Chaojing Tang

Application and performance analysis of various AEAD techniques for space telecommand authentication

Secure communications in the context of civil space missions gained a major attention in the last few years, mainly thanks to the activities promoted in this field by the Consultative Committee for Space Data Systems. Risk analyses performed by several space agencies have provided indications of the impact of different security threats on several categories of space missions. As a result, to ensure a minimum level of security, at least Telecommand authentication should be applied to all missions. Besides standard and well known algorithms, alternative authentication solutions are to be considered, and tested for possible adoption in the space context, in order to provide a scalable and flexible authentication framework. To this aim, this paper focuses on some Authenticated Encryption with Associated Data techniques, and on their thorough evaluation by a detailed model of the space Telecommand channel and protocol stack, in order to achieve an optimal selection for application in the real space communication environment.

A new method of enhancing telecommand security: the application of GCM in TC protocol

In recent times, security has grown to a topic of major importance for the space missions. Many space agencies have been engaged in research on the selection of proper algorithms for ensuring Telecommand security according to the space communication environment, especially in regard to the privacy and authentication. Since space missions with high security levels need to ensure both privacy and authentication, Authenticated Encryption with Associated Data schemes (AEAD) be integrated into normal Telecommand protocols. This paper provides an overview of the Galois Counter Mode (GCM) of operation, which is one of the available two-pass AEAD schemes, and some preliminary considerations and analyses about its possible application to Telecommand frames specified by CCSDS.

A new dynamic address solution for moving target defense

The dynamic address techniques that dynamically change network properties including protocols and addresses have been a major focus area of moving target defense. Current dynamic address proposals have a common limitation that the changing scope of a certain terminal host is limited to its corresponding subnet in the process of address dynamically changing. A new dynamic address solution is proposed based on software defined network to enlarge the changing scopes of terminal hosts. The effectiveness of proposed solution is evaluated by an experimental network created by mininet. The experiment results show that the proposed solution could effectively manage the dynamically changing process and extend the terminal hosts changing scopes to a great extent.

Misbehavior Detection Algorithm in CCSDS Space Telecommand System

Various authentication solutions are to be considered and tested for possible adoption in space Telecommand system due to the accessibility of space wireless channel. Most of the solutions proposed previously are designed oblivious of the difference in protocol misbehavior due to attacks and due to normal interference in space channel. We propose an innovative misbehavior detection algorithm for CCSDS Telecommand systems, to address this problem with a hypothesis test approach based on the model of attackers behavior and space channel.

Detecting integer overflow in Windows binary executables based on symbolic execution

The integer overflow vulnerabilities exist in Windows binary executables still take up a large proportion of software security vulnerabilities. As integer overflow could lead to a serious buffer overflow sometimes, so once the integer overflow to buffer overflow vulnerability is exploited by attackers, our computer system may be exposed to critical threaten. In this paper, we present the design and implementation of a dynamic method to detect integer overflow to buffer overflow vulnerabilities. Our method first utilizes static analysis to find integer sensitive code region with the help of the characteristics of integer overflow to buffer overflow vulnerability. Then we leverage selective symbolic execution to explore these code regions and check the secure condition on each sink point to find secure bugs. Once we find a suspicious integer overflow to buffer overflow point, our method can generate POC automatically so that we can validate this overflow warning easily and accurately. We evaluate our method on 104 integer overflow to buffer overflow programs in Juliet test suite, and the result shows that our method does not produce any false positive and false negative. We also test our method on real-world binary software and the result shows our method could detect the vulnerability efficiently and generate POCs successfully.

Ethernet address resolution in the context of dynamic IP address changes

While developing dynamic IP address changing techniques under current TCP/IP protocol cluster, the ARP request and reply messages of dynamic IP addresses must be carefully and effectively handled. In this paper, we propose a novel algorithm based on current ARP protocol and switchs self-learning algorithm to address the Ethernet address resolution problem in the context of dynamic IP address changes, which is designed to be deployed in the SDN environment. To evaluate the effectiveness of proposed algorithm, an experimental network was constructed by mininet. The hosts ARP tables and OpenFlow switches corresponding mapping tables in the experiment demonstrate that the proposed algorithm could fully satisfy the need of Ethernet address resolution in the context of dynamic IP address changes.

Software Vulnerability Detection Based on Code Coverage and Test Cost

In order to solve the problems of traditional Fuzzing technique for software vulnerability detection, a novel method based on code coverage and test cost is proposed. Firstly, static analysis is applied to calculate the code coverage information, including basic block coverage and new block coverage. In addition, test path diversity information is introduced to elevate path coverage, which is achieved based on the sequence alignment algorithm. Secondly, test cost is analyzed respectively from running time and loop structure. The loop structure is simplified using finite expansion manner. Thirdly, the genetic algorithm fitness function is constructed based on the code coverage and test cost to guide the test case generation. Experiments on realistic binary software show that the method could obtain higher vulnerability detection accuracy and efficiency than the traditional Fuzzing technique.

Protocol Reverse Engineering Using LDA and Association Analysis

Automatic protocol reverse engineering for application protocol is becoming more and more important for many applications such as application protocol analyzer, penetration testing, intrusion prevention and detection. However, many techniques for extracting the protocol message format specifications of unknown applications often have some limitations for little priori information or the time-consuming problem. In this paper, we present a method for automatically reverse engineering the protocol message formats of an application from its network trace, by using LDA and association analysis. The approach exploits the semantics of protocol messages without the executable code of application protocols, but focuses on the insight that the n-grams of protocol traces exhibit highly semantic information that can be leveraged for accurate protocol message format inference. Firstly, we propose the way to key words extract by utilizing the LDA model, secondly, the association analysis method is applied to constructing the feature words based on the above process. Lastly our experiments Show that the method can accurately infer message format specifications of SMTP text protocol.

Performance evaluation and adaptive optimization of COP-1: A case with security enhancement

Secure communications in the context of civil space missions gained a major attention in the last few years, several research groups and international organizations are currently developing the required security mechanisms, based on widely used protocols of the Consultative Committee for Space Data Systems (CCSDS) Packet TM and TC family. However, given the hostile space communication environment, when security mechanisms are integrated within existing space communication systems, they greatly affect the transmission performance. This paper presents an evaluation of throughput efficiency for COP-1 protocol when security mechanisms are integrated, in the context of space communications. Based on such evaluation, the authors propose an adaptive algorithm which allows COP-1 directives to dynamically optimize the sliding window size and frame length, according to estimates of the channel fading characteristic. The proposed algorithm is particularly useful for deep space channels, over which the channel tends to be fading kind.

Ffuzz: Towards full system high coverage fuzz testing on binary executables

Bugs and vulnerabilities in binary executables threaten cyber security. Current discovery methods, like fuzz testing, symbolic execution and manual analysis, both have advantages and disadvantages when exercising the deeper code area in binary executables to find more bugs. In this paper, we designed and implemented a hybrid automatic bug finding tool—Ffuzz—on top of fuzz testing and selective symbolic execution. It targets full system software stack testing including both the user space and kernel space. Combining these two mainstream techniques enables us to achieve higher coverage and avoid getting stuck both in fuzz testing and symbolic execution. We also proposed two key optimizations to improve the efficiency of full system testing. We evaluated the efficiency and effectiveness of our method on real-world binary software and 844 memory corruption vulnerable programs in the Juliet test suite. The results show that Ffuzz can discover software bugs in the full system software stack effectively and efficiently.