Visible to the public Biblio

Found 197 results

Filters: Keyword is Testing  [Clear All Filters]
2021-11-29
Setiawan, Dharma Yusuf, Naning Hertiana, Sofia, Negara, Ridha Muldina.  2021.  6LoWPAN Performance Analysis of IoT Software-Defined-Network-Based Using Mininet-Io. 2020 IEEE International Conference on Internet of Things and Intelligence System (IoTaIS). :60–65.
Software Defined Network (SDN) is a new paradigm in network architecture. The basic concept of SDN itself is to separate the control plane and forwarding plane explicitly. In the last few years, SDN technology has become one of the exciting topics for researchers, the development of SDN which was carried out, one of which was implementing the Internet of Things (IoT) devices in the SDN network architecture model. Mininet-IoT is developing the Mininet network emulator by adding virtualized IoT devices, 6LoWPAN based on wireless Linux standards, and 802.15.4 wireless simulation drivers. Mininet-IoT expands the Mininet code class by adding or modifying functions in it. This research will discuss the performance of the 6LoWPAN device on the internet of things (IoT) network by applying the SDN paradigm. We use the Mininet-IoT emulator and the Open Network Operating System (ONOS) controller using the internet of things (IoT) IPv6 forwarding. Performance testing by comparing some of the topologies of the addition of host, switch, and cluster. The test results of the two scenarios tested can be concluded; the throughput value obtained has decreased compared to the value of back-traffic traffic. While the packet loss value obtained is on average above 15%. Jitter value, delay, throughput, and packet loss are still in the category of enough, good, and very good based on TIPHON and ITU-T standards.
2021-11-08
Karode, Tanakorn, Werapun, Warodom.  2020.  Performance Analysis of Trustworthy Online Review System Using Blockchain. 2020 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON). :510–513.
Today, the online review system cannot fully support the business since there are fraudulent activities inside. The companies that get low score reviews are induced to raise their score for the market competition capability by paying to the platform for deleting or editing the posted reviews. Moreover, the automatic filtration system of a platform removes some reviews without the awareness of the users. The low transparency platform causes low credibility toward the reviews. Blockchain technology provides exceptionally high transparency since every action can be traced publicly. However, there are some tradeoffs that need to be considered, such as cost and response time. This work tends to find the potential of using Blockchain technology in the online review system by testing four implementation approaches of the Ethereum Smart Contract. The result illustrates that using IPFS to store the data is a practical way of reducing transaction costs. Besides, preventing using Smart Contract states can significantly reduce costs too. The response time for using the Blockchain and IPFS system is slower than the centralized system. However, posting a review does not need a fast response. Thus, it is worthy of trading response time with transparency and cost. In the business view, the review posting with cost causes more difficulty to generate fake reviews. Moreover, there are other advantages over the centralized system, such as the reward system, bogus review voting, and global database. Thus, credibility improvement for a consumer online review system is a potential application of Blockchain technology.
2021-10-04
Abbas Hamdani, Syed Wasif, Waheed Khan, Abdul, Iltaf, Naima, Iqbal, Waseem.  2020.  DTMSim-IoT: A Distributed Trust Management Simulator for IoT Networks. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :491–498.
In recent years, several trust management frame-works and models have been proposed for the Internet of Things (IoT). Focusing primarily on distributed trust management schemes; testing and validation of these models is still a challenging task. It requires the implementation of the proposed trust model for verification and validation of expected outcomes. Nevertheless, a stand-alone and standard IoT network simulator for testing of distributed trust management scheme is not yet available. In this paper, a .NET-based Distributed Trust Management Simulator for IoT Networks (DTMSim-IoT) is presented which enables the researcher to implement any static/dynamic trust management model to compute the trust value of a node. The trust computation will be calculated based on the direct-observation and trust value is updated after every transaction. Transaction history and logs of each event are maintained which can be viewed and exported as .csv file for future use. In addition to that, the simulator can also draw a graph based on the .csv file. Moreover, the simulator also offers to incorporate the feature of identification and mitigation of the On-Off Attack (OOA) in the IoT domain. Furthermore, after identifying any malicious activity by any node in the networks, the malevolent node is added to the malicious list and disseminated in the network to prevent potential On-Off attacks.
Zhang, Chong, Liu, Xiao, Zheng, Xi, Li, Rui, Liu, Huai.  2020.  FengHuoLun: A Federated Learning based Edge Computing Platform for Cyber-Physical Systems. 2020 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :1–4.
Cyber-Physical Systems (CPS) such as intelligent connected vehicles, smart farming and smart logistics are constantly generating tons of data and requiring real-time data processing capabilities. Therefore, Edge Computing which provisions computing resources close to the End Devices from the network edge is becoming the ideal platform for CPS. However, it also brings many issues and one of the most prominent challenges is how to ensure the development of trustworthy smart services given the dynamic and distributed nature of Edge Computing. To tackle this challenge, this paper proposes a novel Federated Learning based Edge Computing platform for CPS, named “FengHuoLun”. Specifically, based on FengHuoLun, we can: 1) implement smart services where machine learning models are trained in a trusted Federated Learning framework; 2) assure the trustworthiness of smart services where CPS behaviours are tested and monitored using the Federated Learning framework. As a work in progress, we have presented an overview of the FengHuoLun platform and also some preliminary studies on its key components, and finally discussed some important future research directions.
2021-09-21
Lin, Kuang-Yao, Huang, Wei-Ren.  2020.  Using Federated Learning on Malware Classification. 2020 22nd International Conference on Advanced Communication Technology (ICACT). :585–589.
In recent years, everything has been more and more systematic, and it would generate many cyber security issues. One of the most important of these is the malware. Modern malware has switched to a high-growth phase. According to the AV-TEST Institute showed that there are over 350,000 new malicious programs (malware) and potentially unwanted applications (PUA) be registered every day. This threat was presented and discussed in the present paper. In addition, we also considered data privacy by using federated learning. Feature extraction can be performed based on malware. The proposed method achieves very high accuracy ($\approx$0.9167) on the dataset provided by VirusTotal.
2021-09-07
Al'aziz, Bram Andika Ahmad, Sukarno, Parman, Wardana, Aulia Arif.  2020.  Blacklisted IP Distribution System to Handle DDoS Attacks on IPS Snort Based on Blockchain. 2020 6th Information Technology International Seminar (ITIS). :41–45.
The mechanism for distributing information on the source of the attack by combining blockchain technology with the Intrusion Prevention System (IPS) can be done so that DDoS attack mitigation becomes more flexible, saves resources and costs. Also, by informing the blacklisted Internet Protocol(IP), each IPS can share attack source information so that attack traffic blocking can be carried out on IPS that are closer to the source of the attack. Therefore, the attack traffic passing through the network can be drastically reduced because the attack traffic has been blocked on the IPS that is closer to the attack source. The blocking of existing DDoS attack traffic is generally carried out on each IPS without a mechanism to share information on the source of the attack so that each IPS cannot cooperate. Also, even though the DDoS attack traffic did not reach the server because it had been blocked by IPS, the attack traffic still flooded the network so that network performance was reduced. Through smart contracts on the Ethereum blockchain, it is possible to inform the source of the attack or blacklisted IP addresses without requiring additional infrastructure. The blacklisted IP address is used by IPS to detect and handle DDoS attacks. Through the blacklisted IP distribution scheme, testing and analysis are carried out to see information on the source of the attack on each IPS and the attack traffic that passes on the network. The result is that each IPS can have the same blacklisted IP so that each IPS can have the same attack source information. The results also showed that the attack traffic through the network infrastructure can be drastically reduced. Initially, the total number of attack packets had an average of 115,578 reduced to 27,165.
Sami, Muhammad, Ibarra, Matthew, Esparza, Anamaria C., Al-Jufout, Saleh, Aliasgari, Mehrdad, Mozumdar, Mohammad.  2020.  Rapid, Multi-vehicle and Feed-forward Neural Network based Intrusion Detection System for Controller Area Network Bus. 2020 IEEE Green Energy and Smart Systems Conference (IGESSC). :1–6.
In this paper, an Intrusion Detection System (IDS) in the Controller Area Network (CAN) bus of modern vehicles has been proposed. NESLIDS is an anomaly detection algorithm based on the supervised Deep Neural Network (DNN) architecture that is designed to counter three critical attack categories: Denial-of-service (DoS), fuzzy, and impersonation attacks. Our research scope included modifying DNN parameters, e.g. number of hidden layer neurons, batch size, and activation functions according to how well it maximized detection accuracy and minimized the false positive rate (FPR) for these attacks. Our methodology consisted of collecting CAN Bus data from online and in real-time, injecting attack data after data collection, preprocessing in Python, training the DNN, and testing the model with different datasets. Results show that the proposed IDS effectively detects all attack types for both types of datasets. NESLIDS outperforms existing approaches in terms of accuracy, scalability, and low false alarm rates.
2021-08-31
Zarzour, Hafed, Al shboul, Bashar, Al-Ayyoub, Mahmoud, Jararweh, Yaser.  2020.  A convolutional neural network-based reviews classification method for explainable recommendations. 2020 Seventh International Conference on Social Networks Analysis, Management and Security (SNAMS). :1–5.
Recent advances in information filtering have resulted in effective recommender systems that are able to provide online personalized recommendations to millions of users from all over the world. However, most of these systems ignore the explanation purpose while producing recommendations with high-quality results. Moreover, the classification of reviews given to users as explanations is not fully exploited in previous studies. In this paper, we develop a convolutional neural network-based reviews classification method for explainable recommendation systems. The convolutional neural network is used to extract the reviews features for predicting whether the reviews provided as explanations are positive or negative. Based on such additional information, users can understand not only why certain items are recommended for them but also get support to know the nature of such explanations. We conduct experiments on a dataset from Amazon. The experimental results show that our method outperforms state-of-the-art methods.
Adamov, Alexander, Carlsson, Anders.  2020.  Reinforcement Learning for Anti-Ransomware Testing. 2020 IEEE East-West Design Test Symposium (EWDTS). :1–5.
In this paper, we are going to verify the possibility to create a ransomware simulation that will use an arbitrary combination of known tactics and techniques to bypass an anti-malware defense. To verify this hypothesis, we conducted an experiment in which an agent was trained with the help of reinforcement learning to run the ransomware simulator in a way that can bypass anti-ransomware solution and encrypt the target files. The novelty of the proposed method lies in applying reinforcement learning to anti-ransomware testing that may help to identify weaknesses in the anti-ransomware defense and fix them before a real attack happens.
2021-08-17
Yuliana, Mike, Suwadi, Wirawan.  2020.  Key Rate Enhancement by Using the Interval Approach in Symmetric Key Extraction Mechanism. 2020 Third International Conference on Vocational Education and Electrical Engineering (ICVEE). :1–6.
Wireless security is confronted with the complexity of the secret key distribution process, which is difficult to implement on an Ad Hoc network without a key management infrastructure. The symmetric key extraction mechanism from a response channel in a wireless environment is a very promising alternative solution with the simplicity of the key distribution process. Various mechanisms have been proposed for extracting the symmetric key, but many mechanisms produce low rates of the symmetric key due to the high bit differences that occur. This led to the fact that the reconciliation phase was unable to make corrections, as a result of which many key bits were lost, and the time required to obtain a symmetric key was increased. In this paper, we propose the use of an interval approach that divides the response channel into segments at specific intervals to reduce the key bit difference and increase the key rates. The results of tests conducted in the wireless environment show that the use of these mechanisms can increase the rate of the keys up to 35% compared to existing mechanisms.
Monakhov, Yuri, Kuznetsova, Anna, Monakhov, Mikhail, Telny, Andrey, Bednyatsky, Ilya.  2020.  Performance Evaluation of the Modified HTB Algorithm. 2020 Dynamics of Systems, Mechanisms and Machines (Dynamics). :1—5.
In this article, authors present the results of testing the modified HTB traffic control algorithm in an experimental setup. The algorithm is implemented as a Linux kernel module. An analysis of the experimental results revealed the effect of uneven packet loss in priority classes. In the second part of the article, the authors propose a solution to this problem by applying a distribution scheme for the excess of tokens, according to which excess class tokens are given to the leaf with the highest priority. The new modification of the algorithm was simulated in the AnyLogic environment. The results of an experimental study demonstrated that dividing the excess tokens of the parent class between daughter classes is less effective in terms of network performance than allocating the excess tokens to a high-priority class during the competition for tokens between classes. In general, a modification of the HTB algorithm that implements the proposed token surplus distribution scheme yields more consistent delay times for the high-priority class.
2021-08-12
Johari, Rahul, Kaur, Ishveen, Tripathi, Reena, Gupta, Kanika.  2020.  Penetration Testing in IoT Network. 2020 5th International Conference on Computing, Communication and Security (ICCCS). :1—7.
Penetration testing, also known as Pen testing is usually performed by a testing professional in order to detect security threats involved in a system. Penetration testing can also be viewed as a fake cyber Security attack, done in order to see whether the system is secure and free of vulnerabilities. Penetration testing is widely used for testing both Network and Software, but somewhere it fails to make IoT more secure. In IoT the security risk is growing day-by-day, due to which the IoT networks need more penetration testers to test the security. In the proposed work an effort has been made to compile and aggregate the information regarding VAPT(Vulnerability Assessment and Penetrating Testing) in the area of IoT.
2021-08-11
Li, Yuekang, Chen, Hongxu, Zhang, Cen, Xiong, Siyang, Liu, Chaoyi, Wang, Yi.  2020.  Ori: A Greybox Fuzzer for SOME/IP Protocols in Automotive Ethernet. 2020 27th Asia-Pacific Software Engineering Conference (APSEC). :495—499.
With the emergence of smart automotive devices, the data communication between these devices gains increasing importance. SOME/IP is a light-weight protocol to facilitate inter- process/device communication, which supports both procedural calls and event notifications. Because of its simplicity and capability, SOME/IP is getting adopted by more and more automotive devices. Subsequently, the security of SOME/IP applications becomes crucial. However, previous security testing techniques cannot fit the scenario of vulnerability detection SOME/IP applications due to miscellaneous challenges such as the difficulty of server-side testing programs in parallel, etc. By addressing these challenges, we propose Ori - a greybox fuzzer for SOME/IP applications, which features two key innovations: the attach fuzzing mode and structural mutation. The attach fuzzing mode enables Ori to test server programs efficiently, and the structural mutation allows Ori to generate valid SOME/IP packets to reach deep paths of the target program effectively. Our evaluation shows that Ori can detect vulnerabilities in SOME/IP applications effectively and efficiently.
2021-08-03
Yang, Jianguo, Lei, Dengyun, Chen, Deyang, Li, Jing, Jiang, Haijun, Ding, Qingting, Luo, Qing, Xue, Xiaoyong, Lv, Hangbing, Zeng, Xiaoyang et al..  2020.  A Machine-Learning-Resistant 3D PUF with 8-layer Stacking Vertical RRAM and 0.014% Bit Error Rate Using In-Cell Stabilization Scheme for IoT Security Applications. 2020 IEEE International Electron Devices Meeting (IEDM). :28.6.1–28.6.4.
In this work, we propose and demonstrate a multi-layer 3-dimensional (3D) vertical RRAM (VRRAM) PUF with in-cell stabilization scheme to improve both cost efficiency and reliability. An 8-layer VRRAM array was manufactured with excellent uniformity and good endurance of \textbackslashtextgreater107. Apart from the variation in RRAM resistance, enhanced randomness is obtained thanks to the parasitic IR drop and abundant sneak current paths in 3D VRRAM. To deal with the common issue of unstable bits in PUF output, in-cell stabilization is proposed by first employing asymmetric biasing to detect the unstable bits and then exploiting reprogramming to expand the deviation to stabilize the output. The bit error rate is reduced by \textbackslashtextgreater7X (68X) for 3(5) times reprogramming. The proposed PUF features excellent resistance against machine learning attack and passes both National Institute of Standards and Technology (NIST) 800-22 and NIST 800-90B test suites.
2021-08-02
Bouniot, Quentin, Audigier, Romaric, Loesch, Angélique.  2020.  Vulnerability of Person Re-Identification Models to Metric Adversarial Attacks. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). :3450—3459.
Person re-identification (re-ID) is a key problem in smart supervision of camera networks. Over the past years, models using deep learning have become state of the art. However, it has been shown that deep neural networks are flawed with adversarial examples, i.e. human-imperceptible perturbations. Extensively studied for the task of image closed- set classification, this problem can also appear in the case of open-set retrieval tasks. Indeed, recent work has shown that we can also generate adversarial examples for metric learning systems such as re-ID ones. These models remain vulnerable: when faced with adversarial examples, they fail to correctly recognize a person, which represents a security breach. These attacks are all the more dangerous as they are impossible to detect for a human operator. Attacking a metric consists in altering the distances between the feature of an attacked image and those of reference images, i.e. guides. In this article, we investigate different possible attacks depending on the number and type of guides available. From this metric attack family, two particularly effective attacks stand out. The first one, called Self Metric Attack, is a strong attack that does not need any image apart from the attacked image. The second one, called FurthestNegative Attack, makes full use of a set of images. Attacks are evaluated on commonly used datasets: Market1501 and DukeMTMC. Finally, we propose an efficient extension of adversarial training protocol adapted to metric learning as a defense that increases the robustness of re-ID models.1
2021-07-28
Alsmadi, Izzat, Zarrad, Anis, Yassine, Abdulrahmane.  2020.  Mutation Testing to Validate Networks Protocols. 2020 IEEE International Systems Conference (SysCon). :1—8.
As networks continue to grow in complexity using wired and wireless technologies, efficient testing solutions should accommodate such changes and growth. Network simulators provide a network-independent environment to provide different types of network testing. This paper is motivated by the observation that, in many cases in the literature, the success of developed network protocols is very sensitive to the initial conditions and assumptions of the testing scenarios. Network services are deployed in complex environments; results of testing and simulation can vary from one environment to another and sometimes in the same environment at different times. Our goal is to propose mutation-based integration testing that can be deployed with network protocols and serve as Built-in Tests (BiT).This paper proposes an integrated mutation testing framework to achieve systematic test cases' generation for different scenario types. Scenario description and variables' setting should be consistent with the protocol specification and the simulation environment. We focused on creating test cases for critical scenarios rather than preliminary or simplified scenarios. This will help users to report confident simulation results and provide credible protocol analysis. The criticality is defined as a combination of network performance metrics and critical functions' coverage. The proposed solution is experimentally proved to obtain accurate evaluation results with less testing effort by generating high-quality testing scenarios. Generated test scenarios will serve as BiTs for the network simulator. The quality of the test scenarios is evaluated from three perspectives: (i) code coverage, (ii) mutation score and (iii) testing effort. In this work, we implemented the testing framework in NS2, but it can be extended to any other simulation environment.
ISSN: 2472-9647
2021-07-27
Bao, Zhida, Zhao, Haojun.  2020.  Evaluation of Adversarial Attacks Based on DL in Communication Networks. 2020 7th International Conference on Dependable Systems and Their Applications (DSA). :251–252.
Deep Neural Networks (DNN) have strong capabilities of memories, feature identifications and automatic analyses, solving various complex problems. However, DNN classifiers have obvious fragility that adding several unnoticeable perturbations to the original examples will lead to the errors in the classifier identification. In the field of communications, the adversarial examples will greatly reduce the accuracy of the signal identification, causing great information security risks. Considering the adversarial examples pose a serious threat to the security of the DNN models, studying their generation mechanisms and testing their attack effects are critical to ensuring the information security of the communication networks. This paper will study the generation of the adversarial examples and the influences of the adversarial examples on the accuracy of the DNN-based communication signal identification. Meanwhile, this paper will study the influences of the adversarial examples under the white-box models and black-box models, and explore the adversarial attack influences of the factors such as perturbation levels and iterative steps. The insights of this study would be helpful for ensuring the security of information networks and designing robust DNN communication networks.
2021-07-02
Yao, Xiaoyong, Pei, Yuwen, Wu, Pingdong, Huang, Man-ling.  2020.  Study on Integrative Control between the Stereoscopic Image and the Tactile Feedback in Augmented Reality. 2020 IEEE 3rd International Conference on Electronics and Communication Engineering (ICECE). :177—180.
The precise integrative control between the stereoscopic image and the tactile feedback is very essential in augmented reality[1]-[4]. In order to study this question, this paper will introduce a stereoscopic-imaging and tactile integrative augmented-reality system, and a stereoscopic-imaging and tactile integrative algorithm. The system includes a stereoscopic-imaging part and a string-based tactile part. The integrative algorithm is used to precisely control the interaction between the two parts. The results for testing the system and the algorithm demonstrate the system to be perfect through 5 testers' operation and will be presented in the last part of the paper.
2021-06-30
Solomon Doss, J. Kingsleen, Kamalakkannan, S..  2020.  IoT System Accomplishment using BlockChain in Validating and Data Security with Cloud. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :60—64.
In a block channel IoT system, sensitive details can be leaked by means of the proof of work or address check, as data or application Validation data is applied on the blockchain. In this, the zero-knowledge evidence is applied to a smart metering system to show how to improve the anonymity of the blockchain for privacy safety without disclosing information as a public key. Within this article, a blockchain has been implemented to deter security risks such as data counterfeiting by utilizing intelligent meters. Zero-Knowledge Proof, an anonymity blockchain technology, has been implemented through block inquiry to prevent threats to security like personal information infringement. It was suggested that intelligent contracts would be used to avoid falsification of intelligent meter data and abuse of personal details.
2021-06-24
Liu, Zhibin, Liu, Ziang, Huang, Yuanyuan, Liu, Xin, Zhou, Xiaokang, Zhou, Rui.  2020.  A Research of Distributed Security and QoS Testing Framework. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :174—181.
Since the birth of the Internet, the quality of network service has been a widespread concerned problem. With the continuous development of communication and information technology, people gradually realized that the contradiction between the limited resources and the business requirements of network cannot be fundamentally solved. In this paper, we design and develop a distributed security quality of service testing framework called AweQoS(AwesomeQoS), to adapt to the current complex network environment. This paper puts forward the necessity that some security tests should be closely combined with quality of service testing, and further discusses the basic methods of distributed denial of service attack and defense. We introduce the design idea and working process of AweQoS in detail, and introduce a bandwidth test method based on user datagram protocol. Experimental results show that this new test method has better test performance and potential under the AweQoS framework.
2021-05-25
Susilo, Willy, Duong, Dung Hoang, Le, Huy Quoc.  2020.  Efficient Post-quantum Identity-based Encryption with Equality Test. 2020 IEEE 26th International Conference on Parallel and Distributed Systems (ICPADS). :633—640.
Public key encryption with equality test (PKEET) enables the testing whether two ciphertexts encrypt the same message. Identity-based encryption with equality test (IBEET) simplify the certificate management of PKEET, which leads to many potential applications such as in smart city applications or Wireless Body Area Networks. Lee et al. (ePrint 2016) proposed a generic construction of IBEET scheme in the standard model utilising a 3-level hierachy IBE together with a one-time signature scheme, which can be instantiated in lattice setting. Duong et al. (ProvSec 2019) proposed the first direct construction of IBEET in standard model from lattices. However, their scheme achieve CPA security only. In this paper, we improve the Duong et al.'s construction by proposing an IBEET in standard model which achieves CCA2 security and with smaller ciphertext and public key size.
2021-05-18
Wei, Hanlin, Bai, Guangdong, Luo, Zongwei.  2020.  Foggy: A New Anonymous Communication Architecture Based on Microservices. 2020 25th International Conference on Engineering of Complex Computer Systems (ICECCS). :135–144.
This paper presents Foggy, an anonymous communication system focusing on providing users with anonymous web browsing. Foggy provides a microservice-based proxy for web browsing and other low-latency network activities without exposing users' metadata and browsed content to adversaries. It is designed with decentralized information management, web caching, and configurable service selection. Although Foggy seems to be more centralized compared with Tor, it gains an advantage in manageability while retaining anonymity. Foggy can be deployed by several agencies to become more decentralized. We prototype Foggy and test its performance. Our experiments show Foggy's low latency and deployability, demonstrating its potential to be a commercial solution for real-world deployment.
Chen, Haibo, Chen, Junzuo, Chen, Jinfu, Yin, Shang, Wu, Yiming, Xu, Jiaping.  2020.  An Automatic Vulnerability Scanner for Web Applications. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1519–1524.
With the progressive development of web applications and the urgent requirement of web security, vulnerability scanner has been particularly emphasized, which is regarded as a fundamental component for web security assurance. Various scanners are developed with the intention of that discovering the possible vulnerabilities in advance to avoid malicious attacks. However, most of them only focus on the vulnerability detection with single target, which fail in satisfying the efficiency demand of users. In this paper, an effective web vulnerability scanner that integrates the information collection with the vulnerability detection is proposed to verify whether the target web application is vulnerable or not. The experimental results show that, by guiding the detection process with the useful collected information, our tool achieves great web vulnerability detection capability with a large scanning scope.
Zhang, Chi, Chen, Jinfu, Cai, Saihua, Liu, Bo, Wu, Yiming, Geng, Ye.  2020.  iTES: Integrated Testing and Evaluation System for Software Vulnerability Detection Methods. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1455–1460.
To find software vulnerabilities using software vulnerability detection technology is an important way to ensure the system security. Existing software vulnerability detection methods have some limitations as they can only play a certain role in some specific situations. To accurately analyze and evaluate the existing vulnerability detection methods, an integrated testing and evaluation system (iTES) is designed and implemented in this paper. The main functions of the iTES are:(1) Vulnerability cases with source codes covering common vulnerability types are collected automatically to form a vulnerability cases library; (2) Fourteen methods including static and dynamic vulnerability detection are evaluated in iTES, involving the Windows and Linux platforms; (3) Furthermore, a set of evaluation metrics is designed, including accuracy, false positive rate, utilization efficiency, time cost and resource cost. The final evaluation and test results of iTES have a good guiding significance for the selection of appropriate software vulnerability detection methods or tools according to the actual situation in practice.
2021-05-13
Sardar, Muhammad Usama, Quoc, Do Le, Fetzer, Christof.  2020.  Towards Formalization of Enhanced Privacy ID (EPID)-based Remote Attestation in Intel SGX. 2020 23rd Euromicro Conference on Digital System Design (DSD). :604—607.

Vulnerabilities in privileged software layers have been exploited with severe consequences. Recently, Trusted Execution Environments (TEEs) based technologies have emerged as a promising approach since they claim strong confidentiality and integrity guarantees regardless of the trustworthiness of the underlying system software. In this paper, we consider one of the most prominent TEE technologies, referred to as Intel Software Guard Extensions (SGX). Despite many formal approaches, there is still a lack of formal proof of some critical processes of Intel SGX, such as remote attestation. To fill this gap, we propose a fully automated, rigorous, and sound formal approach to specify and verify the Enhanced Privacy ID (EPID)-based remote attestation in Intel SGX under the assumption that there are no side-channel attacks and no vulnerabilities inside the enclave. The evaluation indicates that the confidentiality of attestation keys is preserved against a Dolev-Yao adversary in this technology. We also present a few of the many inconsistencies found in the existing literature on Intel SGX attestation during formal specification.