-
Finding Software Vulnerabilities in Open-Source C Projects via Bounded Model Checking
Authors:
Janislley Oliveira de Sousa,
Bruno Carvalho de Farias,
Thales Araujo da Silva,
Eddie Batista de Lima Filho,
Lucas C. Cordeiro
Abstract:
Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for modern software products. We advocate that bounded model-checking techniques can efficiently detect vulnerabilities in general software systems. However, such an app…
▽ More
Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for modern software products. We advocate that bounded model-checking techniques can efficiently detect vulnerabilities in general software systems. However, such an approach struggles to scale up and verify extensive code bases. Consequently, we have developed and evaluated a methodology to verify large software systems using a state-of-the-art bounded model checker. In particular, we pre-process input source-code files and guide the respective model checker to explore them systematically. Moreover, the proposed scheme includes a function-wise prioritization strategy, which readily provides results for code entities according to a scale of importance. Experimental results using a real implementation of the proposed methodology show that it can efficiently verify large software systems. Besides, it presented low peak memory allocation when executed. We have evaluated our approach by verifying twelve popular open-source C projects, where we have found real software vulnerabilities that their developers confirmed.
△ Less
Submitted 9 November, 2023;
originally announced November 2023.
-
An IoT Cloud and Big Data Architecture for the Maintenance of Home Appliances
Authors:
Pedro Chaves,
Tiago Fonseca,
Luis Lino Ferreira,
Bernardo Cabral,
Orlando Sousa,
Andre Oliveira,
Jorge Landeck
Abstract:
Billions of interconnected Internet of Things (IoT) sensors and devices collect tremendous amounts of data from real-world scenarios. Big data is generating increasing interest in a wide range of industries. Once data is analyzed through compute-intensive Machine Learning (ML) methods, it can derive critical business value for organizations. Powerfulplatforms are essential to handle and process su…
▽ More
Billions of interconnected Internet of Things (IoT) sensors and devices collect tremendous amounts of data from real-world scenarios. Big data is generating increasing interest in a wide range of industries. Once data is analyzed through compute-intensive Machine Learning (ML) methods, it can derive critical business value for organizations. Powerfulplatforms are essential to handle and process such massive collections of information cost-effectively and conveniently. This work introduces a distributed and scalable platform architecture that can be deployed for efficient real-world big data collection and analytics. The proposed system was tested with a case study for Predictive Maintenance of Home Appliances, where current and vibration sensors with high acquisition frequency were connected to washing machines and refrigerators. The introduced platform was used to collect, store, and analyze the data. The experimental results demonstrated that the presented system could be advantageous for tackling real-world IoT scenarios in a cost-effective and local approach.
△ Less
Submitted 25 October, 2022;
originally announced November 2022.
-
A tool to support the investigation and visualization of cyber and/or physical incidents
Authors:
Inês Macedo,
Sinan Wanous,
Nuno Oliveira,
Orlando Sousa,
Isabel Praça
Abstract:
Investigating efficiently the data collected from a system's activity can help to detect malicious attempts and better understand the context behind past incident occurrences. Nowadays, several solutions can be used to monitor system activities to detect probable abnormalities and malfunctions. However, most of these systems overwhelm their users with vast amounts of information, making it harder…
▽ More
Investigating efficiently the data collected from a system's activity can help to detect malicious attempts and better understand the context behind past incident occurrences. Nowadays, several solutions can be used to monitor system activities to detect probable abnormalities and malfunctions. However, most of these systems overwhelm their users with vast amounts of information, making it harder for them to perceive incident occurrences and their context. Our approach combines a dynamic and intuitive user interface with Machine Learning forecasts to provide an intelligent investigation tool that facilitates the security operator's work. Our system can also act as an enhanced and fully automated decision support mechanism that provides suggestions about possible incident occurrences.
△ Less
Submitted 2 December, 2021;
originally announced December 2021.
-
A Comparative Analysis of Machine Learning Techniques for IoT Intrusion Detection
Authors:
João Vitorino,
Rui Andrade,
Isabel Praça,
Orlando Sousa,
Eva Maia
Abstract:
The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considerin…
▽ More
The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considering both binary and multi-class classification scenarios. The developed models consisted of Support Vector Machine (SVM), Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), Isolation Forest (iForest), Local Outlier Factor (LOF) and a Deep Reinforcement Learning (DRL) model based on a Double Deep Q-Network (DDQN), adapted to the intrusion detection context. The most reliable performance was achieved by LightGBM. Nonetheless, iForest displayed good anomaly detection results and the DRL model demonstrated the possible benefits of employing this methodology to continuously improve the detection. Overall, the obtained results indicate that the analyzed techniques are well suited for IoT intrusion detection.
△ Less
Submitted 1 June, 2022; v1 submitted 25 November, 2021;
originally announced November 2021.
-
A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System
Authors:
Tiago Dias,
Nuno Oliveira,
Norberto Sousa,
Isabel Praça,
Orlando Sousa
Abstract:
Cybersecurity has been a concern for quite a while now. In the latest years, cyberattacks have been increasing in size and complexity, fueled by significant advances in technology. Nowadays, there is an unavoidable necessity of protecting systems and data crucial for business continuity. Hence, many intrusion detection systems have been created in an attempt to mitigate these threats and contribut…
▽ More
Cybersecurity has been a concern for quite a while now. In the latest years, cyberattacks have been increasing in size and complexity, fueled by significant advances in technology. Nowadays, there is an unavoidable necessity of protecting systems and data crucial for business continuity. Hence, many intrusion detection systems have been created in an attempt to mitigate these threats and contribute to a timelier detection. This work proposes an interpretable and explainable hybrid intrusion detection system, which makes use of artificial intelligence methods to achieve better and more long-lasting security. The system combines experts' written rules and dynamic knowledge continuously generated by a decision tree algorithm as new shreds of evidence emerge from network activity.
△ Less
Submitted 19 November, 2021;
originally announced November 2021.