Publications
Tagged As
Guest editorial: special issue on hardware solutions for cyber security
Summary
Summary
A cyber system could be viewed as an architecture consisting of application software, system software, and system hardware. The hardware layer, being at the foundation of the overall architecture, must be secure itself and also provide effective security features to the software layers. In order to seamlessly integrate security hardware...
A compact end cryptographic unit for tactical unmanned systems
Summary
Summary
Under the Navy's Flexible Cyber-Secure Radio (FlexCSR) program, the Naval Information Warfare Center Pacific and the Massachusetts Institute of Technology's Lincoln Laboratory are jointly developing a unique cybersecurity solution for tactical unmanned systems (UxS): the FlexCSR Security/Cyber Module (SCM) End Cryptographic Unit (ECU). To deal with possible loss of unmanned...
Supporting security sensitive tenants in a bare-metal cloud
Summary
Summary
Bolted is a new architecture for bare-metal clouds that enables tenants to control tradeoffs between security, price, and performance. Security-sensitive tenants can minimize their trust in the public cloud provider and achieve similar levels of security and control that they can obtain in their own private data centers. At the...
Security considerations for next-generation operating systems for cyber-physical systems
Summary
Summary
Cyber-physical systems (CPSs) are increasingly targeted in high-profile cyber attacks. Examples of such attacks include Stuxnet, which targeted nuclear centrifuges; Crashoverride, and Triton, which targeted power grids; and the Mirai botnet, which targeted internet-of-things (IoT) devices such as cameras to carry out a large-scale distributed denial-of-service (DDoS) attack. Such attacks...
Secure input validation in Rust with parsing-expression grammars
Summary
Summary
Accepting input from the outside world is one of the most dangerous things a system can do. Since type information is lost across system boundaries, systems must perform type-specific input handling routines to recover this information. Adversaries can carefully craft input data to exploit any bugs or vulnerabilities in these...
Security and performance analysis of custom memory allocators
Summary
Summary
Computer programmers use custom memory allocators as an alternative to built-in or general-purpose memory allocators with the intent to improve performance and minimize human error. However, it is difficult to achieve both memory safety and performance gains on custom memory allocators. In this thesis, we study the relationship between memory...
Rulemaking for insider threat mitigation
Summary
Summary
This chapter continues the topic we started to discuss in the previous chapter – the human factors. However, it focuses on a specific method of enhancing cyber resilience via establishing appropriate rules for employees of an organization under consideration. Such rules aim at reducing threats from, for example, current or...
Leveraging Intel SGX technology to protect security-sensitive applications
Summary
Summary
This paper explains the process by which Intel Software Guard Extensions (SGX) can be leveraged into an existing codebase to protect a security-sensitive application. Intel SGX provides user-level applications with hardware-enforced confidentiality and integrity protections and incurs manageable impact on performance. These protections apply to all three phases of the...
OS independent and hardware-assisted insider threat detection and prevention framework
Summary
Summary
Governmental and military institutions harbor critical infrastructure and highly confidential information. Although institutions are investing a lot for protecting their data and assets from possible outsider attacks, insiders are still a distrustful source of information leakage. As malicious software injection is one among many attacks, turning innocent employees into malicious...
Designing secure and resilient embedded avionics systems
Summary
Summary
With an increased reliance on Unmanned Aerial Systems (UAS) as mission assets and the dependency of UAS on cyber resources, cyber security of UAS must be improved by adopting sound security principles and relevant technologies from the computing community. On the other hand, the traditional avionics community, being aware of...