A processor architecture defense against buffer overflow attacks

Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. [artikkeli-id: 1270612]

Rogue femtocell owners: How mallory can monitor my devices

Femtocells are small cellular telecommunication base stations that provide improved cellular coverage. Rogue owners of femtocells can secretly monitor third-party mobile devices by using the femtocell’s access control features. [artikkeli-id: 6562901]

Lightweight Jammer Localization in Wireless Networks: System Design and Implementation

Jamming attacks have become prevalent during the last few years, due to the shared nature and the open access to the wireless medium. Finding the location of a jamming device is of great importance for restoring normal network operations. After detecting the malicious node we want to find its position, in order for further security actions to be taken. [artikkeli-id: 5425405]

Towards a Novel Approach for Hidden Process Detection Based on Physical Memory Scanning

Leveraging developed root kit, malware could deeply hide its own process and hardly be detected. Based on analyzing various existing detecting technologies, a novel approach for hidden process detection was proposed in this paper. [artikkeli-id: 6405787]

Too young to be secure: Analysis of UEFI threats and vulnerabilities

Unified Extensible Firmware Interface (UEFI) is a software interface between an operating system and platform firmware designed to replace a traditional BIOS. In general, UEFI has many technical advantages over BIOS (pre-OS environment, boot and run-time services, CPU-independent drivers etc.) including also powerful security mechanisms (e.g. secure boot, update, etc.). The paper describes the architectural and implementation troubles of UEFI which lead to threats, vulnerabilities and attacks. [artikkeli-id: 6737940]

Risks associated with USB Hardware Trojan devices used by insiders

Hardware Trojan Horse devices implemented as peripheral devices can be used to prosecute a wide variety of attacks that are not mitigated by modern defensive techniques. The research discusses the implementation of a proof of concept Hardware Trojan Horse device, implemented as a USB Human Interface Devices, that exploits unintended USB channels to exfiltrate data from a computer. [artikkeli-id: 5929130]

FM 99.9, Radio Virus: Exploiting FM Radio Broadcasts for Malware Deployment

FM RDS protocol can be used as an attack vector to deploy malware that, when executed, gains full control of the victim’s device. This attack vector allows the adversary to deploy malware on different platforms. The infection is undetected on devices running the Android OS, since malware detection solutions are limited in their ability due to some features of the Android security model. [artikkeli-id: 6507551]

The Middle East under Malware Attack Dissecting Cyber Weapons

The energy industry is particularly targeted. The attacks are carried out by deploying extremely sophisticated malware. The campaign opened by the Stuxnet malware in 2010 and then continued through Duqu, Flame, Gauss, and Shamoon malware. [artikkeli-id: 6679855]