470 research outputs found
Period selection for minimal hyperperiod in periodic task systems
© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be
obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes, creating new
collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted
component of this work in other works.Task period selection is often used to adjust the workload to the available computational resources. In this paper, we propose a model where each selected period is not restricted to be a natural number, but can be any rational number within a range. Under this generalization, we contribute a period selection algorithm that yields a much smaller hyperperiod than that of previous works: with respect to the largest period, the hyperperiod with integer constraints is exponentially bounded; with rational periods the worst case is only quadratic. By means of an integer approximation at each task activation, we show how our rational period approach can work under system clock granularity; it is thus compatible with scheduling analysis practice and implementation. Our finding has practical applications in several fields of real-time scheduling: lowering complexity in table driven schedulers, reducing search space in model checking analysis, generating synthetic workload for statistical analysis of real-time scheduling algorithms, etc.This work has been funded by the Spanish Government Research Office, project TIN2008-06766-C03-02 (RT-MODEL).Ripoll Ripoll, JI.; Ballester-Ripoll, R. (2013). Period selection for minimal hyperperiod in periodic task systems. IEEE Transactions on Computers. 62(9):1813-1822. https://doi.org/10.1109/TC.2012.243S1813182262
Analysis and compensation of scheduling delays in control systems
[ES] Existe una separación entre la fase de diseño del regulador y su implementación en el computador de forma que, cada fase asume simplificaciones sobre la otra fase, lo cual lleva a un comportamiento inesperado o incorrecto del sistema a controlar. Desde hace algunos años, han surgido diversos trabajos que han apuntado la falta de integración de las dos fases de control. Esta línea de investigación se conoce como integración del control y la planificación. El estudio de los retardos que sufre un sistema de control es una parte importante de esta línea de investigación. El objetivo de este trabajo es presentar la revisión y análisis tanto de los retardos de un sistema de control, centrándonos en los retardos de control, como de las técnicas utilizadas para reducir estos retardos.[EN] There is a gap between control design phase and its real-time implementation in such a way that every phase assumes some simplifications on the other phase. This leads to a undesired behavior of the controlled system. In recent years some works have pointed out the need of integrating both phases. The goal of this work is to study the negative influence of delays in a control system, focusing in control delays and the techniques used to reduce it.Balbastre Betoret, P.; Lluesma, M.; Ripoll Ripoll, JI. (2010). Análisis y Compensación de los Retardos de Planificación en Sistemas de Control. Revista Iberoamericana de Automática e Informática industrial. 3(2):40-49. https://riunet.upv.es/handle/10251/146378OJS40493
A taxonomy for threat actors' persistence techniques
[EN] The main contribution of this paper is to provide an accurate taxonomy for Persistence techniques, which allows the detection of novel techniques and the identification of appropriate countermeasures. Persistence is a key tactic for advanced offensive cyber operations. The techniques that achieve persistence have been largely analyzed in particular environments, but there is no suitable platform¿agnostic model to structure persistence techniques. This lack causes a serious problem in the modeling of activities of advanced threat actors, hindering both their detection and the implementation of countermeasures against their activities. In this paper we analyze previous work in this field and propose a novel taxonomy for persistence techniques based on persistence points, a key concept we introduce in our work as the basis for the proposed taxonomy. Our work will help analysts to identify, classify and detect compromises, significantly reducing the amount of effort needed for these tasks. It follows a logical structure that can be easy to expand and adapt, and it can be directly used in commonly accepted industry standards such as MITRE ATT&CK.Villalón-Huerta, A.; Marco-Gisbert, H.; Ripoll-Ripoll, I. (2022). A taxonomy for threat actors' persistence techniques. Computers & Security. 121:1-14. https://doi.org/10.1016/j.cose.2022.102855S11412
CNA Tactics and Techniques: A Structure Proposal
[EN] Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While in CNE operations the main tactics and techniques are defined and well structured, in CNA there is a lack of such consensuated approaches. This situation hinders the modeling of threat actors, which prevents an accurate definition of control to identify and to neutralize malicious activities. In this paper, we propose the first global approach for CNA operations that can be used to map real-world activities. The proposal significantly reduces the amount of effort need to identify, analyze, and neutralize advanced threat actors targeting cyber physical systems. It follows a logical structure that can be easy to expand and adapt.Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2021). CNA Tactics and Techniques: A Structure Proposal. Journal of Sensor and Actuator Networks. 10(1):1-23. https://doi.org/10.3390/jsan10010014S12310
SOC Critical Path: A defensive Kill Chain model
[EN] Different kill chain models have been defined and analyzed to provide a common sequence of actions followed in offensive cyber operations. These models allow analysts to identify these operations and to understand how they are executed. However, there is a lack of an equivalent model from a defensive point of view: this is, there is no common sequence of actions for the detection of threats and their accurate response. This lack causes not only problems such as unstructured approaches and conceptual errors but, what is most important, inefficiency in the detection and response to threats, as defensive tactics are not well identified. For this reason, in this work we present a defensive kill chain approach where tactics for teams in charge of cyber defense activities are structured and arranged. We introduce the concept of SOC Critical Path (SCP), a novel kill chain model to detect and neutralize threats. SCP is a technology¿independent model that provides an arrangement of mandatory steps, in the form of tactics, to be executed by Computer Network Defense teams to detect hostile cyber operations. By adopting this novel model, these teams increase the performance and the effectiveness of their capabilities through a common framework that formalizes the steps to follow for the detection and neutralization of threats. In this way, our work can be used not only to identify detection and response gaps, but also to implement a continuous improvement cycle over time.Villalón-Huerta, A.; Marco-Gisbert, H.; Ripoll-Ripoll, I. (2022). SOC Critical Path: A defensive Kill Chain model. IEEE Access. 10:13570-13581. https://doi.org/10.1109/ACCESS.2022.3145029S13570135811
Detección de copiones con “pinganillos magnéticos” y experimentos sobre magnetismo
[EN] Technological advances affect to all fields of the society, which includes the methods used by some individuals cheat on exams. This work presents an effective detection system against the well known invisible earpiece cheating gadget. In addition to the main use for which the detector has been designed, the project also serves as a demonstrator (in laboratory activities) of the basic principles of electromagnetism and electronics. Which, in turn, will server as a deterrent against possible cheaters by demonstrating how ease they can be discovered.[ES] Los avances tecnológicos se aplican a todos los campos de la sociedad, incluyendo los métodos utilizados por algunos individuos para copiar en los exámenes. Este trabajo presenta un efectivo sistema de detección contra el sistema de copia conocido comúnmente como pinganillos magnéticos o invisibles. Aparte del uso principal para el que ha sido diseñado el detector, el proyecto también sirve como demostrador (en sesiones de laboratorio) de los principios básicos de electromagnetismo y electrónica. Lo que a su vez, servirá como medida disuasoria contra posibles copiones al demostrar la facilidad con la que pueden ser descubiertos.Ripoll Ripoll, I.; Marco Gisbert, H.; Martínez Fernández, V.; Gil, P. (2018). Detección de copiones con “pinganillos magnéticos” y experimentos sobre magnetismo. En IN-RED 2018. IV Congreso Nacional de Innovación Educativa y Docencia en Red. Editorial Universitat Politècnica de València. 35-49. https://doi.org/10.4995/INRED2018.2018.8589OCS354
From the IBPP Research Associates. Canada. Ismael Sambra
This articles discusses a declaration - Joint Declaration by the Committee of Cuban Political Ex-Prisoners and Cuba Friends and Cuban Canadian National Foundation Against The Laws That Persecute and Condemn Freedom in Cuba. - provided by Mr. Ismael Sambra, president of the Cuban Canadian National Foundation and Writer in Residence at York University, Ontario, Canada.
Of note: Mr. Sambra published A Dictator\u27s Errors in IBPP (Author: Ismael Sambra, Volume 4, Number 25, June 26, 1998.
2015 Montando al Negro Iriarte
Córdoba | Teatro La Cochera | Grupo Los que dijeron oh | Actúan: Dimas Games, Mario Gorostidi, Sergio Ariel Heredia, Jorge Ismael Juárez, Karina Jurik, Javier Lopez, Monica Morea, Virginia Peña, Verónica Ripoll, Natalia Saez Kohan, Ernesto José Salas, Lucas Solé | Iluminación: Pablo Chiaretta | Sonido: Marcelo Trujillo | Dirección: Paco Giménez | Consultado el 18 de septiembre de 2017 | http://www.alternativateatral.com/obra39268-montando-al-negro-iriart
Address space layout randomization next generation
Systems that are built using low-power computationally-weak devices, which force developers to favor performance over security; which jointly with its high connectivity, continuous and autonomous operation makes those devices specially appealing to attackers. ASLR (Address Space Layout Randomization) is one of the most effective mitigation techniques against remote code execution attacks, but when it is implemented in a practical system its effectiveness is jeopardized by multiple constraints: the size of the virtual memory space, the potential fragmentation problems, compatibility limitations, etc. As a result, most ASLR implementations (specially in 32-bits) fail to provide the necessary protection. In this paper we propose a taxonomy of all ASLR elements, which categorizes the entropy in three dimensions: (1) how, (2) when and (3) what; and includes novel forms of entropy. Based on this taxonomy we have created, ASLRA, an advanced statistical analysis tool to assess the effectiveness of any ASLR implementation. Our analysis show that all ASLR implementations suffer from several weaknesses, 32-bit systems provide a poor ASLR, and OS X has a broken ASLR in both 32- and 64-bit systems. This is jeopardizing not only servers and end users devices as smartphones but also the whole IoT ecosystem. To overcome all these issues, we present ASLR-NG, a novel ASLR that provides the maximum possible absolute entropy and removes all correlation attacks making ASLR-NG the best solution for both 32- and 64-bit systems. We implemented ASLR-NG in the Linux kernel 4.15. The comparative evaluation shows that ASLR-NG overcomes PaX, Linux and OS X implementations, providing strong protection to prevent attackers from abusing weak ASLRs
SSPFA:effective stack smashing protection for Android OS
In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack buffer overflow attacks, fails to protect the Android operating system and thus causes a false sense of security that affects all Android devices. We detail weaknesses of existing SSP implementations, revealing that current SSP is not secure. We propose SSPFA, the first effective and practical SSP for Android devices. SSPFA provides security against stack buffer overflows without changing the underlying architecture. SSPFA has been implemented and tested on several real devices showing that it is not intrusive, and it is binary-compatible with Android applications. Extensive empirical validation has been carried out over the proposed solution
- …
