Increasingly, Cyber–physical Systems are expected to operate in different environments and interconnect with a diverse set of systems, equipment, and networks. This openness to heterogeneity, ...diversity, and complexity introduces a new level of vulnerabilities, which adds to the consistent need for security including the digital forensics capabilities. Digital investigators utilize the information on the attacker’s computer to find clues that may help in proving a case. One aspect is the digital evidence that can be extracted from the main memory (RAM), which includes live information about running programs. A program’s states, represented by variables’ values, vary in their scope and duration. This paper explores RAM artifacts of Java programs. Because JVMs can run on various platforms, we compare the same program on three different implementations of JVM from forensic perspectives. Our investigation model assumes no information is provided by the underlying OS or JVM. Our results show that a program’s states can still be extracted even after the garbage collector is explicitly invoked, the software is stopped, or the JVM is terminated. This research helps investigators identify the software used to launch the attack and understand its internal flows. Investigators can utilize this information to accuse the perpetrators and recover from attacks.
Full text
Available for:
GEOZS, IJS, IMTLJ, KILJ, KISLJ, NLZOH, NUK, OILJ, PNG, SAZU, SBCE, SBJE, UILJ, UL, UM, UPCLJ, UPUK, ZAGLJ, ZRSKP
Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software ...vulnerabilities may need to rule out the existence of any backdoor to bypass a program's authentication. One approach would be to test the program using different, possibly random inputs. As the backdoor may only be hit for very specific program workloads, automated exploration of the space of possible inputs is of the essence. Symbolic execution provides an elegant solution to the problem, by systematically exploring many possible execution paths at the same time without necessarily requiring concrete inputs. Rather than taking on fully specified input values, the technique abstractly represents them as symbols, resorting to constraint solvers to construct actual instances that would cause property violations. Symbolic execution has been incubated in dozens of tools developed over the past four decades, leading to major practical breakthroughs in a number of prominent software reliability applications. The goal of this survey is to provide an overview of the main ideas, challenges, and solutions developed in the area, distilling them for a broad audience.
Full text
Available for:
IZUM, KILJ, NUK, PILJ, SAZU, UL, UM, UPUK
We examine the economics that underlie retail trading costs around discount brokers’ widespread adoption of zero commission trading in October 2019. Our analysis of participating brokers’ Rule 606 ...filings and financial statements reveals little change in payment for order flow, which suggests brokers absorbed the cost of eliminating commissions in a competitive environment. We then perform a difference-in-differences analysis of effective spreads and report economically trivial changes in retail execution costs around the commission change. Finally, we assess the total trading costs of an aggregate retail portfolio compared to a host of counterfactuals. We find that following the zero-commission change, total retail transaction costs dropped substantially even under the extreme counterfactual that these traders pay exchange quoted spreads and receive zero price improvement. Our findings support the brokerage industry's claim that dropping commissions helped retail investors and should ease regulators’ concerns to the contrary.
Full text
Available for:
GEOZS, IJS, IMTLJ, KILJ, KISLJ, NLZOH, NUK, OILJ, PNG, SAZU, SBCE, SBJE, UILJ, UL, UM, UPCLJ, UPUK, ZAGLJ, ZRSKP
A fundamental issue in cognitive neuroscience is how the brain encodes others' actions and intentions. In recent years, a potential advance in our knowledge on this issue is the discovery of mirror ...neurons in the motor cortex of the nonhuman primate. These neurons fire to both execution and observation of specific types of actions. Researchers use this evidence to fuel investigations of a human mirror system, suggesting a common neural code for perceptual and motor processes. Among the methods used for inferring mirror system activity in humans are changes in a particular frequency band in the electroencephalogram (EEG) called the mu rhythm. Mu frequency appears to decrease in amplitude (reflecting cortical activity) during both action execution and action observation. The current meta-analysis reviewed 85 studies (1,707 participants) of mu that infer human mirror system activity. Results demonstrated significant effect sizes for mu during execution (Cohen's d = 0.46, N = 701) as well as observation of action (Cohen's d = 0.31, N = 1,508), confirming a mirroring property in the EEG. A number of moderators were examined to determine the specificity of these effects. We frame these meta-analytic findings within the current discussion about the development and functions of a human mirror system, and conclude that changes in EEG mu activity provide a valid means for the study of human neural mirroring. Suggestions for improving the experimental and methodological approaches in using mu to study the human mirror system are offered.
Full text
Available for:
CEKLJ, FFLJ, NUK, ODKLJ, PEFLJ, UPUK
Transient execution attacks, also known as speculative execution attacks, have drawn much interest in the last few years as they can cause critical data leakage. Since the first disclosure of Spectre ...and Meltdown attacks in January 2018, a number of new transient execution attack types have been demonstrated targeting different processors. A transient execution attack consists of two main components: transient execution itself and a covert channel that is used to actually exfiltrate the information.Transient execution is a result of the fundamental features of modern processors that are designed to boost performance and efficiency, while covert channels are unintended information leakage channels that result from temporal and spatial sharing of the micro-architectural components. Given the severity of the transient execution attacks, they have motivated computer architects in both industry and academia to rethink the design of the processors and to propose hardware defenses. To help understand the transient execution attacks, this survey summarizes the phases of the attacks and the security boundaries across which the information is leaked in different attacks.This survey further analyzes the causes of transient execution as well as the different types of covert channels and presents a taxonomy of the attacks based on the causes and types. This survey in addition presents metrics for comparing different aspects of the transient execution attacks and uses them to evaluate the feasibility of the different attacks. This survey especially considers both existing attacks and potential new attacks suggested by our analysis. This survey finishes by discussing different mitigations that have so far been proposed at the micro-architecture level and discusses their benefits and limitations.
Full text
Available for:
IZUM, KILJ, NUK, PILJ, SAZU, UL, UM, UPUK
Most of the existing literature on optimal trade execution in limit order book models assumes that resilience is positive. But negative resilience also has a natural interpretation, as it models ...self-exciting behaviour of the price impact, where trading activities of the large investor stimulate other market participants to trade in the same direction. In the paper we discuss several new qualitative effects on optimal trade execution that arise when we allow resilience to take negative values. We do this in a framework where both market depth and resilience are stochastic processes.
Full text
Available for:
EMUNI, FIS, FZAB, GEOZS, GIS, IJS, IMTLJ, KILJ, KISLJ, MFDPS, NLZOH, NUK, OILJ, PNG, SAZU, SBCE, SBJE, SBMB, SBNM, UKNU, UL, UM, UPUK, VKSCE, ZAGLJ
8.
Fuzzing of Embedded Systems: A Survey Yun, Joobeom; Rustamov, Fayozbek; Kim, Juhwan ...
ACM computing surveys,
07/2023, Volume:
55, Issue:
7
Journal Article
Peer reviewed
Open access
Security attacks abuse software vulnerabilities of IoT devices; hence, detecting and eliminating these vulnerabilities immediately are crucial. Fuzzing is an efficient method to identify ...vulnerabilities automatically, and many publications have been released to date. However, fuzzing for embedded systems has not been studied extensively owing to various obstacles, such as multi-architecture support, crash detection difficulties, and limited resources. Thus, the article introduces fuzzing techniques for embedded systems and the fuzzing differences for desktop and embedded systems. Further, we collect state-of-the-art technologies, discuss their advantages and disadvantages, and classify embedded system fuzzing tools. Finally, future directions for fuzzing research of embedded systems are predicted and discussed.
Full text
Available for:
IZUM, KILJ, NUK, PILJ, SAZU, UL, UM, UPUK
Symbolic execution is a well-known software testing technique that evaluates how a program runs when considering a symbolic input, i.e., an input that can initially assume any concrete value ...admissible for its data type. The dynamic twist of this technique is dubbed concolic execution and has been demonstrated to be a practical technique for testing even complex real-world programs. Unfortunately, developing concolic engines is hard. Indeed, an engine has to correctly instrument the program to build accurate symbolic expressions, which represent the program computation. Furthermore, to reason over such expressions, it has to interact with an SMT solver. Hence, several implementation bugs may emerge within the different layers of an engine.
In this article, we consider the problem of testing concolic engines. In particular, we propose several testing strategies whose main intuition is to exploit the concrete state kept by the executor to identify inconsistencies within the symbolic state. We integrated our strategies into three state-of-the-art concolic executors (SymCC, SymQEMU, and Fuzzolic, respectively) and then performed several experiments to show that our ideas can find bugs in these frameworks. Overall, our approach was able to discover more than 12 bugs across these engines.
•We identify the main steps carried out by recent concolic frameworks during their analysis, pinpointing where implementation bugs may emerge.•We propose a set of novel and practical ideas on how to identify implementation gaps in modern concolic executors.•We integrate our strategies into state-of-the-art concolic executors and perform experiments to show that our ideas can find bugs in these frameworks.
Full text
Available for:
GEOZS, IJS, IMTLJ, KILJ, KISLJ, NLZOH, NUK, OILJ, PNG, SAZU, SBCE, SBJE, UILJ, UL, UM, UPCLJ, UPUK, ZAGLJ, ZRSKP
Electromyography (EMG) is one of the common diagnostic procedure in neurology but still scarce in sub-Saharan Africa (SSA).
This cross-sectional study evaluated the knowledge of EMG among patients ...undergoing this procedure with a view to ascertain the type, quality and reliability of the information they have.
Consecutive patients who underwent EMG for the first time between 2014 and 2016, at the WFN/Blossom Medical Centre Ibadan, Nigeria were interviewed prior to their test. Data on patients demography,type of referring physicians and knowledge of the nature and execution of EMG were collated. The source of information was also assessed. Descriptive and inferential statistics were performed to know the determinants of EMG knowledge.
55 patients, 32 males and 23 females; mean ages 48.69(18.32) and 43.30(14.88) respectively were interviewed. 23(41.8%) patients were adjudged informed about the nature of EMG while 32(58.2%) were uninformed. 21(38.2%) were informed about the procedure by their doctors while 4(7.3%) got information from friends. 4(7.3%) got information from the internet. Level of education was associated with being informed (p=0.039).
Knowledge of EMG is poor and could be improved upon. More patient education needs to be done to prepare the patients, and allay their fears about the procedure.
Electrodiagnostic education and practise need to be reinforced in SSA.
Full text
Available for:
GEOZS, IJS, IMTLJ, KILJ, KISLJ, NUK, OILJ, PNG, SAZU, SBCE, SBJE, UL, UM, UPCLJ, UPUK, ZRSKP