the exponential growth of data produced, the ever faster and ubiquitous connectivity, and the collaborative processing tools lead to a clear shift of data stores from local servers to the cloud. this migration occurri...
详细信息
ISBN:
(纸本)9781450350358
the exponential growth of data produced, the ever faster and ubiquitous connectivity, and the collaborative processing tools lead to a clear shift of data stores from local servers to the cloud. this migration occurring across different application domains and types of users-individual or corporate-raises two immediate challenges. First, out-sourcing data introduces security risks, hence protection mechanisms must be put in place to provide guarantees such as privacy, confidentiality and integrity. Second, there is no "one-size-fits-all" solution that would provide the right level of safety or performance for all applications and users, and it is therefore necessary to provide mechanisms that can be tailored to the various deployment scenarios. In this paper, we address both challenges by introducing SafeFS, a modular architecture based on software-defined storage principles featuring stackable building blocks that can be combined to construct a secure distributed file system. SafeFS allows users to specialize their data store to their specific needs by choosing the combination of blocks that provide the best safety and performance tradeoffs. the file system is implemented in user space using FUSE and can access remote data stores. the provided building blocks notably include mechanisms based on encryption, replication, and coding. We implemented SafeFS and performed in-depth evaluation across a range of workloads. Results reveal that while each layer has a cost, one can build safe yet efficient storage architectures. Furthermore, the different combinations of blocks sometimes yield surprising tradeoffs.
this paper analyses the security and privacy properties of a widely used insulin pump and its peripherals. We eavesdrop the wireless channel using Commercial Off-the-Shelf (COTS) software-based radios to intercept the...
详细信息
ISBN:
(纸本)9781450339353
this paper analyses the security and privacy properties of a widely used insulin pump and its peripherals. We eavesdrop the wireless channel using Commercial Off-the-Shelf (COTS) software-based radios to intercept the messages sent between these devices;fully reverse-engineer the wireless communication protocol using a black-box approach;and document the message format and the protocol state-machine in use. the upshot is that no standard cryptographic mechanisms are applied and hence the system is shown to be completely vulnerable to replay and message injection attacks. Furthermore, sensitive patient health-related information is sent unencrypted over the wireless channel. Motivated by the results of our attacks, we study the feasibility of applying cryptography to protect the data transmitted over the air and prevent unauthorized access to the insulin pump. We present a solution based on AES in combination with an updated message format optimized for energy consumption. We implement our solution on a 16-bit micro-controller and evaluate its security properties and energy requirements. Finally, we discuss potential strategies for further reducing the energy consumption.
the increased popularity of mobile devices widens opportunities for a user either to lose the device or to have the device stolen and compromised. At the same time, user interaction with a mobile device generates a un...
详细信息
ISBN:
(纸本)9781450322782
the increased popularity of mobile devices widens opportunities for a user either to lose the device or to have the device stolen and compromised. At the same time, user interaction with a mobile device generates a unique set of features such as dialed numbers, timestamps of communication activities, contacted base stations, etc. this work proposes several methods to identify the user based on her communications history. Specifically, the proposed methods detect an abnormality based on the behavior fingerprint generated by a set of features from the network for each user session. We present an implementation of such methods that use features from real SMS, and voice call records from a major tier 1 cellular operator. this can potentially trigger a rapid reaction upon an unauthorized user gaining control of a lost or stolen terminal, preventing data compromise and device misuse. the proposed solution can also detect background malicious traffic originated by, for example, a malicious application running on the mobile device. Our experiments with annonymized data from 10,000 users, representing over 14 million SMS and voice call detail records, show that the proposed methods are scalable and can continuously identify millions of mobile users while preserving dataprivacy, and achieving low false positives and high misuse detection rates with low storage and computation overhead. Copyright 2014 acm.
To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Several promising results were recorded ...
详细信息
ISBN:
(纸本)9781450322782
To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Several promising results were recorded in the literature, many approaches being assessed withthe common "10-Fold cross validation" scheme. this paper revisits the purpose of malware detection to discuss the adequacy of the"10-Fold"scheme for validating techniques that may not perform well in reality. To this end, we have devised several Machine Learning classifiers that rely on a novel set of features built from applications' CFGs. We use a sizeable dataset of over 50,000 Android applications collected from sources where state-of- the art approaches have selected their data. We show that our approach outperforms existing machine learning-based approaches. However, this high performance on usual-size datasets does not translate in high performance in the wild. Copyright is held by the author/owner(s).
暂无评论