TrustZone-based Real-time Kernel Protection (TZ-RKP) is a novel system that provides real-time protection of the OS kernel using ARM TrustZone secure world. TZ-RKP more than current approaches use hypervisors to host tools. Although provide privilege and isolation, they face fundamental security challenges due their growing complexity code size. puts its monitor, which represents entire Trusted Computing Base (TCB), in world; safe isolated environment dedicated services. Hence, monitor from...

Previous research on kernel monitoring and protection widely relies higher privileged system components, such as hardware virtualization extensions, to isolate security tools from potential attacks.These approaches increase both the maintenance effort code base size of which consequently increases risk having vulnerabilities.SKEE, stands for Secure Kernellevel Execution Environment, solves this fundamental problem.SKEE is a novel that provides an isolated lightweight execution environment at...

This paper presents a novel mechanism, called Ally Friendly Jamming, which aims at providing an intelligent jamming capability that can disable unauthorized (enemy) wireless communication but the same time still allow authorized devices to communicate, even if all these operate frequency. The basic idea is jam channel continuously properly control signals with secret keys, so are unpredictable interference devices, recoverable by ones equipped keys. To achieve ally friendly capability, we...

A fundamental assumption of link signature based security mechanisms is that the wireless signals received at two locations separated by more than half a wavelength are essentially uncorrelated. However, it has been observed in certain circumstances (e.g., with poor scattering and/or strong line-of-sight (LOS) component), this invalid. In paper, Correlation ATtack (CAT) proposed to demonstrate potential vulnerability such circumstances. Based on statistical inference, CAT explicitly exploits...

Despite its effectiveness in uncovering software defects, American Fuzzy Lop (AFL), one of the best grey-box fuzzers, is inefficient when fuzz-testing source-unavailable programs. AFL's binary-only fuzzing mode, QEMU-AFL, typically 2-5× slower than source- available mode. The slowdown largely caused by heavy dynamic instrumentation. Recent techniques use Intel Processor Tracing (PT), a light-weight tracing feature supported recent CPUs, to re- move need However, we found that these PT-based...

Motivated by information-theoretic security, link signature (LS)-based security mechanisms exploit the ample channel characteristics between wireless devices for establishment. Nevertheless, LS is originated from environments and hence may exhibit potential vulnerabilities that can be exploited adversary in vicinity. As to this, it widely believed existing literature on that, a half-wavelength guard zone sufficient decorrelate legitimate one thereby secures LS. However, such an assumption...

Code reuse attacks exploiting memory disclosure vulnerabilities can bypass all deployed mitigations. One promising defense against this class of is to enable execute-only (XOM) protection on top fine-grained address space layout randomization (ASLR). However, recent works implementing XOM, despite their efficacy, only protect programs that have been (re)built with new compiler support, leaving commercial-off-the-shelf (COTS) binaries and source-unavailable unprotected. We present the design...

This paper presents a novel technique - Multi-Channel Ratio (MCR) Decoding, which aims at providing an anti-jamming wireless communication capability for multi-antenna devices. The basic idea of MCR decoding is to fully leverage the repeated preamble signals and multi-channel characteristics in MIMO communications detect recover desired transmission under constant reactive jamming attacks. also reports analysis, implementation, experimental evaluations on software-defined radio platform...

Link signature (LS) provides security to wireless devices by exploiting multipath characteristics, with an essential assumption that half-wavelength separation is sufficient prevent nearby adversary sensors from effectively inferring the legitimate LS. However, such may be too optimistic; high channel correlation has been observed in real world experiments even when spatial much larger than half-wavelength. In fact, varies for different environments. Considering this, various...

SEAndroid is a mandatory access control (MAC) framework that can confine faulty applications on Android. Nevertheless, the effectiveness of enforcement depends employed policy. The growing complexity Android makes it difficult for policy engineers to have complete domain knowledge every system functionality. As result, sometimes craft over-permissive and ineffective rules, which unfortunately increased attack surface allowed multiple real-world privilege escalation attacks. We propose SPOKE,...

Although pesticide intermediates are a kind of typical toxic pollutant in contaminated sites, the remediation these contaminants groundwater and soils is limited concern. In present study we investigated performance novel heterogeneous oxidation system, biochar supported nanoscaled-zero valent iron (nZVI/BC) activated persulfate (PS), oxidative degradation nitrochlorobenzene (NCB), intermediate. Peanut shell based nZVI/BC was prepared used as PS activator. The kinetics m-, p-, o-NCB isomers...

The widespread deployment of control-flow integrity has propelled non-control data attacks into the mainstream. In domain OS kernel exploits, by corrupting critical data, local attackers can directly gain root access or privilege escalation without hijacking control flow. As a result, kernels have been restricting availability such data. This forces to continue search for more exploitable in kernels. However, discovering unknown be daunting because they are often tied heavily semantics and...

In wireless networks, location distinction aims to detect changes or facilitate authentication of users. To achieve distinction, recent research has focused on investigating the spatial uncorrelation property channels. Specifically, differences in channel characteristics are used distinguish locations identify changes. However, we discover a new attack against all existing approaches that built such an attack, adversary can easily hide her impersonate movements by injecting fake into target...

Due to its faster start-up speed and better resource utilization efficiency, OS-level virtualization has been widely adopted become a fundamental technology in cloud computing. Compared hardware virtualization, leverages the shared-kernel design achieve high efficiency runs multiple user-space instances (a.k.a., containers) on shared kernel. However, this paper, we reveal new attack surface that is intrinsic affecting Linux, FreeBSD, Fuchsia. The root cause results containers sharing...

Growing demand for energy-efficient, high-performance systems has resulted in the growth of innovative heterogeneous computing system architectures that use FPGAs. FPGA-based enable designers to implement custom instruction streams executing on potentially thousands compute elements. Traditionally, FPGAs have been used as elements PCI devices; however, this does not allow be co-processors. This paper describes a architecture is based Intel® Xeon® platform which one or more FPGAs, acting...

In wireless networks, location distinction aims to detect changes or facilitate authentication of users. To achieve distinction, recent research has been focused on investigating the spatial uncorrelation property channels. Specifically, differences channel characteristics are used distinguish locations identify changes.

In recent years, containerization has become a major trend in the cloud due to its high resource utilization efficiency and convenient DevOps support. However, complexity of container system also introduces attack surfaces. This paper aims summarize security challenges cloud. particular, we first divide whole into different layers according their functionalities, including kernel layer, orchestration layer. We then security-related technologies. After that, discuss for each Finally, present...

Hardware memory domain primitives, such as Intel MPK and ARM Memory Domain, have been used for efficient in-process isolation. However, they can only provide a limited number of domains (16 domains), which cannot satisfy the compelling need more isolated inside address space process. Existing solutions to virtualize are either intrusive (need modification existing hardware), or incur large performance overhead.

Ransomware has evolved from an economic nuisance to a national security threat nowadays, which poses significant risk users. To address this problem, we propose RansomTag, tag-based approach against crypto ransomware with fine-grained data recovery. Compared state-of-the-art SSD-based solutions, RansomTag makes progress in three aspects. First, it decouples the detection functionality firmware of SSD and integrates into lightweight hypervisor Type I. Thus, can leverage powerful computing...

Rust programming language is gaining popularity rapidly in building reliable and secure systems due to its security guarantees outstanding performance. To provide extra functionalities, the compiler introduces unstable features (RUF) extend functionality, syntax, standard library support. However, these are may get removed, introducing compilation failures dependent packages. Even worse, their impacts propagate through transitive dependencies, causing large-scale whole ecosystem. Although...

Less attention was paid to the remediation of volatile organic compounds (VOCs) contaminated soil treated by thermal conduction heating (TCH) coupled with chemical oxidization. In this study, lab-scale experiments trichloroethylene (TCE)-contaminated TCH and persulfate (TCH + PS) were performed explore influences PS usage, temperature, reaction time, variation properties. TCE removed from soils using a temperature lower than boiling point, removal ratio reached 78.21% time 6h at 60 °C....

It is essential to study the blast-induced vibration of cylindrical charge so as reduce ground level and protect surrounding environment. In this paper, Heelan model used generation propagation mechanisms blasting induced by single-hole charge. shows that superposition waves explosives in different positions causes increase peak particle velocity ( PPV) region along direction detonation waves. The vector VPPV) versus distance for stemming lengths SL) indicates linear attenuation between VPPV...

Core retail management functions include defining market areas and profiling customers. For tourism enterprises, are geographically dispersed with many customers residing beyond the immediate area surrounding attraction. Visualization analysis of these distributed significantly enhanced by capabilities Geographic Information System (GIS) technology help to support objectives. Unfortunately, businesses unable utilize GIS due its complexity expense. This study develops a decision tool for...