Recently, with the rapid development of blockchain technology, the information interaction and value transfer problems between different blockchains have become the focus of research. The cross-chain technology is to solve the cross-chain operation problems of assets and data between different chains. However, the existing cross-chain technology has the problem of identity privacy leakage. Therefore, this article proposes a cross-chain privacy protection scheme for consortium blockchains based on group signature, certificate authority and relay chain. The scheme is divided into three cross-chain service layers, called the management layer, the transaction layer, and the group layer. The management layer is responsible for the forwarding of cross-chain transactions, the transaction layer includes the blockchains that actually participate in cross-chain transactions, and the group layer is responsible for group signature related work. Through this scheme, the identity privacy of both parties to the transaction can be protected during the cross-chain transaction process.
{"title":"A Privacy Protection Scheme for Cross-Chain Transactions Based on Group Signature and Relay Chain","authors":"Xiubo Liang, Yu Zhao, Jun-Fen Wu, Keting Yin","doi":"10.4018/ijdcf.302876","DOIUrl":"https://doi.org/10.4018/ijdcf.302876","url":null,"abstract":"Recently, with the rapid development of blockchain technology, the information interaction and value transfer problems between different blockchains have become the focus of research. The cross-chain technology is to solve the cross-chain operation problems of assets and data between different chains. However, the existing cross-chain technology has the problem of identity privacy leakage. Therefore, this article proposes a cross-chain privacy protection scheme for consortium blockchains based on group signature, certificate authority and relay chain. The scheme is divided into three cross-chain service layers, called the management layer, the transaction layer, and the group layer. The management layer is responsible for the forwarding of cross-chain transactions, the transaction layer includes the blockchains that actually participate in cross-chain transactions, and the group layer is responsible for group signature related work. Through this scheme, the identity privacy of both parties to the transaction can be protected during the cross-chain transaction process.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"232 1","pages":"1-20"},"PeriodicalIF":0.7,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73627274","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Junchao Wang, Jin Wei, J. Pang, Fan Zhang, Shunbin Li
Traditional software defenses take corresponding actions after the attacks are discovered. The defenders in this situation are comparatively passive because the attackers may try many different ways to find vulnerability and bugs but the software remains static. This leads to the imbalance between offense and defense. Software diversity alleviates the current threats by implementing a heterogeneous software system. The N-Variant eXecution (NVX) systems, effective and applicable runtime diversifying methods, apply multiple variants to imporove software security. Higher diversity can lead to less vulnerabilities that attacks can exploit. However, runtime diversifying methods such as address randomization and reverse stack can only provide limited diversity to the system. Thus, we enhance the diversity of variants with a compiler-assisted approach. We use a Deep Reinforcement Learning-based algorithm to generate variants, ensuring the high diversity of the system. For different numbers of variants, we show the results of the Deep Q Network algorithm under different parameter settings.
{"title":"Security Enhancement Through Compiler-Assisted Software Diversity With Deep Reinforcement Learning","authors":"Junchao Wang, Jin Wei, J. Pang, Fan Zhang, Shunbin Li","doi":"10.4018/ijdcf.302878","DOIUrl":"https://doi.org/10.4018/ijdcf.302878","url":null,"abstract":"Traditional software defenses take corresponding actions after the attacks are discovered. The defenders in this situation are comparatively passive because the attackers may try many different ways to find vulnerability and bugs but the software remains static. This leads to the imbalance between offense and defense. Software diversity alleviates the current threats by implementing a heterogeneous software system. The N-Variant eXecution (NVX) systems, effective and applicable runtime diversifying methods, apply multiple variants to imporove software security. Higher diversity can lead to less vulnerabilities that attacks can exploit. However, runtime diversifying methods such as address randomization and reverse stack can only provide limited diversity to the system. Thus, we enhance the diversity of variants with a compiler-assisted approach. We use a Deep Reinforcement Learning-based algorithm to generate variants, ensuring the high diversity of the system. For different numbers of variants, we show the results of the Deep Q Network algorithm under different parameter settings.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"67 1","pages":"1-18"},"PeriodicalIF":0.7,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77161344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In order to address the problems that the accuracy and convergence of current network security situation assessment models need to be improved, a model of network security situation assessment based on SAA-SSA-BPNN is proposed. Using the characteristics of sparrow search algorithm (SSA) optimized by simulated annealing algorithm (SAA) with good stability, fast convergence speed and is not easy to fall into local optimum to improve the BP neural network (BPNN), so as to find the best fitness individual, and obtain the optimal weight and threshold, then assign them to the BP neural network as the initial values. The preprocessed index data is input into the improved BP neural network model for training, and finally the threat degree of the network system is assessed based on the trained model. Comparative experimental results show that this assessment model has higher accuracy and faster convergence than other situation assessment models based on improved BP neural network.
{"title":"A Model of Network Security Situation Assessment Based on BPNN Optimized by SAA-SSA","authors":"Ran Zhang, Zhi-Peng Pan, Yifeng Yin, Zengyu Cai","doi":"10.4018/ijdcf.302877","DOIUrl":"https://doi.org/10.4018/ijdcf.302877","url":null,"abstract":"In order to address the problems that the accuracy and convergence of current network security situation assessment models need to be improved, a model of network security situation assessment based on SAA-SSA-BPNN is proposed. Using the characteristics of sparrow search algorithm (SSA) optimized by simulated annealing algorithm (SAA) with good stability, fast convergence speed and is not easy to fall into local optimum to improve the BP neural network (BPNN), so as to find the best fitness individual, and obtain the optimal weight and threshold, then assign them to the BP neural network as the initial values. The preprocessed index data is input into the improved BP neural network model for training, and finally the threat degree of the network system is assessed based on the trained model. Comparative experimental results show that this assessment model has higher accuracy and faster convergence than other situation assessment models based on improved BP neural network.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"30 1","pages":"1-18"},"PeriodicalIF":0.7,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85172116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wan Chen, Daojun Han, Lei Zhang, Qi Xiao, Qiuyue Li, Hongzhen Xiang
Role-based access control(RBAC) system has been widely used in data security because of its good flexibility and security, wherein RBAC dominates the field of access control. However, the process of establishing RBAC roles is complex and time-consuming, which hinders the development and application of this field. Recently, the introduction of expert interactive q&a algorithm based on attribute exploration has greatly reduced the complexity and time-consuming of RBAC role building process. However, when attributes increases, algorithm will face challenges that the time complexity will explode exponentially with the increase of attributes. To cope with above problems, this paper proposes a hierarchical assisted exploration model of RBAC under attribute-based exploration expert interactive q&a algorithm framework from the view of reducing time-consuming of overall and single role engineering. This model not only avoids time-consuming process of single role requirements, but also reduces time-consuming process of whole role establishment from the overall architecture perspective.
{"title":"A Model Study on Hierarchical Assisted Exploration of RBAC","authors":"Wan Chen, Daojun Han, Lei Zhang, Qi Xiao, Qiuyue Li, Hongzhen Xiang","doi":"10.4018/ijdcf.302871","DOIUrl":"https://doi.org/10.4018/ijdcf.302871","url":null,"abstract":"Role-based access control(RBAC) system has been widely used in data security because of its good flexibility and security, wherein RBAC dominates the field of access control. However, the process of establishing RBAC roles is complex and time-consuming, which hinders the development and application of this field. Recently, the introduction of expert interactive q&a algorithm based on attribute exploration has greatly reduced the complexity and time-consuming of RBAC role building process. However, when attributes increases, algorithm will face challenges that the time complexity will explode exponentially with the increase of attributes. To cope with above problems, this paper proposes a hierarchical assisted exploration model of RBAC under attribute-based exploration expert interactive q&a algorithm framework from the view of reducing time-consuming of overall and single role engineering. This model not only avoids time-consuming process of single role requirements, but also reduces time-consuming process of whole role establishment from the overall architecture perspective.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"61 1","pages":"1-13"},"PeriodicalIF":0.7,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72529661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chunyan Zeng, Yao Yang, Zhifeng Wang, Shuaifei Kong, Shixiong Feng
This paper proposes an audio tampering detection method based on the ENF phase and BI-LSTM network from the perspective of temporal feature representation learning. First, the ENF phase is obtained by discrete Fourier transform of ENF component in audio. Second, the ENF phase is divided into frames to obtain ENF phase sequence characterization, and each frame is represented as the change information of the ENF phase in a period. Then, the BI-LSTM neural network is used to train and output the state of each time step, and the difference information between real audio and tampered audio is obtained. Finally, these differences were fitted and dimensionally reduced by the fully connected network and classified by the Softmax classifier. Experimental results show that the performance of this method is better than the state-of-the-art approaches.
{"title":"Audio Tampering Forensics Based on Representation Learning of ENF Phase Sequence","authors":"Chunyan Zeng, Yao Yang, Zhifeng Wang, Shuaifei Kong, Shixiong Feng","doi":"10.4018/ijdcf.302894","DOIUrl":"https://doi.org/10.4018/ijdcf.302894","url":null,"abstract":"This paper proposes an audio tampering detection method based on the ENF phase and BI-LSTM network from the perspective of temporal feature representation learning. First, the ENF phase is obtained by discrete Fourier transform of ENF component in audio. Second, the ENF phase is divided into frames to obtain ENF phase sequence characterization, and each frame is represented as the change information of the ENF phase in a period. Then, the BI-LSTM neural network is used to train and output the state of each time step, and the difference information between real audio and tampered audio is obtained. Finally, these differences were fitted and dimensionally reduced by the fully connected network and classified by the Softmax classifier. Experimental results show that the performance of this method is better than the state-of-the-art approaches.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"144 1","pages":"1-19"},"PeriodicalIF":0.7,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89020076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Louay Karadsheh, Haroun Alryalat, Ja'far Alqatawna, S. Alhawari, M. Al-Jarrah
The objective of this paper is to examine a model to identify Social Engineer Attack Phases to improve the security countermeasures by Social-Engineer Involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in 3 Jordanian telecommunication companies. All hypotheses were tested using (PLS-SEM). The results of the study indicate that Social Engineer Attack Phases (Identification the potential target, Target Recognition, Decision approach, and Execution) have a partially mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. On the other hand, the Social Engineer Attack Phases (Information Aggregations, Analysis and Interpretation, Armament, and Influencing) have a fully mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.
{"title":"The Impact of Social Engineer Attack Phases on Improved Security Countermeasures: Social Engineer Involvement as Mediating Variable","authors":"Louay Karadsheh, Haroun Alryalat, Ja'far Alqatawna, S. Alhawari, M. Al-Jarrah","doi":"10.4018/ijdcf.286762","DOIUrl":"https://doi.org/10.4018/ijdcf.286762","url":null,"abstract":"The objective of this paper is to examine a model to identify Social Engineer Attack Phases to improve the security countermeasures by Social-Engineer Involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in 3 Jordanian telecommunication companies. All hypotheses were tested using (PLS-SEM). The results of the study indicate that Social Engineer Attack Phases (Identification the potential target, Target Recognition, Decision approach, and Execution) have a partially mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. On the other hand, the Social Engineer Attack Phases (Information Aggregations, Analysis and Interpretation, Armament, and Influencing) have a fully mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"2 1","pages":"1-26"},"PeriodicalIF":0.7,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82892477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Abulaish, Nur Al Hasan Haldar, Jahiruddin Sharma
The extensive use of digital devices by individuals generates a significant amount of private data which creates challenges for investigation agencies to protect suspects’ privacy. Existing digital forensics models illustrate the steps and actions to be followed during an investigation, but most of them are inadequate to investigate a crime with all the processes in an integrated manner and do not protect suspect privacy. In this paper, the authors propose the development of a privacy-preserving digital forensics (P2DF) framework, which facilitates investigation through maintaining confidentiality of the suspects through various privacy standards and policies. It includes an access control mechanism which allows only authorized investigators to access private data and identified digital evidence. It is also equipped with a digital evidence preservation mechanism which could be helpful for the court of law to ensure the authenticity, confidentiality, and reliability of the evidence and to verify whether privacy of the suspect was preserved during the investigation process.
{"title":"P2DF: A Privacy-Preserving Digital Forensics Framework","authors":"M. Abulaish, Nur Al Hasan Haldar, Jahiruddin Sharma","doi":"10.4018/IJDCF.288547","DOIUrl":"https://doi.org/10.4018/IJDCF.288547","url":null,"abstract":"The extensive use of digital devices by individuals generates a significant amount of private data which creates challenges for investigation agencies to protect suspects’ privacy. Existing digital forensics models illustrate the steps and actions to be followed during an investigation, but most of them are inadequate to investigate a crime with all the processes in an integrated manner and do not protect suspect privacy. In this paper, the authors propose the development of a privacy-preserving digital forensics (P2DF) framework, which facilitates investigation through maintaining confidentiality of the suspects through various privacy standards and policies. It includes an access control mechanism which allows only authorized investigators to access private data and identified digital evidence. It is also equipped with a digital evidence preservation mechanism which could be helpful for the court of law to ensure the authenticity, confidentiality, and reliability of the evidence and to verify whether privacy of the suspect was preserved during the investigation process.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"322 1","pages":"1-15"},"PeriodicalIF":0.7,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85412813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-11-01DOI: 10.4018/ijdcf.20211101.oa9
Lianshan Liu, Xiaoli Wang, Lingzhuang Meng, Gang Tian, Ting Wang
On the premise of guaranteeing the visual effect, in order to improve the security of the image containing digital watermarking and restore the carrier image without distortion, reversible data hiding in chaotic encryption domain based on odevity verification was proposed. The original image was scrambled and encrypted by Henon mapping, and the redundancy between the pixels of the encrypted image was lost. Then, the embedding capacity of watermarking can be improved by using odevity verification, and the embedding location of watermarking can be randomly selected by using logistic mapping. When extracting the watermarking, the embedded data was judged according to the odevity of the pixel value of the embedding position of the watermarking, and the carrier image was restored nondestructively by odevity check image. The experimental results show that the peak signal-to-noise ratio (PSNR) of the original image is above 53 decibels after the image is decrypted and restored after embedding the watermarking in the encrypted domain, and the invisibility is good.
{"title":"Reversible Data Hiding in a Chaotic Encryption Domain Based on Odevity Verification","authors":"Lianshan Liu, Xiaoli Wang, Lingzhuang Meng, Gang Tian, Ting Wang","doi":"10.4018/ijdcf.20211101.oa9","DOIUrl":"https://doi.org/10.4018/ijdcf.20211101.oa9","url":null,"abstract":"On the premise of guaranteeing the visual effect, in order to improve the security of the image containing digital watermarking and restore the carrier image without distortion, reversible data hiding in chaotic encryption domain based on odevity verification was proposed. The original image was scrambled and encrypted by Henon mapping, and the redundancy between the pixels of the encrypted image was lost. Then, the embedding capacity of watermarking can be improved by using odevity verification, and the embedding location of watermarking can be randomly selected by using logistic mapping. When extracting the watermarking, the embedded data was judged according to the odevity of the pixel value of the embedding position of the watermarking, and the carrier image was restored nondestructively by odevity check image. The experimental results show that the peak signal-to-noise ratio (PSNR) of the original image is above 53 decibels after the image is decrypted and restored after embedding the watermarking in the encrypted domain, and the invisibility is good.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"210 1","pages":"1-14"},"PeriodicalIF":0.7,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78157232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Traffic analysis is widely considered as an attack posing a threat to anonymity of the communication and may reveal the real identity of the users. In this paper, a novel anonymous circuit reconstruction attack method that correlates the circuit traffic is proposed. This method then reconstructs a complete communication tunnel using the location of middle nodes found between the hidden and client services. The attack process includes independent determination of the location of the malicious nodes. A traffic correlation framework of AutoEncoder + CNN + BiLSTM is established, based on the Generative Adversarial Networks (GAN) model. BiLSTM applies the packet size and packet interval features of bidirectional traffic and combines the reconstruction loss function with the discrimination loss function to achieve correlated traffic evaluation. After balancing the reconstruction loss and discrimination loss scores, the simulation results confirm that the identification performance of the proposed system is higher than the advanced models.
{"title":"Hidden Service Circuit Reconstruction Attacks Based on Middle Node Traffic Analysis","authors":"Yitong Meng, Jin-long Fei","doi":"10.4018/ijdcf.288548","DOIUrl":"https://doi.org/10.4018/ijdcf.288548","url":null,"abstract":"Traffic analysis is widely considered as an attack posing a threat to anonymity of the communication and may reveal the real identity of the users. In this paper, a novel anonymous circuit reconstruction attack method that correlates the circuit traffic is proposed. This method then reconstructs a complete communication tunnel using the location of middle nodes found between the hidden and client services. The attack process includes independent determination of the location of the malicious nodes. A traffic correlation framework of AutoEncoder + CNN + BiLSTM is established, based on the Generative Adversarial Networks (GAN) model. BiLSTM applies the packet size and packet interval features of bidirectional traffic and combines the reconstruction loss function with the discrimination loss function to achieve correlated traffic evaluation. After balancing the reconstruction loss and discrimination loss scores, the simulation results confirm that the identification performance of the proposed system is higher than the advanced models.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"64 1","pages":"1-30"},"PeriodicalIF":0.7,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85007189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Command injection vulnerabilities are among the most common and dangerous attack vectors in IoT devices. Current detection approaches can detect single-step injection vulnerabilities well by fuzzing tests. However, an attacker could inject malicious commands in an IoT device via a multi-step exploit if he first abuses an interface to store the injection payload and later use it in a command interpreter through another interface. We identify a large class of such multi-step injection attacks to address these stealthy and harmful threats and define them as higher-order command injection vulnerabilities (HOCIVs). We develop an automatic system named Request Linking (ReLink) to detect data stores that would be transferred to command interpreters and then identify HOCIVs. ReLink is validated on an experimental embedded system injected with 150 HOCIVs. According to the experimental results, ReLink is significantly better than existing command injection detection tools in terms of detection rate, test space and time.
{"title":"Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis","authors":"Lei Yu, Haoyu Wang, Linyu Li, Houhua He","doi":"10.4018/ijdcf.286755","DOIUrl":"https://doi.org/10.4018/ijdcf.286755","url":null,"abstract":"Command injection vulnerabilities are among the most common and dangerous attack vectors in IoT devices. Current detection approaches can detect single-step injection vulnerabilities well by fuzzing tests. However, an attacker could inject malicious commands in an IoT device via a multi-step exploit if he first abuses an interface to store the injection payload and later use it in a command interpreter through another interface. We identify a large class of such multi-step injection attacks to address these stealthy and harmful threats and define them as higher-order command injection vulnerabilities (HOCIVs). We develop an automatic system named Request Linking (ReLink) to detect data stores that would be transferred to command interpreters and then identify HOCIVs. ReLink is validated on an experimental embedded system injected with 150 HOCIVs. According to the experimental results, ReLink is significantly better than existing command injection detection tools in terms of detection rate, test space and time.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":"44 1","pages":"1-14"},"PeriodicalIF":0.7,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90978636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: