Combining static analysis and state transition graphs for verification of event-condition-action systems in the RERS 2012 and 2013 challenges

We present a combination of approaches for the verification of event-condition-action (ECA) systems. The analyzed ECA systems range from structurally simple to structurally complex systems. We address the verification of reachability properties and behavioral properties. Reachability properties are represented by assertions in the program and we determine statically whether an assertion holds for all execution paths. Behavioral properties are represented as linear temporal logic formulas specifying the input/output behavior of the program. Our approach assumes a finite state space. We compare a symbolic analysis with an exhaustive state space exploration and discuss the trade-offs between the approaches in terms of the number of computed states and run-time behavior. All variants compute a state transition graph which can also be passed to an LTL verifier. The variants have a different impact on the number of computed states in the state transition graph which in turn impacts the run-time and memory consumption of subsequent phases. We evaluate the different analysis variants with the RERS benchmarks.     

Applying symbolic bounded model checking to the 2012 RERS greybox challenge

We describe the application of ESBMC, a symbolic bounded model checker for C programs, to the 2012 RERS greybox challenge. We checked the reachability properties via reachability of the error labels, and the behavioral properties via a bounded LTL model checking approach. Our approach could solve about 700 properties for the small and medium problems from the offline phase, and scored overall about 5,000 marks but still ranked last in the competition.     

Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value

Radio Frequency IDentification (RFID ) system is a contactless automatic identification system using small, low-cost RFID tags. It enables recognition of the tag information via radio frequency communication, by attaching an RFID tag to an animate or inanimate object. Since an RFID system has the advantage of simultaneously recognizing massive amounts of information, it is expected to replace the bar-code system. The most important problem with an RFID system is that an adversary can access the tag information, which gives rise to privacy and forgery problems. This paper presents a hash-based mutual authentication protocol as a solution. The proposed protocol is designed to send a random number generated by a tag to a back-end server without disclosure. Moreover it substitutes a random number with a secret value, which is employed in a response message. The properties of the proposed protocol enable constant creation of distinct response messages without interferences from intended or meaningless requests generated by an adversary, while the secret value is not directly transmitted. Our proposed protocol make is difficult for an attacker to launch successful brute-force attacks against our approach.     

Analysis of brute-force break-ins of a palmprint authentication system.

Biometric authentication systems are widely applied because they offer inherent advantages over classical knowledge-based and token-based personal-identification approaches. This has led to the development of products using palmprints as biometric traits and their use in several real applications. However, as biometric systems are vulnerable to replay, database, and brute-force attacks, such potential attacks must be analyzed before biometric systems are massively deployed in security systems. This correspondence proposes a projected multinomial distribution for studying the probability of successfully using brute-force attacks to break into a palmprint system. To validate the proposed model, we have conducted a simulation. Its results demonstrate that the proposed model can accurately estimate the probability. The proposed model indicates that it is computationally infeasible to break into the palmprint system using brute-force attacks.     

Model-Based Debugging – State of the Art And Future Challenges

A considerable body of work on model-based software debugging (MBSD) has been published in the past decade. We summarise the underlying ideas and present the different approaches as abstractions of the concrete semantics of the programming language. We compare the model-based framework with other well-known Automated Debugging approaches and present open issues, challenges and potential future directions of MBSD.     

2012-2013年移动互联网发展趋势综述

2012年,中国移动互联网取得了快速的发展,用户、终端、网络、服务、行业等各方面都产生了巨大的变化;移动游戏、移动即时通信、移动SNS、移动购物、移动支付等业务都进步飞速。为深入分析我国移动互联网发展现状、趋势及存在的问题,本文总结了2012年国内移动互联网发展情况以及中国移动互联网用户的部分调研结果,简要分析了我国移动互联网产业存在的问题,并对2013年中国移动互联网的规模及发展特征做了一个简要的预测。     

Thoughtful Drawings: A Computational Model of the Cognitive Nature of Children''s Drawing

An interpretation of children's drawing is presented that is based on active perception of the world and the construction of an equivalent self contained two-dimensional world. This model is implemented in a computer program called Rose (Representation Of Spatial Experience). Inspired by the drawings of young children, Rose simulates the perception of the general form and structure of three-dimensional computer models and constructs equivalent childlike two-dimensional representations from them. Rose serves to illustrate the plausibility of the constructive process as a model for real children's drawing and in addition serves as an alternative approach to traditional computer graphic rendering.     

A genetic tango attack against the David–Prasad RFID ultra‐lightweight authentication protocol

Radio frequency identification (RFID) is a powerful technology that enables wireless information storage and control in an economical way. These properties have generated a wide range of applications in different areas. Due to economic and technological constrains, RFID devices are seriously limited, having small or even tiny computational capabilities. This issue is particularly challenging from the security point of view. Security protocols in RFID environments have to deal with strong computational limitations, and classical protocols cannot be used in this context. There have been several attempts to overcome these limitations in the form of new lightweight security protocols designed to be used in very constrained (sometimes called ultra‐lightweight) RFID environments. One of these proposals is the David–Prasad ultra‐lightweight authentication protocol. This protocol was successfully attacked using a cryptanalysis technique named Tango attack. The capacity of the attack depends on a set of boolean approximations. In this paper, we present an enhanced version of the Tango attack, named Genetic Tango attack, that uses Genetic Programming to design those approximations, easing the generation of automatic cryptanalysis and improving its power compared to a manually designed attack. Experimental results are given to illustrate the effectiveness of this new attack.     

基于攻击树和CVSS的网络攻击效果评估方法

为有效解决网络攻击效果评估中对指标数据的过度依赖性,提高网络攻击效果评估的准确性,提出了一种基于攻击树和CVSS的网络攻击效果评估方法 。首先,采用攻击树模型描述系统可能存在的攻击路径,并利用模糊层次分析法对各叶节点的发生概率进行求解;然后,基于CVSS漏洞信息建立网络攻击效果量化评估模型;最后,采用实例进行验证分析说明。该方法能够充分利用己有的攻击行为研究成果,评估结果较为客观,且思路清晰,算法简单,具有较强的通用性和工程应用价值。     

Use of a simulation game in delivering blended lifelong learning in the construction industry – Opportunities and Challenges

Continuing professional development (CPD) and life-long learning are vital to both individual and organisational success. For higher education, the intensive resource requirements requisite in the development of e-learning content and the challenges in accommodating different learning styles, developing an e-learning program can be a resource intensive exercise. A blended learning program has been developed in Ireland in an attempt to address the CPD needs of Irish construction professionals. This initiative attempts to strike a balance between the considerable resources required in the development of an e-learning initiative while addressing staff concerns in integrating technology in the delivery of programs. This pilot explores the issues encountered in integrating a simulation game, called MERIT, on a module as part of this blended learning program. The key finding from this research indicates that simulation games can play a very effective role in the delivery of lifelong learning opportunities aimed at the construction industry. However, management of the integration of a simulation game into a program requires careful planning, establishing key milestone dates and encouraging online collaboration through assigning of marks for effort and use of voice over IP communications.     

跨站脚本攻击实践及防范

本文对严重影响Web安全的XSS漏洞进行了概述,剖析了其产生的原因,对其攻击的类型和攻击的方式进行了说明和验证,并且针对XSS漏洞的攻击提出了一些有效的防范措施。     

病毒产业的集团化发展现状浅析

本文先从病毒集团产生的原因、组织结构及分工、获利手段和侵害方式、自我保护能力等方面详述病毒集团的发展现状。后从怎样保障互联网企业的正常获利、各方配合形成合力、主动出击追本溯源、用户自我防护及法律、法规对计算机病毒的重新界定等方面提出遏制病毒集团发展的一些设想。     

智能手机的病毒攻防

智能手机市场发展蕴含着巨大商机,也给病毒制造者带来了足够的动力。本文对目前主要的智能手机病毒侵入方式及侵害结果进行分类描述,对其发展趋势进行预测,并从普通用户、业务监管、网站监督等角度探讨如何应对智能手机病毒危害。     

An effective attack scenario construction model based on identification of attack steps and stages

International Journal of Information Security - A Network Intrusion Detection System is a network security technology for detecting intruder attacks. However, it produces a great amount of...     

Timing attack on NoC-based systems: Prime+Probe attack and NoC-based protection

Many authors have shown how to break the AES cryptographic algorithm with side channel attacks; specially the timing attacks oriented to caches, like Prime+Probe. In this paper, we present two practical timing attacks on NoC that improve Prime+Probe technique, the P+P Firecracker, and P+P Arrow. Our attacks target the communication between an ARM Cortex-A9 core and a shared cache memory. Furthermore, we evaluate a secure enhanced NoC as a countermeasure against the timing attack. Finally, we demonstrate that attacks on MPSoCs through the NoC are a real threat and need to be further explored.     

Strategic attack on the shrinking generator

The shrinking generator is a simple keystream generator with applications in stream ciphers, which is still considered as a secure generator. This work shows that, in order to cryptanalyze it, fewer intercepted bits than indicated by the linear complexity are necessary. Indeed, whereas the linear complexity of shrunken sequences is between A⋅2^(S−2)$A\cdot 2^{(S-2)}$ and A⋅2^(S−1)$A\cdot 2^{(S-1)}$, we claim that the initial states of both component registers are easily computed with fewer than A⋅S$A\cdot S$ shrunken bits located at particular positions. Such a result is proven thanks to the definition of shrunken sequences as interleaved sequences. Consequently, it is conjectured that this statement can be extended to all interleaved sequences. Furthermore, this paper confirms that certain bits of the interleaved sequences have a greater strategic importance than others, which must be considered as a proof of weakness of interleaved generators.