28(8), 735–746 (2002)Ĭostin, A., Zaddach, J.: Embedded devices security and firmware reverse engineering. 2016, PP(99):1–1.Ĭhen, D.D., Manuel, E., Maverick, W., David, B.: Towards automated dynamic analysis for Linux-based embedded firmware// network and distributed system security Symposium (2016)Ĭollberg, C.S., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection. Collective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks.
BlackHat (2013)Īriu, D., Tronci, R., Giacinto, G.: HMMPayl : an intrusion detection system based on hidden Markov models. Test results have demonstrated that we can capture security level for Sensitive Information as expected, detect potential leakage points in data lifetime (including unknown backdoors and vulnerabilities), describe fine-grained semantics of accidental leakage and secret leverage points, and generate relative hot fix to prevent further attack.Īpa, L., Penagos, C.M.: Compromising industrial facilities from 40 miles away. To verify our proposal, experimental tests are verified in a large number of IIoT applications and devices, including IP cameras, smart meters, PLCs and smart routers. Until now, it is the first defined SI guard method to detect SI-leakage scenarios and reject SI-leverage attack. To deal with these problems, we propose a new design, called, IIoT-SIDefender (IIoT-SID), we measure security degree of Sensitive Information via Analytic Hierarchy Process (AHP) and Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS), based on selected taint tracking and real-time memory modification, attack-defense and fix-distribution approaches are proposed.
To our best knowledge, no effective method can detect secret trace of SI thieves in Advanced Persistent Threat (APT), especially for backdoors and vulnerabilities in software or firmware.
However, how to measure security degree of Sensitive Information is an open issue. With Industry 4.0 and Internet of Things (IoT) era coming, remote passwords and control-flow vulnerabilities play a key role to detect attackers in Industry IoT (IIoT), who can easily complete remote session and control-flow hijacking on leverage of these types of Sensitive Information (SI).
0 kommentar(er)
