Global ETD Search

11	Detecting Information Leakage in Android Malware Using Static Taint Analysis Kelkar, Soham P. January 2017 (has links) No description available. Computer Engineering Engineering Computer Science Android malware Android taint analysis Android static code analysis Android malware information leakage
12	Preventing information leakage in NDN with name and flow filters / Prévenir la fuite d'information dans les NDN grâce aux filtres de noms et de flux Kondo, Daishi 17 December 2018 (has links) Au cours des dernières années, les réseaux de type (NDN) sont devenus une des architectures réseau les plus prometteuses. Pour être adopté à l'échelle d'Internet, NDN doit résoudre les problèmes inhérents à l'Internet actuel. La fuite d’informations fait partie de ces problèmes, et il est très important d’évaluer ce risque pour les réseaux de type NDN. La thèse se propose d'évaluer ce risque. En supposant (i) qu'un ordinateur appartient au réseau d'une entreprise basée sur une architecture NDN, (ii) que l'ordinateur a déjà été compromis par un support malveillant, et (iii) que la société installe un pare-feu, la thèse évalue la situation dans laquelle l’ordinateur infecté tente de divulguer des données à un attaquant externe à l'entreprise. Les contributions de cette thèse sont au nombre de cinq. Tout d'abord, cette thèse propose une attaque par fuite d'informations via un paquet donné et un paquet intérêt propres à NDN. Deuxièmement, afin de remédier à l'attaque fuite d'informations, cette thèse propose un pare-feu basé sur l'utilisation d'une liste blanche et d'une liste noire afin de surveiller et traiter le trafic NDN provenant des consommateurs. Troisièmement, cette thèse propose un filtre de noms NDN pour classifier un nom dans un paquet d'intérêt comme étant légitime ou non. Le filtre de noms peut ainsi réduire le débit par paquet d'intérêt. Cependant, pour adapter la vitesse de l'attaque, les logiciels malveillants peuvent envoyer de nombreux intérêts en très peu de temps. De même, le logiciel malveillant peut exploiter un intérêt avec une information explicite dans le nom (comme peut le faire un message véhiculé par un POST sur HTTP). Cela dépasse alors la portée du filtre de nom proposé et rend le filtre inefficace. Pour prendre en compte le flux de trafic analysé par le pare-feu NDN, cette thèse propose comme quatrième contribution la surveillance du flux NDN à travers le pare-feu. Enfin, afin de traiter les inconvénients du filtre de noms NDN, cette thèse propose un filtre de flux NDN permettant de classer un flux comme légitime ou non. L'évaluation des performances montre que le filtre de flux complète de manière tout à fait performante le filtre de nom et réduit considérablement le débit de fuite d'informations / In recent years, Named Data Networking (NDN) has emerged as one of the most promising future networking architectures. To be adopted at Internet scale, NDN needs to resolve the inherent issues of the current Internet. Since information leakage from an enterprise is one of the big issues even in the Internet and it is very crucial to assess the risk before replacing the Internet with NDN completely, this thesis investigates whether a new security threat causing the information leakage can happen in NDN. Assuming that (i) a computer is located in the enterprise network that is based on an NDN architecture, (ii) the computer has already been compromised by suspicious media such as a malicious email, and (iii) the company installs a firewall connected to the NDN-based future Internet, this thesis focuses on a situation that the compromised computer (i.e., malware) attempts to send leaked data to the outside attacker. The contributions of this thesis are fivefold. Firstly, this thesis proposes an information leakage attack through a Data and through an Interest in NDN. Secondly, in order to address the information leakage attack, this thesis proposes an NDN firewall which monitors and processes the NDN traffic coming from the consumers with the whitelist and blacklist. Thirdly, this thesis proposes an NDN name filter to classify a name in the Interest as legitimate or not. The name filter can, indeed, reduce the throughput per Interest, but to ameliorate the speed of this attack, malware can send numerous Interests within a short period of time. Moreover, the malware can even exploit an Interest with an explicit payload in the name (like an HTTP POST message in the Internet), which is out of scope in the proposed name filter and can increase the information leakage throughput by adopting a longer payload. To take traffic flow to the NDN firewall from the consumer into account, fourthly, this thesis proposes an NDN flow monitored at an NDN firewall. Fifthly, in order to deal with the drawbacks of the NDN name filter, this thesis proposes an NDN flow filter to classify a flow as legitimate or not. The performance evaluation shows that the flow filter complements the name filter and greatly chokes the information leakage throughput Named Data Networking Fuite d’informations Pare-feu Filtre de nom Filtre de flux Named Data Networking Information leakage Firewall Name filter Flow filter 005.82
13	RADAR: compiler and architecture supported intrusion prevention, detection, analysis and recovery Zhang, Tao 25 August 2006 (has links) In this dissertation, we propose RADAR - compileR and micro-Architecture supported intrusion prevention, Detection, Analysis and Recovery. RADAR is an infrastructure to help prevent, detect and even recover from attacks to critical software. Our approach emphasizes collaborations between compiler and micro-architecture to avoid the problems of purely software or hardware based approaches. With hardware support for cryptographic operations, our infrastructure can achieve strong process isolation to prevent attacks from other processes and to prevent certain types of hardware attacks. Moreover, we show that an unprotected system address bus leaks critical control flow information of the protected software but has never been carefully addressed previously. To enhance intrusion prevention capability of our infrastructure further, we present a scheme with both innovative hardware modification and extensive compiler support to eliminate most of the information leakage on system address bus. However, no security system is able to prevent all attacks. In general, we have to assume that certain attacks will get through our intrusion prevention mechanisms. To protect software from those attacks, we build a second line of defense consisted of intrusion detection and intrusion recovery mechanisms. Our intrusion detection mechanisms are based on anomaly detection. In this dissertation, we propose three anomaly detection schemes. We demonstrate the effectiveness of our anomaly detection schemes thus the great potential of what compiler and micro-architecture can do for software security. The ability to recover from an attack is very important for systems providing critical services. Thus, intrusion recoverability is an important goal of our infrastructure. We focus on recovery of memory state in this dissertation, since most attacks break into a system by memory tampering. We propose two schemes for intrusion analysis. The execution logging based scheme incurs little performance overhead but has higher demand for storage and memory bandwidth. The external input points tagging based scheme is much more space and memory bandwidth efficient, but leads to significant performance degradation. After intrusion analysis is done and tampered memory state is identified, tampered memory state can be easily recovered through memory updates logging or memory state checkpointing. Software protection Compiler support Microarchitecture support Information leakage prevention Anomaly detection Intrusion recovery Computer networks Security measures Computer architecture Computer network protocols
14	Fuites d'information dans les processeurs récents et applications à la virtualisation / Information leakage on shared hardware : evolutions in recent hardware and applications to virtualization Maurice, Clémentine 28 October 2015 (has links) Dans un environnement virtualisé, l'hyperviseur fournit l'isolation au niveau logiciel, mais l'infrastructure partagée rend possible des attaques au niveau matériel. Les attaques par canaux auxiliaires ainsi que les canaux cachés sont des problèmes bien connus liés aux infrastructures partagées, et en particulier au partage du processeur. Cependant, ces attaques reposent sur des caractéristiques propres à la microarchitecture qui change avec les différentes générations de matériel. Ces dernières années ont vu la progression des calculs généralistes sur processeurs graphiques (aussi appelés GPUs), couplés aux environnements dits cloud. Cette thèse explore ces récentes évolutions, ainsi que leurs conséquences en termes de fuites d'information dans les environnements virtualisés. Premièrement, nous investiguons les microarchitectures des processeurs récents. Notre première contribution est C5, un canal caché sur le cache qui traverse les coeurs d'un processeur, évalué entre deux machines virtuelles. Notre deuxième contribution est la rétro-ingénierie de la fonction d'adressage complexe du dernier niveau de cache des processeurs Intel, rendant la classe des attaques sur les caches facilement réalisable en pratique. Finalement, dans la dernière partie nous investiguons la sécurité de la virtualisation des GPUs. Notre troisième contribution montre que les environnements virtualisés sont susceptibles aux fuites d'informations sur la mémoire d'un GPU. / In a virtualized environment, the hypervisor provides isolation at the software level, but shared infrastructure makes attacks possible at the hardware level. Side and covert channels are well-known issues of shared hardware, and in particular shared processors. However, they rely on microarchitectural features that are changing with the different generations of hardware. The last years have also shown the rise of General-Purpose computing on Graphics Processing Units (GPGPU), coupled to so-called cloud environments. This thesis explores these recent evolutions and their consequences in terms of information leakage in virtualized environments. We first investigate the recent processor microarchitectures. Our first contribution is C5, a cross-core cache covert channel, evaluated between virtual machines. Following this work, our second contribution is the reverse engineering of the complex addressing function of the last-level cache of Intel processors, rendering the class of cache attacks highly practical. In the last part, we investigate the security of GPU virtualization. Our third contribution shows that virtualized environments are susceptible to information leakage from the GPU memory. Sécurité informatique Fuite d'information Virtualisation Canal caché Canal auxiliaire Processeur Cache GPU Computer security Information leakage Virtualization Covert channel Side channel Processor Cache GPU
15	Extremal Mechanisms for Pointwise Maximal Leakage / Extremala Mekanismer för Pointwise Maximal Leakage Grosse, Leonhard January 2023 (has links) In order to implement privacy preservation for individuals, systems need to utilize privacy mechanisms that privatize sensitive data by randomization. The goal of privacy mechanism design is to find optimal tradeoffs between maximizing the utility of the privatized data while providing a strict sense of privacy defined by a chosen privacy measure. In this thesis, we explore this tradeoff for the pointwise maximal leakage measure. Pointwise maximal leakage (PML) was recently proposed as an operationally meaningful privacy measure that quantifies the guessing advantage of an adversary that is interested in a random function of the private data. Opposite to many other information-theoretic measures, PML considers the privacy loss for every outcome of the privatized view separately, thereby enabling more flexible privacy guarantees that move away from averaging over all outcomes. We start by using PML to analyze the prior distribution-dependent behavior of the established randomized response mechanism designed for local differential privacy. Then, we formulate a general optimization problem for the privacy-utility tradeoff with PML as a privacy measure and utility functions based on sub-linear functions. Using methods from convex optimization, we analyze the valid region of mechanisms satisfying a PML privacy guarantee and show that the optimization can be solved by a linear program. We arrive at extremal formulations that yield closed-form solutions for some important special cases: Binary mechanism, general high-privacy regions, i.e., regions in which the required level of privacy is high, and low-privacy mechanisms for equal priors. We further present an approximate solution for general priors in this setting. Finally, we analyze the loss of optimality of this construction for different prior distributions. / För att kunna implementera integritetsskydd för individer, så behöver system utnyttja integritetsmekanismer som privatiserar känslig data genom randomisering. Målet vid design av integritetsmekanismer är att hitta den optimala balansen mellan att användbarheten av privatiserad data maximeras, samtidigt som det tillhandahålls integritet i strikt mening. Detta definierat av något valt typ av integritetsmått. I den här avhandlingen, så undersöks detta utbyte specifikt med “pointwise maximal leakage”-måttet. Pointwise maximal leakage (PML) har nyligen föreslagits som ett operativt meningsfullt integritetsmått som kvantifierar en gissande motparts informationstillgång om denna är intresserad av en slumpmässig funktion av den privata datan. Till skillnad mot många andra informations-teoretiska mått, så tar PML i åtanke integritetsinskränkningen separat för varje utfall av den privata slumpmässiga variabeln. Därmed möjliggörs mer flexibla försäkringar av integriteten, som strävar bort från genomsnittet av alla utfall. Först, används PML för att analysera det ursprungsberoende beteendet av den etablerade “randomized response”-mekanismen designad för local differential privacy. Därefter formuleras ett generellt optimeringsproblem för integritets-användbarhets-kompromissen med PML som ett integritetsmått och användbarhetsfunktioner baserade på sublinjära funktioner. Genom att utnyttja metoder från konvex optimering, analyseras den giltiga regionen av mekanismer som tillfredsställer en PML-integritetsgaranti och det visas att optimeringen kan lösas av ett linjärt program. Det leder till extremala formuleringar som ger slutna lösningar för några viktiga specialfall: Binär mekanism, allmänna högintegritets-regioner (d.v.s. regioner där kravet på nivån av integritet är hög) och lågintegritets-mekanismer för ekvivalenta ursprungliga distributioner. Vidare presenteras en approximativ lösning för allmänna ursprungliga distributioner i denna miljö. Slutligen, analyseras förlusten av optimalitet hos denna konstruktion för olika ursprungliga distributioner. Privacy mechanism design information leakage convex optimization information-theoretic utility Integritet Mekanismdesign informationsläckage konvex optimering informationsteoretisk användbarhet. Elektroteknik och elektronik
16	Secure degrees of freedom on widely linear instantaneous relay-assisted interference channel Ho, Zuleita K.-M., Jorswieck, Eduard 22 November 2013 (has links) (PDF) The number of secure data streams a relay-assisted interference channel can support has been an intriguing problem. The problem is not solved even for a fundamental scenario with a single antenna at each transmitter, receiver and relay. In this paper, we study the achievable secure degrees of freedom of instantaneous relay-assisted interference channels with real and complex coefficients. The study of secure degrees of freedom with complex coefficients is not a trivial multiuser extension of the scenarios with real channel coefficients as in the case for the degrees of freedom, due to secrecy constraints. We tackle this challenge by jointly designing the improper transmit signals and widely-linear relay processing strategies. Relaiskanal Interferenz-Neutralisierung Sonderforschungsbereich 912 Hochadaptive Energieeffiziente Systeme Instantaneous relay channel widely linear secure degrees of freedom interference neutralization information leakage neutralization real interference alignment Collaborative Research Centre 912 ddc:621.3 rvk:ZN 6090 rvk:ZN 6420
17	Sidokanalattack mot knappsats för elektroniskt passersystem / Side-channel attack against electronic entry system keypad Alasjö, Alexander January 2017 (has links) Genom ett undersökande experiment med elektromagnetisk sidokanalattack mot en knappsats för ett kommersiellt passersystem påvisas att informationsläckage i sidokanaler är ett fortsatt aktuellt problem och hur det gör fysisk åtkomstkontroll sårbart genom avlyssning och kopiering av användaruppgifter. Med enkel radioutrustning kan knapptryckningar registreras och avkodas genom oönskad elektromagnetisk strålning och teoretiskt är det möjligt att genomföra avlyssningen på en längre distans med särskilt utformad antenn och anpassad mottagare. Rapporten diskuterar problematiken med emission security hos konsumentprodukter som i militära sammanhang benämns Tempest eller RÖS (röjande signaler) och kräver kostsamma tester för att detekteras och hanteras. I regelverk för EMC (elektromagnetisk kompatibilitet) behandlas elektriska apparaters och näts utstrålning och påverkan av elektromagnetiska vågor, men inte direkt hur information kan läcka från informationsteknologisk utrustning vilket denna rapport vill problematisera. / Through an exploratory experiment using electromagnetic side-channel attack against a keypad for a commercial entry system it is demonstrated that information leakage through side-channels are an ongoing issue and may make entry systems vulnerable by recording of user data. Using simple radio equipment, keypresses can be recorded and decoded by undesired electromagnetic radiation and theoretically it is possible to carry out the attack on a longer distance with a specially designed antenna and a custom recieiver. The report discusses emission security in consumer products which in military context is termed Tempest or compromising emanations (Swedish: RÖS) and requires expensive tests to be detected and handled. The EMC regulations (electromagnetic compatibility) handles radiation and influence of electromagnetic waves in electronic apparatus and nets, but not directly how information can leak from information technology equipment which this report wants to problematize. EmSec emission security Tempest information leakage side-channel attack SDR electromagnetic compatibility EMC compromising emanations software defined radio EmSec RÖS Tempest informationsläckage sidokanalattack SDR röjande signaler elektromagnetisk kompatibilitet EMC Information Systems
18	Secure degrees of freedom on widely linear instantaneous relay-assisted interference channel Ho, Zuleita K.-M., Jorswieck, Eduard January 2013 (has links) The number of secure data streams a relay-assisted interference channel can support has been an intriguing problem. The problem is not solved even for a fundamental scenario with a single antenna at each transmitter, receiver and relay. In this paper, we study the achievable secure degrees of freedom of instantaneous relay-assisted interference channels with real and complex coefficients. The study of secure degrees of freedom with complex coefficients is not a trivial multiuser extension of the scenarios with real channel coefficients as in the case for the degrees of freedom, due to secrecy constraints. We tackle this challenge by jointly designing the improper transmit signals and widely-linear relay processing strategies. info:eu-repo/classification/ddc/621.3 ddc:621.3
19	Model-Checking Infinite-State Systems For Information Flow Security Properties Raghavendra, K R 12 1900 (has links) (PDF) Information flow properties are away of specifying security properties of systems ,dating back to the work of Goguen and Meseguer in the eighties. In this framework ,a system is modeled as having high-level (or confidential)events as well as low-level (or public) events, and a typical property requires that the high-level events should not “influence ”the occurrence of low-level events. In other words, the sequence of low-level events observed from a system execution should not reveal “too much” information about the high-level events that may have taken place. For example, the trace-based “non-inference” property states that for every trace produced by the system, its projection to low-level events must also be a possible trace of the system. For a system satisfying non-inference, a low-level adversary (who knows the language generated by the system) viewing only the low-level events in any execution cannot infer any in-formation about the occurrence of high-level events in that execution. Other well-known properties include separability, generalized non-interference, non-deducibility of outputs etc. These properties are trace-based. Similarly there is another class of properties based on the structure of the transition system called bisimulation-based information flow properties, defined by Focardiand Gorrieriin1995. In our thesis we study the problem of model-checking the well-known trace-based and bisimulation-based properties for some popular classes of infinite-state system models. We first consider trace-based properties. We define some language-theoretic operations that help to characterize language-inclusion in terms of satisfaction of these properties. This gives us a reduction of the language inclusion problem for a class of system models, say F, to the model-checking problem for F, whenever F, is effectively closed under these language-theoretic operations. We apply this result to show that the model-checking problem for Petri nets, push down systems and for some properties on deterministic push down systems is undecidable. We also consider the class of visibly pushdown systems and show that their model-checking problem is undecidable in general(for some properties).Then we show that for the restricted class of visibly pushdown systems in which all the high (confidential) event are internal, the model-checking problem becomes decidable. Similarly we show that the problem of model-checking bisimulation-based properties is undecidable for Petrinets, pushdown systems and process algebras. Next we consider the problem of detecting information leakage in programs. Here the programs are modeled to have low and high inputs and low outputs. The well known definition of“ non-interference” on programs says that in no execution should the low outputs depend on the high inputs. However this definition was shown to be too strong to be used in practice, with a simple(and considered to be safe)“password-checking” program failing it.“Abstract non-interference(ANI)”and its variants were proposed in the literature to generalize or weaken non-interference. We call these definitions qualitative refinements of non-interference. We study the problem of model-checking many classes of finite-data programs(variables taking values from a bounded domain)for these refinements. We give algorithms and show that this problem is in PSPACE for while, EXPTIME for recursive and EXPSPACE for asynchronous finite-data programs. We finally study different quantitative refinements of non-interference pro-posed in the literature. We first characterize these measures in terms of pre images. These characterizations potentially help designing analysis computing over and under approximations for these measures. Then we investigate the applicability of these measures on standard cryptographic functions. Information Flow Properties Computer Security Computer Access Control Infinite-State System Models Trace-based Information Flow Properties System Models Petri Nets Process Algebra - Model Checking Pushdown Systems - Model Checking Access Control Models Computer Science

Search results