Cybersecurity and Software Assurance
Permanent URI for this collectionhttps://hdl.handle.net/10125/107574
Browse
Recent Submissions
Item type: Item , Streamlining Attack Tree Generation: A Fragment-Based Approach(2024-01-03) Pekaric, Irdin; Frick, Markus; Adigun, Jubril Gbolahan; Groner, Raffaela; Witte, Thomas; Raschke, Alexander; Felderer, Michael; Tichy, MatthiasAttack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size, necessitating a significant amount of resources to generate. In addition, generating composited attack models for complex systems such as self-adaptive or AI is very difficult due to their nature to continuously change. In this paper, we present a novel fragment-based attack graph generation approach that utilizes information from publicly available information security databases. Furthermore, we also propose a domain-specific language for attack modeling, which we employ in the proposed attack graph generation approach. Finally, we present a demonstrator example showcasing the attack generator's capability to replicate a verified attack chain, as previously confirmed by security experts.Item type: Item , SGX-USB: Secure USB I/O Path for Secure Enclaves(2024-01-03) Jang, Yeongjin; Keem, SejinUser input plays an essential role in computer security because it can control system behavior and make security decisions. Output from the system to users is also important because it often contains security-critical information that must be protected in terms of its integrity and confidentiality, such as passwords and user’s private data. Despite the importance of user input and output (I/O), modern computer systems often fail to provide necessary security guarantees for them, which could result in serious security breaches. To establish trust in the user I/O in a commodity computer system, we present SGX-USB, which combines three essential security properties: confidentiality, integrity, and authenticity, to ensure the assurance of user I/O. SGX-USB establishes a trusted communication channel between the USB controller and an enclave instance of Intel SGX. The implemented system supports common user input devices, such as keyboards and mice, over the trusted channel, ensuring the integrity of user input.Item type: Item , Assessing the Feasibility of the Virtual Smartphone Paradigm in Countering Zero-Click Attacks(2024-01-03) Shafqat, Narmeen; Topcuoglu, Cem; Kirda, Engin; Ranganathan, AanjhanZero-click attacks exploit unpatched vulnerabilities in chat apps, such as WhatsApp and iMessage, enabling root access to the user's device without their interaction, thereby posing a significant privacy risk. While Apple's Lockdown mode and Samsung's Message Guard implement virtual sandboxes, it is crucial to recognize that sophisticated zero-click exploits can potentially bypass the sandbox and compromise the device. This paper explores the feasibility of countering such attacks by shifting the attack surface to a virtual smartphone ecosystem, developed using readily available off-the-shelf components. Considering that zero-click attacks are inevitable, our cross-platform security system is strategically designed to substantially reduce the impact and duration of any potential successful attack. Our evaluation highlighted several trade-offs between security and usability. Moreover, we share insights to inspire further research on mitigating zero-click attacks on smartphones.Item type: Item , Increasing Test Coverage via Mediated Activation of Adverse Cyber Events in Software-Intensive Systems(2024-01-03) Llanso, Thomas; Mcneil, MarthaThis paper describes an approach for more comprehensively and systematically evaluating the effect of adverse cyber events (ACEs) on system performance of software-intensive systems as compared to conventional testing approaches. Traditional operationally-oriented testing, such as the use of cyber red teams, typically only explores a small portion of the system attack surface subject to ACEs, including malicious adversary action. Our approach involves making automated, minimally intrusive, and fully reversible modifications to a software system to be tested. The modifications introduce “operational test points” that allow a test manager to induce availability and integrity effects at runtime. During testing, observers can monitor system, user, and defender performance as the effects of ACEs unfold; such information provides in-sights into the resilience of the system to ACE effects. As a complement to traditional cyber-related testing, we estimate via a model that the approach allows for more comprehensive operational testing of a system over a full range of ACEs.Item type: Item , Stabilizing D Flip-Flop Orbits with Self-Modifiable Differential Equations(2024-01-03) Fiske, MichaelRecent research has demonstrated electronic hardware attacks that sabotage pacemakers and insulin injectors. Injecting clock glitches can skip cryptographic instructions, defeating the security of the executing instructions. Typically, these various hardware attacks destabilize the dynamical behavior of the electronics. For over 70 years, flip-flops have been a fundamental building block of digital computers. For this reason, we focus our attention on a differential equation model of the D flip-flop. Our primary contribution applies self-modifiable differential equations to a D flip-flop model. In particular, meta operators can dynamically self-modify the differential equations of a flip-flop so that a noise attack is healed or ameliorated. Overall, we introduce new mathematical methods of healing a dynamical system that is performing a task.Item type: Item , Introduction to the Minitrack on Cybersecurity and Software Assurance(2024-01-03) Chamberlain, Luanne; George, Richard; Llanso, Thomas