On-chip system call tracing: A feasibility study and open prototype

Several tools for program tracing and introspection exist. These tools can be used to analyze potentially malicious or untrusted programs. In this setting, it is important to prevent that the target program determines whether it is being traced or not. This is typically achieved by minimizing the code of the introspection routines and any artifact or side-effect that the program can leverage. Indeed, the most recent approaches consist of lightly instrumented operating systems or thin hypervisors running directly on bare metal. Following this research trend, we investigate the feasibility of transparently tracing a Linux/ARM program without modifying the software stack, while keeping the analysis cost and flexibility compatible with state of the art emulation- or baremetal- based approaches. As for the typical program tracing task, our goal is to reconstruct the stream of system call invocations along with the respective un-marshalled arguments. We propose to leverage the availability of on-chip debugging interfaces of modern ARM systems, which are accessible via JTAG. More precisely, we developed OpenST, an open-source prototype tracer that allowed us to analyze the performance overhead and to assess the transparency with respect to evasive, real-world malicious programs. OpenST has two tracing modes: In-kernel dynamic tracing and external tracing. The in-kernel dynamic tracing mode uses the JTAG interface to \u201chot-patch\u201d the system calls at runtime, injecting introspection code. This mode is more transparent than emulator based approaches, but assumes that the traced program does not have access to the kernel memory\u2014where the introspection code is loaded. The external tracing mode removes this assumption by using the JTAG interface to manage hardware breakpoints. Our tests show that OpenST\u2019s greater transparency comes at the price of a steep performance penalty. However, with a cost model, we show that OpenST scales better than the state of the art, bare-metal-based approach, while remaining equally stealthy to evasive malware

a intervenção especializada de enfermagem nos cuidados pós-reanimação

A mortalidade por paragem cardiorrespiratória súbita é um problema de saúde pública que afeta a população à escala global. Segundo dados de 2017, a incidência de paragem cardiorrespiratória fora do hospital foi de 67 a 170 casos por 100 mil habitantes (Grasner, 2021). Em Portugal, em 2020, de todas as situações de paragem cardiorrespiratória fora do hospital, apenas foram reanimadas com recuperação de sinais de circulação 616 pessoas, o que equivale a 3% do número total de casos. Destes, apenas 8% irão sobreviver e ter alta hospitalar (INEM, 2021). A intervenção especializada de enfermagem no período pós- paragem cardiorrespiratória é fundamental para influenciar de forma positiva o outcome da pessoa, pelo que é de extrema importância compreender a intervenção do enfermeiro especialista na prestação de cuidados de monitorização, vigilância e terapêutica avançados. Com o objetivo de desenvolver competências especializadas de enfermagem nos cuidados de enfermagem à pessoa vítima de paragem cardiorrespiratória recuperada, foi planeado e executado um percurso com vista à construção e solidificação de competências especializadas, recorrendo aos referenciais teóricos do Nursing as Caring e Technological Nursing as Caring. O percurso foi dividido em dois contextos clínicos, primeiro em unidade de cuidados intensivos e posteriormente em serviço de urgência e visaram sobretudo o desenvolver e a aquisição de novas competências especializadas de enfermagem no cuidado da pessoa vítima de paragem cardiorrespiratória. Através da elaboração de documentos como estudo de caso ou jornais de aprendizagem foi possível uma análise reflexiva da atividade exercida. Também a elaboração de uma revisão integrativa da literatura permitiu uma abordagem sistemática e reflexiva do tema em estudo. Como resultado deste percurso, houve um aprofundar de conhecimentos, assim como um incremento de competências especializadas de enfermagem no campo em estudo, assim como inerentemente na gestão de cuidados. O cuidado especializado de enfermagem à pessoa vítima de paragem cardiorrespiratória recuperada assenta acima da tudo na vigilância, monitorização e neuroprotecção enquanto medidas que promovem a qualidade dos cuidados e um melhor outcome para a pessoa.Mortality from sudden cardiac arrest is a public health problem that affects the population on a global scale. According to 2017 data, the incidence of cardiorespiratory arrest outside the hospital ranged from 67 to 170 cases per 100,000 inhabitants. In Portugal, in 2020, of all situations of cardiorespiratory arrest outside the hospital, only 616 people were resuscitated with return of spontaneous circulation, which is equivalent to 3% of the total number of cases. Of these, only 8% will survive and be discharged from the hospital. Specialized nursing intervention in the post-cardiac arrest period is essential to positively influence the outcome of the person, so it is extremely important to understand the role of the nurse specialist in providing advanced monitoring, surveillance and therapeutic care. With the purpose of developing specialized nursing skills in nursing care for the victim of recovered cardiorespiratory arrest, a course was planned and executed in order to build and solidify specialized skills, using the theoretical frameworks of Nursing as Caring and Technological Nursing as Caring. The course was divided into two clinical contexts, first in an intensive care unit and later in an emergency department and aimed above all at developing and acquiring new specialized nursing skills in the care for the person suffering from cardiorespiratory arrest. Through the elaboration of documents such as a case study or learning journals, a reflective analysis of the activity performed was possible. The elaboration of an integrative literature review also allowed a systematic and reflective approach to the topic under study. As a result, there was a deepening in this field of knowledge, as well as an increase in specialized nursing skills in the field under study, as well as inherently in care management. Specialized nursing care for the person who has recovered from cardiac arrest is based above all on surveillance, monitoring and neuroprotection as measures that promote the quality of care and a better outcome for the person

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out

Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection

It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments

An Intrusion Detection and Prevention Framework for Internet-Integrated CoAP WSN

End-to-end communications between Internet devices and Internet-integrated constrained wireless sensing platforms will provide an important contribution to the enabling of many of the envisioned IoT applications and, in this context, security must be addressed when employing communication technologies such as 6LoWPAN and CoAP. Considering the constraints typically found on sensing devices in terms of energy, memory, and computational capability, the integration of Wireless Sensor Networks (WSN) with the Internet using such technologies will open new threats and attacks that must be dealt with, particularly those originated at devices without the constraints of WSN sensors (e.g., Internet hosts). Existing encryption strategies for communications in IoT environments are unable to protect Internet-integrated WSN environments from Denial of Service (DoS) attacks, as well as from other forms of attacks at the network and application layers using CoAP. We may thus fairly consider that anomaly and intrusion detection will play a major role in the materialization of most of the envisioned IoT applications. In this article, we propose a framework to support intrusion detection and reaction in Internet-integrated CoAP WSN, and in the context of this framework we design and implement various approaches to support security against various classes of attacks. We have implemented and evaluated experimentally the proposed framework and mechanisms, considering various attack scenarios, and our approach was found to be viable, from the point of view of its impact on critical resources of sensing devices and of its efficiency in dealing with the considered attacks

Security and Privacy for Mobile IoT Applications Using Blockchain

Internet of Things (IoT) applications are becoming more integrated into our society and daily lives, although many of them can expose the user to threats against their privacy. Therefore, we find that it is crucial to address the privacy requirements of most of such applications and develop solutions that implement, as far as possible, privacy by design in order to mitigate relevant threats. While in the literature we may find innovative proposals to enhance the privacy of IoT applications, many of those only focus on the edge layer. On the other hand, privacy by design approaches are required throughout the whole system (e.g., at the cloud layer), in order to guarantee robust solutions to privacy in IoT. With this in mind, we propose an architecture that leverages the properties of blockchain, integrated with other technologies, to address security and privacy in the context of IoT applications. The main focus of our proposal is to enhance the privacy of the users and their data, using the anonymisation properties of blockchain to implement user-controlled privacy. We consider an IoT application with mobility for smart vehicles as our usage case, which allows us to implement and experimentally evaluate the proposed architecture and mechanisms as a proof of concept. In this application, data related to the user’s identity and location needs to be shared with security and privacy. Our proposal was implemented and experimentally validated in light of fundamental privacy and security requirements, as well as its performance. We found it to be a viable approach to security and privacy in IoT environments.</jats:p