scholarly journals Determining the Image Base of Smart Device Firmware for Security Analysis

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Ruijin Zhu ◽  
Baofeng Zhang ◽  
Yu-an Tan ◽  
Jinmiao Wang ◽  
Yueliang Wan
Keyword(s):  
Security Analysis ◽  
Experimental Results ◽  
Common Method ◽  
Smart Devices ◽  
Smart Device ◽  
Security Issues ◽  
Automated Method ◽  
The Absolute

The authorization mechanism of smart devices is mainly implemented by firmware, yet many smart devices have security issues about their firmware. Limited research has focused on securing the firmware of smart devices, although increasingly more smart devices are used to deal with the very sensitive applications, activities, and data of users. Thus, research on smart device firmware security is of growing importance. Disassembly is a common method for evaluating the security of authorization mechanisms. When disassembling firmware, the processor type of the running environment and the image base of the firmware should first be determined. In general, the processor type can be obtained by tearing down the device or consulting the product manual. However, it is not easy to determine the image base of firmware. Since the processors of many smart devices are ARM architectures, in this paper, we focus on firmware under the ARM architecture and propose an automated method for determining the image base. By studying the storage law of the jump table in the firmware of ARM-based smart devices, we propose an algorithm, named determining the image base by searching jump tables (DBJT), to determine the image base. The experimental results indicate that the proposed method can successfully determine the image base of firmware, which stores the absolute address in the jump table.

scholarly journals A Rhythm-Based Authentication Scheme for Smart Media Devices

2014 ◽  
Vol 2014 ◽  
pp. 1-9 ◽  
Author(s):  
Jae Dong Lee ◽  
Young-Sik Jeong ◽  
Jong Hyuk Park
Keyword(s):  
Ubiquitous Computing ◽  
Private Information ◽  
High Efficiency ◽  
Smart Devices ◽  
Smart Device ◽  
Security Threats ◽  
Important Data ◽  
Security Issues ◽  
Range Of Functions ◽  
Smart Media

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users’ convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

scholarly journals Latency-Optimal Computational Offloading Strategy for Sensitive Tasks in Smart Homes

Sensors ◽  
2021 ◽  
Vol 21 (7) ◽  
pp. 2347
Author(s):  
Yanyan Wang ◽  
Lin Wang ◽  
Ruijuan Zheng ◽  
Xuhui Zhao ◽  
Muhua Liu
Keyword(s):  
Queue Length ◽  
Optimization Problem ◽  
Time Slot ◽  
Smart Homes ◽  
Back Pressure ◽  
Smart Devices ◽  
Smart Device ◽  
Simulation Results ◽  
Computational Offloading ◽  
The Stability

In smart homes, the computational offloading technology of edge cloud computing (ECC) can effectively deal with the large amount of computation generated by smart devices. In this paper, we propose a computational offloading strategy for minimizing delay based on the back-pressure algorithm (BMDCO) to get the offloading decision and the number of tasks that can be offloaded. Specifically, we first construct a system with multiple local smart device task queues and multiple edge processor task queues. Then, we formulate an offloading strategy to minimize the queue length of tasks in each time slot by minimizing the Lyapunov drift optimization problem, so as to realize the stability of queues and improve the offloading performance. In addition, we give a theoretical analysis on the stability of the BMDCO algorithm by deducing the upper bound of all queues in this system. The simulation results show the stability of the proposed algorithm, and demonstrate that the BMDCO algorithm is superior to other alternatives. Compared with other algorithms, this algorithm can effectively reduce the computation delay.

scholarly journals Privacy Leakage in Mobile Sensing: Your Unlock Passwords Can Be Leaked through Wireless Hotspot Functionality

2016 ◽  
Vol 2016 ◽  
pp. 1-14 ◽  
Author(s):  
Jie Zhang ◽  
Xiaolong Zheng ◽  
Zhanyong Tang ◽  
Tianzhang Xing ◽  
Xiaojiang Chen ◽  
...  
Keyword(s):  
Feature Extraction ◽  
Mobile Sensing ◽  
Experimental Results ◽  
Smart Devices ◽  
Detection Accuracy ◽  
Phase Information ◽  
Current Sensing ◽  
Privacy Leakage ◽  
Sensing Systems ◽  
Additional Hardware

Mobile sensing has become a new style of applications and most of the smart devices are equipped with varieties of sensors or functionalities to enhance sensing capabilities. Current sensing systems concentrate on how to enhance sensing capabilities; however, the sensors or functionalities may lead to the leakage of users’ privacy. In this paper, we present WiPass, a way to leverage the wireless hotspot functionality on the smart devices to snoop the unlock passwords/patterns without the support of additional hardware. The attacker can “see” your unlock passwords/patterns even one meter away. WiPass leverages the impacts of finger motions on the wireless signals during the unlocking period to analyze the passwords/patterns. To practically implement WiPass, we are facing the difficult feature extraction and complex unlock passwords matching, making the analysis of the finger motions challenging. To conquer the challenges, we use DCASW to extract feature and hierarchical DTW to do unlock passwords matching. Besides, the combination of amplitude and phase information is used to accurately recognize the passwords/patterns. We implement a prototype of WiPass and evaluate its performance under various environments. The experimental results show that WiPass achieves the detection accuracy of 85.6% and 74.7% for passwords/patterns detection in LOS and in NLOS scenarios, respectively.

Provably Secure Authentication Approach for Data Security in Cloud Using Hashing, Encryption, and Chebyshev-Based Authentication

2022 ◽  
Vol 16 (1) ◽  
pp. 0-0
Keyword(s):  
Data Security ◽  
Security Analysis ◽  
Data Communication ◽  
Computation Time ◽  
Computational Time ◽  
Security Issues ◽  
Authentication Mechanism ◽  
Cloud Server ◽  
Secure Authentication ◽  
Provably Secure

Secure and efficient authentication mechanism becomes a major concern in cloud computing due to the data sharing among cloud server and user through internet. This paper proposed an efficient Hashing, Encryption and Chebyshev HEC-based authentication in order to provide security among data communication. With the formal and the informal security analysis, it has been demonstrated that the proposed HEC-based authentication approach provides data security more efficiently in cloud. The proposed approach amplifies the security issues and ensures the privacy and data security to the cloud user. Moreover, the proposed HEC-based authentication approach makes the system more robust and secured and has been verified with multiple scenarios. However, the proposed authentication approach requires less computational time and memory than the existing authentication techniques. The performance revealed by the proposed HEC-based authentication approach is measured in terms of computation time and memory as 26ms, and 1878bytes for 100Kb data size, respectively.

scholarly journals A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

2018 ◽  
Vol 2018 ◽  
pp. 1-7 ◽  
Author(s):  
Run Xie ◽  
Chanlian He ◽  
Dongqing Xie ◽  
Chongzhi Gao ◽  
Xiaojun Zhang
Keyword(s):  
Cloud Computing ◽  
Mobile Devices ◽  
Data Privacy ◽  
Security Analysis ◽  
Data Retrieval ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Security Issues ◽  
Efficiency Comparison ◽  
Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

scholarly journals The Use of Smart Devices by Care Providers in Emergency Departments: A Cross-Sectional Study (Preprint)

2019 ◽  
Author(s):  
Mohamad Alameddine ◽  
Hussein Soueidan ◽  
Maha Makki ◽  
Hani Tamim ◽  
Eveline Hitti
Keyword(s):  
Health Center ◽  
Healthcare Providers ◽  
Target Population ◽  
Academic Health Center ◽  
Care Quality ◽  
Smart Devices ◽  
Smart Device ◽  
Care Providers ◽  
Cross Sectional ◽  
Academic Health

BACKGROUND The use of smart devices (SD) by healthcare providers in care settings is a common practice nowadays. Such use is not restricted to applications related to the care of patients but often extends to personal calls and applications with frequent prompts and interruptions. This enhances the risk of distractions caused by SD in the hospital settings and raises concerns on service quality and patient safety. Such concerns are exacerbated in complex care settings like the Emergency Department (ED). OBJECTIVE This study measured the frequency and patterns of SD use among healthcare providers in the ED of a large academic health center in Lebanon. The perceived consequences of care providers on using SDs on the provider-provider communication and the care quality of patients in ED were further assessed. The study further examined the factors associated with the use of smart devices and measured the approval for regulating such use. METHODS The study was carried at the ED of an academic health center in Lebanon. The ED received the highest volume of patient visits in the country. Data was collected using a cross-sectional electronic survey sent to all ED healthcare providers (n=236). The target population included core ED faculty members, attending physicians, residents, medical students, and the nursing care providers. RESULTS Half of the target population responded to the questionnaire. A total of 85.6% of the respondents use one or more medical applications on their smart devices. The respondents believed that using the SD in the ED improved the coordination among the care team (81.6%) and that it was beneficial to patient care (78.9%). In addition, 41.1% of the respondents acknowledged they were distracted when using their SD for non-work purposes. Furthermore, 54.8% of the respondents acknowledged having witnessed their colleagues committed a near miss or an error due to the smart device-caused distractions. Regression analysis revealed that age and missing information due to using the SD are major predictors of committing an error at the ED (p<0.05). Interestingly, more than 40% of the respondents were significantly addicted to using SD and more than third of them felt the need to cut down on such use. CONCLUSIONS The findings of this study make it imperative to safeguard the safety and wellbeing of patients, particularly in high intensity, high volume department such as the ED. Irrespective of the positive role the SD play in the healthcare process, the negative effects of its use mandate proper regulation. This is an ethical mandate taking into consideration the important consequences such use may have on care processes and outcomes.

The Negative Effects of Using Smart Devices on the Physical and Psychological Health of Palestinian Children aged (13-16) years from their Perspective

2020 ◽  
Vol 8 (3) ◽  
pp. 01-19
Author(s):  
Nuha Iter
Keyword(s):  
Psychological Health ◽  
Smart Devices ◽  
Smart Device ◽  
Negative Effects ◽  
Physical And Psychological Health ◽  
Palestinian Children ◽  
Open Question ◽  
High Degree ◽  
The Relationship ◽  
Descriptive Method

The study aimed to explore the negative effects of using smart devices on the physical and psychological health of children aged (13-16) years from their perspective. The study was applied to a random sample of children aged (13-16), consisting of (102) male and female students. The descriptive method was used to answer the study questions, and a questionnaire was developed to collect data, which contains (3) sections, first section asked about the most used and preferred devices by children aged (13-16) years, and the number of hours the child used the smart device, the second one asked about the negative effects of using the smart devices on the physical and psychological health of children aged (13-16) years from their perspective, and the third section is an open question to know other negative effects of using the smart devices on the physical and psychological health of children aged (13-16) years. The study achieved a set of results, such as the smartphones are the most used and preferred devices by children aged (13-16) years, where (57%) of the study sample preferred to use, and there is  (86.3%) of children aged (13-16) use these devices at average from 4 up to 6 hours daily.  The responders highly agreed upon the negative effects of the use of smart devices on the physical health with average (4.2); which is a high degree, also the responders highly agreed upon the negative effects of  the use of smart devices on the physiological health with average  is  (3.73) which is also high,  added there are other effects caused by the use of smart devices for long hours on  children aged (13-16); the low rate of family discussions, and causes the low writing skills for child.   Depending on the results of the study, the researcher recommends that:  researchers should conduct a correlative study to know the relationship between the effects and the number of hours of daily use of devices; families should rationalize the use of smart devices.

Human-Robot Interaction Design Using Smart Device Based Robot Partner

2019 ◽  
pp. 119-140
Author(s):  
Jinseok Woo ◽  
Naoyuki Kubota
Keyword(s):  
Nonverbal Communication ◽  
Interaction Design ◽  
Human Robot Interaction ◽  
Smart Devices ◽  
Smart Device ◽  
Design Support ◽  
Motion Patterns ◽  
Software Modules ◽  
Content Design ◽  
Design Support Environment

Nowadays, various robot partners have been developed to realize human-friendly interactions. In general, a robot system is composed of hardware modules, software modules, and application contents. It takes much time to design utterance contents and motion patterns as application contents simultaneously, but the design support systems mainly focus on the generation of robot motion patterns. Furthermore, a methodology is needed to easily change the specification of hardware and software according to diversified needs, and the developmental environment to design the application contents on verbal and nonverbal communication with people. In this paper, the authors propose robot partners with the modularized architecture of hardware and software by using smart devices, and propose a developmental environment to realize easy contents design of verbal and nonverbal communication. In order to solve the problem of difficulty in the content design, they develop a design support environment using design templates of communication application contents. Next, they apply the robot partner to navigate visitors to the robot contest of the system design forum held in Tokyo Metropolitan University. Finally, they show several examples of the interaction cases, and discuss the interaction design for smart device based robot partners.

Ensuring Correctness, Completeness, and Freshness for Outsourced Tree-Indexed Data

2010 ◽  
pp. 693-710
Author(s):  
Tran Khanh Dang
Keyword(s):  
Research Work ◽  
Data Integrity ◽  
Experimental Results ◽  
Actual Data ◽  
Service Model ◽  
Security Issues ◽  
Data Owner ◽  
Database Service ◽  
Outsourced Database ◽  
Theoretical Analyses

In an outsourced database service model, query assurance takes an important role among well-known security issues. To the best of our knowledge, however, none of the existing research work has dealt with ensuring the query assurance for outsourced tree-indexed data. To address this issue, the system must prove authenticity and data integrity, completeness, and freshness guarantees for the result set. These objectives imply that data in the result set is originated from the actual data owner and has not been tampered with; the server did not omit any tuples matching the query conditions; and the result set was generated with respect to the most recent snapshot of the database. In this paper, we propose a vanguard solution to provide query assurance for outsourced tree-indexed data on untrusted servers with high query assurance and at reasonable costs. Experimental results with real datasets confirm the effciency of our approach and theoretical analyses.

Threats and Vulnerabilities of Mobile Applications

2021 ◽  
pp. 473-492
Author(s):  
Thangavel M. ◽  
Divyaprabha M. ◽  
Abinaya C.
Keyword(s):  
Mobile Phone ◽  
Mobile Phones ◽  
Mobile Device ◽  
Mobile Applications ◽  
Smart Devices ◽  
Wireless Multimedia ◽  
Security Issues ◽  
Major Threat ◽  
Complete Set ◽  
Mobile Phone Security

Smart devices like mobile phones, tablets, and laptops have become necessities in our lives due to the services they provide. However, in recent days, mobile applications have become a major threat for an attack. One of the most attractive features of smartphones is the availability of a large number of apps for users to download and install. However, it also means hackers can easily distribute malware to smartphones, launching various attacks. Each day, a mobile device attack is changing dynamically, and it is very difficult to represent a complete set of threats and vulnerabilities. Mobile phone security has become an important aspect of security issues in wireless multimedia communications. The development of mobile applications has increased drastically; hence, it is our responsibility to protect our devices and the data within them. Being aware is the first step to protect data. Thus, to prevent the mobile from the threats, efforts are required to form the application developer, app market administrator, and user to defend against the malware. This article explores those threats and vulnerabilities of mobile applications.

Sign in / Sign up

Export Citation Format

Share Document