VSpyware: Spyware in VANETs
ABSTRACT We illustrate how VSpyware - Vehicular Spyware - may jeopardize the integrity of vehicular systems. We propose a complete framework to protect vehicles against this threat based on a generic five-level protection scheme and customize it for the standardized and open specifications of AUTOSAR. We then inspect the vulnerabilities of the embedded operating systems, specifically OSEK OS, which is adopted by AUTOSAR, and propose methods to implement protection at this level. Finally, we show how our design thwarts VSpyware and VMalware attacks and protects the privacy and security of drivers and passengers.
- SourceAvailable from: Yennun Huang[Show abstract] [Hide abstract]
ABSTRACT: Spyware has become a significant threat to most Internet users as it introduces serious privacy disclosure, and potential security breach to the systems. It has not only utilized critical areas of the computer system to survive reboots, but also grown resilient against current anti-spyware tools; they are capable of self-healing themselves against deletion. Because existing anti-spyware tools are stateless in the sense that they do not remember or monitor the spyware programs that were deleted, they fail to remove self-healing spyware from the system completely. This paper proposes a stateful approach that is based on characterizing spyware invasion as a trust information flow problem, and implements STARS (stateful threat-aware removal system), which is a tool that at run time monitors critical system behaviors, and ensures that removed spyware programs do not reinstall themselves, to enforce information flow policy in the system. If a reinstallation (self-healing) is detected, STARS infers the source of such activities, and discovers additional ldquosuspiciousrdquo programs. Experimental results show that STARS is effective in removing self-healing spyware programs that resist removal by existing anti-spyware tools.IEEE Transactions on Reliability 01/2008; · 1.66 Impact Factor
Conference Paper: A Surveillance Spyware Detection System Based on Data Mining Methods[Show abstract] [Hide abstract]
ABSTRACT: The problem of spyware is incredibly serious and exceeds anyone's imagination. Combining static and dynamic analyses, we propose an integrated architecture to defend against surveillance spyware in this paper. Features extracted from both static and dynamic analyses are ranked according to their information gains. Then using top significant features we construct a Support Vector Machine (SVM) classifier for each client. In order to keep the classifier update-to-date, there is a machine playing as server to collect reports from all clients, retrain, and redistribute the new classifier to each client. Our surveillance spyware detection system (SSDS) has an overall accuracy rate up to 97.9% for known surveillance spywares and 96.4% for unknown ones.Evolutionary Computation, 2006. CEC 2006. IEEE Congress on; 01/2006
- [Show abstract] [Hide abstract]
ABSTRACT: Spyware - programs that monitor a computer user's activities and capture data about the user, storing the information so a third party can access it s a relatively new phenomenon. Spyware countermeasures are just now maturing beyond their initial capabilities, with many choices available to enterprises and individual users. As this field matures, threats and responses are becoming more sophisticated. One major concern has been the time lag between how quickly threats have evolved compared to how quickly counter-measures become available to deal with the threats. Spyware has evolved rapidly because of the profit motivation that spurs it forward. The good news is that countermeasures will grow dramatically in the near future, also because of a strong - and only recently recognized - profit potential. This will help the response catch up to the threat, but only if IT professionals understand how spyware works.IT Professional 10/2004; · 0.50 Impact Factor