December 2023
·
10 Reads
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
December 2023
·
10 Reads
October 2022
·
10 Reads
·
6 Citations
June 2022
·
27 Reads
·
9 Citations
May 2021
·
104 Reads
·
33 Citations
August 2020
·
202 Reads
·
1 Citation
Datenschutz und Datensicherheit - DuD
Zusammenfassung Eine etablierte Methode der Sicherheitsforschung zur Feststellung von Schwachstellen in Software ist Reverse Engineering. Verstößt eine solche Analyse von Programmen gegen das Urheberrecht? Mehrere deutsche Forscherteams erhielten nach der Veröffentlichung von gefundenen Schwachstellen Unterlassungserklärungen sowie Anträge auf einstweilige Verfügung von einem Anbieter von Sicherheitssoftware.
March 2020
·
43 Reads
·
2 Citations
November 2018
·
182 Reads
·
5 Citations
On Linux, most---if not all---debuggers use ptrace debugging API to control their target processes. However, ptrace proves unsatisfactory for many malware analysis and reverse engineering tasks: So-called split-personality malware often adapts its behavior in the presence of a debugger, yet ptrace makes no attempt to hide from a target process. Furthermore, ptrace enforces a strict one-to-many relation meaning that while each tracer can trace many tracees, each tracee can only be controlled by at most one tracer. Simultaneously, the complex API and signal-based communications provide opportunities for erroneous usage. Previous works have identified the newer uprobes tracing API as a candidate for building a replacement for ptrace, but ultimately rejected it due to lack of practical use and documentation. Building upon uprobes, we introduce plutonium-dbg, a Linux kernel module providing debugging facilities independent of the limitations of ptrace alongside a GDB-compatible interface. Our approach aims to mitigate some of the design flaws of ptrace that make it both hard to use and easy to detect by malicious software. We show how plutonium-dbg's design and implementation remove many of the most frequently named issues with ptrace, and that our method improves on traditional ptrace-based debuggers (GDB and LLDB) when evaluated on software samples that attempt to detect the presence of a debugger.
November 2018
·
69 Reads
·
2 Citations
With the increasing use of Ethernet-based communication backbones in safety-critical real-time domains, both efficient and predictable interfacing and cryptographically secure authentication of high-speed data streams are becoming very important. Although the increasing data rates of in-vehicle networks allow the integration of more demanding (e.g., camera-based) applications, processing speeds and, in particular, memory bandwidths are no longer scaling accordingly. The need for authentication, on the other hand, stems from the ongoing convergence of traditionally separated functional domains and the extended connectivity both in- (e.g., smart-phones) and outside (e.g., telemetry, cloud-based services and vehicle-to-X technologies) current vehicles. The inclusion of cryptographic measures thus requires careful interface design to meet throughput, latency, safety, security and power constraints given by the particular application domain. Over the last decades, this has forced system designers to not only optimize their software stacks accordingly, but also incrementally move interface functionalities from software to hardware. This paper discusses existing and emerging methods for dealing with high-speed data streams ranging from software-only via mixed-hardware/software approaches to fully hardware-based solutions. In particular, we introduce two approaches to acquire and authenticate GigE Vision Video Streams at full line rate of Gigabit Ethernet on Programmable SoCs suitable for future heterogeneous automotive processing platforms.
... На практике возможности этого подхода продемонстрированы только для небольшого количества параметров. Подход Katana [14] предлагает использовать для определения нужных для интроспекции смещений taint анализ. Прежде всего, на основе исходного кода ОС Linux строится база данных с информацией о функциях, выполняющих к полям операции доступа. ...
October 2022
... Among the disadvantages of these solutions, one can single out the need to purchase certain solutions, or the need to adapt the 1C:ERP UP 2 server to the requirements of 1C:Link, 1C-Connect. An alternative approach to implementing remote access without purchasing additional licences is the process of connecting to a remote server via an IPv4/IPv6 address, or using Remote Desktop Protocol (RDP) in remote application mode [4][5]. As can see from Fig. 1, the process of connecting to the 1C server via the RDP App works through the application layer (7) of the TCP/IP protocol using a self-signed server certificate. ...
June 2022
... Being a vital short-range wireless communication technology, Bluetooth has been used by numerous devices for various applications (e.g., earbuds, wearables, and sensors) [12]. Unfortunately, the past several years have also witnessed numerous security flaws, from implementation (e.g., leaking UUIDs [61], or misconfigurations [54]) to specification (e.g., BAIS attacks [5] and Method confusion attacks [53]) that have rendered billions of Bluetooth devices vulnerable to intruders [51]. While luckily these flaws have been discovered, most of them were identified with manual efforts. ...
May 2021
... At the kernel space level, the cryptographic file system can be implemented as a middleware layer to encrypt individual files or directories using file system filter driver technology in the Windows kernel [1,4,6,7] and Unix-like stackable file system [8,9]. Furthermore, a cryptographic file system can be implemented as a low-level file system layer, operating under the real file system, either as a block device layer attached to the storage disk itself [10] or a virtual disk driver [11] providing encryption for all single-or multiple-disk partitions. ...
March 2020
... This means that the tracer can inspect and control the execution and memory of the tracee. While this method is typically used by debuggers [51], it is also rarely used to implement deception strategies [8], although, this then needs to be coded at the machine code level, since that is the interface provided by ptrace. ...
November 2018
... There is now a rapid growth in the number of applications that involve some image or video processing within a control loop [24]. In other words, one or more sensors in such applications are video cameras or radar sensors, and they are referred to as visual servoing systems [25]. ...
November 2018