Binary Program Integrity Models for Defeating Code-Reuse Attacks

During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particularly, an attacker often exploits a vulnerability within a program, hijacks control-flow, and executes malicious code. Data Execution Prevention (DEP), a hardware-enforced security feature, prevents an attacker from directly executing the injected malicious code. Therefore, attackers have resorted to code-reuse attacks, wherein carefully chosen fragments of code within existing code sections of a program are sequentially executed to accomplish malicious logic. Code-reuse attacks are ubiquitous and account for majority of the attacks in the wild. On one hand, due to the wide use of closed-source software, binary-level solutions are essential. On the other hand, without access to source-code and debug-information, defending raw binaries is hard. A majority of defenses against code-reuse attacks enforce control-flow integrity , a program property that requires the runtime execution of a program to adhere to a statically determined control-flow graph (CFG) -- a graph that captures the intended flow of control within the program. While defenses against code-reuse attacks have focused on reducing the attack space, due to the lack of high-level semantics in the binary, they lack in precision, which in turn results in smaller yet significant attack space. This dissertation presents program integrity models aimed at narrowing the attack space available to execute code-reuse attacks. First, we take a semantic-recovery approach to restrict the targets of indirect branches in a binary. Then, we further improve the precision by recovering C++-level semantics, and enforce a strict integrity model that improves precision for virtual function calls in the binary. Finally, in order to further reduce the attack space, we take a different perspective on defense against code-reuse attacks, and introduce Stack-Pointer Integrity -- a novel integrity model targeted at ensuring the integrity of stack pointer as opposed to the instruction pointer. Our results show that the semantic-recovery-based approaches can help in significantly reducing the attack space by improving the precision of the underlying CFG. Function-level semantic recovery can eliminate 99.47% of inaccurate targets, whereas recovering virtual callsites and VTables at a C++ level can eliminate 99.99% of inaccurate targets

Phytochemical investigation and cytotoxic activity of hydro alcoholic fraction of Trianthema decandra

193-203The objective of our study was to perform phytochemical analysis and evaluate for cytotoxic activity of hydro alcoholic fraction (H1) of Trianthema decandra L. (Aizoaceae) against breast, liver and cervical cancers. Hydro alcoholic fraction was separated from methanolic extract, which was prepared by maceration method from aerial parts of T. decandra The GC-MS analysis confirms the presence of seventeen bioactive compounds which belongs to carbohydrates, terpenoids, alkaloids, cardiac glycosides, fatty acids and their esters or alcohols, and their presence were supported with Fourier Transform Infrared Spectroscopy (FT-IR) and preliminary phytochemical analysis. Most of the compounds are biologically active and are known to exhibit antimicrobial and cancer preventive properties. Hydro alcoholic fraction was subjected to morphological evaluation and MTT cell viability assay. It has exhibited significant cytotoxic activity and their IC50 values were determined as 165.22 + 1.53 mg/ml, 175.28 + 1.7 mg/ml and 201.93 + 1.33 mg/ml against MCF-7, HeLa and HepG2 cancer cells, respectively. This bioactive fraction has exhibited cytotoxicity relatively more against breast cancer than cervical and liver cancers

Analysis and Optimization of Radiant Cooling Panel with Wave-Type Embedded Pipes

In this study, the radiant cooling panel with wave-type pattern pipes is analyzed and optimized through Taguchi’s design of experiments methods and grey relation method for better performance. Radiant cooling panel’s bottom surface temperature and temperature non-uniformity index are considered as the quality objective functions. Control parameters such as pipe length, the spacing between the pipes, radiant panel thickness, pipe bent radius, pipe diameter, insulation layer thickness, pipe material, panel material, insulation material, and mass flow rate of water entering the pipe are included as the control parameters of the optimization study. The performance of radiant cooling panels is analyzed through numerical simulation technique- computation fluid dynamic (CFD) method. The numerical simulation is carried out in the Fluent software, and the CFD code is checked for grid independence and validation. Through single and multi-objective optimization, the best design of the radiant cooling panel is identified, and a confirmation test is also conducted. Finally, an analysis of variance (ANOVA) calculation is made and it is found that the mass flow rate of water entering the pipe is the most influencing parameter on the performance of the radiant cooling panel

Generic Tagging for RISC-V Binaries

With the widespread popularity of RISC-V -- an open-source ISA -- custom hardware security solutions targeting specific defense needs are gaining popularity. These solutions often require specialized compilers that can insert metadata (called tags) into the generated binaries, and/or extend the RISC-V ISA with new instructions. Developing such compilers can be a tedious and time-consuming process. In this paper, we present COGENT, a generic instruction tag generator for RISC-V architecture. COGENT is capable of associating a tag of configurable and varying widths (1 to 20 bits) to each instruction. It is also capable of emitting labels that are central to the implementation of control-flow integrity (CFI) solutions. COGENT encodes all tags and labels as nop instructions thereby providing full backward compatibility. We evaluate COGENT on a subset of programs from the SPEC CPU2017 benchmark suite and report the binary size increase to be 29.3% and 18.27% for the lowest and highest tag coverage levels respectively. Additionally, we executed tagged programs on COTS RISC-V unmodified hardware and found the execution time overhead (with respect to backward compatibility) to be 13.4% and 5.72% for the lowest and highest coverage levels respectively. Finally, using a case study, we present possible use case scenarios where COGENT can be applied

MITIGATION OF POWER QUALITY ISSUES IN DISTRIBUTION SYSTEMS USING HARMONIC FILTERS AND CAPACITOR BANKS

Due to increased load demand, the power system developers are encouraged to meet power quality requirements. Using harmonic filter and capacitor bank is one of the essential solutions in mitigating power quality issues. This research aims to mitigate harmonics and improve the voltage in distribution systems by using ETAP. For this purpose, a distribution system in Homs city is considered, which is a part of Syrian power system. The capacitor banks are designed using numerical analysis and Optimal Capacitor Placement (OCP). The results indicate that this approach enhances the voltage profile, which is reflected in some buses. The voltage profile is effectively improved on several buses, and power losses are significantly reduced. The Total Harmonic Distortions (THDs) and Individual Harmonic Distortions (IHDs) of the subjected buses are reduced. Moreover, the power factor is improved from 0.877 to 0.926 for the studied system

Identifying and analyzing pointer misuses for sophisticated memory-corruption exploit diagnosis

Software exploits are one of the major threats to internet security. To quickly respond to these attacks, it is critical to automatically diagnose such exploits and find out how they circumvent existing defense mechanisms

Modeling and parametric optimization of 3D tendon-sheath actuator system for upper limb soft exosuit

This paper presents an analysis of parametric characterization of a motor driven tendon-sheath actuator system for use in upper limb augmentation for applications such as rehabilitation, therapy, and industrial automation. The double tendon sheath system, which uses two sets of cables (agonist and antagonist side) guided through a sheath, is considered to produce smooth and natural-looking movements of the arm. The exoskeleton is equipped with a single motor capable of controlling both the flexion and extension motions. One of the key challenges in the implementation of a double tendon sheath system is the possibility of slack in the tendon, which can impact the overall performance of the system. To address this issue, a robust mathematical model is developed and a comprehensive parametric study is carried out to determine the most effective strategies for overcoming the problem of slack and improving the transmission. The study suggests that incorporating a series spring into the system's tendon leads to a universally applicable design, eliminating the need for individual customization. The results also show that the slack in the tendon can be effectively controlled by changing the pretension, spring constant, and size and geometry of spool mounted on the axle of motor