Automated trojan detection and analysis in field programmable gate arraysa

Houghton, Nicholas

16 December 2016

Electronics have become such a staple in modern life that we are just as a ected by their vulnerabilities as they are. Ensuring that the processors that control them are secure is paramount to our intellectual safety, our nancial safety, our privacy, and even our personal safety. The market for integrated circuits is steadily being consumed by a recon gurable type of processor known as a eld-programmable gate- array (FPGA). The very features that make this type of device so successful also make them susceptible to attack. FPGAs are recon gured by software; this makes it easy for attackers to make modi cation. Such modi cations are known as hardware trojans. There have been many techniques and strategies to ensure that these devices are free from trojans but few have taken advantage of the central feature of these devices. The con guration Bitstream is the binary le which programs these devices. By extracting and analyzing it, a much more accurate and e cient means of detecting trojans can be achieved. This discussion presents a new methodology for exploiting the power of the con guration Bitstream to detect and described hardware trojans. A software application is developed that automates this methodology. / Graduate / 0537 / 0544 / 0984 / nhoughto@uvic.ca

Trojan

Hardware

Security

FPGA

Detection

Analysis

Java

Automated

Génération de patrons de conception et restructuration de code vers un patron de conception pour Java

Tousignant, Jonathan

January 2016

(POO) est l’utilisation de patrons de conception (PC). Un PC est un arrangement caractéristique de classes permettant d’offrir une solution éprouvée, tout en obtenant un code réutilisable et compréhensible. Plusieurs PC sont définis, dont 24 par la GoF [12] et plusieurs autres sont apparus par la suite. Le concept de PC est abstrait ce qui peut amener différentes interprétations. Ces différences peuvent aussi causer une mauvaise implémentation qui peut réduire les avantages d’utiliser ce patron. Ce projet consiste à concevoir un outil facilitant l’utilisation des PC. L’outil Génération et Restructuration de Patrons de Conception(GRPC) permet la génération automatique du squelette d’un patron de conception ainsi que la restructuration d’un code en le transformant structure respectant un PC. La génération et la restructuration automatique permettent d’obtenir un code uniforme et de qualité tout en respectant le patron de conception. La compréhension et la maintenance du code sont ainsi améliorées. GRPC est module d’extension pour l’environnement de développement Eclipse écrit en Java. Le code est conçu pour être facilement compréhensible et extensible. Les deux principaux objectifs de GRPC sont de restructurer (refactoring) une section de code vers l’architecture d’un patron de conception et de générer des squelettes de patrons de conception. Une interface graphique permet de guider l’utilisateur et d’aller chercher toutes les informations importantes pour le fonctionnement du logiciel. Elle permet aussi de configurer les éléments du patron de conception. Pour s’assurer de la possibilité d’effectuer une restructuration, chaque patron est associé avec une ou plusieurs règles qui analysent le code pour détecter la présence d’une structure particulière. Des procédures aident les développeurs à ajouter de nouveaux PC dans GRPC. GRPC fournit des fonctionnalités permettant d’implémenter quelques patrons de conception de la POO définis dans le livre Design Patterns : Elements of Reusable Object-Oriented Software.

Patron de conception

Génération

Restructuration

Module d'extension

Java

Eclipse

Open-Source Machine Learning: R Meets Weka

Hornik, Kurt, Buchta, Christian, Zeileis, Achim

January 2007

Two of the prime open-source environments available for machine/statistical learning in data mining and knowledge discovery are the software packages Weka and R which have emerged from the machine learning and statistics communities, respectively. To make the different sets of tools from both environments available in a single unified system, an R package RWeka is suggested which interfaces Weka's functionality to R. With only a thin layer of (mostly R) code, a set of general interface generators is provided which can set up interface functions with the usual "R look and feel", re-using Weka's standardized interface of learner classes (including classifiers, clusterers, associators, filters, loaders, savers, and stemmers) with associated methods. / Series: Research Report Series / Department of Statistics and Mathematics

Une architecture pour l'évaluation qualitative de l'impact de la programmation orientée aspect

Guyomarc'h, Jean-Yves

January 2006

Mémoire numérisé par la Direction des bibliothèques de l'Université de Montréal.

Génie logiciel

Qualité

Séparation des préoccupations

Aspect

Métrique

Visualisation

Java

AspectJ

Output breakpoints for Java / Output breakpoints for Java

Jelínek, Jakub

January 2012

The goal of this thesis was to design the support for output breakpoints in the Java language and implement the designed solution including integration into the Eclipse IDE. An output breakpoint represents a location in an output media (e.g. file, standard output or socket) where the execution of program should stop. The location in the output media is generalized as a stop condition - it can be in the form of absolute position, a particular line and a character or an occurrence of a text string. The designed solution is based on observing the classes responsible for output using entry method breakpoints that are a standard part of the Java language. This solution is dependent on a particular version and implementation of JRE because some of observed methods are not a part of public Java API.

Optimal sensor allocation for a discrete event combat simulation

Doll, Thomas M.

06 1900

Approved for public release; distribution is unlimited. / The U.S. Army's Future Force is being developed as a faster, lighter, more rapidly deployable alternative to the current force structure. The Future Force will feature a smaller in-theater footprint and require the ability to cover a larger area of the battle space with intelligence-gathering assets. To support this development the Naval Postgraduate School and TRAC Monterey began to conduct research in the area of allocation of Future Force sensor platforms. A previous thesis developed the Sensor Allocation Model (SAM) for finding an appropriate mix and allocation strategy for organic Unit of Action sensors in a given threat scenario. The mix suggested by the model is robust to uncertainties in sensor performance and target quantity and location. SAM shows great promise for use as a screening tool in support of analysis of alternatives studies as well as in support of Army and Joint war fighting experimentation. It also has potential for use as an operational decision support tool for unit commanders. This thesis discusses three improvements to SAM. First, SAM has been translated into a programming language that easily can be implemented into any simulation environment. Second, it now contains more realistic constraints on sensor platform employment duration and distance. Third, the model estimates of sensor performance have been improved with a Probability Line of Sight model. Together, these improvements have greatly improved SAM's usability. / Captain, German Army

Detectors

Operations research

Java (Computer program language)

Drone aircraft

Conception, mise en œuvre et validation d’un environnement logiciel pour le calcul sécurisé sur une grille de cartes à puce de type Java

Karray, Achraf

10 December 2008

Le calcul sur grille permet à un individu, une société, de disposer d’un ensemble d’unités de calcul fournies par des tiers. Dans ce type d’architecture, des problèmes de sécurité se posent : comment garantir à la fois la sécurité du matériel et de l’application. Pour ce qui concerne la sécurité de l’application, il s’agit principalement d’assurer la confidentialité du code et l’intégrité de son exécution. La sécurité du matériel consiste à protéger la machine contre tout code malveillant pouvant être contenu dans l’application. Aucun système ne permet aujourd’hui, de satisfaire ces contraintes fortes de sécurité. Notre objectif dans cette thèse est de proposer et de valider des solutions pour les problèmes de sécurité des grilles informatiques.Pour résoudre ces problèmes, nous proposons l’utilisation de la carte à puce comme support d’exécution hautement sécurisé à travers le déploiement de grilles de cartes à puce. Grâce aux mécanismes de sécurité qu’elles intègrent, les cartes à puce permettent en effet de protéger l’application et son code aussi bien que le support d’exécution. Le travail effectué dans cette thèse consiste à définir un environnement pour le calcul sécurisé sur grille de cartes à puce. / Abstract

Carte à puce

Sécurité

Java card

Architecture distribuée

Grille

Towards Integration of SOAP-Based Web Services and OGC Web Services

Shu, Shujing

21 May 2004

Over the last several years, the Web Services model of Geographic Information Systems has been rapidly evolved and materialized. In this thesis project, I have reviewed the current status of integrating the general Web Services technology (SOAP, WSDL, and UDDI) and OpenGIS Consortium (OGC) Web services standards in developing distributed GIS computing. The overlap of the web service model and the technology stack between the SOAP-based Web Services and OGC Web Services indicates the feasibility of integration. OGC has named all core general Web Services Technologies (SOAP, WSDL, UDDI) in its envisioned OWS architecture. OGC has also started putting efforts for the integration by conducting experiments, which include a SOAP experiment and an UDDI experiment. However, these experiments only identified some very specific issues based on small number of testing interfaces and scenarios. There are leading GIS software vendors who have adopted both areas in their implementation. The ESRI ArcWeb Services is a good example, which implements OGC Web Services Interfaces using SOAP, WSDL, and UDDI. In my implementation experiment, Java Web Services Developer Pack is used to build a client of Microsoft TerraService. SOAP messages are constructed to retrieve DOQ images from the TerraService as the background to display ArcSDE feature data. Query functionalities on the feature data are implemented.

Web Services

Java

JWSDP

TerraService

SOAP

OGC

GIS

Creating, Writing, and Reading NETCDF Files on a Mobile Device

Allesandro, Brittany

01 May 2012

The purpose of this research was to master several unfamiliar concepts and bring them together in one cohesive project. DroidCDF is an application for the Android operating system to create, write data to, and read data from netCDF format files. DroidCDF uses Unidata’s NetCDF Java Library and can write files in netCDF-3 format but read from any netCDF format files. As mobile devices become more powerful and commonplace, DroidCDF provides a convenient tool for researchers. An incremental methodology was applied; the application was built from a rough workflow to eventually a robust and fully functional program. The produced files are fully portable and can be used as the input for other applications. The application has been tested with several large netCDF files with varying conventions and has handled each one remarkably well. Upon submission of this thesis, DroidCDF will be released onto the open market.

Android

Unidata

NetCDF

mobile application

Java

common data formats

Porovnání frameworků pro rychlý vývoj aplikací na platformě Java / Comparison of rapid web application development frameworks for the Java platform

Zilvar, Tomáš

January 2010

The thesis is concerned with a comparison of two rapid web development frameworks for the Java platform - Tapestry 5 and Grails. The goal is to get acquainted with both of the frameworks, explain their basic principles and usage, compare their solution to common challenges and their contribution to faster development. Furthermore, the goal is to de fine a set of criteria for the comparison and match each one of them with their respective weights representing their importance in certain decision making scenarios. The frameworks are new and under dynamic development, therefore the bene ts of this thesis are an extensive research in foreign resources, summary of the acquired knowledge, practical usage examples and furthermore the assessment of the frameworks' strenghts and weaknesses. The conclusions and comparison quanti cation can then be used to strategically choose the appropriate framework if necessarry.