Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleJuly 2024
Navigating the landscape of IoT security and associated risks in critical infrastructures
ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and SecurityArticle No.: 112, Pages 1–7https://doi.org/10.1145/3664476.3669979The Internet of Things (IoT) presents transformative opportunities for connectivity and automation across various sectors, but it also introduces significant security risks that need to be comprehensively addressed. Indeed, the growing integration of ...
- research-articleJuly 2024
HD-FUZZ: Hardware dependency-aware firmware fuzzing via hybrid MMIO modeling
Journal of Network and Computer Applications (JNCA), Volume 224, Issue Chttps://doi.org/10.1016/j.jnca.2024.103835AbstractNumerous interconnected small embedded systems, such as Internet of Things (IoT) devices, are pervasive in our daily lives; however, their security lags behind. In particular, firmware vulnerabilities in low-level infrastructure have a more ...
- research-articleApril 2024
Cache Cohort GPU Scheduling
GPGPU '24: Proceedings of the 16th Workshop on General Purpose Processing Using GPUPages 19–25https://doi.org/10.1145/3649411.3649415With the ever-improving computation capability of GPUs, there is an increasing demand for higher memory bandwidth to supply the GPU cores with data. One way to improve effective memory bandwidth is with larger caches, and we have seen GPU vendors ...
- ArticleMarch 2024
PHI: Pseudo-HAL Identification for Scalable Firmware Fuzzing
Information Security and Cryptology – ICISC 2023Pages 60–80https://doi.org/10.1007/978-981-97-1238-0_4AbstractFirmware fuzzing aims to detect vulnerabilities in firmware by emulating peripherals at different levels: hardware, register, and function. HAL-Fuzz, which emulates peripherals through HAL function handling, is a remarkable firmware fuzzer. ...
- research-articleSeptember 2023
Design and implementation of secure boot architecture on RISC-V using FPGA
Microprocessors & Microsystems (MSYS), Volume 101, Issue Chttps://doi.org/10.1016/j.micpro.2023.104889AbstractThere are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products ...
-
- ArticleJanuary 2024
Research on Security Threats Using VPN in Zero Trust Environments
AbstractThe United States issued an executive order requiring all federal agencies to adopt the Zero Trust security framework, and instructed each federal government department to devise a plan for its implementation. This development has generated a ...
- research-articleAugust 2023
PARIOT: Anti-repackaging for IoT firmware integrity
Journal of Network and Computer Applications (JNCA), Volume 217, Issue Chttps://doi.org/10.1016/j.jnca.2023.103699AbstractIoT repackaging refers to an attack devoted to tampering with a legitimate firmware package by modifying its content (e.g., injecting some malicious code) and re-distributing it in the wild. In such a scenario, the firmware delivery ...
- research-articleJune 2023
Towards Automated Identification of Layering Violations in Embedded Applications (WIP)
LCTES 2023: Proceedings of the 24th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded SystemsPages 143–147https://doi.org/10.1145/3589610.3596271For portability, embedded systems software follows a layered design to reduce dependence on particular hardware behavior. We consider the problem of identifying layering violations: instances where the embedded application accesses non-adjacent ...
- research-articleJanuary 2023JUST ACCEPTED
ISF: Security Analysis and Assessment of Smart Home IoT-based Firmware
The applications and services offered by the Internet of Things (IoT) have grown significantly during the past few years. Device makers and corporate suppliers have taken notice of this, which has led to a sudden inflow of new-age firms. Confidential data ...
- research-articleJanuary 2023
Accelerating Command Injection Vulnerability Discovery in Embedded Firmware with Static Backtracking Analysis
IoT '22: Proceedings of the 12th International Conference on the Internet of ThingsPages 65–72https://doi.org/10.1145/3567445.3567458Command injection vulnerability is a severe threat to the embedded device. Most methods detect command injection vulnerability with taint analysis and symbolic execution and achieve promising results. However, they waste too much time analyzing secure ...
- ArticleMarch 2022
A Framework to Secure Peripherals at Runtime
AbstractSecure hardware forms the foundation of a secure system. However, securing hardware devices remains an open research problem. In this paper, we present IOCheck, a framework to enhance the security of I/O devices at runtime. It leverages System ...
- research-articleJuly 2021
Model checking boot code from AWS data centers
Formal Methods in System Design (FMSD), Volume 57, Issue 1Pages 34–52https://doi.org/10.1007/s10703-020-00344-2AbstractThis paper describes our experience with symbolic model checking in an industrial setting. We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of ...
- research-articleMarch 2021
Detecting firmware modification on solid state drives via current draw analysis
AbstractSolid State Drives (SSDs) have gained significant market share among data storage options in recent years due to increased speed and durability. But when compared to Hard Disk Drives (HDDs), SSDs contain additional complexity which ...
- research-articleSeptember 2021
A System and Its Implementation Based on FPGA for Video JPEG2000 Codec and Network Transmission
ICDSP '21: Proceedings of the 2021 5th International Conference on Digital Signal ProcessingPages 260–265https://doi.org/10.1145/3458380.3458425This paper brings forward a system and its implementation based on FPGA (Field-Programmable Gate Array) for video JPEG2000 codec and network transmission. According to configuring instructions from upper monitors of the encoding terminal and the ...
- research-articleDecember 2020
FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
ACSAC '20: Proceedings of the 36th Annual Computer Security Applications ConferencePages 733–745https://doi.org/10.1145/3427228.3427294One approach to assess the security of embedded IoT devices is applying dynamic analysis such as fuzz testing to their firmware in scale. To this end, existing approaches aim to provide an emulation environment that mimics the behavior of real hardware/...
- ArticleNovember 2020
Rolling Attack: An Efficient Way to Reduce Armors of Office Automation Devices
AbstractFirmware security is always a focus of IoT security in recent years. The security of office automation device’s firmware also attracts widespread attention. Previous work on attacking office automation devices mainly focused on code flaws in ...
- ArticleSeptember 2020
VES: A Component Version Extracting System for Large-Scale IoT Firmwares
Wireless Algorithms, Systems, and ApplicationsPages 39–48https://doi.org/10.1007/978-3-030-59019-2_5AbstractOpen source components are widely used in IoT firmwares. Components of different versions have various vulnerabilities. For example, CVE-2020-8597 only affects specific version of pppd. Therefore, extracting the version of a component is of ...
- articleSeptember 2019
Smart Compact Laser System for Animation Projections
Cybernetics and Information Technologies (CYBAIT), Volume 19, Issue 3Pages 137–153https://doi.org/10.2478/cait-2019-0030AbstractIn this paper, we present the design of a compact laser system for animation projections both indoors and outdoors. Our focus is on the hardware and software aspects of the electronic control of the system from the design phase to the experimental ...
- research-articleAugust 2019
HEHLKAPPE: Utilizing Deep Learning to Manipulate Surveillance Camera Footage in Real-Time
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and SecurityArticle No.: 56, Pages 1–8https://doi.org/10.1145/3339252.3340102Image analysis and manipulation have always been active topics, both in practice and academia. Driven by the progress in the field of deep learning, significant advances have been achieved in recent years. This causes even complex image manipulation and ...
- ArticleJune 2019
Ontology-Driven Automation of IoT-Based Human-Machine Interfaces Development
AbstractThe paper is devoted to the development of high-level tools to automate tangible human-machine interfaces creation bringing together IoT technologies and ontology engineering methods. We propose using ontology-driven approach to enable automatic ...