{"id":3295,"date":"2020-08-07T12:00:50","date_gmt":"2020-08-07T03:00:50","guid":{"rendered":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/?page_id=3295"},"modified":"2022-03-07T14:23:02","modified_gmt":"2022-03-07T05:23:02","slug":"2019-wp1","status":"publish","type":"page","link":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/2019_report\/2019-wp1\/","title":{"rendered":"WP1\uff5cFoundations for Building Secure Embedded Systems\/Binary Code Analysis"},"content":{"rendered":"<ul class=\"bogo-language-switcher\"><li class=\"en-US en current first\"><span class=\"bogoflags bogoflags-us\"><\/span> <span class=\"bogo-language-name\"><a rel=\"alternate\" hreflang=\"en-US\" href=\"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages\/3295\/\" title=\"English\" class=\"current\" aria-current=\"page\">English<\/a><\/span><\/li>\n<li class=\"ja last\"><span class=\"bogoflags bogoflags-jp\"><\/span> <span class=\"bogo-language-name\"><a rel=\"alternate\" hreflang=\"ja\" href=\"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/ja\/wp-json\/wp\/v2\/pages\/3295\/\" title=\"Japanese\">\u65e5\u672c\u8a9e<\/a><\/span><\/li>\n<\/ul>\n\n<div class=\"su-note\" id=\"\" style=\"border-color:#dfdfdf;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\"><div class=\"su-note-inner su-u-clearfix su-u-trim\" style=\"background-color:#f9f9f9;border-color:#ffffff;color:#333333;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\">In 2019,<br \/>\nWe aim to build a more secure and power-saving software system by expanding the domain-specific modeling language, code generator, and execution environment that we have been developing so far. In addition, in order to detect and deal with attacks in the IoT execution environment, we will proceed with research on attack detection methods and threat tracing.<\/p>\n<\/div><\/div>\n<h2>WP1 \uff5c Implementation report<\/h2>\n<h4>Expansion of framework <a id=\"wp1-1\"><\/a><\/h4>\n<p>Extending the domain-specific modeling language defined so far, <span style=\"font-size: 1rem;\"> End users can easily set security and privacy requests <\/span> Defined and built a development environment to describe the language. <span style=\"font-size: 1rem;\"> Specifically, end-user requirements such as the scope of distribution of data collected by IoT devices, the presence or absence of anonymization and encryption, and available power. Can be described. By combining with the &lt;\/ span&gt; <span style=\"font-size: 1rem;\"> code auto-generator in the next section, it is possible to pre-verify whether the application to be executed meets the end user&#8217;s requirements. <\/span><\/span><\/p>\n<h4>Secure and power-saving execution environment and expansion of automatic code generation <a id=\"wp1-2\"><\/a><\/h4>\n<p>Code auto-generator that takes the end-user request written in the above-mentioned domain-specific modeling language as input and outputs the Luster language for automatic verification in order to verify whether the downloaded IoT application meets the user&#8217;s request. Was developed. This makes it possible to perform pre-validation of applications based on the extended domain-specific modeling language. Furthermore, by incorporating a power model for the device to be executed into the generated Luster language code, it is possible to perform pre-verification considering power. Specifically, it is possible to describe the restriction that the application cannot be executed when the power of the device used by operating the application exceeds the request from the user. This does not simply add the maximum power of the device to be used, but can be disabled only when the maximum power is exceeded in a combination that can occur by actually executing the application.<\/p>\n<h4>Attack detection and threat tracing<a id=\"wp1-3\"><\/a><\/h4>\n<p>We conducted research on attack detection and threat tracing for network applications.<\/p>\n<h5><span style=\"color: #018748;\">[icon name=&#8221;angle-double-right&#8221; class=&#8221;&#8221; unprefixed_class=&#8221;&#8221;]<\/span> Suggestion of honeypot to be incorporated into framework<\/h5>\n<p>By incorporating the attack detection function into the framework of the web application, information such as the status of the web application can be used, and a method that can improve the attack detection performance compared to WAF (Web Application Firewall) is proposed and implemented. And confirmed the performance.<\/p>\n<h5><span style=\"color: #018748;\">[icon name=&#8221;angle-double-right&#8221; class=&#8221;&#8221; unprefixed_class=&#8221;&#8221;]\u00a0<\/span>Proposal of attack detection method in Hoppin<\/h5>\n<p>Also, since it is often uncertain with only one attack detection method, how to combine multiple attack detection methods to improve the accuracy of attack detection and further guide to the honeypot <span style=\"font-size: 1rem;\"> We had a discussion. <\/span><\/p>\n<p>We proposed an attack detection \/ defense system | Hoppin, which has a honey spot function and protects against attacks while at the same time collecting attacks.<\/p>\n<h5><span style=\"color: #018748;\">[icon name=&#8221;angle-double-right&#8221; class=&#8221;&#8221; unprefixed_class=&#8221;&#8221;]\u00a0<\/span>MTD implementation and effectiveness<\/h5>\n<p>Furthermore, we proposed an implementation method of MTD (Moving Target Defense) to prevent attacks of network applications after attack detection, and considered the effectiveness of the defense method.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>WP1 \uff5c Implementation report Expansion of framework Extending the domain-specific modeling language defined so far, End users can easily set security and privacy requests Defined and built a development environment to describe the language. Specifically, end-user requirements such as the scope of distribution of data collected by IoT devices, the presence or absence of anonymization [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"parent":3374,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"_g2\/page-onecolumn.php","meta":{"_locale":"en_US","_original_post":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/?page_id=502"},"_links":{"self":[{"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages\/3295"}],"collection":[{"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/comments?post=3295"}],"version-history":[{"count":11,"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages\/3295\/revisions"}],"predecessor-version":[{"id":4061,"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages\/3295\/revisions\/4061"}],"up":[{"embeddable":true,"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/pages\/3374"}],"wp:attachment":[{"href":"https:\/\/cs.kyushu-u.ac.jp\/sicorp-in\/wp-json\/wp\/v2\/media?parent=3295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}