Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.

Download Full-text

Assessing Terrorism Threats to New Zealand: The role of the Combined Threat Assessment Group

National Security Journal ◽

10.36878/nsj20200202.08 ◽

2020 ◽

Vol 2 (2) ◽

Author(s):

Keyword(s):

Public Service ◽

Threat Assessment ◽

Private Institutions ◽

Public And Private ◽

Threat Level ◽

Terrorism Threat ◽

And Function ◽

First Time ◽

Threat Assessments

This article has been produced by the Combined Threat Assessment Group (CTAG). It provides in detail, and publicly for the first time, a genuinely informed explanation for the origins and function of CTAG. It covers the nature and challenge of threat assessment, the methodology applied as well various iterations of the threat assessments that are undertaken. This leads on to an explanation of how New Zealand’s National Terrorism Threat Level is set. Overall, this article provides an informative and well-rounded explanation of the components that comprise the National Terrorism Threat Level and makes for essential reading for wider public service, academic, and security conscious public and private institutions across the country.

Download Full-text

Establishing Software Integrity Trust

Trust Modeling and Management in Digital Environments ◽

10.4018/978-1-61520-682-7.ch004 ◽

2010 ◽

pp. 78-100

Author(s):

Yongzheng Wu ◽

Roland H.C. Yap ◽

Rajiv Ramnath ◽

Felix Halim

Keyword(s):

Operating System ◽

Vulnerability Assessment ◽

System Security ◽

Public Key ◽

Security Measures ◽

Confidential Data ◽

Integrity Protection ◽

Authentication System ◽

Design Factors ◽

Microsoft Windows

Malware causes damage by stealing confidential data or making other software unusable. Ensuring software trustworthiness is difficult because malware may disguise itself to appear benign or trusted. This chapter explores the problem of making software more trustworthy through the use of binary integrity mechanisms. The authors review the problem of devising an effective binary integrity protection, and discuss how it complements other operating system security measures. They analyze design factors for binary integrity and compare existing systems. The authors then present a prototype which exemplifies a mandatory binary integrity mechanism and its integration within an operating system. Their system, BinAuth, demonstrates a practical, lightweight in-kernel binary authentication system for Microsoft Windows. A system like BinAuth shows that mandatory authentication is practical on complex commodity operating system like Windows. To deal with various constraints in the user’s environments, BinAuth uses a flexible scheme which does not mandate public key infrastructure (PKI) although it can take advantage of it. The authors also combine the authentication with a simple software-ID scheme which is useful for software management and vulnerability assessment.

Download Full-text

Designing Component-Based Heuristic Search Engines for Knowledge Discovery

Heuristic and Optimization for Knowledge Discovery ◽

10.4018/978-1-930708-26-6.ch005 ◽

2011 ◽

pp. 68-88

Author(s):

Craig M. Howard

Keyword(s):

Operating System ◽

Data Mining ◽

Knowledge Discovery ◽

Search Engines ◽

Rule Induction ◽

Object Oriented Design ◽

Modular Programming ◽

Software Packages ◽

Component Object ◽

Microsoft Windows

The overall size of software packages has grown considerably over recent years. Modular programming, object-oriented design and the use of static and dynamic libraries have all contributed towards the reusability and maintainability of these packages. One of the latest methodologies that aims to further improve software design is the use of component-based services. The Component Object Model (COM) is a specification that provides a standard for writing software components that are easily interoperable. The most common platform for component libraries is on Microsoft Windows, where COM objects are an integral part of the operating system and used extensively in most major applications. This chapter examines the use of COM in the design of search engines for knowledge discovery and data mining using modern heuristic techniques and how adopting this approach benefits the design of a commercial toolkit. The chapter describes how search engines have been implemented as COM objects and how representation and problem components have been created to solve rule induction problems in data mining.

Download Full-text

Enclaves for operating system protection

2016 Annual IEEE Systems Conference (SysCon) ◽

10.1109/syscon.2016.7490626 ◽

2016 ◽

Author(s):

Jacob I. Torrey ◽

Brent M. Sherman

Keyword(s):

Operating System ◽

System Protection

Download Full-text

Mobile Computing Business Factors and Operating Systems

Managing E-Commerce and Mobile Computing Technologies ◽

10.4018/978-1-93177-746-9.ch019 ◽

2011 ◽

pp. 272-278

Author(s):

Julie R. Mariga

Keyword(s):

Operating System ◽

Form Factor ◽

Mobile Computing ◽

Mobile Devices ◽

Market Share ◽

Operating Systems ◽

Windows Ce ◽

Security Issues ◽

Microsoft Windows ◽

Future Growth

This chapter introduces the enormous impact of mobile computing on both companies and individuals. Companies face many issues related to mobile computing. For example: which devices will be supported by the organization? which devices will fulfill the business objectives? which form factor will win? which features and networks will future devices offer? which operating systems will they run? what will all this cost? what are the security issues involved? what are the business drivers? This chapter will discuss the major business drivers in the mobile computing field, and provide an analysis of the top two operating systems that are currently running the majority of mobile devices. These platforms are the 1) Palm operating system (OS), and 2) Microsoft Windows CE operating system. The chapter will analyze the strengths and weaknesses of each operating system and discuss market share and future growth.

Download Full-text

Functional Test Case Generator for Contiki Operating System and Cooja Simulator

International Journal of Scientific and Engineering Research ◽

10.14299/ijser.2019.01.07 ◽

2019 ◽

Vol 10 (1) ◽

pp. 1251-1257

Author(s):

Abhinandan H Patil

Keyword(s):

Operating System ◽

Functional Test ◽

Test Suite ◽

Target System ◽

Test Case ◽

Test Cases ◽

Code Coverage ◽

Regression Test ◽

Run Time ◽

Configuration Systems

Evolving multi-parameter, multi-configuration systems require regression test suite that can be customized. This is in terms of run time. Run time can be customized by generating the combinations using combinatorial techniques. For systems like Contiki operating system, the test cases need to be executed in its simulator Cooja. Executing test cases in a simulator requires functional test cases to be generated from the combinatorial parameter combinations obtained. In this work we present a methodology to generate the functional test cases. We present Functional Test Case Generator for Contiki and Cooja (FTCGCC), which is a tool developed using our methodology. We demonstrate use of our tool by generating customizable regression test suite for Contiki and Cooja using code coverage as criteria. FTCGCC is developed for the test case generation when target System Under Test is IoT operating system Contiki and its simulator Cooja.

Download Full-text

Towards a diversification framework for operating system protection

Proceedings of the 15th International Conference on Computer Systems and Technologies - CompSysTech '14 ◽

10.1145/2659532.2659642 ◽

2014 ◽

Cited By ~ 6

Author(s):

Sampsa Rauti ◽

Johannes Holvitie ◽

Ville Leppänen

Keyword(s):

Operating System ◽

System Protection

Download Full-text

Enhanced Operating System Protection to Support Digital Forensic Investigations

2017 IEEE Trustcom/BigDataSE/ICESS ◽

10.1109/trustcom/bigdatase/icess.2017.296 ◽

2017 ◽

Cited By ~ 1

Author(s):

Jeffrey Todd McDonald ◽

Ramya Manikyam ◽

William Bradley Glisson ◽

Todd R. Andel ◽

Yuan Xiang Gu

Keyword(s):

Operating System ◽

System Protection ◽

Digital Forensic ◽

Forensic Investigations ◽

Digital Forensic Investigations

Download Full-text

Running Digital Micrograph on Linux and Mac OSX

Microscopy Today ◽

10.1017/s155192951200003x ◽

2012 ◽

Vol 20 (2) ◽

pp. 24-27 ◽

Cited By ~ 2

Author(s):

Robert Hovden

Keyword(s):

Operating System ◽

Open Source ◽

Operating Systems ◽

Ad Hoc ◽

Industry Standard ◽

Microsoft Windows ◽

Analyze Data

Gatan Digital Micrograph (DM) software is considered an industry standard among microscopists. The offline DM application is freely available from Gatan. Unfortunately, DM software has been designed to run only on Microsoft Windows operating systems, thus distancing the microscopy community from popular Unix-based systems, such as Linux or Mac OSX. An ad hoc solution to this problem has required a virtualized Windows operating system running on top of the user's native operating system. This is not only slow, having to emulate each processor instruction, but also requires installation and licensing of Windows and the virtualization software. However, with the aid of open-source resources, it is possible to run DM natively on Linux and Mac OSX (Figure 1). This article was written as a guide with easy-to-follow installation instructions to liberate users from the Windows emulation pidgeonhole and enable them to freely analyze data on Unix-based systems.

Download Full-text

Leadership Hijacking in Docker Swarm and Its Consequences

10.20944/preprints202105.0594.v1 ◽

2021 ◽

Author(s):

Adi Farshteindiker ◽

Rami Puzis

Keyword(s):

Operating System ◽

High Impact ◽

System Level ◽

Software Architectures ◽

Lateral Movement ◽

Cloud Infrastructure ◽

Trust Level ◽

Full Control ◽

Cloud Environments ◽

Container Orchestration

With the advent of microservice-based software architectures, an increasing number of modern cloud environments and enterprises use operating system level virtualization, often referred to as containers. Docker Swarm is one of the most popular container orchestration infrastructures, providing high availability and fault tolerance. Occasionally discovered container escape vulnerabilities allow adversaries to execute code on the host operating system and operate within the cloud infrastructure. We show that docker swarm is currently not secured against misbehaving manager nodes and allows a high impact, high probability privilege escalation attack that we refer to as leadership hijacking. Cloud lateral movement and defense evasion payloads allow an adversary to leverage the docker swarm functionality to control each and every host in the underlying cluster. We demonstrate an end-to-end attack, in which an adversary with access to an application running on the cluster achieves full control of the cluster. To reduce the probability of a successful high impact attack, container orchestration infrastructures must reduce the trust level of participating nodes and in particular, incorporate adversary immune leader election algorithms.

Download Full-text