Razvan Deaconescu

Applied electronics curriculum for Computer Science students

Having solid knowledge of electronics is of major importance for a Computer Science (CS) student. The means for achieving a good level of understanding, especially of the practical aspects, is an ongoing issue (in the short time frame that is generally allocated for it in a CS program). Due to the applied nature of the subject, the authors consider that a pragmatic practice-based approach is an appropriate solution to complete the technical preparation of the students. Following the general lines of this idea, the authors implemented a series of laboratory works that are designed to ensure that students would get hands-on experience with electronic circuits. The paper will present how these will introduce basic key concepts, bridge the gap between theory and practice and lay down a solid foundation for hardware courses that follow in the CS curriculum.

Authentication and Anti-replay Security Protocol for Wireless Sensor Networks

Wireless Sensor Networks are used in domains such as medical monitoring, homeland security, industrial automation and military applications, therefore it is very critical to protect the network against malicious attacks. This paper presents a new security protocol that provides conversation authentication, integrity, intrusion prevention and anti-replay protection. The protocol uses two methods in order to meet these requirements: the last MAC method and an authentication handshake. The protocol has been implemented in TinyOS in two layers of the communication stack: the MAC and Authentication layer. The MAC layer is the implementation of the last MAC method and the Authentication layer generates and verifies the four messages exchanged during the authentication handshake. Authentication and Anti-replay Security Protocol has been tested with TOSSIM in various attack scenarios and has proved that it is able to reject malicious attempts to communicate with the network nodes.

Monitoring and auditing mobile operating systems

The popularity and usage of mobile devices have increased and therefore performance demands changed. An important aspect is represented by the whole system stability which has a big impact on general user experience. This paper proposes a solution for improving the implementation process and stability of operating systems for mobile devices. It presents penetration testing techniques, in order to discover security vulnerabilities. The focus will be on the process of finding the bugs, the exploration part, and the exploitation will only be mentioned to highlight the importance of the vulnerabilities. The second part of the paper consists of a system service which collects the error messages and sends them to a server in order to perform a triage. Received data is saved, processed and then useful information is exposed to developers.

Smart malware detection on Android

Nowadays, because of its increased popularity, Android is target to a growing number of attacks and malicious applications, with the purpose of stealing private information and consuming credit by subscribing to premium services. Most of the current commercial antivirus solutions use static signatures for malware detection, which may fail to detect different variants of the same malware and zero-day attacks. In this paper, we present a behavior-based, dynamic analysis security solution, called Android Malware Detection System, for detecting both well-known and zero-day malware. The proposed solution uses a machine learning classifier in order to differentiate between the behaviors of legitimate and malicious applications. In addition, it uses the application statistics for determining its reputation. The final decision is based on a combination of the classifiers result and the application reputation. The solution includes a unique and extensive set of data collectors, which gather application-specific data that describe the behavior of the monitored application. We evaluated our solution on a set of legitimate and malicious applications and obtained a high accuracy of 0.985. Our system is able to detect zero-day malware samples that are not detected by current commercial solutions. Our solution outperforms other similar solutions running on mobile devices. Copyright

Lightweight Display Virtualization For Mobile Devices

Recent years have witnessed a constant evolution of mobile systems, from hardware improvements such as multi-core CPUs and virtualization extensions, to a rise in software complexity, including application stores that are the home for millions of mobile applications. This enables and encourages the rising trend of mobile virtualization. In this paper we present an approach for providing lightweight and fast display virtualization for mobile devices, allowing multiple operating systems to share the same physical display screen. We describe a design that provides the means to perform efficient display virtualization, making use of the concept of overlays implemented in recent underlying mobile display subsystems. We demonstrate our approach on a dual Android setup: two operating systems running simultaneously on the same mobile device, using our display virtualization framework.

iOracle: Automated Evaluation of Access Control Policies in iOS

Modern operating systems, such as iOS, use multiple access control policies to define an overall protection system. However, the complexity of these policies and their interactions can hide policy flaws that compromise the security of the protection system. We propose iOracle, a framework that logically models the iOS protection system such that queries can be made to automatically detect policy flaws. iOracle models policies and runtime context extracted from iOS firmware images, developer resources, and jailbroken devices, and iOracle significantly reduces the complexity of queries by modeling policy semantics. We evaluate iOracle by using it to successfully triage executables likely to have policy flaws and comparing our results to the executables exploited in four recent jailbreaks. When applied to iOS 10, iOracle identifies previously unknown policy flaws that allow attackers to modify or bypass access control policies. For compromised system processes, consequences of these policy flaws include sandbox escapes (with respect to read/write file access) and changing the ownership of arbitrary files. By automating the evaluation of iOS access control policies, iOracle provides a practical approach to hardening iOS security by identifying policy flaws before they are exploited.

Simulating connection dropouts in BitTorrent environments

With the advance of Peer-to-Peer solutions, research and commercial players have shown interest in enhancing local client and overall swarm performance in order to improve content distribution and user satisfaction. Protocol measurements and careful client and swarm simulation and behavior analysis are required to provide valuable information on improving performance. In this paper we analyse the posibility of simulating realistic network dropout behavior in the testing infrastructures. Three possible solutions are presented: terminating client processes, suspending them and disabling the network interface. A series of experiments are run to compare the solutions.

A Peer-to-Peer Swarm Creation and Management Framework

The continuous development of Internet bandwidth, communication and content variety have enabled peer-to-peer protocols to take place among the most heavily used protocols in the Internet, with BitTorrent as the current flagship. Recent research has focused on measuring Peer-to-Peer systems and proposing improvements and enhancements to existing protocol with the goal of ensuring rapid content distribution and general user satisfaction. In this paper we present a framework that allows easy swarm creation and control for different BitTorrent clients. With the help of a virtualized infrastructure and a client-server software layer we are able to create, command and manage large sized BitTorrent swarms. The framework allows a user to run, schedule, start, stop clients within a swarm and collect information regarding their behavior.