Adaptive link layer security architecture for telecommand communications in space networks

Impressive advances in space technology are enabling complex missions, with potentially significant and long term impacts on human life and activities. In the vision of future space exploration, communication links among planets, satellites,spacecrafts and crewed vehicles will be designed according to a new paradigm, known as the disruption tolerant networking. In this scenario, space channel peculiarities impose a massive reengineering of many of the protocols usually adopted in terrestrial networks; among them, security solutions are to be deeply reviewed, and tailored to the specific space requirements. Security is to be provided not only to the payload data exchanged on the network, but also to the telecommands sent to a spacecraft,along possibly differentiated paths. Starting from the secure space telecommand design developed by the Consultative Committee for Space Data Systems as a response to agency-based requirements, an adaptive link layer security architecture is proposed to address some of the challenges for future space networks. Based on the analysis of the communication environment and the error diffusion properties of the authentication algorithms, a suitable mechanism is proposed to classify frame retransmission requests on the basis of the originating event(error or security attack) and reduce the impact of security operations. An adaptive algorithm to optimize the space control protocol, based on estimates of the time varying space channel, is also presented. The simulation results clearly demonstrate that the proposed architecture is feasible and efficient, especially when facing malicious attacks against frame transmission.

Pusher:an augmented fuzzer based on the connection between input and comparison operand

Coverage based fuzzing is a widespread vulnerability detection technique,and it has exposed many bugs in many real-world programs.However,its attention is to eliminate the testing on the repeated paths,yet it still employs random mutation to generate inputs,which is blind to penetrate complex comparisons in the program.As a result,the testing coverage is limited.Despite some solution proposals are presented,this problem is still partially solved.This paper argues that random mutation is mainly limited by two challenges,the sizable search space and the lack of a useful feedback to direct the search.Then we present an augmented fuzzing technique by addressing these two challenges.First of all,we point out a black relationship between input contents and comparison operands,which is dubbed connection.Second,we present a novel method to collect the comparison operands during execution,which is leveraged to infer the connections.Based on the connections,the fuzzer can learn about which input byte affects on which comparison instruction to establish a smaller search space.Third,the connection provides a useful feedback to direct the search.We resort to a modern metaheuristic algorithm to satisfy this searching requirement.We developed a prototype Pusher and evaluated its performance on several benchmarks and four real-world programs.The experimental results demonstrate that Pusher works better than some other state-of-the-art fuzzers on bug detection,and can achieve a higher testing coverage.Moreover,we take a detailed statistic about the execution overhead in Pusher,and the results indicate that the execution overhead introduced by our approach is within an acceptable scope.