Papers by Riccardo Bettati
IEEE Access, Dec 31, 2022
Bring-your-own-device policies, IoT devices, smart appliances are all contributing to increasing ... more Bring-your-own-device policies, IoT devices, smart appliances are all contributing to increasing diversity of connected devices. It has become imperative to understand the vulnerabilities of these diverse devices (along with traditional compute devices) to appropriately secure their use. In this paper we conduct a detailed analysis of the vulnerabilities reported for the various hardware and software artifacts in the NIST National Vulnerability Database. We analyze the details of vulnerabilities covering the period 2011-2022. We broadly categorize the vulnerabilities into three product categories: networking, IoT, and computing devices. The data is further classified into application, OS, and hardware domains. We analyze the data across the aforementioned categories over four non-overlapping 3-year time periods. The analysis provides insights into salient trends in vulnerabilities across diverse products, and over time. Our work presents interesting findings based on the trends and persistence observed from the analyzed data. Our study points to insights that could lead to improved resource allocation for addressing security concerns.
In this paper, we study temperature-constrained realtime systems, where real-time guarantees must... more In this paper, we study temperature-constrained realtime systems, where real-time guarantees must be met without exceeding safe temperature levels within the processor. We give a short review on temperature issues in processors and describe how speed control can be used to trade-off task delays against processor temperature. In this paper, we describe how traditional worst-case execution scenarios do not apply in temperature-constrained situations. As example, we adopt a simple reactive speed control technique. We show how this simple reactive scheme can improve the processor utilization compared with any constantspeed scheme.
arXiv (Cornell University), Aug 18, 2022
How to efficiently prevent side-channel attacks (SCAs) on cryptographic implementations and devic... more How to efficiently prevent side-channel attacks (SCAs) on cryptographic implementations and devices has become an important problem in recent years. One of the widely used countermeasures to combat power consumption based SCAs is to inject indiscriminate random noise sequences into the raw leakage traces. However, this method leads to significant increases in the energy consumption which is unaffordable cost for battery powered devices, and ways must be found to reduce the amount of energy in noise generation while keeping the side-channel invisible. In this paper, we propose a practical approach of energy efficient noise generation to prevent SCAs. We first take advantage of sparsity of the information in the leakage traces, and prove the existence of energy efficient noise generation that is optimized in the side channel protection under a given energy consumption budget, and also provide the optimal solution. Compared to the previous approach that also focuses on the energy efficiency, our solution is applicable to all general categories of compression methods. Furthermore, we also propose a practical noise generator design by aggregating the noise generation patterns produced by compression methods from different categories. As a result, the protection method presented in this paper is practically more applicable than previous one. The experimental results also validate the effectiveness of our proposed scheme. • Security and privacy → Tamper-proof and tamper-resistant designs; Embedded systems security.
ProQuest LLC eBooks, 2012
Intelligent Tutoring Systems (ITS) have a significant educational impact on student's learning. H... more Intelligent Tutoring Systems (ITS) have a significant educational impact on student's learning. However, researchers report time intensive interaction is needed between ITS developers and domain-experts to gather and represent domain knowledge. The challenge is augmented when the target domain is ill-defined. The primary problem resides in often using traditional approaches for gathering domain and tutoring experts' knowledge at design time and conventional methods for knowledge representation built for well-defined domains. Similar to evolving knowledge acquisition approaches used in other fields, we replace this restricted view of ITS knowledge learning merely at design time with an incremental approach that continues training the ITS during run time. We investigate a gradual knowledge learning approach through continuous instructor-student demonstrations. We present a Mixed-response Intelligent Tutoring System based on Learning from Demonstration that gathers and represents knowledge at run time. Furthermore, we implement two knowledge representation methods (Weighted Markov ABSTRACT .
A covert communications network (CCN) is a connected, overlay peer-to-peer network used to suppor... more A covert communications network (CCN) is a connected, overlay peer-to-peer network used to support communications within a group in which the survival of the group depends on the confidentiality and anonymity of communications, on concealment of participation in the network to both other members of the group and external eavesdroppers, and finally on resilience against disconnection. In this dissertation, we describe the challenges and requirements for such a system. We consider the topologies of resilient covert communications networks that: (1) minimize the impact on the network in the event of a subverted node; and (2) maximize the connectivity of the survivor network with the removal of the subverted node and its closed neighborhood. We analyze the properties of resilient covert networks, propose measurements for determining the suitability of a topology for use in a covert communication network, and determine the properties of an optimal covert network topology. We analyze multiple topologies and identify two constructions that are capable of generating optimal topologies. We then extend these constructions to produce near-optimal topologies that can "grow" as new nodes join the network. We also address protocols for membership management and routing. Finally, we describe the architecture of a prototype system for instantiating a CCN.
Protocol (TCP) for emerging very-high bandwidth-delay product networks and suggest several conges... more Protocol (TCP) for emerging very-high bandwidth-delay product networks and suggest several congestion control schemes for parallel and single-flow TCP. Recently, several high-speed TCP proposals have been suggested to overcome the limited throughput achievable by single-flow TCP by modifying its congestion control mechanisms. A. Introduction .
2018 27th International Conference on Computer Communication and Networks (ICCCN), 2018
The infamous Mirai attack which hijacked nearly half a million Internet connected devices demonst... more The infamous Mirai attack which hijacked nearly half a million Internet connected devices demonstrated the widespread security vulnerabilities of the Internet-of-Things (IoT). This study employs a set of active and passive observation methods to discover the security vulnerabilities of IoT devices within a university campus. We show that (a) the number of non-compute devices dominates the number of compute devices with open ports in a campus network; (b) 58.9% or more devices do not keep up-to-date firmware and 51.3% or more do not have a user defined password; and (c) the number of devices together with the diversity of device ages and vendors make the protection of IoT devices a difficult problem. We further develop IoTAegis framework which offers device-level protection to automatically manage device configurations and security updates. Our solution is shown to be effective, scalable, lightweight, and deployable in different forms and network types.
International Journal of Computational Science and Engineering, 2016
A covert communications network (CCN) is a connected, overlay, peer-to-peer network to support co... more A covert communications network (CCN) is a connected, overlay, peer-to-peer network to support communications within a group in which the survival of the group depends on: a) confidentiality and anonymity of the communications; b) concealment of participation in the network to both other members of the group and external eavesdroppers; c) resilience against disconnection. Anonymity is protected using source rewriting in which the network addresses are changed at each hop along the network path. Network membership is concealed through topology restrictions where each participant has limited knowledge of the network addresses of other participants. Resilience requires increased connectivity to protect against disconnection due to neighbourhood failure. In this paper, we propose measures for determining the suitability of both deterministic and random topologies for use in covert communication networks, and use these measures to analyse the suitability of various types of graphs.
Dynamic Resource Allocation Migration for Multiparty Real-Time Communications
Use of Imprecise Computation to Enhance Dependability of Real-Time Systems
The Springer International Series in Engineering and Computer Science
Abstract In a system based on the imprecise-computation technique, each time-critical task is des... more Abstract In a system based on the imprecise-computation technique, each time-critical task is designed in such a way that it can produce a usable, approximate result in time whenever a failure or overload prevents it from producing the desired, precise result. This section describes ...
Algorithms for end-to-end scheduling to meet deadlines
Proceedings of the Second IEEE Symposium on Parallel and Distributed Processing 1990
Abstract In a multiprocessor or distributed system, jobs may need to be executed on more than one... more Abstract In a multiprocessor or distributed system, jobs may need to be executed on more than one processor. When all the jobs execute on different processors in turn in the same order, the problem of end-to-end scheduling on the processors is known as the flow-shop problem. ...
Subversion Impedance in Covert Communication Networks
2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, 2012
A covert communications network is a connected, overlay peer-to-peer network used to support comm... more A covert communications network is a connected, overlay peer-to-peer network used to support communications within a group in which the survival of the group depends on: (1) anonymity of communications; and (2) concealment of network membership to both other members of the group and external eavesdroppers. These requirements are much more stringent than for typical privacy and anonymity systems. We consider the topologies of resilient covert communications networks that: (1) minimize the impact on the network in the event of a subverted node; and (2) maximize the connectivity of the survivor network with the removal of the subverted node and its closed neighborhood. We analyze the properties of resilient covert networks, propose a measurement for determining the suitability of a topology for use in a covert communication network, determine the properties of an optimal covert network topology, and analyze several optimal topologies.
Transient Overclocking for Aperiodic Task Execution in Hard Real-Time Systems
2008 Euromicro Conference on Real-Time Systems, 2008
Abstract In this paper we study the design of aperiodic servers in thermally constrained real-tim... more Abstract In this paper we study the design of aperiodic servers in thermally constrained real-time systems. We start by illustrating how naive slack stealing leads to missed deadlines in the presence of speed-control-based dynamic thermal management. We then proceed to ...
Improving quality of service of TCP flows in strictly prioritized network
Proceedings of the 2nd IASTED international …, 2006
We propose a new congestion control scheme for parallel TCP flows with different QoS requirements... more We propose a new congestion control scheme for parallel TCP flows with different QoS requirements in strictly prioritized networks. When a node opens multiple connections that are going to the same destination through strict-priority scheduler enabled networks, ...
A three-pass establishment protocol for real-time multiparty communication
Texas A&M University, Tech. Rep, 1997
The development of high-speed networks and global internetworking protocols enable new, multimedi... more The development of high-speed networks and global internetworking protocols enable new, multimediaoriented, applications to emerge, such as teleconferencing and other collaborative applications, or video-ondemand. These new applications rely on the ...
RT-ARM: A real-time adaptive resource management system for distributed mission-critical applications
On Traffic Analysis Attacks and Countermeasures.
2018 IEEE International Workshop on Information Forensics and Security (WIFS), 2018
In recent years, research efforts have been made to develop safe and secure environments for ARM ... more In recent years, research efforts have been made to develop safe and secure environments for ARM platform. The new ARMv8 architecture brought in security features by design. However, there are still some security problems with ARMv8. For example, on Cortex-A series, there are risks that the system is vulnerable to sidechannel attacks. One major category of side-channel attacks utilizes cache memory to obtain a victim's secret information. In the cache based side-channel attacks, an attacker measures a sequence of cache operations to obtain a victim's memory access information, deriving more sensitive information. The success of such attacks highly depends on accurate information about the victim's cache accesses. In this paper, we describe an innovative approach to defend against side-channel attack on Cortex-A series chips. We also considered the side-channel attacks in the context of using TrustZone protection on ARM. Our adaptive noise injection can significantly reduce the bandwidth of side-channel while maintaining an affordable system overhead. The proposed defense mechanisms can be used on ARM Cortex-A architecture. Our experimental evaluation and theoretical analysis show the effectiveness and efficiency of our proposed defense.
2017 IEEE Conference on Communications and Network Security (CNS), 2017
Cyber-Physical Systems (CPSs) are ubiquitous in power systems, transport and medical systems, and... more Cyber-Physical Systems (CPSs) are ubiquitous in power systems, transport and medical systems, and critical infrastructures. Current protocols and applications allow significant changes to a system to take place within a short time or small network footprint, which can be exploited by attackers to cause a great impact on the physical systems. This paper proposes adaptive Commensurate Response (CR) to narrow down the asymmetry between the cost of attacks and their impact through enforcing command footprints to be commensurate with their impact on the system. Such impact is measured by the change of the setpoint (changedriven CR) or the distance between the operating state and the critical state (criticality-driven CR). Change-driven CR is effective for setpoint attacks with big setpoint changes, and criticality-driven CR can be used to combat both setpoint attacks and actuation attacks. Our case study on automobile cruise control demonstrates that CR can effectively improve the system resilience and attack survivability while satisfying QoS requirements.
Uploads
Papers by Riccardo Bettati