• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 330
  • 95
  • 95
  • 83
  • 15
  • 13
  • 11
  • 9
  • 9
  • 8
  • 7
  • 5
  • 3
  • 2
  • 2
  • Tagged with
  • 874
  • 874
  • 233
  • 215
  • 182
  • 152
  • 132
  • 131
  • 106
  • 98
  • 98
  • 94
  • 90
  • 87
  • 85
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Discovery and Evaluation of Finite State Machines in Hardware Security

Geist, James 01 January 2023 (has links) (PDF)
In the decades since the invention of the integrated circuit (IC), IC's have become ubiquitous, complex, and networked. High transistor density and the low cost of production at scale have made it economically feasible to use complex custom IC's in almost any engineering application. While IC's provide a powerful tool for solving many engineering problems, the low cost comes from outsourcing production and reusing existing design components. Both of these dependencies introduce security risk; unwanted functionality may be inserted either from opaque third party libraries used in a design or by any outside vendor involved in the fabrication process. As it is far easier to verify that specified functionality works as intended than to discover unwanted functionality, verifying that a design has not been tampered with is an important, difficult problem. In stateful designs, Finite State Machines (FSM's) choreograph the operation of the design. With knowledge of the primary inputs and the current state, an FSM instructs other subsystems what to do next. Given this central role, an FSM is an obvious target for malicious exploitation. A bad actor can add states to an FSM that may only be entered via a non-obvious sequence of inputs; these states may then leak information via a side channel, or corrupt operation of the device in a denial of service attack. Such exploitation can be avoided both proactively and reactively. This dissertation introduces methods for discovering, extracting, modifying, and analyzing FSM's in post-compilation netlists. Such netlists may be acquired either in house directly after a design is compiled, or recovered by microscopy techniques post-fabrication. This dissertation introduces several methods applicable to the problem. In order to study FSM's in a netlist, the FSM's must first be located. One method to find FSM's is to search for the control signals which drive it. A proposed algorithm for discovering control signals, RELIC-FUN, provides more accurate results than other algorithms on specific designs. Once an FSM is discovered, state transition enumeration is key to comparing the FSM's behavior to the original design. This dissertation introduces two new tools, RECUT and REFSM-SAT, which provide significantly better performance than existing enumeration algorithms. Noting that FSM's, both structurally and semantically, are graph theoretical constructs, a new graphical environment, NetViz, is introduced. NetViz is an environment for hardware security which allows chaining of analysis algorithms and graphical display of, and interaction with, analysis results. Finally, an existing logic locking algorithm, SANSCrypt, is shown to be insecure due to structural FSM analysis techniques.

A Semi-Autonomous Credit/Debit Card Transaction Fraud Defense Framework for Online Merchants

Laurens, Roy 01 January 2023 (has links) (PDF)
The majority of online credit/debit card fraud research focuses on the defense by back-end entities, such as card issuer or processor (i.e., payment processing company), and overlooks the fraud defense initiated by online merchants. This is problematic because the merchants – especially online merchants – are the ones generally held responsible for covering any loss due to transaction fraud. Thus they have a great incentive to detect and defend against card fraud. But at the same time, compared with card issuers, they also lack access to large samples needed for data mining (such as existing purchase data of a cardholder). This dissertation presents a novel semi-autonomous framework for online merchants to defend against such fraud by utilizing three interrelated components: a supervised classifier based on existing fraud pattern and our newly developed DNS fingerprinting, an unsupervised anomaly detection method using diversity index, and a novel soft descriptor based verification system. The classifier and the anomaly detection work together to allow our framework to detect known fraud patterns and adapt to the previously undetected patterns. Afterward, suspicious transactions can be autonomously verified by requesting the customer to provide a unique identifier that was previously embedded in the soft descriptor during the card transaction processing. This verification process greatly improves fraud detection accuracy without adding a burden on most legitimate customers. Our framework can be readily implemented and we have deployed several aspects of our framework at a real-world e-commerce Merchant website, with the real testing results explained in this dissertation.

Discovering Vulnerabilities and Designing Trustworthy Defenses in IoT Systems and Devices

Pearson, Bryan 01 January 2023 (has links) (PDF)
Internet of Things (IoT) dominates many functions in the modern world, from sensing and reporting temperature, humidity, and air quality, to controlling and automating homes, commercial buildings, and equipment. However, IoT systems have received scrutiny in recent years due to countless security incidents, which can have physical and even deadly consequences. This research provides a comprehensive assessment of the security of IoT systems and devices, including low-cost microcontroller (MCU) based sensors, cloud services, and Building Automation Systems (BAS). We begin by exploring the current landscape of vulnerabilities and defenses in modern IoT applications. We show that many security needs can be satisfied by modern low-cost MCUs. We discuss how to implement crucial security features in IoT and illustrate use cases through ESP32 MCUs. Next, we investigate vulnerabilities against popular IoT systems and devices. We present a systematic attack model against Message Queuing Telemetry Transport (MQTT) software implementations. We design, implement, and evaluate a fuzz testing framework for MQTT using Markov chain modeling to rigorously exhaust the protocol and identify vulnerabilities. We then demonstrate the plausibility of well-known software attacks on IoT devices. These attacks can be used to remotely steal private keys that are hard coded in the firmware. We also expand our fuzzing research to Building Automation Systems (BAS) devices and software, which are susceptible to similar vulnerabilities as conventional IoT systems and devices. We use dynamic instrumentation and packet analysis to probe the communications between BAS clients and BAS IP interfaces to extract an annotated corpus for mutational fuzzing. Our fuzzer discovered vulnerabilities in various KNX and BACnet devices and software. After exploring these attacks, we discuss how to protect sensitive data in IoT applications using crypto coprocessors. We present a framework for secure key provisioning that protects end users' private keys from software attacks and untrustworthy manufacturers.

Towards Secure and Trustworthy IoT Systems

Luo, Lan 01 January 2022 (has links) (PDF)
The boom of the Internet of Things (IoT) brings great convenience to the society by connecting the physical world to the cyber world, but it also attracts mischievous hackers for benefits. Therefore, understanding potential attacks aiming at IoT systems and devising new protection mechanisms are of great significance to maintain the security and privacy of the IoT ecosystem. In this dissertation, we first demonstrate potential threats against IoT networks and their severe consequences via analyzing a real-world air quality monitoring system. By exploiting the discovered flaws, we can impersonate any victim sensor device and polluting its data with fabricated data. It is a great challenge to fight against runtime software attacks targeting IoT devices based on microcontrollers (MCUs) due to the heterogeneity and constrained computational resources of MCUs. An emerging hardware-based solution is TrustZone-M, which isolates the trusted execution environment from the vulnerable rich execution environment. Though TrustZone-M provides the platform for implementing various protection mechanisms, programming TrustZone-M may introduce a new attack surface. We explore the feasibility of launching five exploits in the context of TrustZone-M and validate these attacks using SAM L11, a Microchip MCU with TrustZone-M enabled. We then propose a security framework for IoT devices using TrustZone-M enabled MCUs, in which device security is protected in five dimensions. The security framework is implemented and evaluated with a full-fledged secure and trustworthy air quality monitoring device using SAM L11 as its MCU. Based on TrustZone-M, a function-based ASLR (fASLR) scheme is designed for runtime software security of IoT devices. fASLR is capable of trapping and modifying control flow upon a function call and randomizing the callee function before its execution. Evaluation results show that fASLR achieves high entropy with low overheads.

Improving the Security of Critical Infrastructure: Metrics, Measurements, and Analysis

Park, Jeman 01 January 2020 (has links) (PDF)
In this work, we propose three important contributions needed in the process of improving the security of the critical infrastructure: metrics, measurement, and analysis. To improve security, metrics are key to ensuring the accuracy of the assessment and evaluation. Measurements are the core of the process of identifying the causality and effectiveness of various behaviors, and accurate measurement with the right assumptions is a cornerstone for accurate analysis. Finally, contextualized analysis essential for understanding measurements. Different results can be derived for the same data according to the analysis method, and it can serve as a basis for understanding and improving systems security. In this dissertation, we look at whether these key concepts are well demonstrated in existing (networked) systems and research products. In the first thrust, we verified the validity of volume-based contribution evaluation metrics used in threat information sharing systems. Further, we proposed a qualitative evaluation as an alternative to supplement the shortcomings of the volume-based evaluation method. In the second thrust, we measured the effectiveness of the low-rate DDoS attacks in a realistic environment to highlight the importance of establishing assumptions grounded in reality for measurements. Moreover, we theoretically analyzed the low-rate DDoS attacks and conducted additional experiments to validate them. In the last thrust, we conducted a large-scale measurement and analyzed the behaviors of open resolvers, to estimate the potential threats of them. We then went beyond just figuring out the number of open resolvers and explored new implications that the behavioral analysis could provide. We also experimentally shown the existence of forwarding resolvers and their behavior by precisely analyzing DNS resolution packets.

FPGA-Augmented Secure Crash-Consistent Non-Volatile Memory

Zou, Yu 01 January 2021 (has links) (PDF)
Emerging byte-addressable Non-Volatile Memory (NVM) technology, although promising superior memory density and ultra-low energy consumption, poses unique challenges to achieving persistent data privacy and computing security, both of which are critically important to the embedded and IoT applications. Specifically, to successfully restore NVMs to their working states after unexpected system crashes or power failure, maintaining and recovering all the necessary security-related metadata can severely increase memory traffic, degrade runtime performance, exacerbate write endurance problem, and demand costly hardware changes to off-the-shelf processors. In this thesis, we summarize and expand upon two of our innovative works, ARES and HERMES, to design a new FPGA-assisted processor-transparent security mechanism aiming at efficiently and effectively achieving all three aspects of a security triad—confidentiality, integrity, and recoverability—in modern embedded computing. Given the growing prominence of CPU-FPGA heterogeneous computing architectures, ARES leverages FPGA's hardware reconfigurability to offload performance-critical and security-related functions to the programmable hardware without microprocessors' involvement. In particular, recognizing that the traditional Merkle tree caching scheme cannot fully exploit FPGA's parallelism due to its sequential and recursive function calls, ARES proposed a new Merkle tree cache architecture and a novel Merkle tree scheme which flattened and reorganized the computation in the traditional Merkle tree verification and update processes to fully exploit the parallel cache ports and to fully pipeline time-consuming hashing operations. To further optimize the throughput of BMT operations, HERMES proposed an optimally efficient dataflow architecture by processing multiple outstanding counter requests simultaneously. Specifically, HERMES explored and addressed three technical challenges when exploiting task-level parallelism of BMT and proposed a speculative execution approach with both low latency and high throughput.

High Performance and Secure Execution Environments for Emerging Architectures

Alwadi, Mazen 01 January 2020 (has links) (PDF)
Energy-efficiency and performance have been the driving forces of system architectures and designers in the last century. Given the diversity of workloads and the significant performance and power improvements when running workloads on customized processing elements, system vendors are drifting towards new system architectures (e.g., FAM or HMM). Such architectures are being developed with the purpose of improving the system's performance, allow easier data sharing, and reduce the overall power consumption. Additionally, current computing systems suffer from a very wide attack surface, mainly due to the fact that such systems comprise of tens to hundreds of sub-systems that could be manufactured by different vendors. Vulnerabilities, backdoors, and potentially hardware trojans injected anywhere in the system form a serious risk for confidentiality and integrity of data in computing systems. Thus, adding security features is becoming an essential requirement in modern systems. In the purpose of achieving these performance improvements and power consumption reduction, the emerging NVMs stand as a very appealing option to be the main memory building block or a part of it. However, integrating the NVMs in the memory system can lead to several challenges. First, if the NVM is used as the sole memory, incorporating security measures can exacerbate the NVM's write endurance and reduce its lifetime. Second, integrating the NVM as a part of the main memory as in DRAM-NVM hybrid memory systems can lead to higher performance overheads of persistent applications. Third, Integrating the NVM as a memory extension as in fabric-attached memory architecture can cause a high contention over the security metadata cache. Additionally, in FAM architectures, the memory sharing can lead to security metadata coherence problems. In this dissertation, we study these problems and propose novel solutions to enable secure and efficient integration of NVMs in the emerging architectures.

Understanding the Security of Emerging Systems: Analysis, Vulnerability Management, and Case Studies

Anwar, Afsah 01 January 2021 (has links) (PDF)
The Internet of Things (IoT) integrates a wide range of devices into a network to provide intelligent services. The lack of security mechanisms in such systems can cause an exposure of sensitive private data. Moreover, a networks of compromised IoT devices can allow adversaries the ability to bring down crucial systems. Indeed, adversaries have exploited software vulnerabilities in these devices for their benefit, and to execute various malicious intents. Therefore, understanding the software of these emerging systems is of the utmost importance. Building towards this goal, in this dissertation, we undertake a comprehensive analysis of the IoT software by employing different analysis techniques. To analyze the emerging IoT software systems, we first perform an in-depth and thorough analysis of the IoT binaries through static analysis. Through efficient and scalable static analysis, we extract artifacts that highlight the dynamics of the malware. In particular, by analyzing the strings, functions, and Control Flow Graphs (CFGs) of the IoT malware, we uncover their execution strategy, unique textual characteristics, and network dependencies. Additionally, through analysis of CFGs, we show the ability to approximate the main function. Using the extracted static artifacts, we design an effective malware detector. Noting that IoT malware have increased their sophistication and impact, the static approaches are prone to obfuscation that aims to evade analysis attempts. Acknowledging these attempts and to mitigate such threats, it is essential to profile the shared and exclusive behavior of these threats, such that they are easily achievable and aware of the capabilities of the widely-used IoT devices. To that end, we introduce MALInformer, an integrated dynamic and static analysis framework to analyze Linux-based IoT software and identify behavioral patterns for effective threat profiling. Leveraging an iterative signatures selection method, by taking into account the normalized frequency, cardinality, and programs covered by the signatures, MALInformer identifies distinctive and interpretable behaviors for every threat category. The static and dynamic analyses show the exploitability of the emerging systems. These weaknesses are typically reported to vulnerability databases along with the information that enable their reproduction and subsequent patching in other and related software. These weaknesses are assigned a Common Vulnerabilities and Exposures (CVE) number. We explore the quality of the reports in the National Vulnerability Database (NVD), unveiling their inconsistencies which we eventually fix. We then conduct case studies, including a large-scale evaluation of the cost of software vulnerabilities, revealing that the consumer product, software, and the finance industry are more likely to be negatively impacted by vulnerabilities. Overall, our work builds tools to analyze and detect the IoT malware and extract behavior unique to malware families. Additionally, our consistent NVD streamlines vulnerability management in emerging internet-connected systems, highlighting the economics aspects of vulnerabilities.

Exploring the Privacy Dimension of Wearables Through Machine Learning-Enabled Inference

Meteriz Yildiran, Ulku 01 January 2022 (has links) (PDF)
Today's hyper-connected consumers demand convenient ways to tune into information without switching between devices, which led the industry leaders to the wearables. Wearables such as smartwatches, fitness trackers, and augmented reality (AR) glasses can be comfortably worn on the body. In addition, they offer limitless features, including activity tracking, authentication, navigation, and entertainment. Wearables that provide digestible information stimulate even higher consumer demand. However, to keep up with the ever-growing user expectations, developers keep adding new features and interaction methods to augment the use cases without considering their privacy impacts. In this dissertation, we explore the privacy dimension of wearables through inference attacks facilitated by machine learning approaches. We start our investigation by exploring the attack surface introduced by fitness trackers. We propose an inference attack that breaches location privacy through the elevation profiles collected by fitness trackers. Our attack highlights that adversaries can infer the location from elevation profiles collected via fitness trackers. Second, we investigated the attack surface introduced by the smartwatches. We introduce an inference attack that exploits the smartwatch microphone to capture the acoustic emanations of physical keyboards and successfully infers what the user has been typing. With this attack, we showed that smartwatches add yet another privacy dimension to be considered. Third, we examined the privacy of AR domain. We designed an inference attack exploiting the geometric projection of hand movements in air. The attack framework predicts the typed text on an in-air tapping keyboard, which is only visible to the user. Our studies uncover various attack surfaces introduced by wearables that have not been studied in literature before. For each attack, we propose possible countermeasures to diminish the ramifications of the risks. We hope that our findings shed light to the privacy risks of wearables and guide the research community to more aware solutions.

Security Breach Disclosure

Lee, Yao-Tien 11 1900 (has links)
Security breach disclosure is the public disclosure of information regarding a data security incident. It allows organizations to communicate salient information to the affected parties and stakeholders regarding the nature and impact of the breach, and remediating solutions undertaken regarding the breach. Recent cases of large-scale security breaches have revealed that security breach disclosure remains a challenging subject for policymakers, practitioners, and researchers. There is a lack of understanding and consensus on what breaches need to be disclosed and little evidence on how actual practices are employed. Using an adapted grounded theory methodology that combines computerized textual extraction and ground theory coding techniques, this study explores relevant issues through four research questions with distinct objectives that would enhance understanding of the issues in public breach disclosure. First, recent regulations from the US, EU, and Canada are reviewed to identify the core elements in breach disclosure. Second, this study develops methods to extract information content from disclosures. Third, matrices and measuring instruments are developed to evaluate the quality, and last, a framework is proposed to map out the paths and directions for future research. These advancements lay the crucial groundwork in the field of security breach disclosure and will contribute greatly towards future policies, practice, and research. The expected societal significance of this research is profound. The research is relevant to practitioners, regulators, and the information security community as it provides valuable insight on current challenges and future directions. The ultimate goal is to strengthen our understanding of security breach disclosure and enhance the accumulation and transfer of knowledge obtained through security breach disclosure; thereby providing organizations, regulators, and the information security community with the information necessary to develop policies, tools, and controls for identifying, managing, and reducing the risks of future security incidents. The proposed core elements, methods of extracting relevant information content, quality evaluation matrices, and framework mark a significant advancement towards this vision. / Thesis / Doctor of Philosophy (PhD) / Recent cases of security breach at Equifax, Yahoo, and Uber have raised attention from the public and regulators on the issues of public disclosure of security incidents. However, the lack of understanding and research in security breach disclosures has hampered our ability in defining what needs to be disclosed, understanding what are actually disclosed, and determining how well the incidents are disclosed. These issues are urgent and important thus warrant considerable efforts to carefully examine the current landscape of policy and practice, and to provide methods to evaluate disclosures so that meaningful advancements in research and improvements in practice can be made. This study recommends a set of core elements in disclosure, develops methods to extract information from disclosure, establishes ways to evaluate quality, and proposes a framework that maps out future research. These are important advancements in the study of security breach disclosure and will contribute greatly towards future policies, practice, and research.

Page generated in 0.1474 seconds