Visible to the public Biblio

Found 365 results

Filters: First Letter Of Title is F  [Clear All Filters]
A B C D E [F] G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
F
Chen, Y., Chen, W..  2017.  Finger ECG-Based Authentication for Healthcare Data Security Using Artificial Neural Network. 2017 IEEE 19th International Conference on E-Health Networking, Applications and Services (Healthcom). :1–6.

Wearable and mobile medical devices provide efficient, comfortable, and economic health monitoring, having a wide range of applications from daily to clinical scenarios. Health data security becomes a critically important issue. Electrocardiogram (ECG) has proven to be a potential biometric in human recognition over the past decade. Unlike conventional authentication methods using passwords, fingerprints, face, etc., ECG signal can not be simply intercepted, duplicated, and enables continuous identification. However, in many of the studies, algorithms developed are not suitable for practical application, which usually require long ECG data for authentication. In this work, we introduce a two-phase authentication using artificial neural network (NN) models. This algorithm enables fast authentication within only 3 seconds, meanwhile achieves reasonable performance in recognition. We test the proposed method in a controlled laboratory experiment with 50 subjects. Finger ECG signals are collected using a mobile device at different times and physical statues. At the first stage, a ``General'' NN model is constructed based on data from the cohort and used for preliminary screening, while at the second stage ``Personal'' NN models constructed from single individual's data are applied as fine-grained identification. The algorithm is tested on the whole data set, and on different sizes of subsets (5, 10, 20, 30, and 40). Results proved that the proposed method is feasible and reliable for individual authentication, having obtained average False Acceptance Rate (FAR) and False Rejection Rate (FRR) below 10% for the whole data set.

Pahariya, Parth, Singh, Sanjay Kumar.  2018.  Fingerprint Authentication Using LT Codes. Proceedings of the 2018 2Nd International Conference on Biometric Engineering and Applications. :38-42.

Biometric is used for identifying the person based on their traits. Fingerprint is one of the most important and most used biometric trait for person authentication. Fingerprint database must be stored in efficient way and in most secure way so that it is unable to hack by the hacker and it will be able to recognize the person fast in large database. In this paper, we proposed an efficient way of storing the fingerprint data for fast recognition. We are using LT codes for storing the x coordinates of minutiae points and fingerprint images is stored in encrypted form with the coordinates. We are using on-the-y gaussian algorithm for decoding the x coordinates and calculate the value for finding similarity in between two fingerprints.

Van, Hoang Thien, Van Vu, Giang, Le, Thai Hoang.  2016.  Fingerprint Enhancement for Direct Grayscale Minutiae Extraction by Combining MFRAT and Gabor Filters. Proceedings of the Seventh Symposium on Information and Communication Technology. :360–367.
Minutiae are important features in the fingerprints matching. The effective of minutiae extraction depends greatly on the results of fingerprint enhancement. This paper proposes a novel fingerprint enhancement method for direct gray scale extracting minutiae based on combining Gabor filters with the Adaptive Modified Finite Radon Transform (AMFRAT) filters. First, the proposed method uses Gabor filters as band-pass filters for deleting the noise and clarifying ridges. Next, AMFRAT filters are applied for connecting broken ridges together, filling the created holes and clarifying linear symmetry of ridges quickly. AMFRAT is the MFRAT filter, the window size of which is adaptively adjusted according to the coherence values. The small window size is for high curvature ridge areas (small coherence value), and vice versa. As the result, the ridges are the linear symmetry areas, and more suitable for direct gray scale minutiae extraction. Finally, linear symmetry filter is only used for locating minutiae in an inverse model, as "lack of linear symmetry" occurs at minutiae points. Experimental results on FVC2004 databases DB4 (set A) shows that the proposed method is capable of improving the goodness index (GI).
Naini, R., Moulin, P..  2014.  Fingerprint information maximization for content identification. Acoustics, Speech and Signal Processing (ICASSP), 2014 IEEE International Conference on. :3809-3813.

This paper presents a novel design of content fingerprints based on maximization of the mutual information across the distortion channel. We use the information bottleneck method to optimize the filters and quantizers that generate these fingerprints. A greedy optimization scheme is used to select filters from a dictionary and allocate fingerprint bits. We test the performance of this method for audio fingerprinting and show substantial improvements over existing learning based fingerprints.

Rocamora, Josyl Mariela, Ho, Ivan Wang-Hei, Mak, Man-Wai.  2019.  Fingerprint Quality Classification for CSI-based Indoor Positioning Systems. Proceedings of the ACM MobiHoc Workshop on Pervasive Systems in the IoT Era. :31–36.
Recent indoor positioning systems that utilize channel state information (CSI) consider ideal scenarios to achieve high-accuracy performance in fingerprint matching. However, one essential component in achieving high accuracy is the collection of high-quality fingerprints. The quality of fingerprints may vary due to uncontrollable factors such as environment noise, interference, and hardware instability. In our paper, we propose a method for collecting high-quality fingerprints for indoor positioning. First, we have developed a logistic regression classifier based on gradient descent to evaluate the quality of the collected channel frequency response (CFR) samples. We employ the classifier to sift out poor CFR samples and only retain good ones as input to the positioning system. We discover that our classifier can achieve high classification accuracy from over thousands of CFR samples. We then evaluate the positioning accuracy based on two techniques: Time-Reversal Resonating Strength (TRRS) and Support Vector Machines (SVM). We find that the sifted fingerprints always result in better positioning performance. For example, an average percentage improvement of 114% for TRRS and 22% for SVM compared to that of unsifted fingerprints of the same 40-MHz effective bandwidth.
Fachkha, C., Bou-Harb, E., Debbabi, M..  2014.  Fingerprinting Internet DNS Amplification DDoS Activities. New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on. :1-5.

This work proposes a novel approach to infer and characterize Internet-scale DNS amplification DDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring Distributed Denial of Service (DDoS) using darknet, this work shows that we can extract DDoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DNS Amplification DDoS activities such as detection period, attack duration, intensity, packet size, rate and geo- location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks. We empirically evaluate the proposed approach using 720 GB of real darknet data collected from a /13 address space during a recent three months period. Our analysis reveals that the approach was successful in inferring significant DNS amplification DDoS activities including the recent prominent attack that targeted one of the largest anti-spam organizations. Moreover, the analysis disclosed the mechanism of such DNS amplification DDoS attacks. Further, the results uncover high-speed and stealthy attempts that were never previously documented. The case study of the largest DDoS attack in history lead to a better understanding of the nature and scale of this threat and can generate inferences that could contribute in detecting, preventing, assessing, mitigating and even attributing of DNS amplification DDoS activities.

Fachkha, C., Bou-Harb, E., Debbabi, M..  2014.  Fingerprinting Internet DNS Amplification DDoS Activities. New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on. :1-5.

This work proposes a novel approach to infer and characterize Internet-scale DNS amplification DDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring Distributed Denial of Service (DDoS) using darknet, this work shows that we can extract DDoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DNS Amplification DDoS activities such as detection period, attack duration, intensity, packet size, rate and geo- location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks. We empirically evaluate the proposed approach using 720 GB of real darknet data collected from a /13 address space during a recent three months period. Our analysis reveals that the approach was successful in inferring significant DNS amplification DDoS activities including the recent prominent attack that targeted one of the largest anti-spam organizations. Moreover, the analysis disclosed the mechanism of such DNS amplification DDoS attacks. Further, the results uncover high-speed and stealthy attempts that were never previously documented. The case study of the largest DDoS attack in history lead to a better understanding of the nature and scale of this threat and can generate inferences that could contribute in detecting, preventing, assessing, mitigating and even attributing of DNS amplification DDoS activities.
 

Thoen, B., Wielandt, S., Strycker, L. De.  2018.  Fingerprinting Method for Acoustic Localization Using Low-Profile Microphone Arrays. 2018 International Conference on Indoor Positioning and Indoor Navigation (IPIN). :1–7.

Indoor localization of unknown acoustic events with MEMS microphone arrays have a huge potential in applications like home assisted living and surveillance. This article presents an Angle of Arrival (AoA) fingerprinting method for use in Wireless Acoustic Sensor Networks (WASNs) with low-profile microphone arrays. In a first research phase, acoustic measurements are performed in an anechoic room to evaluate two computationally efficient time domain delay-based AoA algorithms: one based on dot product calculations and another based on dot products with a PHAse Transform (PHAT). The evaluation of the algorithms is conducted with two sound events: white noise and a female voice. The algorithms are able to calculate the AoA with Root Mean Square Errors (RMSEs) of 3.5° for white noise and 9.8° to 16° for female vocal sounds. In the second research phase, an AoA fingerprinting algorithm is developed for acoustic event localization. The proposed solution is experimentally verified in a room of 4.25 m by 9.20 m with 4 acoustic sensor nodes. Acoustic fingerprints of white noise, recorded along a predefined grid in the room, are used to localize white noise and vocal sounds. The localization errors are evaluated using one node at a time, resulting in mean localization errors between 0.65 m and 0.98 m for white noise and between 1.18 m and 1.52 m for vocal sounds.

Ahmad, M., Shahid, A., Qadri, M. Y., Hussain, K., Qadri, N. N..  2017.  Fingerprinting non-numeric datasets using row association and pattern generation. 2017 International Conference on Communication Technologies (ComTech). :149–155.

Being an era of fast internet-based application environment, large volumes of relational data are being outsourced for business purposes. Therefore, ownership and digital rights protection has become one of the greatest challenges and among the most critical issues. This paper presents a novel fingerprinting technique to protect ownership rights of non-numeric digital data on basis of pattern generation and row association schemes. Firstly, fingerprint sequence is formulated by using secret key and buyer's Unique ID. With the chunks of these sequences and by applying the Fibonacci series, we select some rows. The selected rows are candidates of fingerprinting. The primary key of selected row is protected using RSA encryption; after which a pattern is designed by randomly choosing the values of different attributes of datasets. The encryption of primary key leads to develop an association between original and fake pattern; creating an ease in fingerprint detection. Fingerprint detection algorithm first finds the fake rows and then extracts the fingerprint sequence from the fake attributes, hence identifying the traitor. Some most important features of the proposed approach is to overcome major weaknesses such as error tolerance, integrity and accuracy in previously proposed fingerprinting techniques. The results show that technique is efficient and robust against several malicious attacks.

Gonzalez, N., Calot, E. P..  2015.  Finite Context Modeling of Keystroke Dynamics in Free Text. 2015 International Conference of the Biometrics Special Interest Group (BIOSIG). :1–5.

Keystroke dynamics analysis has been applied successfully to password or fixed short texts verification as a means to reduce their inherent security limitations, because their length and the fact of being typed often makes their characteristic timings fairly stable. On the other hand, free text analysis has been neglected until recent years due to the inherent difficulties of dealing with short term behavioral noise and long term effects over the typing rhythm. In this paper we examine finite context modeling of keystroke dynamics in free text and report promising results for user verification over an extensive data set collected from a real world environment outside the laboratory setting that we make publicly available.

Djouadi, S.M., Melin, A.M., Ferragut, E.M., Laska, J.A., Jin Dong.  2014.  Finite energy and bounded attacks on control system sensor signals. American Control Conference (ACC), 2014. :1716-1722.

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) from attacks has been in securing the networks using information security techniques. Effort has also been applied to increasing the protection and reliability of the control system against random hardware and software failures. However, the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis methods need to be developed. In this paper, sensor signal attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop systems under optimal signal attacks are provided. Finally, an illustrative numerical example using a power generation network is provided together with distributed LQ controllers.

Djouadi, S.M., Melin, A.M., Ferragut, E.M., Laska, J.A., Jin Dong.  2014.  Finite energy and bounded attacks on control system sensor signals. American Control Conference (ACC), 2014. :1716-1722.

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) from attacks has been in securing the networks using information security techniques. Effort has also been applied to increasing the protection and reliability of the control system against random hardware and software failures. However, the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis methods need to be developed. In this paper, sensor signal attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop systems under optimal signal attacks are provided. Finally, an illustrative numerical example using a power generation network is provided together with distributed LQ controllers.

Kholidy, H.A., Erradi, A., Abdelwahed, S., Azab, A..  2014.  A Finite State Hidden Markov Model for Predicting Multistage Attacks in Cloud Systems. Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on. :14-19.

Cloud computing significantly increased the security threats because intruders can exploit the large amount of cloud resources for their attacks. However, most of the current security technologies do not provide early warnings about such attacks. This paper presents a Finite State Hidden Markov prediction model that uses an adaptive risk approach to predict multi-staged cloud attacks. The risk model measures the potential impact of a threat on assets given its occurrence probability. The attacks prediction model was integrated with our autonomous cloud intrusion detection framework (ACIDF) to raise early warnings about attacks to the controller so it can take proactive corrective actions before the attacks pose a serious security risk to the system. According to our experiments on DARPA 2000 dataset, the proposed prediction model has successfully fired the early warning alerts 39.6 minutes before the launching of the LLDDoS1.0 attack. This gives the auto response controller ample time to take preventive measures.

Zhu, Lipeng, Fu, Xiaotong, Yao, Yao, Zhang, Yuqing, Wang, He.  2019.  FIoT: Detecting the Memory Corruption in Lightweight IoT Device Firmware. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :248–255.
The IoT industry has developed rapidly in recent years, which has attracted the attention of security researchers. However, the researchers are hampered by the wide variety of IoT device operating systems and their hardware architectures. Especially for the lightweight IoT devices, many manufacturers do not provide the device firmware images, embedded firmware source code or even the develop documents. As a result, it hinders traditional static analysis and dynamic analysis techniques. In this paper, we propose a novel dynamic analysis framework, called FIoT, which aims at finding memory corruption vulnerabilities in lightweight IoT device firmware images. The key idea is dynamically run the binary code snippets through symbolic execution with carrying out a fuzzing test. Specifically, we generate code snippets through traversing the control-flow graph (CFG) in a backward manner. We improved the CFG recovery approach and backward slice approach for better performance. To reduce the influence of the binary firmware, FIoT leverages loading address determination analysis and library function identification approach. We have implemented a prototype of FIoT and conducted experiments. Our results show that FIoT can complete the Fuzzing test within 40 seconds in average. Considering 170 seconds for static analysis, FIoT can load and analyze a lightweight IoT firmware within 210 seconds in total. Furthermore, we illustrate the effectiveness of FIoT by applying it over 115 firmware images from 17 manufacturers. We have found 35 images exist memory corruptions, which are all zero-day vulnerabilities.
Madaio, Michael, Chen, Shang-Tse, Haimson, Oliver L., Zhang, Wenwen, Cheng, Xiang, Hinds-Aldrich, Matthew, Chau, Duen Horng, Dilkina, Bistra.  2016.  Firebird: Predicting Fire Risk and Prioritizing Fire Inspections in Atlanta. Proceedings of the 22Nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. :185–194.

The Atlanta Fire Rescue Department (AFRD), like many municipal fire departments, actively works to reduce fire risk by inspecting commercial properties for potential hazards and fire code violations. However, AFRD's fire inspection practices relied on tradition and intuition, with no existing data-driven process for prioritizing fire inspections or identifying new properties requiring inspection. In collaboration with AFRD, we developed the Firebird framework to help municipal fire departments identify and prioritize commercial property fire inspections, using machine learning, geocoding, and information visualization. Firebird computes fire risk scores for over 5,000 buildings in the city, with true positive rates of up to 71% in predicting fires. It has identified 6,096 new potential commercial properties to inspect, based on AFRD's criteria for inspection. Furthermore, through an interactive map, Firebird integrates and visualizes fire incidents, property information and risk scores to help AFRD make informed decisions about fire inspections. Firebird has already begun to make positive impact at both local and national levels. It is improving AFRD's inspection processes and Atlanta residents' safety, and was highlighted by National Fire Protection Association (NFPA) as a best practice for using data to inform fire inspections.

Benton, Kevin, Camp, L. Jean.  2016.  Firewalling Scenic Routes: Preventing Data Exfiltration via Political and Geographic Routing Policies. Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense. :31–36.

In this paper we describe a system that allows the real time creation of firewall rules in response to geographic and political changes in the control-plane. This allows an organization to mitigate data exfiltration threats by analyzing Border Gateway Protocol (BGP) updates and blocking packets from being routed through problematic jurisdictions. By inspecting the autonomous system paths and referencing external data sources about the autonomous systems, a BGP participant can infer the countries that traffic to a particular destination address will traverse. Based on this information, an organization can then define constraints on its egress traffic to prevent sensitive data from being sent via an untrusted region. In light of the many route leaks and BGP hijacks that occur today, this offers a new option to organizations willing to accept reduced availability over the risk to confidentiality. Similar to firewalls that allow organizations to block traffic originating from specific countries, our approach allows blocking outbound traffic from transiting specific jurisdictions. To illustrate the efficacy of this approach, we provide an analysis of paths to various financial services IP addresses over the course of a month from a single BGP vantage point that quantifies the frequency of path alterations resulting in the traversal of new countries. We conclude with an argument for the utility of country-based egress policies that do not require the cooperation of upstream providers.

Hernandez, Grant, Fowze, Farhaan, Tian, Dave(Jing), Yavuz, Tuba, Butler, Kevin R.B..  2017.  FirmUSB: Vetting USB Device Firmware Using Domain Informed Symbolic Execution. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. :2245–2262.

The USB protocol has become ubiquitous, supporting devices from high-powered computing devices to small embedded devices and control systems. USB's greatest feature, its openness and expandability, is also its weakness, and attacks such as BadUSB exploit the unconstrained functionality afforded to these devices as a vector for compromise. Fundamentally, it is virtually impossible to know whether a USB device is benign or malicious. This work introduces FirmUSB, a USB-specific firmware analysis framework that uses domain knowledge of the USB protocol to examine firmware images and determine the activity that they can produce. Embedded USB devices use microcontrollers that have not been well studied by the binary analysis community, and our work demonstrates how lifters into popular intermediate representations for analysis can be built, as well as the challenges of doing so. We develop targeting algorithms and use domain knowledge to speed up these processes by a factor of 7 compared to unconstrained fully symbolic execution. We also successfully find malicious activity in embedded 8051 firmwares without the use of source code. Finally, we provide insights into the challenges of symbolic analysis on embedded architectures and provide guidance on improving tools to better handle this important class of devices.

Yin, H. Sun, Vatrapu, R..  2017.  A First Estimation of the Proportion of Cybercriminal Entities in the Bitcoin Ecosystem Using Supervised Machine Learning. 2017 IEEE International Conference on Big Data (Big Data). :3690–3699.

Bitcoin, a peer-to-peer payment system and digital currency, is often involved in illicit activities such as scamming, ransomware attacks, illegal goods trading, and thievery. At the time of writing, the Bitcoin ecosystem has not yet been mapped and as such there is no estimate of the share of illicit activities. This paper provides the first estimation of the portion of cyber-criminal entities in the Bitcoin ecosystem. Our dataset consists of 854 observations categorised into 12 classes (out of which 5 are cybercrime-related) and a total of 100,000 uncategorised observations. The dataset was obtained from the data provider who applied three types of clustering of Bitcoin transactions to categorise entities: co-spend, intelligence-based, and behaviour-based. Thirteen supervised learning classifiers were then tested, of which four prevailed with a cross-validation accuracy of 77.38%, 76.47%, 78.46%, 80.76% respectively. From the top four classifiers, Bagging and Gradient Boosting classifiers were selected based on their weighted average and per class precision on the cybercrime-related categories. Both models were used to classify 100,000 uncategorised entities, showing that the share of cybercrime-related is 29.81% according to Bagging, and 10.95% according to Gradient Boosting with number of entities as the metric. With regard to the number of addresses and current coins held by this type of entities, the results are: 5.79% and 10.02% according to Bagging; and 3.16% and 1.45% according to Gradient Boosting.

Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J..  2018.  A First Look at Browser-Based Cryptojacking. 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :58–66.
In this paper, we examine the recent trend to- wards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code- bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency - typically without her consent or knowledge - and pays out the seigniorage to the website. Websites may consciously employ this as an alternative or to supplement advertisement revenue, may offer premium content in exchange for mining, or may be unwittingly serving the code as a result of a breach (in which case the seigniorage is collected by the attacker). The cryptocurrency Monero is preferred seemingly for its unfriendliness to large-scale ASIC mining that would drive browser-based efforts out of the market, as well as for its purported privacy features. In this paper, we survey this landscape, conduct some measurements to establish its prevalence and profitability, outline an ethical framework for considering whether it should be classified as an attack or business opportunity, and make suggestions for the detection, mitigation and/or prevention of browser-based mining for non- consenting users.
Kedrowitsch, Alexander, Yao, Danfeng(Daphne), Wang, Gang, Cameron, Kirk.  2017.  A First Look: Using Linux Containers for Deceptive Honeypots. Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense. :15–22.

The ever-increasing sophistication of malware has made malicious binary collection and analysis an absolute necessity for proactive defenses. Meanwhile, malware authors seek to harden their binaries against analysis by incorporating environment detection techniques, in order to identify if the binary is executing within a virtual environment or in the presence of monitoring tools. For security researchers, it is still an open question regarding how to remove the artifacts from virtual machines to effectively build deceptive "honeypots" for malware collection and analysis. In this paper, we explore a completely different and yet promising approach by using Linux containers. Linux containers, in theory, have minimal virtualization artifacts and are easily deployable on low-power devices. Our work performs the first controlled experiments to compare Linux containers with bare metal and 5 major types of virtual machines. We seek to measure the deception capabilities offered by Linux containers to defeat mainstream virtual environment detection techniques. In addition, we empirically explore the potential weaknesses in Linux containers to help defenders to make more informed design decisions.

Poller, Andreas, Kocksch, Laura, Kinder-Kurlanda, Katharina, Epp, Felix Anand.  2016.  First-time Security Audits As a Turning Point?: Challenges for Security Practices in an Industry Software Development Team Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems. :1288–1294.

Software development is often accompanied by security audits such as penetration tests, usually performed on behalf of the software vendor. In penetration tests security experts identify entry points for attacks in a software product. Many development teams undergo such audits for the first time if their product is attacked or faces new security concerns. The audits often serve as an eye-opener for development teams: they realize that security requires much more attention. However, there is a lack of clarity with regard to what lasting benefits developers can reap from penetration tests. We report from a one-year study of a penetration test run at a major software vendor, and describe how a software development team managed to incorporate the test findings. Results suggest that penetration tests improve developers' security awareness, but that long-lasting enhancements of development practices are hampered by a lack of dedicated security stakeholders and if security is not properly reflected in the communicative and collaborative structures of the organization.

Fereidooni, H., Frassetto, T., Miettinen, M., Sadeghi, A. R., Conti, M..  2017.  Fitness Trackers: Fit for Health but Unfit for Security and Privacy. 2017 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE). :19–24.

Wearable devices for fitness tracking and health monitoring have gained considerable popularity and become one of the fastest growing smart devices market. More and more companies are offering integrated health and activity monitoring solutions for fitness trackers. Recently insurances are offering their customers better conditions for health and condition monitoring. However, the extensive sensitive information collected by tracking products and accessibility by third party service providers poses vital security and privacy challenges on the employed solutions. In this paper, we present our security analysis of a representative sample of current fitness tracking products on the market. In particular, we focus on malicious user setting that aims at injecting false data into the cloud-based services leading to erroneous data analytics. We show that none of these products can provide data integrity, authenticity and confidentiality.

Wang, Y., Kang, S., Lan, C., Liang, Y., Zhu, J., Gao, H..  2016.  A five-dimensional chaotic system with a large parameter range and the circuit implementation of a time-switched system. 2016 11th International Conference on Reliability, Maintainability and Safety (ICRMS). :1–6.

To enhance the encryption and anti-translation capability of the information, we constructed a five-dimensional chaotic system. Combined with the Lü system, a time-switched system with multiple chaotic attractors is realized in the form of a digital circuit. Some characteristics of the five-dimensional system are analyzed, such as Poincare mapping, the Lyapunov exponent spectrum, and bifurcation diagram. The analysis shows that the system exhibits chaotic characteristics for a wide range of parameter values. We constructed a time-switched expression between multiple chaotic attractors using the communication between a microcontroller unit (MCU) and field programmable gate array (FPGA). The system can quickly switch between different chaotic attractors within the chaotic system and between chaotic systems at any time, leading to signal sources with more variability, diversity, and complexity for chaotic encryption.

Mansouri, Asma, Martel, Matthieu, Serea, Oana Silvia.  2019.  Fixed Point Computation by Exponentiating Linear Operators. 2019 6th International Conference on Control, Decision and Information Technologies (CoDIT). :1096–1102.

In this article, we introduce a new method for computing fixed points of a class of iterated functions in a finite time, by exponentiating linear multivalued operators. To better illustrate this approach and show that our method can give fast and accurate results, we have chosen two well-known applications which are difficult to handle by usual techniques. First, we apply the exponentiation of linear operators to a digital filter in order to get a fine approximation of its behavior at an arbitrary time. Second, we consider a PID controller. To get a reliable estimate of its control function, we apply the exponentiation of a bundle of linear operators. Note that, our technique can be applied in a more general setting, i.e. for any multivalued linear map and that the general method is also introduced in this article.

De, Asmit, Basu, Aditya, Ghosh, Swaroop, Jaeger, Trent.  2019.  FIXER: Flow Integrity Extensions for Embedded RISC-V. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :348–353.
With the recent proliferation of Internet of Things (IoT) and embedded devices, there is a growing need to develop a security framework to protect such devices. RISC-V is a promising open source architecture that targets low-power embedded devices and SoCs. However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks such as buffer overflow and return-oriented programming (ROP). In this paper, we propose FIXER, a hardware implemented security extension to RISC-V that provides a defense mechanism against such attacks. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the RISC-V processor core. We implement FIXER on RocketChip, a RISC-V SoC platform, by leveraging the integrated Rocket Custom Coprocessor (RoCC) to detect and prevent attacks. Compared to existing software based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads.