New precisely cooperative attacks, such as the coordi- nated cross plane session termination (CXPST) attack, need thou- sands upon thousands machines to attack diverse selected links simultaneously with the given ra...New precisely cooperative attacks, such as the coordi- nated cross plane session termination (CXPST) attack, need thou- sands upon thousands machines to attack diverse selected links simultaneously with the given rate. However, almost all command and control(C&C) mechanisms only provide publishing one com- mand to the whole once, so-called one-to-all C&C model, and are not productive to support CXPST-alike attacks. In this paper, we present one-to-any C&C model on coordination among the unco- operative controlled nodes. As an instance of one-to-any C&C model, directional command publishing (DCP) mechanism lever- aging on Kademlia is provided with a range-mapping key creating algorithm for commands to compute the publishing range and a statistically stochastic node querying scheme to obtain the com- mands immediately. With theoretical analysis and simulation, it is indicated that one-to-any C&C model fits for precisely coordi- nated operation on uncooperative controlled nodes with least complexity, better accuracy and efficiency. Furthermore, DCP mechanism can support one-to-all command publishing at the same time. As an example of future C&C model, studying on one-to-any C&C model may help to promote the development of more efficient countermeasures.展开更多
The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use unive...The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.展开更多
基金Supported by the National Natural Science Foundation of China(61402526,61502528)
文摘New precisely cooperative attacks, such as the coordi- nated cross plane session termination (CXPST) attack, need thou- sands upon thousands machines to attack diverse selected links simultaneously with the given rate. However, almost all command and control(C&C) mechanisms only provide publishing one com- mand to the whole once, so-called one-to-all C&C model, and are not productive to support CXPST-alike attacks. In this paper, we present one-to-any C&C model on coordination among the unco- operative controlled nodes. As an instance of one-to-any C&C model, directional command publishing (DCP) mechanism lever- aging on Kademlia is provided with a range-mapping key creating algorithm for commands to compute the publishing range and a statistically stochastic node querying scheme to obtain the com- mands immediately. With theoretical analysis and simulation, it is indicated that one-to-any C&C model fits for precisely coordi- nated operation on uncooperative controlled nodes with least complexity, better accuracy and efficiency. Furthermore, DCP mechanism can support one-to-all command publishing at the same time. As an example of future C&C model, studying on one-to-any C&C model may help to promote the development of more efficient countermeasures.
基金supported by the National Natural Science Foundation of China (Nos.61572516 and 61503213)
文摘The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.