Program（Secure IoT Space workshop）

Speaker: Wai Kyi Kyi Oo

Abstract: With the aim of examining the applicability of moving target defense (MTD) to internet of things (IoT) environments, in this presentation, I will discuss two possible MTD mechanisms: IP address randomization and system call number randomization, together with threat models for each technique. Then, I will present proposed security metrics to evaluate the effectiveness.
The rapid development of IoT devices and their services introduce several types of cyber threats as most of them are vulnerable to exploits. As the development of security for IoT is in its early stage, it is thus essential to examine and consider effective defense solutions against potential attacks.
Moving Target Defense is one of the promising and feasible defense solutions to disrupt an attacker’s opportunity in making attacks, and some techniques have been practically implemented in traditional cyber systems. The idea is that giving uncertainties and difficulties to adversaries by continuously or dynamically randomizing variants of a protected system can reduce the likelihood of attack success, as well as increasing an attacker’s effort in terms of time, cost, and information.

Speaker: R. Madhukar Yerraguntla

Abstract: Synchronous reactive data flow is a paradigm that provides a high-level abstract programming model for embedded and cyber-physical systems, including the locally synchronous components of IoT systems.
Security in such systems is severely compromised due to low-level programming, ill-defined interfaces and inattention to security classification of data.
By incorporating a Denning-style lattice-based secure information flow framework into a synchronous reactive data flow language, we provide a framework in which correct-and-secure-by-construction implementations for such systems can be specified and derived.
In particular, we propose an extension of the Lustre programming framework with a security type system.
We prove the soundness of our type system with respect to the co-inductive operational semantics of Lustre by showing that well-typed programs exhibit non-interference.

Speaker: Takatsugu Ono

Abstract: A malware detection technique is one of the important challenges on IoT systems. In this talk, we introduce an allow list approach to detect malware dynamically. Programs that are executed on the IoT device are registered to the allow list. Our approach extracts the features of the programs on the allow list and develops a classifier. While a program is executed on the IoT device, our approach extracts the features and input them to the classifier in order to determine the program is registered on the allow list or not. If our approach judges that the program is not registered to the allow list, a processor aborts the execution immediately. In our evaluation, we use benchmark programs as the allow list and malware programs, and we confirm that our approach can classify the program correctly.

Speaker: Nivedita Shrivastava

Abstract: Modern x86 processors come with in-built high precision timers, which are accessed using the RDTSC instruction. This instruction is used in many applications that require a precise measurement of the execution time or the number of CPU cycles between two events of interest. Unfortunately, adversaries may use this instruction to mount various timing attacks since such timers expose a side-channel that leaks information. In this work, we propose an optimistic mitigation approach that will restrict the exploitation of the RDTSC instruction by creating alternative approaches that are provably more secure.
This work aims to explore and target various applications that use the RDTSC instruction and identify its exact use. We have analyzed the source code of various open-source applications using Intel’s PIN tool, and we have classified them according to the use of the RDTSC instruction. Based on our analyses, we have
classified the usage of such instructions into a few broad categories. We observe that for most of the usage patterns, the RDTSC mechanism can be supplanted with another hardware mechanism that achieves the same objective, albeit without creating an information-leaking side channel.
In some cases, it is possible to replace such hardware instructions with custom software-based counters that provide roughly equivalent information. We propose to use novel ML algorithms to identify such codes and restrict their usage depending upon users’ preferences.

Speaker: Haibo Zhang

Abstract: Supply chain 4.0 was coined with the emergence of Industry 4.0 systems coming with more diversities, opportunities and challenges. For this topic, we discuss applying trust methodology to supply chain 4.0 for better enhancing the security level within a trustworthy environment. We firstly analyze existing security vulnerabilities and cyber threats in modern supply chains, especially arising from the embedment of information technologies, such as the internet of things, RFID technology, cloud computing, edge computing, blockchain technology and more. We then discuss the application of zero trust security models to supply chain systems simultaneously working with other trust methods like the blockchain.
Finally, we provide a comprehensive review of recent literature works, and discuss how researchers can improve this research topic with solving existing security issues and move to more potential directions.

Speaker: Sandeep Kumar

Abstract: A trusted execution environment, or TEE, facilitates the secure execution of a workload on a remote untrusted server. The application’s security implies that the confidentiality, integrity, and freshness properties for the code and data hold during the execution. In a TEE setting, specifically Intel SGX, even the operating system (OS) is not trusted to ensure the security of the secure applications (applications running within the TEE). This results in certain limitations of a secure application’s functionality, such as no access to the file system and network – as it requires OS’s support.
We present SecureFS, a secure and efficient secure filesystem for Intel SGX. It works on unmodified binaries, and hence, does not require a re-compilation. SecureFS ensures that all the three security properties: confidentiality, integrity, and freshness holds for the data stored in it. The design of SecureFS is based on the insights obtained by profiling file system access pattern of TEE targeted applications. We have implemented a prototype of SecureFS on a real Intel SGX machine an integrated it with a library operating system for Intel SGX to provide complete security during an application’s execution. SecureFS outperforms the current state-of-the-art by up to 26%, while increasing the level of security provided.

Speaker: Kosuke Kaneko

Abstract: This talk is focus on blockchain technology.
In SICORP, our working package have researched and developed blockchain-based applications.
In this talk, the speaker will introduce three results of them.
One is a traffic management simulator using blockchain technology.
The second one is a privacy protection method to blockchain technology for VPP system.
The last one is a volunteer computing application using blockchain technology.
Also, from these results, we would like to reconsider about possibilities of blockchain technology.

Speaker: Sanjiva Prasad

Abstract: The lattice model proposed by Denning in her seminal work provided secure information flow analyses with an intuitive and uniform mathematical foundation. Different organisations, however, may employ quite different security lattices. In this paper, we propose a connection framework that permits different organisations to exchange information while maintaining both security of information flow as well as their autonomy in formulating and maintaining security policies. Our prescriptive framework is based on the rigorous mathematical framework of Lagois connections given by Melton, together with a simple operational model for transferring object data between domains. The merit of this formulation is that it is simple, minimal, adaptable and intuitive, and provides a formal framework for establishing secure information flow across autonomous interacting organisations. We show that our framework is semantically sound, by proving that the connections proposed preserve standard correctness notions such as non-interference.

Speaker: Yoshihiro Okada

Abstract: This talk treats IoT (Internet of Things) security education. Recently, Cybersecurity has become popular because of the many cyberattacks around the world. Similarly, IoT security has become very important because more and more devices are connected to the Internet in order to collect various types of data. Thus, IoT security education is of great importance. For IoT security education, we have to prepare educational materials that should include latest information about attacks against IoT devices. In this talk, the speaker introduces web-based educational material development frameworks based on Linked Data. Furthermore, for the higher educational efficiency, we have to provide attractive educational materials using latest ICT like 3D CG, audios and videos. So, the speaker also introduces several examples of such attractive materials for IoT security education developed using the frameworks.

Speaker: Geeta Yadav

Abstract: In this work, we address the critical need to prioritize patching the vulnerabilities on time. This is even more prominent with the advent of new technologies, usage of backup systems, updated standards, and new regulations on the systems’ safety and security. In this direction, we present SmartPatch- a patch prioritization method to address patch sequencing. It analyzes the possible attacker behavior as well as system criticality using game theory or decision making. It provides a patch prioritization strategy that is cost-constrained and reduces the impact of the possible attacks to a large extent.

Speaker: Alaa Allakany

Abstract: Cybersecurity education and training is very efficient element for security namely for securing IoT space. Users with good cybersecurity knowledge can help organizations and institutes to avoid many attacks. Many solutions are proposed for creating a cybersecurity training program; however, they are facing several limitations. In this research we will present some of the limitations of existing solutions then we proposed a framework for advanced cybersecurity education and training. To achieve the framework goal, the system design relies on the combination of: simulation of a specific IoT domain, detection of all possible attacks, and optimization of solutions that prevent the attacks. A simulation is required to dynamically create different IoT domains that fits the trainer’s requirements. Detection is required to find all possible attacks scenarios. Finally, optimization should be in to finds the minimum sets of vulnerabilities that should be fixed to protect the system. This framework will provides and allow for the organizations and trainers to select, simulate, detect, and mitigate the attack impact in a specific IoT domain.