The increasing amount of human-related and/or human-originated data in current systems is both an opportunity and a challenge. Nevertheless, despite relying on the processing of large amounts of data, most of the so-called smart systems that we have nowadays merely consider humans as sources of data, not as system beneficiaries or even active “components.” For truly smart systems, we need to create systems that are able to understand human actions and emotions, and take them into account when deciding on the system behavior. Naturally, in order to achieve this, we first have to empower systems with human sensing capabilities, possibly in ways that are as inconspicuous as possible. In this context, in this article we survey existing approaches to unobtrusive monitorization of human beings, namely, of their activity, vital signs, and emotional states. After setting a taxonomy for human sensing, we proceed to present and analyze existing solutions for unobtrusive sensing. Subsequently, we identify and discuss open issues and challenges in this area. Although there are surveys that address some of the concerned fields of research, such as healthcare, human monitorization, or even the use-specific techniques like channel state information or image recognition, as far as we know this is the first comprehensive survey on unobtrusive sensing of human beings.
{"title":"A Survey of Approaches to Unobtrusive Sensing of Humans","authors":"J. Fernandes, J. Silva, A. Rodrigues, F. Boavida","doi":"10.1145/3491208","DOIUrl":"https://doi.org/10.1145/3491208","url":null,"abstract":"The increasing amount of human-related and/or human-originated data in current systems is both an opportunity and a challenge. Nevertheless, despite relying on the processing of large amounts of data, most of the so-called smart systems that we have nowadays merely consider humans as sources of data, not as system beneficiaries or even active “components.” For truly smart systems, we need to create systems that are able to understand human actions and emotions, and take them into account when deciding on the system behavior. Naturally, in order to achieve this, we first have to empower systems with human sensing capabilities, possibly in ways that are as inconspicuous as possible. In this context, in this article we survey existing approaches to unobtrusive monitorization of human beings, namely, of their activity, vital signs, and emotional states. After setting a taxonomy for human sensing, we proceed to present and analyze existing solutions for unobtrusive sensing. Subsequently, we identify and discuss open issues and challenges in this area. Although there are surveys that address some of the concerned fields of research, such as healthcare, human monitorization, or even the use-specific techniques like channel state information or image recognition, as far as we know this is the first comprehensive survey on unobtrusive sensing of human beings.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"22 1","pages":"1 - 28"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90875730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Li-Ming Deng, Guoqi Xie, Hong Liu, Yunbo Han, Renfa Li, Keqin Li
With the development of real-time critical systems, the ever-increasing communication data traffic puts forward high-bandwidth and low-delay requirements for communication networks. Therefore, various real-time Ethernet protocols have been proposed, but these protocols are not compatible with each other. The IEEE 802.1 Working Group developed standardized protocols named Audio Video Bridging (AVB) in 2005, and renamed it Time-Sensitive Networking (TSN) later. TSN not only adds new features but also retains the original functions of AVB. Proposing real-time Ethernet modeling and design methodologies is the key to meeting high-bandwidth and low-delay communication requirements. This article surveys the modeling from AVB to TSN, mainly including: (1) AVB and TSN modeling; (2) end-to-end delay modeling; (3) real-time scheduling modeling; (4) reliability modeling; and (5) security modeling. Based on these models, this article surveys the recent advances in real-time Ethernet design methodologies from AVB to TSN: (1) end-to-end delay analysis from AVB to TSN; (2) real-time scheduling from AVB to TSN; (3) reliability-aware design for TSN; and (4) security-aware design for TSN. Among the above four points, the last two points are only for TSN, because AVB lacks reliability and security mechanisms. This article further takes the automotive use case as an example to discuss the application of TSN in automobiles. Finally, this article discusses the future trends of TSN. By surveying the recent advances and future trends, we hope to provide references for researchers interested in real-time Ethernet modeling and design methodologies for AVB and TSN.
{"title":"A Survey of Real-Time Ethernet Modeling and Design Methodologies: From AVB to TSN","authors":"Li-Ming Deng, Guoqi Xie, Hong Liu, Yunbo Han, Renfa Li, Keqin Li","doi":"10.1145/3487330","DOIUrl":"https://doi.org/10.1145/3487330","url":null,"abstract":"With the development of real-time critical systems, the ever-increasing communication data traffic puts forward high-bandwidth and low-delay requirements for communication networks. Therefore, various real-time Ethernet protocols have been proposed, but these protocols are not compatible with each other. The IEEE 802.1 Working Group developed standardized protocols named Audio Video Bridging (AVB) in 2005, and renamed it Time-Sensitive Networking (TSN) later. TSN not only adds new features but also retains the original functions of AVB. Proposing real-time Ethernet modeling and design methodologies is the key to meeting high-bandwidth and low-delay communication requirements. This article surveys the modeling from AVB to TSN, mainly including: (1) AVB and TSN modeling; (2) end-to-end delay modeling; (3) real-time scheduling modeling; (4) reliability modeling; and (5) security modeling. Based on these models, this article surveys the recent advances in real-time Ethernet design methodologies from AVB to TSN: (1) end-to-end delay analysis from AVB to TSN; (2) real-time scheduling from AVB to TSN; (3) reliability-aware design for TSN; and (4) security-aware design for TSN. Among the above four points, the last two points are only for TSN, because AVB lacks reliability and security mechanisms. This article further takes the automotive use case as an example to discuss the application of TSN in automobiles. Finally, this article discusses the future trends of TSN. By surveying the recent advances and future trends, we hope to provide references for researchers interested in real-time Ethernet modeling and design methodologies for AVB and TSN.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"23 1","pages":"1 - 36"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87344117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Breno G. S. Costa, João Bachiega, Leonardo Rebouças de Carvalho, Aleteia P. F. Araujo
Fog computing is a paradigm that brings computational resources and services to the network edge in the vicinity of user devices, lowering latency and connecting with cloud computing resources. Unlike cloud computing, fog resources are based on constrained and heterogeneous nodes whose connectivity can be unstable. In this complex scenario, there is a need to define and implement orchestration processes to ensure that applications and services can be provided, considering the settled agreements. Although some publications have dealt with orchestration in fog computing, there are still some diverse definitions and functional intersection with other areas, such as resource management and monitoring. This article presents a systematic review of the literature with focus on orchestration in fog computing. A generic architecture of fog orchestration is presented, created from the consolidation of the analyzed proposals, bringing to light the essential functionalities addressed in the literature. This work also highlights the main challenges and open research questions.
{"title":"Orchestration in Fog Computing: A Comprehensive Survey","authors":"Breno G. S. Costa, João Bachiega, Leonardo Rebouças de Carvalho, Aleteia P. F. Araujo","doi":"10.1145/3486221","DOIUrl":"https://doi.org/10.1145/3486221","url":null,"abstract":"Fog computing is a paradigm that brings computational resources and services to the network edge in the vicinity of user devices, lowering latency and connecting with cloud computing resources. Unlike cloud computing, fog resources are based on constrained and heterogeneous nodes whose connectivity can be unstable. In this complex scenario, there is a need to define and implement orchestration processes to ensure that applications and services can be provided, considering the settled agreements. Although some publications have dealt with orchestration in fog computing, there are still some diverse definitions and functional intersection with other areas, such as resource management and monitoring. This article presents a systematic review of the literature with focus on orchestration in fog computing. A generic architecture of fog orchestration is presented, created from the consolidation of the analyzed proposals, bringing to light the essential functionalities addressed in the literature. This work also highlights the main challenges and open research questions.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"6 1","pages":"1 - 34"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87382511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. A. Khan, Hesham El Sayed, Sumbal Malik, Talha Zia, Jalal Khan, Najla Alkaabi, H. Ignatious
Autonomous vehicles are revolutionizing transport and next-generation autonomous mobility. Such vehicles are promising to increase road safety, improve traffic efficiency, reduce vehicle emission, and improve mobility. However, for these vehicles to live up to their full potentials, there are significant research, technological and urgent organizational issues that need to be addressed to reach the highest level of automation, i.e., level 5. Sensors, communication, mobile edge computing, machine learning, data analytic, distributed learning, and so on, are examples of the building blocks technologies and concepts constituting the end-to-end solution. This survey discusses these technologies and concepts and maps their roles to the end-to-end solution. It highlights the challenges for each technology. Moreover, this survey provides an analysis of different solution approaches proposed by relevant stakeholders, utilizing these technologies aiming to achieve level-5 autonomy. Finally, the article details two use cases to present the interplay of the building blocks technologies.
{"title":"Level-5 Autonomous Driving—Are We There Yet? A Review of Research Literature","authors":"M. A. Khan, Hesham El Sayed, Sumbal Malik, Talha Zia, Jalal Khan, Najla Alkaabi, H. Ignatious","doi":"10.1145/3485767","DOIUrl":"https://doi.org/10.1145/3485767","url":null,"abstract":"Autonomous vehicles are revolutionizing transport and next-generation autonomous mobility. Such vehicles are promising to increase road safety, improve traffic efficiency, reduce vehicle emission, and improve mobility. However, for these vehicles to live up to their full potentials, there are significant research, technological and urgent organizational issues that need to be addressed to reach the highest level of automation, i.e., level 5. Sensors, communication, mobile edge computing, machine learning, data analytic, distributed learning, and so on, are examples of the building blocks technologies and concepts constituting the end-to-end solution. This survey discusses these technologies and concepts and maps their roles to the end-to-end solution. It highlights the challenges for each technology. Moreover, this survey provides an analysis of different solution approaches proposed by relevant stakeholders, utilizing these technologies aiming to achieve level-5 autonomy. Finally, the article details two use cases to present the interplay of the building blocks technologies.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"8 1","pages":"1 - 38"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73053045","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Davinder Kaur, Suleyman Uslu, Kaley J. Rittichier, A. Durresi
Artificial intelligence (AI) and algorithmic decision making are having a profound impact on our daily lives. These systems are vastly used in different high-stakes applications like healthcare, business, government, education, and justice, moving us toward a more algorithmic society. However, despite so many advantages of these systems, they sometimes directly or indirectly cause harm to the users and society. Therefore, it has become essential to make these systems safe, reliable, and trustworthy. Several requirements, such as fairness, explainability, accountability, reliability, and acceptance, have been proposed in this direction to make these systems trustworthy. This survey analyzes all of these different requirements through the lens of the literature. It provides an overview of different approaches that can help mitigate AI risks and increase trust and acceptance of the systems by utilizing the users and society. It also discusses existing strategies for validating and verifying these systems and the current standardization efforts for trustworthy AI. Finally, we present a holistic view of the recent advancements in trustworthy AI to help the interested researchers grasp the crucial facets of the topic efficiently and offer possible future research directions.
{"title":"Trustworthy Artificial Intelligence: A Review","authors":"Davinder Kaur, Suleyman Uslu, Kaley J. Rittichier, A. Durresi","doi":"10.1145/3491209","DOIUrl":"https://doi.org/10.1145/3491209","url":null,"abstract":"Artificial intelligence (AI) and algorithmic decision making are having a profound impact on our daily lives. These systems are vastly used in different high-stakes applications like healthcare, business, government, education, and justice, moving us toward a more algorithmic society. However, despite so many advantages of these systems, they sometimes directly or indirectly cause harm to the users and society. Therefore, it has become essential to make these systems safe, reliable, and trustworthy. Several requirements, such as fairness, explainability, accountability, reliability, and acceptance, have been proposed in this direction to make these systems trustworthy. This survey analyzes all of these different requirements through the lens of the literature. It provides an overview of different approaches that can help mitigate AI risks and increase trust and acceptance of the systems by utilizing the users and society. It also discusses existing strategies for validating and verifying these systems and the current standardization efforts for trustworthy AI. Finally, we present a holistic view of the recent advancements in trustworthy AI to help the interested researchers grasp the crucial facets of the topic efficiently and offer possible future research directions.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"95 1","pages":"1 - 38"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78181394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Routing Protocol for Low-Power and Lossy Networks (RPL) is a standard routing protocol for the Low Power and Lossy Networks (LLNs). It is a part of the IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) protocol stack. Features such as energy-efficient mechanisms and availability of the secure modes of operations make RPL suitable for the constrained Internet of Things (IoT) devices. Hence, the majority of IoT applications rely on RPL for data communication. However, routing security in RPL-based IoT networks is a significant concern, motivating us to study and analyze routing attacks and suggested countermeasures against them. To this end, we provide a comprehensive survey on the state-of-the-art security threats and their corresponding countermeasures in RPL-based IoT networks. Based on our study, we propose a novel classification scheme that uses a mapping between RPL attacks and their countermeasure techniques to the RPL control messages used to develop these techniques. Furthermore, we provide an in-depth statistical analysis that includes analysis of routing attacks through the RPL control messages, distribution of various mitigation techniques as per the method used, RPL control messages involved in the mitigation techniques, and details of the tools used by multiple researchers. In the end, we highlight some open challenges and future research opportunities on this topic. We believe that this survey will be beneficial to researchers and practitioners working in the area of RPL security.
RPL (Routing Protocol for Low-Power and Lossy Networks)是一种针对Low-Power and Lossy network (lln)的标准路由协议。它是IPv6低功耗无线个人区域网络(6LoWPAN)协议栈的一部分。诸如节能机制和安全操作模式的可用性等特性使RPL适用于受限的物联网(IoT)设备。因此,大多数物联网应用都依赖于RPL进行数据通信。然而,基于rpl的物联网网络中的路由安全是一个重要的问题,这促使我们研究和分析路由攻击,并提出针对它们的对策。为此,我们对基于rpl的物联网网络中最先进的安全威胁及其相应对策进行了全面调查。基于我们的研究,我们提出了一种新的分类方案,该方案使用RPL攻击及其对抗技术与用于开发这些技术的RPL控制消息之间的映射。此外,我们还提供了深入的统计分析,包括通过RPL控制消息对路由攻击进行分析,根据所使用的方法分发各种缓解技术,缓解技术中涉及的RPL控制消息,以及多个研究人员使用的工具的详细信息。最后,我们强调了该主题的一些开放挑战和未来的研究机会。我们相信,这项调查将有利于研究人员和从业者在RPL安全领域的工作。
{"title":"Assessment of Routing Attacks and Mitigation Techniques with RPL Control Messages: A Survey","authors":"A. Bang, U. P. Rao, Pallavi Kaliyar, M. Conti","doi":"10.1145/3494524","DOIUrl":"https://doi.org/10.1145/3494524","url":null,"abstract":"Routing Protocol for Low-Power and Lossy Networks (RPL) is a standard routing protocol for the Low Power and Lossy Networks (LLNs). It is a part of the IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) protocol stack. Features such as energy-efficient mechanisms and availability of the secure modes of operations make RPL suitable for the constrained Internet of Things (IoT) devices. Hence, the majority of IoT applications rely on RPL for data communication. However, routing security in RPL-based IoT networks is a significant concern, motivating us to study and analyze routing attacks and suggested countermeasures against them. To this end, we provide a comprehensive survey on the state-of-the-art security threats and their corresponding countermeasures in RPL-based IoT networks. Based on our study, we propose a novel classification scheme that uses a mapping between RPL attacks and their countermeasure techniques to the RPL control messages used to develop these techniques. Furthermore, we provide an in-depth statistical analysis that includes analysis of routing attacks through the RPL control messages, distribution of various mitigation techniques as per the method used, RPL control messages involved in the mitigation techniques, and details of the tools used by multiple researchers. In the end, we highlight some open challenges and future research opportunities on this topic. We believe that this survey will be beneficial to researchers and practitioners working in the area of RPL security.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"14 1","pages":"1 - 36"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86852051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Federico Ciccozzi, Lorenzo Addazi, Sara Abbaspour Asadollah, B. Lisper, A. Masud, S. Mubeen
Software-intensive systems in most domains, from autonomous vehicles to health, are becoming predominantly parallel to efficiently manage large amount of data in short (even real-) time. There is an incredibly rich literature on languages for parallel computing, thus it is difficult for researchers and practitioners, even experienced in this very field, to get a grasp on them. With this work we provide a comprehensive, structured, and detailed snapshot of documented research on those languages to identify trends, technical characteristics, open challenges, and research directions. In this article, we report on planning, execution, and results of our systematic peer-reviewed as well as grey literature review, which aimed at providing such a snapshot by analysing 225 studies.
{"title":"A Comprehensive Exploration of Languages for Parallel Computing","authors":"Federico Ciccozzi, Lorenzo Addazi, Sara Abbaspour Asadollah, B. Lisper, A. Masud, S. Mubeen","doi":"10.1145/3485008","DOIUrl":"https://doi.org/10.1145/3485008","url":null,"abstract":"Software-intensive systems in most domains, from autonomous vehicles to health, are becoming predominantly parallel to efficiently manage large amount of data in short (even real-) time. There is an incredibly rich literature on languages for parallel computing, thus it is difficult for researchers and practitioners, even experienced in this very field, to get a grasp on them. With this work we provide a comprehensive, structured, and detailed snapshot of documented research on those languages to identify trends, technical characteristics, open challenges, and research directions. In this article, we report on planning, execution, and results of our systematic peer-reviewed as well as grey literature review, which aimed at providing such a snapshot by analysing 225 studies.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"48 1","pages":"1 - 39"},"PeriodicalIF":0.0,"publicationDate":"2022-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77361966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Due to their high computational power and internal memory bandwidth, graphic processing units (GPUs) have been extensively studied by the database systems research community. A heterogeneous query processing system that employs CPUs and GPUs at the same time has to solve many challenges, including how to distribute the workload on processors with different capabilities; how to overcome the data transfer bottleneck; and how to support implementations for multiple processors efficiently. In this survey we devise a classification scheme to categorize techniques developed to address these challenges. Based on this scheme, we categorize query processing systems on heterogeneous CPU/GPU systems and identify open research problems.
{"title":"Query Processing on Heterogeneous CPU/GPU Systems","authors":"Viktor Rosenfeld, S. Breß, V. Markl","doi":"10.1145/3485126","DOIUrl":"https://doi.org/10.1145/3485126","url":null,"abstract":"Due to their high computational power and internal memory bandwidth, graphic processing units (GPUs) have been extensively studied by the database systems research community. A heterogeneous query processing system that employs CPUs and GPUs at the same time has to solve many challenges, including how to distribute the workload on processors with different capabilities; how to overcome the data transfer bottleneck; and how to support implementations for multiple processors efficiently. In this survey we devise a classification scheme to categorize techniques developed to address these challenges. Based on this scheme, we categorize query processing systems on heterogeneous CPU/GPU systems and identify open research problems.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"37 1","pages":"1 - 38"},"PeriodicalIF":0.0,"publicationDate":"2022-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83757027","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.
{"title":"A Security Review in the UAVNet Era: Threats, Countermeasures, and Gap Analysis","authors":"Alessio Rugo, C. Ardagna, Nabil El Ioini","doi":"10.1145/3485272","DOIUrl":"https://doi.org/10.1145/3485272","url":null,"abstract":"Unmanned Aerial Vehicles (UAVs) are becoming one of the main technological supports for commercial applications, embracing many domains ranging from human safety to the medical field, agriculture and environment, multimedia production, and even commercial delivery. This rise in popularity, however, is causing an increasing interest from criminals, making UAVs the target of new attacks. To fully characterize the current UAV cybersecurity landscape, we perform a complete literature review, digging into drone security historic facts and scientific studies on the matter, reviewing specialized articles and scientific papers focusing on cybersecurity threats and gaps in the context of small UAVs in commercial applications. Being a recent research and development area, most of the articles have been published between 2016 and 2020 as a direct consequence of the increase of security concerns and interest in the drone field. Papers in this review deal with UAV cyberthreats and related vulnerabilities, identifying flaws experimented in a lab or describing incidents detected in the field. Communication, sensors, and system misconfigurations are among the most important threat vectors, while sensor spoofing/jamming and malware DoS/control are among the most cited threats. Threat vectors permit depicting a complete overview of the topic and potential countermeasures known to date, with related gap analysis, also accounting for the recent Unmanned Aircraft System evolution toward ad hoc or cloud-based UAV networks. Countermeasures include the adoption of traditional communication encryption and standard protocols, GPS spoofing/jamming mitigation, encryption and privacy-aware implementations, and counter-malware techniques, to name the most adopted. It also emerges that often attacks are simply ported or adapted from other attacks in similar domains, while peculiar attacks still remain such as targeted physical attacks, specific UAV malware, and GPS spoofing/jamming.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"34 1","pages":"1 - 35"},"PeriodicalIF":0.0,"publicationDate":"2022-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79379200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Binary code fingerprinting is crucial in many security applications. Examples include malware detection, software infringement, vulnerability analysis, and digital forensics. It is also useful for security researchers and reverse engineers since it enables high fidelity reasoning about the binary code such as revealing the functionality, authorship, libraries used, and vulnerabilities. Numerous studies have investigated binary code with the goal of extracting fingerprints that can illuminate the semantics of a target application. However, extracting fingerprints is a challenging task since a substantial amount of significant information will be lost during compilation, notably, variable and function naming, the original data and control flow structures, comments, semantic information, and the code layout. This article provides the first systematic review of existing binary code fingerprinting approaches and the contexts in which they are used. In addition, it discusses the applications that rely on binary code fingerprints, the information that can be captured during the fingerprinting process, and the approaches used and their implementations. It also addresses limitations and open questions related to the fingerprinting process and proposes future directions.
{"title":"A Survey of Binary Code Fingerprinting Approaches: Taxonomy, Methodologies, and Features","authors":"S. Alrabaee, M. Debbabi, Lingyu Wang","doi":"10.1145/3486860","DOIUrl":"https://doi.org/10.1145/3486860","url":null,"abstract":"Binary code fingerprinting is crucial in many security applications. Examples include malware detection, software infringement, vulnerability analysis, and digital forensics. It is also useful for security researchers and reverse engineers since it enables high fidelity reasoning about the binary code such as revealing the functionality, authorship, libraries used, and vulnerabilities. Numerous studies have investigated binary code with the goal of extracting fingerprints that can illuminate the semantics of a target application. However, extracting fingerprints is a challenging task since a substantial amount of significant information will be lost during compilation, notably, variable and function naming, the original data and control flow structures, comments, semantic information, and the code layout. This article provides the first systematic review of existing binary code fingerprinting approaches and the contexts in which they are used. In addition, it discusses the applications that rely on binary code fingerprints, the information that can be captured during the fingerprinting process, and the approaches used and their implementations. It also addresses limitations and open questions related to the fingerprinting process and proposes future directions.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"36 1","pages":"1 - 41"},"PeriodicalIF":0.0,"publicationDate":"2022-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76761827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: