47 research outputs found

    “Sono tanti i mondi che mi appartengono”

    No full text
    Il volume, a cura di Sara Fontana ed Elisabetta Longari e con un contributo di Renato Miracco, racconta l’universo creativo pluridisciplinare di Kikki Ghezzi attraverso tre saggi e una sequenza di opere realizzate con media diversi. Pittura, scultura, disegno e installazione, accanto a scrittura, stampa, ricamo e libro d’artista restituiscono un percorso artistico sfaccettato, ormai quasi ventennale. I tre autori evidenziano, da prospettive diverse, la perenne dialettica tra sogno e realtà, tra magia e ordinarietà, tra luce e buio dell’opera di Ghezzi. Sara Fontana ricostruisce in termini antologici un itinerario di ricerca che è anche un viaggio di trasformazione e di rinascita. Elisabetta Longari indaga la potenza del colore e il suo valore simbolico nell’opera dell’artista. Renato Miracco si concentra sugli aspetti più spirituali dell’indagine di Ghezzi e ne approfondisce un valore esoterico, magico e astrale sempre più evidente

    CANter: data-link layer detection of drop-and-spoof attacks on CAN and CAN FD

    No full text
    The automotive industry has experienced significant growth and innovation in recent years, resulting in increasingly complex in-vehicle networks and a higher number of Electronic Control Units (ECUs) on-board. Communication between ECUs is primarily accomplished using the Controller Area Network (CAN) protocol, which is considered the standard in the industry due to its reliable and efficient transmission. However, security concerns have arisen due to the fact that these protocols were initially designed without much consideration for security, leaving vehicles vulnerable to attackers who can transmit spoofed messages on the bus. Current Intrusion Detection Systems (IDSs) detect these messages, but an attacker can avoid defenses through drop-and-spoof attacks, by first disconnecting the target ECU and then spoofing the messages. In response to these vulnerabilities, this paper presents CANter , an IDS designed to detect and respond to attacks on in-vehicle networks. CANter utilizes the CAN and CAN FD speci- fications, as well as a frequency analysis of time intervals between frames on the network, to detect drop-and-spoof attacks without requiring any modifications to the existing network structure or ECUs, being installed as a stand-alone device on the network

    Investigating the Impact of Evasion Attacks Against Automotive Intrusion Detection Systems

    No full text
    The evolution of vehicles has led to the integration of numerous devices that communicate via the controller area network (CAN) protocol. This protocol lacks security measures, leaving interconnected critical components vulnerable. The expansion of local and remote connectivity has increased the attack surface, heightening the risk of unauthorized intrusions. Since recent studies have proven external attacks to constitute a realworld threat to vehicle availability, driving data confidentiality, and passenger safety, researchers and car manufacturers focused on implementing effective defenses. intrusion detection systems (IDSs), frequently employing machine learning models, are a prominent solution. However, IDS are not foolproof, and attackers with knowledge of these systems can orchestrate adversarial attacks to evade detection. In this paper, we evaluate the effectiveness of popular adversarial techniques in the automotive domain to ascertain the resilience, characteristics, and vulnerabilities of several ML-based IDSs. We propose three gradient-based evasion algorithms and evaluate them against six detection systems. We find that the algorithms’ performance heavily depends on the model’s complexity and the intended attack’s quality. Also, we study the transferability between different detection systems and different time instants in the communication

    CANPak: An Intrusion Detection System against Error Frame Attacks for Controller Area Network

    No full text
    The automotive industry has experienced significant evolution and expansion in recent years, resulting in increasingly complex in-vehicle networks and a growing number of ex- ternal communication interfaces and on-board Electronic Control Units (ECUs). Despite advancements, the Controller Area Network (CAN) protocol and its enhanced version, the CAN with Flexible Data-rate (CAN FD) protocol, continue to be widely used due to their reliable and efficient real-time transmission capabilities. However, the CAN protocol was not originally designed with security in mind, lacking authentication mechanisms for communications. This vulnerability allows attackers to send spoofed messages across the bus. While application-level Intrusion Detection Systems (IDSs) can identify these spoofed messages, sophisticated attackers can bypass such security measures by disconnecting the target ECU before initiating the spoofing attack. This disconnection can be achieved through error frame injection attacks, a known vulnerability of the CAN protocol. In this work, we propose an IDS that defends against error frame injection attacks, recognizing an attacker’s attempt to force a victim ECU to disconnect itself from the network. Our ap- proach detects these attacks with up to 0.97 accuracy, without requiring any modifications to existing ECUs or the network architecture

    Securing LiDAR Communication through Watermark-based Tampering Detection

    No full text
    With the increasing interest in autonomous vehicles (AVs), ensuring their safety and security is becoming crucial. The introduction of advanced features has increased the need for various interfaces to communicate with the external world, creating new potential attack vectors that attackers can exploit to alter sensor data. LiDAR sensors are widely employed to support autonomous driving features and generate point cloud data used by ADAS to 3D map the vehicle’s surroundings. Tampering attacks on LiDAR-generated data can compromise the vehicle’s functionalities and seriously threaten passengers and other road users. Existing approaches to LiDAR data tampering detection show security flaws and can be bypassed by attackers through design vulnerabilities. This paper proposes a novel approach for tampering detection of LiDAR-generated data in AVs, employing a watermarking technique. We validate our approach through experiments to prove its feasibility in real- world time-constrained scenarios and its efficacy in detecting LiDAR tampering attacks. Our approach performs better when compared to the current state-of-the-art LiDAR watermarking techniques while addressing critical issues related to watermark security and imperceptibility

    Guessing as a service: large language models are not yet ready for vulnerability detection

    No full text
    The growing number of reported software vulnerabilities underscores the need for efficient detection methods, especially for resource-limited organizations. While traditional techniques like fuzzing and symbolic execution are effective, they require significant manual effort. Recent advances in Large Language Models (LLMs) show promise for zero-shot learning, leveraging pre-training on diverse datasets to detect vulnerabilities without fine-tuning. This study evaluates quantized models (e.g., Mistral v0.3), code-specialized models (e.g., CodeQwen 1.5), and fine-tuned approaches like PDBERT. Zero-shot models perform poorly, with a precision below 0.46, and even PDBERT’s high metrics (precision 0.91, specificity 0.99) are undermined by overfitting. These findings emphasize the limitations of current AI solutions and the necessity for approaches tailored to the specific problem

    Micro-Mobility Security: A Holistic Approach via Mobile App Analysis

    No full text
    The growth of urbanization and technology has reshaped transportation, bringing about shared micro-mobility services like e-scooters and e-bikes as sustainable solutions for short urban trips, mitigating traffic and pollution issues. However, the rapid expansion of this market has outpaced the development of standardized security measures. Our research aims to analyze theoretically and empirically the security landscape of shared micro-mobility services, focusing on client components. We present a reference architecture and a detailed threat model to identify and address the most pressing security challenges. Additionally, we design a set of experiments to evaluate existing services and assess their security implementations. Finally, we propose guidelines and best practices to enhance the security of shared micro-mobility services, highlighting the need for a standardized security approach and offering a foundation for future research

    Synthesis of chiral vinylogous sulfonamidopeptides (vs-peptides)

    No full text
    Chiral vinylogous amino sulfonic acids (vs-amino acids) were synthesized starting from either L-or D-alpha-amino acids via N-Boc-alpha-amino aldehydes. Wittig-Homer reaction with methyl (or ethyl) diethylphosphoryl methanesulfonate and nBuLi gave the corresponding alpha,beta-unsaturated sulfonates in high yield and complete (E) stereoselectivity. Cleavage of the methyl (ethyl) ester was effected by treatment of the sulfonates with nBu(4)NI in refluxing acetone. Treatment of the nBu(4)N(+) sulfonate salts with SO2Cl2/PPh3/CH2Cl2 gave the corresponding sulfonyl chlorides as stable chromatographable compounds. The synthetic sequence proved successful not only starting from alpha-amino acids carrying unfunctionalized side-chains (Ala, Val, Phe, Leu, Pro), but also with functionalized alpha-amino acids (Ser, Tyr, Gin) provided that the side chains were suitably protected. The sulfonyl chlorides were coupled with the amine salts to give vs-dipeptides. Amine hydrochlorides were prepared from N-Boc derivatives by treatment with HCl in methanol or ethyl acetate. The process was further iterated to give vs-tripeptides and vs-tetrapeptides. The above procedure was also used to synthesize "mixed" peptides, which incorporate both proteinogenic alpha-amino acids and vs-amino acids. Proteinogenic alpha-amino acids were incorporated at both the C-terminal and the N-terminal position
    corecore