APIs 2015 (Part 2)

 

Applications Programming Interfaces, APIs, are definitions of interfaces to systems or modules. As code is reused, more and more are modified from earlier code. For the Science of Security community, the problems of compositionality and resilience are direct. The research work cited here was presented in 2015.

---

E. Kowalczyk, A. M. Memon and M. B. Cohen, “Piecing Together App Behavior from Multiple Artifacts: A Case Study,” Software Reliability Engineering (ISSRE), 2015 IEEE 26th International Symposium on, Gaithersburg, MD, 2015, pp. 438-449. doi: 10.1109/ISSRE.2015.7381837

Abstract: Recent research in mobile software analysis has begun to combine information extracted from an app's source code and marketplace webpage to identify correlated variables and validate an app's quality properties such as its intended behavior, trust or suspiciousness. Such work typically involves analysis of one or two artifacts such as the GUI text, user ratings, app description keywords, permission requests, and sensitive API calls. However, these studies make assumptions about how the various artifacts are populated and used by developers, which may lead to a gap in the resulting analysis. In this paper, we take a step back and perform an in-depth study of 14 popular apps from the Google Play Store. We have studied a set of 16 different artifacts for each app, and conclude that the output of these must be pieced together to form a complete understanding of the app's true behavior. We show that (1) developers are inconsistent in where and how they provide descriptions; (2) each artifact alone has incomplete information; (3) different artifacts may contain contradictory pieces of information; (4) there is a need for new analyses, such as those that use image processing; and (5) without including analyses of advertisement libraries, the complete behavior of an app is not defined. In addition, we show that the number of downloads and ratings of an app does not appear to be a strong predictor of overall app quality, as these are propagated through versions and are not necessarily indicative of the current app version's behavior.

Keywords: application program interfaces; graphical user interfaces; mobile computing; source code (software); GUI text; Google Play Store; app description keywords; apps source code; marketplace webpage; mobile software analysis; permission requests; sensitive API calls; user ratings; Androids; Cameras; Data mining; Google; Humanoid robots; Security; Videos (ID#: 16-10066)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7381837&isnumber=7381793

 

R. Cziva, S. Jouet, K. J. S. White and D. P. Pezaros, “Container-Based Network Function Virtualization for Software-Defined Networks,” 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 2015, pp. 415-420. doi: 10.1109/ISCC.2015.7405550

Abstract: Today's enterprise networks almost ubiquitously deploy middlebox services to improve in-network security and performance. Although virtualization of middleboxes attracts a significant attention, studies show that such implementations are still proprietary and deployed in a static manner at the boundaries of organisations, hindering open innovation. In this paper, we present an open framework to create, deploy and manage virtual network functions (NF)s in OpenFlow-enabled networks. We exploit container-based NFs to achieve low performance overhead, fast deployment and high reusability missing from today's NFV deployments. Through an SDN northbound API, NFs can be instantiated, traffic can be steered through the desired policy chain and applications can raise notifications. We demonstrate the systems operation through the development of exemplar NFs from common Operating System utility binaries, and we show that container-based NFV improves function instantiation time by up to 68% over existing hypervisor-based alternatives, and scales to one hundred co-located NFs while incurring sub-millisecond latency.

Keywords: computer network performance evaluation; computer network security; software defined networking; virtualisation; NFV deployments; OpenFlow-enabled networks; SDN northbound API; container-based NF; container-based network function virtualization; enterprise networks; function instantiation time; hypervisor-based alternatives; in-network security; middlebox services; network performance; operating system utility binaries; performance overhead; policy chain; software-defined networks; systems operation; virtual network functions; Containers; Middleboxes; Noise measurement; Ports (Computers); Routing; Servers; Virtualization

(ID#: 16-10067)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7405550&isnumber=7405441

 

F. Shahzad, “Safe Haven in the Cloud: Secure Access Controlled File Encryption (SAFE) System,” Science and Information Conference (SAI), 2015, London, 2015, pp. 1329-1334. doi: 10.1109/SAI.2015.7237315

Abstract: The evolution of cloud computing has revolutionized how the computing is abstracted and utilized on remote third party infrastructure. It is now feasible to try out novel ideas over the cloud with no or very low initial cost. There are challenges in adopting cloud computing; but with obstacles, we have opportunities for research in several aspects of cloud computing. One of the main issue is the data security and privacy of information stored and processed at cloud provider's systems. In this work, a practical system (called SAFE) is designed and implemented to securely store/retrieve user's files on the third party cloud storage systems using well established cryptographic techniques. It utilizes the client-side, multilevel, symmetric/asymmetric encryption and decryption operations to provide policy-based access control and assured deletion of remotely hosted client's files. The SAFE is a generic application which can be extended to support any cloud storage provider as long as there is an API which support basic file upload and download operations.

Keywords: application program interfaces; authorisation; client-server systems; cloud computing; computer network security; cryptography; data privacy; outsourcing; API; SAFE system; client-side-multilevel asymmetric encryption operation; client-side-multilevel symmetric encryption operation; client-side-multilevel-asymmetric decryption operation; client-side-multilevel-symmetric decryption operation; cloud provider systems; cloud storage provider; cryptographic techniques; data security; file download operation; file upload operation; information privacy; policy-based access control; remote third-party infrastructure; remotely hosted client file deletion; secure access controlled file encryption system; third-party cloud storage systems; user file retrieval; user file storage; Access control; Cloud computing; Encryption; Java; Servers; Assured deletion; Cryptography; Data privacy; Secure storage (ID#: 16-10068)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7237315&isnumber=7237120

 

S. Chunwijitra et al., “The Strategy to Sustainable Sharing Resources Repository for Massive Open Online Courses in Thailand,” Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2015 12th International Conference on, Hua Hin, 2015, pp. 1-5. doi: 10.1109/ECTICon.2015.7206980

Abstract: The proposed paper investigates on the educational knowledge and resources to support lifelong Massive Open Online Courses (MOOC) especially in Thailand. In this paper, we proposed a strategy to provide resource center repository for sharing among e-Learning systems based on the Creative Commons license. An aim of the strategy is to develop a sustainable educational resource repository used for massive e-Learning systems. We decide to integrate the Open Educational Resources (OER) system and MOOC system by using a newly implemented FedX API for exchanging resources between them. FedX API applies the REST API and XBlock SDK to establish resources accession. Fifteen elements of Dublin Core metadata are agreed for inter-changing resources among OER systems that support the Open Archives Initiative (OAI) standard. The proposed system is designed to stand on a cloud computing system concerning the advantages of data storage, processing, bandwidth, and security.

Keywords: application program interfaces; cloud computing; computer aided instruction; open systems; security of data; storage management; FedX API; MOOC; OER system; REST API; Thailand; XBlock SDK; cloud computing system; data bandwidth; data processing; data security; data storage; e-learning system; massive open online course; open educational resources system; sustainable sharing resource repository; Electronic learning; Licenses; Standards; Massive Open Online Courses; Open Archives Initiative; Open Educational Resources; e-Learning (ID#: 16-10069)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7206980&isnumber=7206924

 

P. Dewan and P. Kumaraguru, “Towards Automatic Real Time Identification of Malicious Posts on Facebook,” Privacy, Security and Trust (PST), 2015 13th Annual Conference on, Izmir, 2015, pp. 85-92. doi: 10.1109/PST.2015.7232958

Abstract: Online Social Networks (OSNs) witness a rise in user activity whenever a news-making event takes place. Cyber criminals exploit this spur in user-engagement levels to spread malicious content that compromises system reputation, causes financial losses and degrades user experience. In this paper, we characterized a dataset of 4.4 million public posts generated on Facebook during 17 news-making events (natural calamities, terror attacks, etc.) and identified 11,217 malicious posts containing URLs. We found that most of the malicious content which is currently evading Facebook's detection techniques originated from third party and web applications, while more than half of all legitimate content originated from mobile applications. We also observed greater participation of Facebook pages in generating malicious content as compared to legitimate content. We proposed an extensive feature set based on entity profile, textual content, metadata, and URL features to automatically identify malicious content on Facebook in real time. This feature set was used to train multiple machine learning models and achieved an accuracy of 86.9%. We performed experiments to show that past techniques for spam campaign detection identified less than half the number of malicious posts as compared to our model. This model was used to create a REST API and a browser plug-in to identify malicious Facebook posts in real time.

Keywords: learning (artificial intelligence); meta data; security of data; social networking (online); Facebook detection technique; Facebook page; OSN; REST API; URL feature; automatic real time identification; browser plug-in; cyber criminal; financial loss; malicious content; malicious post; metadata; multiple machine learning model; online social network; spam campaign detection; system reputation; user activity; user-engagement level; Facebook; Malware; Real-time systems; Twitter; Uniform resource locators

(ID#: 16-10070)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232958&isnumber=7232940

 

H. Kondylakis et al., “Digital Patient: Personalized and Translational Data Management through the Myhealthavatar EU Project,” 2015 37th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC), Milan, 2015,

pp. 1397-1400. doi: 10.1109/EMBC.2015.7318630

Abstract: The advancements in healthcare practice have brought to the fore the need for flexible access to health-related information and created an ever-growing demand for the design and the development of data management infrastructures for translational and personalized medicine. In this paper, we present the data management solution implemented for the MyHealthAvatar EU research project, a project that attempts to create a digital representation of a patient's health status. The platform is capable of aggregating several knowledge sources relevant for the provision of individualized personal services. To this end, state of the art technologies are exploited, such as ontologies to model all available information, semantic integration to enable data and query translation and a variety of linking services to allow connecting to external sources. All original information is stored in a NoSQL database for reasons of efficiency and fault tolerance. Then it is semantically uplifted through a semantic warehouse which enables efficient access to it. All different technologies are combined to create a novel web-based platform allowing seamless user interaction through APIs that support personalized, granular and secure access to the relevant information.

Keywords: SQL; health care; medical information systems; ontologies (artificial intelligence); query processing; security of data; semantic Web; MyHealthAvatar EU research project; NoSQL database; Web-based platform; health-related information; healthcare practice; ontologies; personalized data management; personalized medicine; query translation; semantic warehouse; translational data management; translational medicine; Data models; Data warehouses; Europe; Joining processes; Medical services; Ontologies; Semantics (ID#: 16-10071)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7318630&isnumber=7318236

 

A. Arins, “Firewall as a Service in SDN OpenFlow Network,” Information, Electronic and Electrical Engineering (AIEEE), 2015 IEEE 3rd Workshop on Advances in, Riga, 2015, pp. 1-5. doi: 10.1109/AIEEE.2015.7367309

Abstract: Protecting publicly available servers in internet today is a serious challenge, especially when encountering Distributed denial-of-service (DDoS) attacks. In traditional internet, there is narrow scope of choices one can take when ingress traffic overloads physical connection limits. This paper proposes Firewall as a service in internet service providers (ISP) networks allowing end users to request and install match-action rules in ISPs edge routers. In proposed scenario, ISP runs Software Defined Networking environment where control plane is separated from data plane utilizing OpenFlow protocol and ONOS controller. For interaction between end-users and SDN Controller author defines an Application Programming Interface (API) over a secure SSL/TLS connection. The Controller is responsible for translating high-level logics in low-level rules in OpenFlow switches. This study runs experiments in OpenFlow test-bed researching a mechanism for end-user to discard packets on ISP edge routers thus minimizing their uplink saturation and staying on-line.

Keywords: Internet; application program interfaces; computer network security; firewalls; routing protocols; software defined networking; Firewall; ISP edge routers; ISP networks; Internet service provider networks; ONOS controller; OpenFlow protocol; OpenFlow switches; OpenFlow test-bed; SDN Controller; SDN OpenFlow network; SSL/TLS connection; application programming interface; data plane; distributed denial-of-service attacks; high-level logics; low-level rules; match-action rules; publicly available server protection; software defined networking environment; uplink saturation; Computer crime; Control systems; Firewalls (computing); IP networks; Servers; BGP; BGP experimentation; latency (ID#: 16-10072)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7367309&isnumber=7367271

 

A. J. Poulter, S. J. Johnston and S. J. Cox, “Using the MEAN Stack to Implement a RESTful Service for an Internet of Things Application,” Internet of Things (WF-IoT), 2015 IEEE 2nd World Forum on, Milan, 2015, pp. 280-285.

doi: 10.1109/WF-IoT.2015.7389066

Abstract: This paper examines the components of the MEAN development stack (MongoDb, Express.js, Angular.js, & Node.js), and demonstrate their benefits and appropriateness to be used in implementing RESTful web-service APIs for Internet of Things (IoT) appliances. In particular, we show an end-to-end example of this stack and discuss in detail the various components required. The paper also describes an approach to establishing a secure mechanism for communicating with IoT devices, using pull-communications.

Keywords: Internet of Things; Web services; application program interfaces; security of data; software tools; Angular.js; Express. js; Internet of Things application; IoT devices; MEAN development stack; MongoDb; Node.js; RESTful Web-service API; pull-communications; secure mechanism; Databases; Hardware; Internet of things; Libraries; Logic gates; Servers; Software; Angular. js; Express.js; IoT; MEAN; REST; web programming (ID#: 16-10073)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7389066&isnumber=7389012

 

S. Colbran and M. Schulz, “An Update to the Software Architecture of the iLab Service Broker,” Remote Engineering and Virtual Instrumentation (REV), 2015 12th International Conference on, Bangkok, 2015, pp. 90-93. doi: 10.1109/REV.2015.7087269

Abstract: The MIT iLab architecture (consisting of Lab Servers and Service Brokers) was designed in the 1990's and while the Lab Server was designed as a software service the same architectural approach was not adopted for the Service Broker. This paper reports on a redesign of the Service Broker as a software service, which is itself a collection of software services. In the process of this redesign it was decided to examine the API on the Lab Server and to support not only the existing Lab Server API (to maintain support for all existing iLab Lab Servers) but to concurrently support an alternative lightweight API based upon a RESTful architecture and to use JSON to encode the data. As these changes required a complete rewrite of the Service Broker code base, it was decided to experiment with an implementation of the services using Node.js — a popular approach to the implementation of servers in Javascript. The intention was to open up the code base to code developers normally associated with web development and not normally associated with the development of remote laboratories. A new software service named an “agent” was developed that wraps around the service broker to allow programmable modification of requests. The agent also has the ability to serve up an interface to user clients. The use of agents has advantages over existing implementations because it allows customised authentication schemes (such as OAuth) as well as providing different user groups with unique Lab Clients to the same Lab Servers. Lab Clients no longer are served up through the Service Broker, but can reside anywhere on the Internet and access the Service Broker via access to a suitable agent. One outcome of these architectural changes has been the introduction of a simple integration of a remote laboratory in the Blackboard Learning Management System (LMS) using a Learning Tool Interoperability (LTI) module for user authentication.

Keywords: Internet; Java; application program interfaces; learning management systems; open systems; security of data; software architecture; user interfaces; API; Blackboard learning management system; JSON; Javascript; LMS; LTI module; Lab Server; MIT iLab architecture; Node.js; RESTful architecture; customised authentication schemes; iLab service broker; learning tool interoperability; remote laboratory; software service; user authentication; Authentication; Computer architecture; Protocols; Remote laboratories; Servers; Software; ISA; ISABM; MIT iLab; Web Services; iLab Service Broker (ID#: 16-10074)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7087269&isnumber=7087248

 

B. Caillat, B. Gilbert, R. Kemmerer, C. Kruegel and G. Vigna, “Prison: Tracking Process Interactions to Contain Malware,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1282-1291. doi: 10.1109/HPCC-CSS-ICESS.2015.297

Abstract: Modern operating systems provide a number of different mechanisms that allow processes to interact. These interactions can generally be divided into two classes: inter-process communication techniques, which a process supports to provide services to its clients, and injection methods, which allow a process to inject code or data directly into another process' address space. Operating systems support these mechanisms to enable better performance and to provide simple and elegant software development APIs that promote cooperation between processes. Unfortunately, process interaction channels introduce problems at the end-host that are related to malware containment and the attribution of malicious actions. In particular, host-based security systems rely on process isolation to detect and contain malware. However, interaction mechanisms allow malware to manipulate a trusted process to carry out malicious actions on its behalf. In this case, existing security products will typically either ignore the actions or mistakenly attribute them to the trusted process. For example, a host-based security tool might be configured to deny untrusted processes from accessing the network, but malware could circumvent this policy by abusing a (trusted) web browser to get access to the Internet. In short, an effective host-based security solution must monitor and take into account interactions between processes. In this paper, we present Prison, a system that tracks process interactions and prevents malware from leveraging benign programs to fulfill its malicious intent. To this end, an operating system kernel extension monitors the various system services that enable processes to interact, and the system analyzes the calls to determine whether or not the interaction should be allowed. Prison can be deployed as an online system for tracking and containing malicious process interactions to effectively mitigate the threat of malware. The system can also be used as a dynamic analysis too- to aid an analyst in understanding a malware sample's effect on its environment.

Keywords: Internet; application program interfaces; invasive software; online front-ends; operating system kernels; software engineering; system monitoring; Prison; Web browser; code injection; dynamic analysis tool; host-based security solution; host-based security systems; injection method; interprocess communication technique; malicious action attribution; malware containment; operating system kernel extension; process address space; process interaction tracking; process isolation; software development API; trusted process; Browsers; Kernel; Malware; Monitoring; inter-process communication; ; prison; windows (ID#: 16-10075)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336344&isnumber=7336120

 

W. He and D. Jap, “Dual-Rail Active Protection System Against Side-Channel Analysis in FPGAs,” 2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP), Toronto, ON, 2015, pp. 64-65. doi: 10.1109/ASAP.2015.7245707

Abstract: The security of the implemented cryptographic module in hardware has seen severe vulnerabilities against Side-Channel Attack (SCA), which is capable of retrieving hidden things by observing the pattern or quantity of unintentional information leakage. Dual-rail Precharge Logic (DPL) theoretically thwarts side-channel analyses by its low-level compensation manner, while the security reliability of DPLs can only be achieved at high resource expenses and degraded performance. In this paper, we present a dynamic protection system for selectively configuring the security-sensitive crypto modules to SCA-resistant dual-rail style in the scenario that the real-time threat is detected. The threat-response mechanism helps to dynamically balance the security and cost. The system is driven by a set of automated dual-rail conversion APIs for partially transforming the cryptographic module into its dual-rail format, particularly to a highly secure symmetric and interleaved placement. The elevated security grade from the safe to threat mode is validated by EM based mutual information analysis using fine-grained surface scan to a decapsulated Virtex-5 FPGA on SASEBO GII board.

Keywords: cryptography; field programmable gate arrays; reliability; DPL; EM based mutual information analysis; SASEBO GII board; SCA-resistant dual-rail style; Virtex-5 FPGA; automated dual-rail conversion API; cryptographic module; dual-rail active protection system; dual-rail format; dual-rail precharge logic; dynamic protection system; fine-grained surface scan; information leakage; security reliability; security-sensitive cryptomodules; side-channel analysis; side-channel attack; threat-response mechanism; Ciphers; Field programmable gate arrays; Hardware; Mutual information; Rails (ID#: 16-10076)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7245707&isnumber=7245687

 

M. K. Debnath, S. Samet and K. Vidyasankar, “A Secure Revocable Personal Health Record System with Policy-Based Fine-Grained Access Control,” Privacy, Security and Trust (PST), 2015 13th Annual Conference on, Izmir, 2015, pp. 109-116. doi: 10.1109/PST.2015.7232961

Abstract: Collaborative sharing of information is becoming much more needed technique to achieve complex goals in today's fast-paced tech-dominant world. In our context, Personal Health Record (PHR) system has become a popular research area for sharing patients information very quickly among health professionals. PHR systems store and process sensitive information, which should have proper security mechanisms to protect data. Thus, access control mechanisms of the PHR should be well-defined. Secondly, PHRs should be stored in encrypted form. Therefore, cryptographic schemes offering a more suitable solution for enforcing access policies based on user attributes are needed. Attribute-based encryption can resolve these problems. We have proposed a framework with fine-grained access control mechanism that protects PHRs against service providers, and malicious users. We have used the Ciphertext Policy Attribute Based Encryption system as an efficient cryptographic technique, enhancing security and privacy of the system, as well as enabling access revocation in a hierarchical scheme. The Web Services and APIs for the proposed framework have been developed and implemented, along with an Android mobile application for the system.

Keywords: authorisation; cryptography; data protection; electronic health records; API; Android mobile application; PHR system; Web services; access policies; access revocation; ciphertext policy attribute based encryption system; collaborative information sharing; cryptographic schemes; cryptographic technique; health professionals; malicious users; patients information sharing; policy-based fine-grained access control; secure revocable personal health record system; security mechanisms; service providers; system privacy; system security; tech-dominant world; user attributes; Access control; Data privacy; Encryption; Medical services; Servers; Attribute Revocation; Attribute-Based Encryption; Fine-Grained Access Control; Patient-centric Data Privacy; Personal Health Records

(ID#: 16-10077)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232961&isnumber=7232940

 

S. Hou, L. Chen, E. Tas, I. Demihovskiy and Y. Ye, “Cluster-Oriented Ensemble Classifiers for Intelligent Malware Detection,” Semantic Computing (ICSC), 2015 IEEE International Conference on, Anaheim, CA, 2015, pp. 189-196. doi: 10.1109/ICOSC.2015.7050805

Abstract: With explosive growth of malware and due to its damage to computer security, malware detection is one of the cyber security topics that are of great interests. Many research efforts have been conducted on developing intelligent malware detection systems applying data mining techniques. Such techniques have successes in clustering or classifying particular sets of malware samples, but they have limitations that leave a large room for improvement. Specifically, based on the analysis of the file contents extracted from the file samples, existing researches apply only specific clustering or classification methods, but not integrate them together. Actually, the learning of class boundaries for malware detection between overlapping class patterns is a difficult problem. In this paper, resting on the analysis of Windows Application Programming Interface (API) calls extracted from the file samples, we develop the intelligent malware detection system using cluster-oriented ensemble classifiers. To the best of our knowledge, this is the first work of applying such method for malware detection. A comprehensive experimental study on a real and large data collection from Comodo Cloud Security Center is performed to compare various malware detection approaches. Promising experimental results demonstrate that the accuracy and efficiency of our proposed method outperform other alternate data mining based detection techniques.

Keywords: application program interfaces; data mining; invasive software; pattern classification; pattern clustering; Comodo Cloud Security Center; Windows API; Windows application programming interface; cluster-oriented ensemble classifiers; computer security; cybersecurity; data mining techniques; intelligent malware detection; Training (ID#: 16-10078)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7050805&isnumber=7050753

 

L. Chen, T. Li, M. Abdulhayoglu and Y. Ye, “Intelligent Malware Detection Based on File Relation Graphs,” Semantic Computing (ICSC), 2015 IEEE International Conference on, Anaheim, CA, 2015, pp. 85-92. doi: 10.1109/ICOSC.2015.7050784

Abstract: Due to its damage to Internet security, malware and its detection has caught the attention of both anti-malware industry and researchers for decades. Many research efforts have been conducted on developing intelligent malware detection systems. In these systems, resting on the analysis of file contents extracted from the file samples, like Application Programming Interface (API) calls, instruction sequences, and binary strings, data mining methods such as Naive Bayes and Support Vector Machines have been used for malware detection. However, driven by the economic benefits, both diversity and sophistication of malware have significantly increased in recent years. Therefore, anti-malware industry calls for much more novel methods which are capable to protect the users against new threats, and more difficult to evade. In this paper, other than based on file contents extracted from the file samples, we study how file relation graphs can be used for malware detection and propose a novel Belief Propagation algorithm based on the constructed graphs to detect newly unknown malware. A comprehensive experimental study on a real and large data collection from Comodo Cloud Security Center is performed to compare various malware detection approaches. Promising experimental results demonstrate that the accuracy and efficiency of our proposed method outperform other alternate data mining based detection techniques.

Keywords: belief maintenance; cloud computing; data mining; invasive software; support vector machines; API call; Comodo cloud security center; Internet security; anti-malware industry; application programming interface; belief propagation algorithm; binary strings; data mining method; file relation graph; instruction sequences; intelligent malware detection system; malware diversity; malware sophistication; naive Bayes method; Facebook; Welding (ID#: 16-10079)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7050784&isnumber=7050753

 

A. Javed and M. Akhlaq, “Patterns in Malware Designed for Data Espionage and Backdoor Creation,” 2015 12th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, 2015, pp. 338-342. doi: 10.1109/IBCAST.2015.7058526

Abstract: In the recent past, malware have become a serious cyber security threat which has not only targeted individuals and organizations but has also threatened the cyber space of countries around the world. Amongst malware variants, trojans designed for data espionage and backdoor creation dominates the threat landscape. This necessitates an in depth study of these malware with the scope of extracting static features like APIs, strings, IP Addresses, URLs, email addresses etc. by and large found in such malicious codes. Hence in this research paper, an endeavor has been made to establish a set of patterns, tagged as APIs and Malicious Strings persistently existent in these malware by articulating an analysis framework.

Keywords: application program interfaces; feature extraction; invasive software; APIs; backdoor creation; cyber security threat; data espionage; malicious codes; malicious strings; malware; static feature extraction; trojans; Accuracy; Feature extraction; Lead; Malware; Sensitivity (ID#: 16-10080)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058526&isnumber=7058466

 

W. Li, J. Ge and G. Dai, “Detecting Malware for Android Platform: An SVM-Based Approach,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 464-469. doi: 10.1109/CSCloud.2015.50

Abstract: In recent years, Android has become one of the most popular mobile operating systems because of numerous mobile applications (apps) it provides. However, the malicious Android applications (malware) downloaded from third-party markets have significantly threatened users' security and privacy, and most of them remain undetected due to the lack of efficient and accurate malware detection techniques. In this paper, we study a malware detection scheme for Android platform using an SVM-based approach, which integrates both risky permission combinations and vulnerable API calls and use them as features in the SVM algorithm. To validate the performance of the proposed approach, extensive experiments have been conducted, which show that the proposed malware detection scheme is able to identify malicious Android applications effectively and efficiently.

Keywords: invasive software; mobile computing; support vector machines; API calls; Android platform; SVM-based approach; application program interface; malware detection; mobile applications; mobile operating systems; user privacy; user security; Androids; Feature extraction; Humanoid robots; Malware; Mobile communication; Smart phones; Android; Support Vector Machine (SVM); TF-IDF; malware (ID#: 16-10081)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371523&isnumber=7371418

 

H. Chen, L. J. Zhang, B. Hu, S. Z. Long and L. H. Luo, “On Developing and Deploying Large-File Upload Services of Personal Cloud Storage,” Services Computing (SCC), 2015 IEEE International Conference on, New York, NY, 2015, pp. 371-378. doi: 10.1109/SCC.2015.58

Abstract: Personal cloud storage is rapidly gaining popularity. A number of Internet service providers, such as Google and Baidu, entered this emerging market and developed a variety of cloud storage services. These ubiquitous services allow people to access personal files all over the world at anytime. With the prevalence of mobile Internet and rich media on web, more and more people use cloud storage for storing working documents, music, private photos and movies. Nevertheless, the size of the media files is often beyond the upper limit that a normal form-based file upload allows hence dedicated large-file upload services are required to be developed. Although various cloud vendors offer versatile cloud storage services, very little is known about the detailed development and deployment of the large-file upload services. This paper proposes a complete solution of large-file upload service, with the contributions in manyfold: Firstly, we do not limit the maximum size of a large file that can be uploaded. This is extremely practical to store huge database files from ERP tools. Secondly, we developed large-file upload service APIs that have very strict verification of correctness, to reduce the risk of data inconsistency. Thirdly, we extend the service developed recently for team collaboration with the capability of handling large files. Fourthly, this paper is arguably the first one that formalizes the testing and deployment procedures of large-file upload services with the help of Docker. In general, most large-file upload services are exposed to the public, facing security and performance issues, which brings much concern. With the proposed Docker-based deployment strategy, we can replicate the large-file upload service agilely and locally, to satisfy massive private or local deployment of KDrive. Finally, we evaluate and analyze the proposed strategies and technologies in accordance to the experimental results.

Keywords: Internet; application program interfaces; cloud computing; mobile computing; storage management; Docker-based deployment strategy; ERP tools; Internet service providers; cloud storage services; database files; large-file upload service APIs; local KDrive deployment; media files; mobile Internet; normal form-based file upload; personal cloud storage; risk reduction; ubiquitous services; Cloud computing; Context; Databases; Google; Media; Servers; Testing; Docker; Large-file Upload; Personal Cloud Storage; Team Collaboration (ID#: 16-10082)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7207376&isnumber=7207317

 

N. Thamsirarak, T. Seethongchuen and P. Ratanaworabhan, “A Case for Malware that Make Antivirus Irrelevant,” Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2015 12th International Conference on, Hua Hin, 2015, pp. 1-6. doi: 10.1109/ECTICon.2015.7206972

Abstract: Most security researchers realize that the effectiveness of antivirus software (AV) is questionable at best. However, people in the general public still use it daily, perhaps for a lack of better alternatives. It is well-known that signature-based detection technique used in almost all commercial and non-commercial AV cannot be completely effective against zero-day malware. Many evaluations conducted by renowned security firms confirm this. These evaluations often employ sophisticated malware, involve elaborated scheme, and require more resources than what is available to an average person to replicate. This paper investigates the creation of simple zero-day malware that can comprehensively exploit hosts and protractedly evade the installed AV products. What we discovered is alarming, but illuminating. Our malware, written in a high-level language using well-documented APIs, are able to bypass AV detection and launch full-fledged exploits similar to sophisticated malware. In addition, they are able to stay undetected for much longer than other previously reported zero-day malware. We attribute such success to the unreadiness of AV products against malware in intermediate language form. On a positive note, a firewall-like AV product that, to a certain extent, incorporates behavioral-based detection is able to warn against our malware.

Keywords: application program interfaces; computer viruses; digital signatures; firewalls; APIs; AV detection; antivirus software; firewall-like AV product; signature-based detection technique; zero-day malware; Floods; Malware; Software; Testing; Uniform resource locators; Viruses (medical); Antivirus software evaluation; signature-based detection; zero-day exploits (ID#: 16-10083)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7206972&isnumber=7206924

 

J. Xue et al., “Task-D: A Task Based Programming Framework for Distributed System,” 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), New York, NY, 2015, pp. 1663-1668. doi: 10.1109/HPCC-CSS-ICESS.2015.299

Abstract: We present Task-D, a task-based distributed programming framework. Traditionally, programming for distributed programs requires using either low-level MPI or high-level pattern based models such as Hadoop/Spark. Task based models are frequently and well used for multicore and heterogeneous environment rather than distributed. Our Task-D tries to bridge this gap by creating a higher-level abstraction than MPI, while providing more flexibility than Hadoop/Spark for task-based distributed programming. The Task-D framework alleviates programmers from considering the complexities involved in distributed programming. We provide a set of APIs that can be directly embedded into user code to enable the program to run in a distributed fashion across heterogeneous computing nodes. We also explore the design space and necessary features the runtime should support, including data communication among tasks, data sharing among programs, resource management, memory transfers, job scheduling, automatic workload balancing and fault tolerance, etc. A prototype system is realized as one implementation of Task-D. A distributed ALS algorithm is implemented using the Task-D APIs, and achieved significant performance gains compared to Spark based implementation. We conclude that task-based models can be well suitable to distributed programming. Our Task-D is not only able to improve the programmability for distributed environment, but also able to leverage the performance with effective runtime support.

Keywords: application program interfaces; message passing; parallel programming; automatic workload balancing; data communication; distributed ALS algorithm; distributed programming; distributed system; heterogeneous computing node; high-level pattern based; job scheduling; low-level MPI; resource management; task-D API; task-based programming framework; Algorithm design and analysis; Data communication; Fault tolerance; Fault tolerant systems; Programming; Resource management; Synchronization (ID#: 16-10084)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336408&isnumber=7336120

 

P. J. Chen and Y. W. Chen, “Implementation of SDN Based Network Intrusion Detection and Prevention System,” Security Technology (ICCST), 2015 International Carnahan Conference on, Taipei, 2015, pp. 141-146. doi: 10.1109/CCST.2015.7389672

Abstract: In recent years, the rise of software-defined networks (SDN) have made network control more flexible, easier to set up and manage, and have provided a stronger ability to adapt to the changing demands of application development and network conditions. The network becomes easier to maintain, but also achieves improved security as a result of SDN. The architecture of SDN is designed for Control Plane and Forwarding Plane separation and uses open APIs to realize programmable control. SDN allows for the importing of third-party applications to improve network service, or even provide a new network service. In this paper, we present a defense mechanism, which can find attack packets previously identified through the Sniffer function, and once the abnormal flow is found, the protection mechanism of the Firewall function will be activated. For the capture of the packets, available libraries will be used to determine the properties and contents of the malicious packet, and to anticipate any possible attacks. Through the prediction of all latent malicious behaviors, our new defense algorithm can prevent potential losses like system failures or crashes and reduce the risk of being attacked.

Keywords: application program interfaces; firewalls; software defined networking; SDN based network intrusion detection and prevention system; control plane separation; defense mechanism; firewall; forwarding plane separation; malicious packet; open APIs; packet sniffer function; software-defined networks; third-party applications; Control systems; Firewalls (computing); Operating systems; Ports (Computers); Routing; Controller; Defense Mechanism; Firewall; OpenFlow; Packet Sniffer; SDN; Software Defined Networks (ID#: 16-10085)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7389672&isnumber=7389647

 

C. H. Lin, P. Y. Sun and F. Yu, “Space Connection: A New 3D Tele-immersion Platform for Web-Based Gesture-Collaborative Games and Services,” Games and Software Engineering (GAS), 2015 IEEE/ACM 4th International Workshop on, Florence, 2015, pp. 22-28. doi: 10.1109/GAS.2015.12

Abstract: The 3D tele-immersion technique has brought a revolutionary change to human interaction-physically apart users can interact naturally with each other through body gesture in a shared 3D virtual environment. The scheme of cloud- or Web-based applications on the other hand facilitates global connections among players without the need to equip with additional devices. To realize Web-based 3D immersion techniques, we propose Space Connection that integrates techniques for virtual collaboration and motion sensing techniques with the aim of pushing motion sensing a step forward to seamless collaboration among multiple users. Space Connection provides not only human-computer interaction but also enables instant human- to-human collaboration with body gestures beyond physical space boundary. Technically, to develop gesture-interactive applications, it requires parsing signals of motion sensing devices, passing network data transformation, and synchronizing states among multiple users. The challenge for developing web-based applications comes from that there is no native library for browser applications to access the application interfaces of motion sensing devices due to the security sandbox policy. We further develop a new socket transmission protocol that provides transparent APIs for browsers and external devices. We develop an interactive ping pong game and a rehabilitation system as two example applications of the presented technique.

Keywords: Web services; application program interfaces; computer games; gesture recognition; groupware; human computer interaction; virtual reality; 3D teleimmersion technique; Web-based gesture collaborative game; Web-based gesture collaborative services; gesture-interactive applications; human interaction; human-computer interaction; instant human-to-human collaboration; motion sensing device; motion sensing technique; network data transformation; physical space boundary; security sandbox policy; shared 3D virtual environment; socket transmission protocol; space connection; state synchronisation; transparent API; virtual collaboration; Browsers; Collaboration; Games; Sensors; Servers; Sockets; Three-dimensional displays; Kinect applications; Motion sensing; Space Connection (ID#: 16-10086)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7169465&isnumber=7169453

 

J. Horalek, R. Cimler and V. Sobeslav, “Virtualization Solutions for Higher Education Purposes,” Radioelektronika (RADIOELEKTRONIKA), 2015 25th International Conference, Pardubice, 2015, pp. 383-388. doi: 10.1109/RADIOELEK.2015.7128970

Abstract: Utilization of virtualization and cloud computing technologies is very topical. A large number different of technologies, tools and software solutions exists. Successful adoption of this kind of solution may effectively support the education of specialized topics such as programming, operating system, computer networks, security and many others. This solution offers remote access, automated deployment of infrastructure, API or virtualized study environment etc. The goal of this paper is to explore the broad number of virtualization technologies and proposed the solution which deals with the analysis, design and practical implementation of the virtual laboratory that can serve as an educational tool.

Keywords: application program interfaces; cloud computing; computer aided instruction; further education; virtualisation; API; automated infrastructure deployment; cloud computing technologies; computer networks; educational tool; operating system; remote access; security; software solutions; virtual laboratory; virtualization technologies; virtualized study environment; Computers; Education; Hardware; Protocols; Servers; Software; Virtualization (ID#: 16-10087)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7128970&isnumber=7128969

 

V. Mehra, V. Jain and D. Uppal, “DaCoMM: Detection and Classification of Metamorphic Malware,” Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, Gwalior, 2015, pp. 668-673. doi: 10.1109/CSNT.2015.62

Abstract: With the fast and vast upliftment of IT sector in 21st century, the question for system security also accounts. As on one side, the IT field is growing with positivity, malware attacks are also arising on the other. Hence, a great challenge for zero day malware attack. Also, malware authors of metamorphic malware and polymorphic malware gain and extra advantage through mutation engine and virus generation toolkits as they can produce as many malware as they want. Our approach focuses on detection and classification of metamorphic malware. MM are hardest to detect by Antivirus Scanners because they differ structurally. We had gathered a total of 600 malware including those also that bypasses the AVS and 150 benign files. These files are disassembled, preprocessed, control flow graphs and API call graphs are generated. We had proposed an algorithm-Gourmand Feature Selection algorithm for selecting desired features from call graphs. Classification is done through WEKA tool, for which J-48 has given the most accuracy of 99.10%. Once the metamorphic malware are detected, they are classified according to their families using the histograms and Chi-square distance formula.

Keywords: application program interfaces; computer viruses; feature selection; pattern classification; API call graphs; DaCoMM; IT sector; WEKA tool; antivirus scanners; control flow graphs; gourmand feature selection algorithm; metamorphic malware classification; metamorphic malware detection; mutation engine; polymorphic malware; system security; virus generation toolkits; zero day malware attack; Classification algorithms; Engines; Flow graphs; Generators; Histograms; Malware; Software; code obfuscation; histograms; metamorphic malware (ID#: 16-10088)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280002&isnumber=7279856

 

Y. Liu, “Teaching Programming on Cloud: A Perspective Beyond Programming,” 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), Vancouver, BC, 2015, pp. 594-599. doi: 10.1109/CloudCom.2015.101

Abstract: This paper presents the design and implementation of a programming on cloud course. Teaching programming on cloud embraces topics of the cloud service model, architectural patterns, REST APIs, data models, schema free databases, the MapReduce paradigm and quality of services such as scalability, availability and security. The design of this programming course focuses on the breadth of the essential topics and their intrinsic connection as a roadmap. This enables students with programming skills but no cloud computing background to achieve an overview of the structure of a cloud-based service. This further guides students to make design decision on what (and how) technologies can be adopted by means of a practical project development of a service application on cloud.

Keywords: cloud computing; computer aided instruction; computer science education; educational courses; programming; MapReduce; REST API; architectural pattern; cloud course; cloud service model; data model; programming course; quality of service; schema free database; teaching; Cloud computing; Computer architecture; Data models; Databases; Programming; Servers; big data; course design (ID#: 16-10089)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7396219&isnumber=7396111

 

A. Moawad, T. Hartmann, F. Fouquet, G. Nain, J. Klein and Y. Le Traon, “Beyond Discrete Modeling: A Continuous and Efficient Model for IoT,” Model Driven Engineering Languages and Systems (MODELS), 2015 ACM/IEEE 18th International Conference on, Ottawa, ON, 2015, pp. 90-99. doi: 10.1109/MODELS.2015.7338239

Abstract: Internet of Things applications analyze our past habits through sensor measures to anticipate future trends. To yield accurate predictions, intelligent systems not only rely on single numerical values, but also on structured models aggregated from different sensors. Computation theory, based on the discretization of observable data into timed events, can easily lead to millions of values. Time series and similar database structures can efficiently index the mere data, but quickly reach computation and storage limits when it comes to structuring and processing IoT data. We propose a concept of continuous models that can handle high-volatile IoT data by defining a new type of meta attribute, which represents the continuous nature of IoT data. On top of traditional discrete object-oriented modeling APIs, we enable models to represent very large sequences of sensor values by using mathematical polynomials. We show on various IoT datasets that this significantly improves storage and reasoning efficiency.

Keywords: Big Data; Internet of Things; application program interfaces; computation theory; data structures; object-oriented methods; API; Big data; Internet-of-Things; IoT data processing; computation theory; database structure; discrete object-oriented modeling; high-volatile IoT data structuring; mathematical polynomial; time series; Computational modeling; Context; Data models; Mathematical model; Object oriented modeling; Polynomials; Time series analysis; Continuous modeling; Discrete modeling; Extrapolation; IoT; Polynomial (ID#: 16-10090)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7338239&isnumber=7338220

 

R. Ko, H. M. Lee, A. B. Jeng and T. E. Wei, “Vulnerability Detection of Multiple Layer Colluding Application Through Intent Privilege Checking,” IT Convergence and Security (ICITCS), 2015 5th International Conference on, Kuala Lumpur, 2015, pp. 1-7. doi: 10.1109/ICITCS.2015.7293036

Abstract: In recent years, the privilege escalation attacks can be performed based on collusion attacks. However, a novel privilege escalation attack is Multiple Layer Collusion Attack, which can divide collusion applications into three parts: Spyware, Deputy and Delivery. Spyware steals private data and transmits data to Deputy. Next, Deputy doesn't need to declare any permissions and just bypass data to Delivery. Colluding attack escapes from malware detection through Deputy. In this paper, we propose a mechanism which is capable to detect both capability and deputy leaks. First, we decode APK file to resources and disassembly code. To extract function calls, our system constructs correlation map from source data to intent through API calls, in which, URIs are potential permissions whether Intent has vulnerabilities or not. Hence, we need to trace the potential function-call and overcome the Inter- component communication. The experiment results prove that deputy applications exist in Android official market, Google Play.

Keywords: Android (operating system); application program interfaces; data privacy; API calls; APK file; Android; Google Play; intent privilege checking; multiple layer colluding application; multiple layer collusion attack; private data; privilege escalation attacks; spyware; vulnerability detection; Androids; Computer science; Correlation; Decision trees; Humanoid robots; Spyware (ID#: 16-10091)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7293036&isnumber=7292885

 

W. B. Gardner, A. Gumtie and J. D. Carter, “Supporting Selective Formalism in CSP++ with Process-Specific Storage,” 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), New York, NY, 2015, pp. 1057-1065. doi: 10.1109/HPCC-CSS-ICESS.2015.265

Abstract: Communicating Sequential Processes (CSP) is a formal language whose primary purpose is to model and verify concurrent systems. The CSP++ toolset was created to realize the concept of selective formalism by making machine-readable CSPm specifications both executable (through automatic C++ code generation) and extensible (by allowing integration of C++ user-coded functions, UCFs). However, UCFs were limited by their inability to share data with each other, thus their application was constrained to solving simple problems in isolation. We extend CSP++ by providing UCFs in the same CSP process with safe access to a shared storage area, similar in concept and API to Pthreads' thread-local storage, enabling cooperation between them and granting them the ability to undertake more complex tasks without breaking the formalism of the underlying specification. Process-specific storage is demonstrated with a line-following robot case study, applying CSP++ in a soft real-time system. Also described is the Eclipse plug-in that supports the CSPm design flow.

Keywords: C++ language; application program interfaces; communicating sequential processes; concurrency (computers); control engineering computing; formal languages; formal specification; formal verification; program compilers; real-time systems; robots; storage management; API; C++ user-coded function; CSP++; CSPm design flow; Eclipse plug-in; Pthread thread-local storage; UCF; automatic C++ code generation; concurrent system modelling; concurrent system verification; formal language; line-following robot case study; machine-readable CSPm specification; process-specific storage; selective formalism; soft real-time system; Libraries; Real-time systems; Robot sensing systems; Switches; System recovery; Writing; C++; CSPm; Eclipse; Timed CSP; code generation; embedded systems; formal methods; model-based design; selective formalism; soft real-time; software synthesis (ID#: 16-10092)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336309&isnumber=7336120

 

X. Chen, G. Sime, C. Lutteroth and G. Weber, “OAuthHub — A Service for Consolidating Authentication Services,” Enterprise Distributed Object Computing Conference (EDOC), 2015 IEEE 19th International, Adelaide, SA, 2015, pp. 201-210. doi: 10.1109/EDOC.2015.36

Abstract: OAuth has become a widespread authorization protocol to allow inter-enterprise sharing of user preferences and data: a Consumer that wants access to a user's protected resources held by a Service Provider can use OAuth to ask for the user's authorization for access to these resources. However, it can be tedious for a Consumer to use OAuth as a way to organize user identities, since doing so requires supporting all Service Providers that the Consumer would recognize as users' “identity providers”. Each Service Provider added requires extra work, at the very least, registration at that Service Provider. Different Service Providers may differ slightly in the API they offer, their authentication/authorization process or even their supported version of OAuth. The use of different OAuth Service Providers also creates privacy, security and integration problems. Therefore OAuth is an ideal candidate for Software as a Service, while posing interesting challenges at the same time. We use conceptual modelling to derive new high-level models and provide an analysis of the solution space. We address the aforementioned problems by introducing a trusted intermediary — OAuth Hub — into this relationship and contrast it with a variant, OAuth Proxy. Instead of having to support and control different OAuth providers, Consumers can use OAuth Hub as a single trusted intermediary to take care of managing and controlling how authentication is done and what data is shared. OAuth Hub eases development and integration issues by providing a consolidated API for a range of services. We describe how a trusted intermediary such as OAuth Hub can fit into the overall OAuth architecture and discuss how it can satisfy demands on security, reliability and usability.

Keywords: cloud computing; cryptographic protocols; API; OAuth service providers; OAuthHub; authentication services; authorization protocol; software as a service; Analytical models; Authentication; Authorization; Privacy; Protocols; Servers (ID#: 16-10093)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7321173&isnumber=7321136

 

A. Lashgar and A. Baniasadi, “Rethinking Prefetching in GPGPUs: Exploiting Unique Opportunities,” 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), New York, NY, 2015, pp. 72-77. doi: 10.1109/HPCC-CSS-ICESS.2015.145

Abstract: In this paper we investigate static memory access predictability in GPGPU workloads, at the thread block granularity. We first show that a significant share of accessed memory addresses can be predicted using thread block identifiers. We build on this observation and introduce a hardware-software prefetching scheme to reduce average memory access time. Our proposed scheme issues the memory requests of thread block before it starts execution. The scheme relies on static analyzer to parse the kernel and find predictable memory accesses. Runtime API calls pass this information to the hardware. Hardware dynamically prefetches the data of each thread block based on this information. In our scheme, prefetch accuracy is controlled by software (static analyzer and API calls) and hardware controls the prefetching timeliness. We introduce few machine models to explore the design space and performance potential behind the scheme. Our evaluation shows that the scheme can achieve a performance improvement of 59% over the baseline without prefetching.

Keywords: application program interfaces; graphics processing units; multi-threading; program diagnostics; storage management; API calls; GPGPU workloads; accessed memory address; average memory access time reduction; design space; dynamic data prefetching; hardware control; hardware-software prefetching scheme; kernel parsing; memory requests; performance improvement; predictable memory accesses; prefetching timeliness; runtime API calls; software control; static analyzer; static memory access predictability; thread block; thread block granularity; thread block identifiers; Arrays; Graphics processing units; Hardware; Indexes; Kernel; Prefetching; CUDA; GPGPU; prefetch cache (ID#: 16-10094)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336146&isnumber=7336120

 

K. Patel, I. Dube, L. Tao and N. Jiang, “Extending OWL to Support Custom Relations,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 494-499. doi: 10.1109/CSCloud.2015.74

Abstract: Web Ontology Language (OWL) is used by domain experts to encode knowledge. OWL primarily only supports the subClassOf (is-a or inheritance) relation. Various other relations, such as partOf, are essential for representing information in various fields including all engineering disciplines. The current syntax of OWL does not support the declaration and usage of new custom relations. Workarounds to emulate custom relations do exist, but they add syntax burden to knowledge modelers and don't support accurate semantics for inference engines. This paper proposes minimal syntax extension to OWL for declaring custom relations with special attributes, and applying them in knowledge representation. Domain experts can apply custom relations intuitively and concisely as they do with the familiar built-in subClassOf relation. We present our additions to the OWL API for the declaration, application, and visualization of custom relations. We outline our revision and additions to the ontology editor Protégé so its users could visually declare, apply and remove custom relations according to our enriched OWL syntax. Work relating to our modification of the OWLViz plugin for custom relations visualization is also discussed.

Keywords: application program interfaces; data visualisation; inference mechanisms; knowledge representation languages; ontologies (artificial intelligence); programming language semantics; OWL API; OWL syntax; OWLViz plugin modification; Web ontology language; custom relation visualization; custom relations; engineering disciplines; inference engines; information representation; knowledge encoding; knowledge modelers; knowledge representation; ontology editor Protégé; subClassOf relation; syntax extension; Engines; OWL; Ontologies; Syntactics; Visualization; Custom relation; Knowledge Representation; OWLAPI; Protégé (ID#: 16-10095)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371528&isnumber=7371418

 

L. Herscheid, D. Richter and A. Polze, “Hovac: A Configurable Fault Injection Framework for Benchmarking the Dependability of C/C++ Applications,” Software Quality, Reliability and Security (QRS), 2015 IEEE International Conference on, Vancouver, BC, 2015, pp. 1-10. doi: 10.1109/QRS.2015.12

Abstract: The increasing usage of third-party software and complexity of modern software systems makes dependability, in particular robustness against faulty code, an ever more important concern. To compare and quantitatively assess the dependability of different software systems, dependability benchmarks are needed. We present a configurable tool for dependability benchmarking, Hovac, which uses DLL API hooking to inject faults into third party library calls. Our fault classes are implemented based on the Common Weakness Enumeration (CWE) database, a community maintained source of real life software faults and errors. Using two example applications, we discuss a detailed and systematic approach to benchmarking the dependability of C/C++ applications using our tool.

Keywords: C++ language; software fault tolerance; software libraries; software tools; C/C++ applications; CWE database; DLL API hooking; Hovac; common weakness enumeration database; configurable fault injection framework; configurable tool; dependability benchmarking; fault classes; faulty code; software errors; software faults; software systems complexity; software systems dependability; third party library calls; third-party software usage; Benchmark testing; Databases; Libraries; Operating systems; Robustness; benchmarking; dependability; fault injection; open source; software reliability; third-party library (ID#: 16-10096)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272908&isnumber=7272893

 

H. S. Sheshadri, S. R. B. Shree and M. Krishna, “Diagnosis of Alzheimer's Disease Employing Neuropsychological and Classification Techniques,” IT Convergence and Security (ICITCS), 2015 5th International Conference on, Kuala Lumpur, 2015, pp. 1-6. doi: 10.1109/ICITCS.2015.7292973

Abstract: All over the world, a large number of people are suffering from brain related diseases. Diagnosing of these diseases is the requirement of the day. Dementia is one such brain related disease. This causes loss of cognitive functions such as reasoning, memory and other mental abilities which may be due to trauma or normal ageing. Alzheimer's disease is one of the types of the dementia which accounts to 60-80% of mental disorders [1]. For the diagnosis of such diseases many tests are conducted. In this paper, the authors have collected the data of 466 subjects by conducting neuro psychological test. The subjects are classified as demented or not using machine learning techniques. The authors have preprocessed the data. The data set is classified using Naive Bayes, Jrip and Random Forest. The data set is evaluated using explorer, knowledge flow and API. WEKA tool is used for the analysis purpose. Results show Jrip and Random forest performs better compared to Naive Bayes.

Keywords: Bayes methods; brain; cognition; data analysis; data mining; diseases; learning (artificial intelligence); medical computing; neurophysiology; patient diagnosis; pattern classification; trees (mathematics); API; Alzheimer's disease diagnosis; Jrip; WEKA tool; brain related disease; classification technique; cognitive function;   data set classification; dementia; knowledge flow; machine learning; memory; mental ability; mental disorder; naive Bayes; neuropsychological technique; neuropsychological test; normal ageing; random forest; reasoning; trauma; Cancer; Classification algorithms; Data mining; Data visualization; Dementia (ID#: 16-10097)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292973&isnumber=7292885

 

S. Das, A. Singh, S. P. Singh and A. Kumar, “A Low Overhead Dynamic Memory Management System for Constrained Memory Embedded Systems,” Computing for Sustainable Global Development (INDIACom), 2015 2nd International Conference on, New Delhi, 2015, pp. 809-815. doi: (not provided)

Abstract: Embedded systems programming often involve choosing the worst case static memory allocation for most applications over a dynamic allocation approach. Such a design decision is rightly justified in terms of reliability, security and real time performance requirements from such low end systems. However with the introduction of public key cryptography and dynamic reconfiguration in IP enabled sensing devices for use in several “Internet of Things” applications, dynamic memory allocation in embedded devices, is becoming more important than ever before. While several embedded operating systems like MantisOS, SOS and Contiki provide dynamic memory allocation support, they usually lack flexibility or have relatively large memory overhead. In this paper we introduce two novel dynamic memory allocation schemes, ST_MEMMGR (without memory compaction) and ST_COMPACT_MEMMGR (with memory compaction), with a close compliance with the libc memory allocation API. Both designs take into account the very limited RAM (1KB - 64KB) in most microcontrollers. Experimental results show that ST_MEMMGR has a 256 - 5376 bytes lesser memory overhead than similar non-compaction based open source allocators like heapLib and memmgr. Similarly, ST_COMPACT_MEMMGR is observed to have 33% smaller memory descriptor as compared to Contiki's managed memory allocator with similar performance in terms of execution speed.

Keywords: application program interfaces; embedded systems; operating systems (computers); storage management; Internet of Things; ST_COMPACT_MEMMGR; ST_MEMMGR; constrained memory embedded systems; dynamic memory allocation support; dynamic reconfiguration; embedded operating systems; libc memory allocation API; low overhead dynamic memory management system; public key cryptography; worst case static memory allocation; Compaction; Dynamic scheduling; Embedded systems; Memory management; Protocols; Random access memory; Resource management; Dynamic Memory Management; Embedded Systems; Memory Compaction; Memory Fragmentation; Microcontrollers; WSN (ID#: 16-10098)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7100361&isnumber=7100186

 

A. Banchs et al., “A Novel Radio Multiservice Adaptive Network Architecture for 5G Networks,” 2015 IEEE 81st Vehicular Technology Conference (VTC Spring), Glasgow, 2015, pp. 1-5. doi: 10.1109/VTCSpring.2015.7145636

Abstract: This paper proposes a conceptually novel, adaptive and future-proof 5G mobile network architecture. The proposed architecture enables unprecedented levels of network customisability, ensuring stringent performance, security, cost and energy requirements to be met; as well as providing an API-driven architectural openness, fuelling economic growth through over-the-top innovation. Not following the 'one system fits all services' paradigm of current architectures, the architecture allows for adapting the mechanisms executed for a given service to the specific service requirements, resulting in a novel service- and context-dependent adaptation of network functions paradigm. The technical approach is based on the innovative concept of adaptive (de)composition and allocation of mobile network functions, which flexibly decomposes the mobile network functions and places the resulting functions in the most appropriate location. By doing so, access and core functions no longer (necessarily) reside in different locations, which is exploited to jointly optimize their operation when possible. The adaptability of the architecture is further strengthened by the innovative software-defined mobile network control and mobile multi-tenancy concepts.

Keywords: 5G mobile communication; application program interfaces; 5G mobile network architecture; API-driven architectural openness; context-dependent adaptation; economic growth; innovative software-defined mobile network control; mobile multitenancy concepts; mobile network functions; network customisability; novel radio multiservice adaptive network architecture; stringent performance; Adaptive systems; Computer architecture; Mobile communication; Mobile computing; Quality of service; Radio access networks; Resource management (ID#: 16-10099)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7145636&isnumber=7145573

 

Ó M. Pereira and R. L. Aguiar, “Multi-Purpose Adaptable Business Tier Components Based on Call Level Interfaces,” Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on, Las Vegas, NV, 2015, pp. 215-221. doi: 10.1109/ICIS.2015.7166596

Abstract: Call Level Interfaces (CLI) play a key role in business tiers of relational and on some NoSQL database applications whenever a fine tune control between application tiers and the host databases is a key requirement. Unfortunately, in spite of this significant advantage, CLI are low level API, this way not addressing high level architectural requirements. Among the examples we emphasize two situations: a) the need to decouple or not to decouple the development process of business tiers from the development process of application tiers and b) the need to automatically adapt business tiers to new business and/or security needs at runtime. To tackle these CLI drawbacks, and simultaneously keep their advantages, this paper proposes an architecture relying on CLI from which multi-purpose business tiers components are built, herein referred to as Adaptable Business Tier Components (ABTC). Beyond the reference architecture, this paper presents a proof of concept based on Java and Java Database Connectivity (an example of CLI).

Keywords: Java; SQL; application program interfaces; business data processing; database management systems; ABTC; CLI drawbacks; Java database connectivity; NoSQL database applications; adaptable business tier components; application tiers; call level interfaces; high level architectural requirements; low level API; multipurpose adaptable business tier components; multipurpose business tier components; Access control; Buildings; Business; Databases; Java; Runtime; component; middleware; reuse; software architecture (ID#: 16-10100)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166596&isnumber=7166553

 

T. Nguyen, “Using Unrestricted Mobile Sensors to Infer Tapped and Traced User Inputs,” Information Technology - New Generations (ITNG), 2015 12th International Conference on, Las Vegas, NV, 2015, pp. 151-156. doi: 10.1109/ITNG.2015.29

Abstract: As of January 2014, 58 percent of Americans over the age of 18 own a smart phone. Of these smart phones, Android devices provide some security by requiring that third party application developers declare to users which components and features their applications will access. However, the real time environmental sensors on devices that are supported by the Android API are exempt from this requirement. We evaluate the possibility of exploiting the freedom to discretely use these sensors and expand on previous work by developing an application that can use the gyroscope and accelerometer to interpret what the user has written, even if trace input is used. Trace input is a feature available on Samsung's default keyboard as well as in many popular third-party keyboard applications. The inclusion of trace input in a key logger application increases the amount of personal information that can be captured since users may choose to use the time-saving trace-based input as opposed to the traditional tap-based input. In this work, we demonstrate that it is indeed possible to recover both tap and trace inputted text using only motion sensor data.

Keywords: accelerometers; application program interfaces; gyroscopes; invasive software; smart phones; Android API; Android device; accelerometer; key logger application; keyboard application; mobile security; motion sensor data; personal information; real-time environmental sensor; smart phone; tapped user input; traced user input; unrestricted mobile sensor; Accelerometers; Accuracy; Feature extraction; Gyroscopes; Keyboards; Sensors; Support vector machines; key logger; mobile malware; motion sensors; spyware (ID#: 16-10101)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7113464&isnumber=7113432

 

C. Banse and S. Rangarajan, “A Secure Northbound Interface for SDN Applications,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 834-839. doi: 10.1109/Trustcom.2015.454

Abstract: Software-Defined Networking (SDN) promises to introduce flexibility and programmability into networks by offering a northbound interface (NBI) for developers to create SDN applications. However, current designs and implementations have several drawbacks, including the lack of extended security features. In this paper, we present a secure northbound interface, through which an SDN controller can offer network resources, such as statistics, flow information or topology data, via a REST-like API to registered SDN applications. A trust manager ensures that only authenticated and trusted applications can utilize the interface. Furthermore, a permission system allows for fine-grained authorization and access control to the aforementioned resources. We present a prototypical implementation of our interface and developed example applications using our interface, including an SDN management dashboard.

Keywords: application program interfaces; computer network security; network interfaces; software defined networking; API; NBI; SDN controller; SDN management dashboard; access control; fine-grained authorization; secure northbound interface; software-defined networking; trusted application; Access control; Network topology; Protocols; Switches; Topology; SDN; Software-Defined Networking; network security; northbound interface; trust (ID#: 16-10102)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345362&isnumber=7345233

 

L. Wu, X. Du and H. Zhang, “An Effective Access Control Scheme for Preventing Permission Leak in Android,” Computing, Networking and Communications (ICNC), 2015 International Conference on, Garden Grove, CA, 2015, pp. 57-61. doi: 10.1109/ICCNC.2015.7069315

Abstract: In the Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. We propose SPAC, a component-level system permission based access control scheme that can help developers better secure the public components of their applications. In the SPAC scheme, obscure custom permissions are replaced by explicit system permissions. We extend current permission checking mechanism so that multiple permissions are supported on component level. SPAC has been implemented on a Nexus 4 smartphone, and our evaluation demonstrates its effectiveness in mitigating permission leak vulnerabilities.

Keywords: Android (operating system); application program interfaces; authorisation; Android system; Nexus 4 smartphone; SPAC scheme; component-level system permission based access control scheme; permission checking mechanism; permission leak prevention; permission leak vulnerabilities; permission mechanism; public components; system API; Access control; Androids; Google; Humanoid robots; Information security; Receivers; Permission leak; access control; smartphone security (ID#: 16-10103)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7069315&isnumber=7069279

 

M. Jemel and A. Serhrouchni, “Toward User's Devices Collaboration to Distribute Securely the Client Side Storage,” 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, 2015, pp. 1-6. doi: 10.1109/NOTERE.2015.7293479

Abstract: Web application and browsers are adopting intensively the client side storage. In fact, this strategy ensures a high user's quality of experience, offline application usage and server load reduction. In this paper, we concentrate on all devices equipped with a browser to integrate the distribution of data stored locally by HTML5 APIs. Therefore, a decentralized browser-to-browser data distribution is ensured across different user's devices within the same Personal Area.

Keywords: Internet; application program interfaces; hypermedia markup languages; quality of experience; security of data; storage allocation; HTML5 API; WebRTC; chromium code; client side storage; decentralized browser-to-browser data distribution; device collaboration; local storage API; quality of experience; secure remote data; server load reduction; Browsers; Databases; Encryption; Protocols; HTML5; Local Storage API; Secure remote data management (ID#: 16-10104)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7293479&isnumber=7293442

 

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---