zaborski, Mariusz, Kidney, Brian, Anderson, Jonathan.  2019.  CapExec: Towards Transparently-Sandboxed Services. 2019 15th International Conference on Network and Service Management (CNSM). :1–5.
Network services are among the riskiest programs executed by production systems. Such services execute large quantities of complex code and process data from arbitrary — and untrusted — network sources, often with high levels of system privilege. It is desirable to confine system services to a least-privileged environment so that the potential damage from a malicious attacker can be limited, but existing mechanisms for sandboxing services require invasive and system-specific code changes and are insufficient to confine broad classes of network services. Rather than sandboxing one service at a time, we propose that the best place to add sandboxing to network services is in the service manager that starts those services. As a first step towards this vision, we propose CapExec, a process supervisor that can execute a single service within a sandbox based on a service declaration file in which, required resources whose limited access to are supported by Caper services, are specified. Using the Capsicum compartmentalization framework and its Casper service framework, CapExec provides robust application sandboxing without requiring any modifications to the application itself. We believe that this is the first step towards ubiquitous sandboxing of network services without the costs of virtualization.
2020-03-23
Qin, Peng, Tan, Cheng, Zhao, Lei, Cheng, Yueqiang.  2019.  Defending against ROP Attacks with Nearly Zero Overhead. 2019 IEEE Global Communications Conference (GLOBECOM). :1–6.
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets) collected across the entire code space. In this paper, we propose to address ROP attacks from a different angle-shrinking available code space at runtime. We present ROPStarvation , a generic and transparent ROP countermeasure that defend against all types of ROP attacks with almost zero run-time overhead. ROPStarvation does not aim to completely stop ROP attacks, instead it attempts to significantly increase the bar by decreasing the possibility of launching a successful ROP exploit in reality. Moreover, shrinking available code space at runtime is lightweight that makes ROPStarvation practical for being deployed with high performance requirement. Results show that ROPStarvation successfully reduces the code space of target applications by 85%. With the reduced code segments, ROPStarvation decreases the probability of building a valid ROP gadget chain by 100% and 83% respectively, with the assumptions that whether the adversary knows the vulnerable applications are protected by ROPStarvation . Evaluations on the SPEC CPU2006 benchmark show that ROPStarvation introduces nearly zero (0.2% on average) run-time performance overhead.
2020-03-02
Serpanos, Dimitrios, Stachoulis, Dimitrios.  2019.  Secure Memory for Embedded Tamper-Proof Systems. 2019 14th International Conference on Design Technology of Integrated Systems In Nanoscale Era (DTIS). :1–4.

Data leakage and disclosure to attackers is a significant problem in embedded systems, considering the ability of attackers to get physical access to the systems. We present methods to protect memory data leakage in tamper-proof embedded systems. We present methods that exploit memory supply voltage manipulation to change the memory contents, leading to an operational and reusable memory or to destroy memory cell circuitry. For the case of memory data change, we present scenaria for data change to a known state and to a random state. The data change scenaria are effective against attackers who cannot detect the existence of the protection circuitry; furthermore, original data can be calculated in the case of data change to a known state, if the attacker identifies the protection circuitry and its operation. The methods that change memory contents to a random state or destroy memory cell circuitry lead to irreversible loss of the original data. However, since the known state can be used to calculate the original data.

2020-02-24
Srivastava, Ankush, Ghosh, Prokash.  2019.  An Efficient Memory Zeroization Technique Under Side-Channel Attacks. 2019 32nd International Conference on VLSI Design and 2019 18th International Conference on Embedded Systems (VLSID). :76–81.
Protection of secured data content in volatile memories (processor caches, embedded RAMs etc) is essential in networking, wireless, automotive and other embedded secure applications. It is utmost important to protect secret data, like authentication credentials, cryptographic keys etc., stored over volatile memories which can be hacked during normal device operations. Several security attacks like cold boot, disclosure attack, data remanence, physical attack, cache attack etc. can extract the cryptographic keys or secure data from volatile memories of the system. The content protection of memory is typically done by assuring data deletion in minimum possible time to minimize data remanence effects. In today's state-of-the-art SoCs, dedicated hardwares are used to functionally erase the private memory contents in case of security violations. This paper, in general, proposes a novel approach of using existing memory built-in-self-test (MBIST) hardware to zeroize (initialize memory to all zeros) on-chip memory contents before it is being hacked either through different side channels or secuirty attacks. Our results show that the proposed MBIST based content zeroization approach is substantially faster than conventional techniques. By adopting the proposed approach, functional hardware requirement for memory zeroization can be waived.
2019-12-30
Sharma, Mukesh Kumar, Somwanshi, Devendra.  2018.  Improvement in Homomorphic Encryption Algorithm with Elliptic Curve Cryptography and OTP Technique. 2018 3rd International Conference and Workshops on Recent Advances and Innovations in Engineering (ICRAIE). :1–6.
Cloud computing is a technology is where client require not to stress over the expense of equipment establishment and their support cost. Distributed computing is presently turned out to be most prominent innovation on account of its accessibility, ease and some different elements. Yet, there is a few issues in distributed computing, the principle one is security in light of the fact that each client store their valuable information on the system so they need their information ought to be shielded from any unapproved get to, any progressions that isn't done for client's benefit. To take care of the issue of Key administration, Key Sharing different plans have been proposed. The outsider examiner is the plan for key administration and key sharing. The primary preferred standpoint of this is the cloud supplier can encourage the administration which was accessible by the customary outsider evaluator and make it trustful. The outsider examining plan will be fizzled, if the outsider's security is endangered or of the outsider will be malignant. To take care of the issue, there is another modular for key sharing and key administration in completely Homomorphic Encryption conspire is outlined. In this paper we utilized the symmetric key understanding calculation named Diffie Hellman to make session key between two gatherings who need to impart and elliptic curve cryptography to create encryption keys rather than RSA and have utilized One Time Password (OTP) for confirming the clients.
2019-10-15
Vyakaranal, S., Kengond, S..  2018.  Performance Analysis of Symmetric Key Cryptographic Algorithms. 2018 International Conference on Communication and Signal Processing (ICCSP). :0411–0415.
Data's security being important aspect of the today's internet is gaining more importance day by day. With the increase in online data exchange, transactions and payments; secure payment and secure data transfers have become an area of concern. Cryptography makes the data transmission over the internet secure by various methods, algorithms. Cryptography helps in avoiding the unauthorized people accessing the data by authentication, confidentiality, integrity and non-repudiation. In order to securely transmit the data many cryptographic algorithms are present, but the algorithm to be used should be robust, efficient, cost effective, high performance and easily deployable. Choosing an algorithm which suits the customer's requirement is an utmost important task. The proposed work discusses different symmetric key cryptographic algorithms like DES, 3DES, AES and Blowfish by considering encryption time, decryption time, entropy, memory usage, throughput, avalanche effect and energy consumption by practical implementation using java. Practical implementation of algorithms has been highlighted in proposed work considering tradeoff performance in terms of cost of various parameters rather than mere theoretical concepts. Battery consumption and avalanche effect of algorithms has been discussed. It reveals that AES performs very well in overall performance analysis among considered algorithms.
2019-09-26
Pfeffer, T., Herber, P., Druschke, L., Glesner, S..  2018.  Efficient and Safe Control Flow Recovery Using a Restricted Intermediate Language. 2018 IEEE 27th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE). :235-240.

Approaches for the automatic analysis of security policies on source code level cannot trivially be applied to binaries. This is due to the lacking high-level semantics of low-level object code, and the fundamental problem that control-flow recovery from binaries is difficult. We present a novel approach to recover the control-flow of binaries that is both safe and efficient. The key idea of our approach is to use the information contained in security mechanisms to approximate the targets of computed branches. To achieve this, we first define a restricted control transition intermediate language (RCTIL), which restricts the number of possible targets for each branch to a finite number of given targets. Based on this intermediate language, we demonstrate how a safe model of the control flow can be recovered without data-flow analyses. Our evaluation shows that that makes our solution more efficient than existing solutions.

2019-02-13
Ahmed, N., Talib, M. A., Nasir, Q..  2018.  Program-flow attestation of IoT systems software. 2018 15th Learning and Technology Conference (L T). :67–73.
Remote attestation is the process of measuring the integrity of a device over the network, by detecting modification of software or hardware from the original configuration. Several remote software-based attestation mechanisms have been introduced, that rely on strict time constraints and other impractical constraints that make them inconvenient for IoT systems. Although some research is done to address these issues, they integrated trusted hardware devices to the attested devices to accomplish their aim, which is costly and not convenient for many use cases. In this paper, we propose “Dual Attestation” that includes two stages: static and dynamic. The static attestation phase checks the memory of the attested device. The dynamic attestation technique checks the execution correctness of the application code and can detect the runtime attacks. The objectives are to minimize the overhead and detect these attacks, by developing an optimized dynamic technique that checks the application program flow. The optimization will be done in the prover and the verifier sides.