Scalable Compositional Static Taint Analysis for Sensitive Data Tracing on Industrial Micro-Services.

They are making use of the combinations of static, dynamic and behavior based analysis techniques. ... There are many surveys on app analysis techniques in Android; however they focus on single-app analysis. This survey augments this through focusing only on collusion among multiple-apps. ... TaintDroid reported that on an average two-third of the considered apps are leaking sensitive data. TaintDroid incurs 14% of performance overhead on CPU-bound micro-benchmark. ...

doi:10.1016/j.cose.2017.07.002 fatcat:owzn5l7bvrcitix4mlfiabdhee

Multiple Versions

This Systematic Literature Review (SLR) focuses on Android application analysis and source code vulnerability detection methods and tools by critically evaluating 118 carefully selected technical studies ... A continuous and increasing number of mobile applications are constantly offered on mobile marketplaces to fulfil the needs of smartphone users. ... ACKNOWLEDGMENTS We thank Robert Gordon University -United Kingdom, University of Kelaniya -Sri Lanka, and Accelerating Higher Education Expansion and Development (AHEAD) grant of Sri Lanka for their support ...

doi:10.1145/3556974 fatcat:qikho3b26bayxo2oj5dytwm7uu

Second, we want to express our gratitude to the SE 2021 organizers for supporting and hosting our workshop. ... Finally, sincere thanks are given to the organization committee members' management for welcoming and supporting the workshop. ... To identify such sensitive information leaks, taint analysis detects potential leaks by determining if data acquired on a sensitive source reaches a sink, where the information would no longer be secure ...

dblp:conf/se/X21 fatcat:y6ctehezlvamzff4ztdcyrosty

exchange among interconnected services of the application). ... For investigation, we follow a unique approach based on the hypothesis that reliability is pre-requisite of security and identify the threats considering (i) design of smart contracts and associated supply ... Data Availability Statement: Not applicable. Conflicts of Interest: The authors declare no conflict of interest. ...

doi:10.3390/app11125585 fatcat:w4r6rh3uifghdbhueditwdp5sq

DOAJ

We propose a set of criteria for analyzing and comparing the current existing techniques including system architectures and data models. ... A trail of such recorded movements is the foundation for enabling traceability applications. ... A network is a set of composite connections that is quasi-static. It represents the direct or indirect relationship between nodes. ...

doi:10.1007/s10619-011-7084-9 fatcat:liqbc262zjdavbwjtzh3g7tvly

Cooperative Android App Analysis (Thesis Artifact) ... These taint analysis tools are considered to be close contenders as they all implement a flowor context-sensitive static taint analysis. ... Once the analysis reaches a source, it taints (marks) the variable that carries the sensitive data. If the tainted data reaches a sink, the possible data leak is reported in form of a taint flow. ...

doi:10.5281/zenodo.7404899 fatcat:pb4dud45lff3pgjnpm2g36e6ru

Open Access

In the end, the paper puts forward our security considerations on the future development of DT-based smart grid. ... Specifically, the paper i) introduces the background of the smart grid; ii) reviews external cyber attacks from attack incidents and attack methods; iii) introduces critical defense approaches in industrial ... [153] proposed a scalable network of LIHP based on the Conpot [150] framework for ICS. ...

arXiv:2205.11783v1 fatcat:fz43u2e6g5gyfepqz44tezelba

model, data model and multi-service dependencies. ... Based on our knowledge, this is the first structural review paper in service virtualisation fields. ... Data Availability Statement: the study did not report any data. Conflicts of Interest: The authors declare no conflict of interest. ...

doi:10.3390/app11052381 fatcat:hqp47almpnet3kty7zikqmaqga

DOAJ

In this paper, we present a systematic survey of vulnerability analysis of smart contracts. ... Then we discuss existing frameworks, methods and technologies used for vulnerability detection. We summarise our findings in a table which lists each framework and the attacks it protects against. ... Osiris works on symbolic execution and taint analysis. ...

arXiv:2212.07387v2 fatcat:roa5ci3npvhmflgiphznhz66c4

Open Access Multiple Versions

The food processing and packaging industry is becoming a multi-trillion dollar global business. ... Acknowledgments The author acknowledges the Jordan College of Agricultural Sciences and Technology and Provost Office, California State University, Fresno, CA, USA for providing assigned time for the preparation ... Considering the speed of detection, sensitivity, precision, accuracy, size and cost, the research should focus on analysis, design and development of biosensors as well, as other interfacing devices such ...

doi:10.3390/challe5020374 fatcat:tyxqx52zofc7zi7erj4vmvfwvm

DOAJ Szczepanski

Six primitive operations are provided for composition and are proven to preserve confidentiality. A collection of 277 security patterns from existing literature is synthesized. ... Each pattern is defined in a new security pattern template which is based on previous pattern templates. ... Taint analysis (Schwartz et al., 2010) is a static code analysis technique to detect security vulnerabilities by checking whether information can flow from one node to a target node. ...

doi:10.1109/icse.2013.6606727 dblp:conf/icse/Rimba04 fatcat:siskbwuma5bb7naos6ip3nszfy

Therefore, we conduct a study of empirical research on Kubernetes scheduling techniques and present a new taxonomy for Kubernetes scheduling. ... Scheduling approaches are designed based on different Quality of Service (QoS) parameters to provide limited response time, efficient energy consumption, better resource utilization, and other things. ... In addition, static proile-based models require hardware analysis in advance, while dynamic hardware models rely on real-time monitoring. ...

doi:10.1145/3539606 fatcat:c643x3k5nngopmaytxw74h4vwy

This deliverable aims to provide a basis for the identification of use cases and the development of 5G security enablers in INSPIRE-5Gplus. ... requirements of 5G systems, divided into domain-specific use cases, and the elicitation of security requirements from relevant stakeholders in 5G; the current status of 5G networks, the solutions state for ... Nation-state attackers target government agencies, critical infrastructure and any and all industries known to contain sensitive data or property. ...

doi:10.5281/zenodo.3947893 fatcat:bg7jnn5ph5fv3gjp7pqacy3us4

Open Access

Citation

Grant Millar, Anastasios Kafchitsas, Orestis Mavrooulos, Anastasios Kourtis, George Xilouris, Maria Christopoulou, Stavros Kolometsos, Edgardo Montes De Oca, Huu Nghia Nguyen, Antonio Pastor, Sonia Fernandez, Diego Lopez, Vincent Lefebvre, Chafika Benzaid, Tarik Taleb, Othmane Hireche, Mohammed Boukhalfa, Muhammad Farooq, Dang Yongchao, Chrystel Gaber, Jean-Luc Grimault, Morgan Chopin, Jose Manuel Sanchez Vilchez, Kahina Lazri, Francisco Vázquez-Gallego, Laia Nadal, Ricard Vilalta, Gürkan Gür, Bernhard Tellenbach, Jordi Ortiz. "D2.1 5G Security: Current Status and Future Trends." Zenodo (2020)

data. ... Although several approaches have been proposed to address the specific security and privacy needs of targeted applications with functional parameters, there is still a need for a research study on the ... For example, one approach called Sereum [351] is proposed to solve the re-entrance attack, allowing for dynamic taint tracking of smart contract data flows. ...

arXiv:2105.11665v1 fatcat:bsm7w2shjneajp425oddszr6ju

Open Access

Both reversed-phase HPLC and immunochemical (ELISA) analyses were performed on column eluent fractions. ... Atrazine retained on the column was then eluted from the column by increasing the polarity of the solvent. ... However, in industry, most polymers and composite parts are thick enough that internal heat generated by curing is not removed quickly. This makes DSC less than ideal for bulk polymer analysis. ...

doi:10.1155/s1463924696000077 pmid:18925007 pmcid:PMC2548056 fatcat:2zjpnsx5ozcotnycltizaa2llm

Open Access

Android inter-app communication threats and detection techniques

Preserved Fulltext

Other Versions

Android Source Code Vulnerability Detection: A Systematic Literature Review

Preserved Fulltext

Software Engineering 2021 - Komplettband

Preserved Fulltext

Security of Blockchain-Based Supply Chain Management Systems: Challenges and Opportunities

Preserved Fulltext

RFID enabled traceability networks: a survey

Preserved Fulltext

Cooperative Android App Analysis (Thesis Artifact)

Preserved Fulltext

Smart Grid: Cyber Attacks, Critical Defense Approaches, and Digital Twin [article]

Preserved Fulltext

A Review on the Service Virtualisation and Its Structural Pillars

Preserved Fulltext

Vulnerability Analysis of Smart Contracts [article]

Preserved Fulltext

Other Versions

Advances in Packaging Methods, Processes and Systems

Preserved Fulltext

Building high assurance secure applications using security patterns for capability-based platforms

Preserved Fulltext

Kubernetes Scheduling: Taxonomy, ongoing issues and challenges

Preserved Fulltext

D2.1 5G Security: Current Status and Future Trends

Preserved Fulltext

A Taxonomy Study on Securing Blockchain-based Industrial Applications: An Overview, Application Perspectives, Requirements, Attacks, Countermeasures, and Open Issues [article]

Preserved Fulltext

Abstracts of papers presented at the 1996 Pittsburgh Conference

Preserved Fulltext