In recent years, frequent Advanced Persistent Threat (APT) attacks have caused disastrous damage to critical facilities, leading to severe information leakages, economic losses, and even social disruptions. Via sophisticated, long-term, and stealthy ...

Main memory contains valuable information for criminal investigations, e.g., process information or keys for disk encryption. Taking snapshots of memory is therefore common practice during a digital forensic examination. Inconsistencies in such memory ...

The rapid development of Machine Learning (ML) has demonstrated superior performance in many areas, such as computer vision and video and speech recognition. It has now been increasingly leveraged in software systems to automate the core tasks. However, ...

In the dynamic realm of AI, integrating Large Language Models (LLMs) with security systems reshape cybersecurity. LLMs bolster defense against cyber threats but also introduce risks, aiding adversaries in generating malicious content, discovering ...

Speculative attacks are still an active threat today that, even if initially focused on the x86 platform, reach across all modern hardware architectures. RISC-V is a newly proposed open instruction set architecture that has seen traction from both ...

Graphics Processing Units (GPU) are increasingly deployed on Cyber-physical Systems (CPSs), frequently used to perform real-time safety-critical functions, such as object detection on autonomous vehicles. As a result, availability is important for GPU ...

Automated Driving Systems (ADS) have made great achievements in recent years thanks to the efforts from both academia and industry. A typical ADS is composed of multiple modules, including sensing, perception, planning, and control, which brings together ...

With the demand for economical and high-speed wireless services, Optical Wireless Communication (OWC) has attracted increasing attention in both research and the market. In the past decades, numerous optical-related techniques (e.g., LEDs, displays, ...

Active virtual machine introspection mechanisms intercept the control flow of a virtual machine running on top of a hypervisor. They enable external tools to monitor and inspect the state at predetermined locations of interest synchronous to the ...

Numerous institutions are developing cybersecurity education and training programs to supply the considerable global demand for cybersecurity professionals. However, these institutions face barriers in building realistic laboratory environments, commonly ...

Nowadays, complex systems play an irreplaceable role in life, and the security of complex systems has always been the focus of research. In this paper, we focus on the topological characteristics of the network, starting from the degree correlation of the ...

We devise new attacks exploiting the unprotected data-plane signaling in cellular IoT networks (a.k.a. both NB-IoT and Cat-M). We show that, despite the deployed security mechanisms on both control-plane signaling and data-plane packet forwarding, novel ...

In South Korea, voice phishing has been proliferating with the advent of voice phishing apps: the number of annual victims had risen to 34,527 in 2020, representing financial losses of approximately 598 million USD. However, the voice phishing ...

The security of device drivers should be verified by system testing. This paper presents QDFaultInjector, a fault injection tool that can work on three architectures (x86 64, AArch64 and MIPS64) to test Linux kernel modules (including device ...

With the widespread use of Docker and Kubernetes, OS-level virtualization has become a key technology to deploy and run software. At the same time, data centers and cloud providers offer shared computing resources on demand. The use of these resources ...

Ransomware remains an alarming threat in the 21st century. It has evolved from being a simple scare tactic into a complex malware capable of evasion. Formerly, end-users were targeted via mass infection campaigns. Nevertheless, in recent years, the ...

Implementing cryptographic services based on network communication systems, improving data encryption algorithms, and providing basic support for secure communication technologies use homomorphic encryption to secure network communications systems data ...

This work presents lessons learned from a multi-year support effort of a large and well-funded software development project. The focus is on the security impacts to the DevSecOps culture, process, and pipeline. These impacts stem from faulty ...

Integrity is a key protection objective in the context of system security. This holds for both hardware and software. Since hardware cannot be changed after its manufacturing process, the manufacturer must be trusted to build it properly. However, it is ...

This study evaluates the performance of a secure ground‐to‐satellite free‐space optical (FSO) system using a bipolar pulse amplitude modulation over modulated gamma fading channel. A closed‐form expression is derived for the joint probability of a ...