FPGAPRO: A Defense Framework Against Crosstalk-Induced Secret Leakage in FPGA

With the emerging cloud-computing development, FPGAs are being integrated with cloud servers for higher performance. Recently, it has been explored to enable multiple users to share the hardware resources of a remote FPGA, i.e., to execute their own applications simultaneously. Although being a promising technique, multi-tenant FPGA unfortunately brings its unique security concerns. It has been demonstrated that the capacitive crosstalk between FPGA long-wires can be a side-channel to extract secret information, giving adversaries the opportunity to implement crosstalk-based side-channel attacks. Moreover, recent work reveals that medium-wires and multiplexers in configurable logic block (CLB) are also vulnerable to crosstalk-based information leakage. In this work, we propose FPGAPRO: a defense framework leveraging P lacement, R outing, and O bfuscation to mitigate the secret leakage on FPGA components, including long-wires, medium-wires, and logic elements in CLB. As a user-friendly defense strategy, FPGAPRO focuses on protecting the security-sensitive instances meanwhile considering critical path delay for performance maintenance. As the proof-of-concept, the experimental result demonstrates that FPGAPRO can effectively reduce the crosstalk-caused side-channel leakage by 138 times. Besides, the performance analysis shows that this strategy prevents the maximum frequency from timing violation.

X-ware: a proof of concept malware utilizing artificial intelligence

<p>Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures</p>

S×C4IoT: A Security-by-contract Framework for Dynamic Evolving IoT Devices

The Internet of Things (IoT) revolutionised the way devices, and human beings, cooperate and interact. The interconnectivity and mobility brought by IoT devices led to extremely variable networks, as well as unpredictable information flows. In turn, security proved to be a serious issue for the IoT, far more serious than it has been in the past for other technologies. We claim that IoT devices need detailed descriptions of their behaviour to achieve secure default configurations, sufficient security configurability, and self-configurability. In this article, we propose S×C4IoT, a framework that addresses these issues by combining two paradigms: Security by Contract (S×C) and Fog computing. First, we summarise the necessary background such as the basic S×C definitions. Then, we describe how devices interact within S×C4IoT and how our framework manages the dynamic evolution that naturally result from IoT devices life-cycles. Furthermore, we show that S×C4IoT can allow legacy S×C-noncompliant devices to participate with an S×C network, we illustrate two different integration approaches, and we show how they fit into S×C4IoT. Last, we implement the framework as a proof-of-concept. We show the feasibility of S×C4IoT and we run different experiments to evaluate its impact in terms of communication and storage space overhead.

The Case for Adaptive Security Interventions

Despite the availability of various methods and tools to facilitate secure coding, developers continue to write code that contains common vulnerabilities. It is important to understand why technological advances do not sufficiently facilitate developers in writing secure code. To widen our understanding of developers' behaviour, we considered the complexity of the security decision space of developers using theory from cognitive and social psychology. Our interdisciplinary study reported in this article (1) draws on the psychology literature to provide conceptual underpinnings for three categories of impediments to achieving security goals, (2) reports on an in-depth meta-analysis of existing software security literature that identified a catalogue of factors that influence developers' security decisions, and (3) characterises the landscape of existing security interventions that are available to the developer during coding and identifies gaps. Collectively, these show that different forms of impediments to achieving security goals arise from different contributing factors. Interventions will be more effective where they reflect psychological factors more sensitively and marry technical sophistication, psychological frameworks, and usability. Our analysis suggests “adaptive security interventions” as a solution that responds to the changing security needs of individual developers and a present a proof-of-concept tool to substantiate our suggestion.

Metasurfaces for Far-Field Radiation Pattern Correction of Antennas under Dielectric Seamed-Radomes

A high-index dielectric radome seam is camouflaged with respect to a low-index dielectric radome panel by tuning the seam with carefully engineered metasurfaces. A transmission-line approach is used to model the metasurface-tuned seam and analytically retrieve the corresponding surface impedance, from which the unit-cell design is then tailored. Full-wave simulations and microwave antenna measurements performed on a proof-of-concept prototype validate the undesired scattering suppression effect in the case of normally and obliquely incident transverse electric and transverse magnetic wave illuminations. Robustness of the proposed solution to fabrication tolerances is also reported. The study presents metasurface-tuning as an easily implementable, frequency adjustable, and polarization insensitive solution to reduce the scattering of dielectric mechanical seams and improve the overall transparency performance of radome structures.

On type-cases, union elimination, and occurrence typing

We extend classic union and intersection type systems with a type-case construction and show that the combination of the union elimination rule of the former and the typing rules for type-cases of our extension encompasses occurrence typing . To apply this system in practice, we define a canonical form for the expressions of our extension, called MSC-form. We show that an expression of the extension is typable if and only if its MSC-form is, and reduce the problem of typing the latter to the one of reconstructing annotations for that term. We provide a sound algorithm that performs this reconstruction and a proof-of-concept implementation.

Comparative Characterization and Identification of Poly-3-Hydroxybutyrate Producing Bacteria with Subsequent Optimization of Polymer Yield

In this work, the strains Bacillus megaterium BM 1, Azotobacter chrocococcumAz 3, Bacillus araybhattay RA 5 were used as an effective producer of poly-3-hydroxybutyrate P(3HB). The purpose of the study was to isolate and obtain an effective producer of P(3HB) isolated from regional chestnut soils of northern Kazakhstan. This study demonstrates the possibility of combining the protective system of cells to physical stress as a way to optimize the synthesis of PHA by strains. Molecular identification of strains and amplification of the phbC gene, transmission electron microscope (TEM), extracted and dried PHB were subjected to Fourier infrared transmission spectroscopy (FTIR). The melting point of the isolated P(3HB) was determined. The optimal concentration of bean broth for the synthesis of P(3HB) for the modified type of Bacillus megaterium RAZ 3 was 20 g/L, at which the dry weight of cells was 25.7 g/L−1 and P(3HB) yield of 13.83 g/L−1, while the percentage yield of P(3HB) was 53.75%. The FTIR spectra of the extracted polymer showed noticeable peaks at long wavelengths. Based on a proof of concept, this study demonstrates encouraging results.