Dhalion: self-regulating stream processing in Heron

Dhalion: Self-regulating stream processing in Heron Floratou et al., VLDB 2017 Dhalion follows on nicely from yesterday's paper looking at the modular architecture of Heron, and aims to reduce the "complexity of configuring, managing, and deploying" streaming applications. In particular, streaming applications deployed as Heron topologies, although the authors are keen to point out the … Continue reading Dhalion: self-regulating stream processing in Heron

An experimental security analysis of an industrial robot controller

An experimental security analysis of an industrial robot controller Quarta et al., IEEE Security and Privacy 2017 This is an industrial robot: The International Federation of Robotics forecasts that, by 2018, approximately 1.3 million industrial robot units will be employed in factories globally, and the international market value for "robotized" systems is approximately 32 billion … Continue reading An experimental security analysis of an industrial robot controller

Hijacking Bitcoin: routing attacks on cryptocurrencies

Hijacking Bitcoin: routing attacks on cryptocurrencies Apostolaki et al., IEEE Security and Privacy 2017 The Bitcoin network has more than 6,000 nodes, responsible for up to 300,000 daily transactions and 16 million bitcoins valued at roughly $17B. Given the amount of money at stake, Bitcoin is an obvious target for attackers. This paper introduces a … Continue reading Hijacking Bitcoin: routing attacks on cryptocurrencies

SoK: Cryptographically protected database search

SoK: Cryptographically proctected database search Fuller et al., IEEE Security and Privacy 2017 This is a survey paper (Systematization of Knowledge, SoK) reviewing the current state of protected database search (encrypted databases). As such, it packs a lot of information into a relatively small space. As we've seen before, there are a wide-variety of cryptographic … Continue reading SoK: Cryptographically protected database search

Cloak and dagger: from two permissions to complete control of the UI feedback loop

Cloak and dagger: from two permissions to complete control of the UI feedback loop Fratantonio et al., IEEE Security and Privacy 2017 If you're using Android, then 'cloak and dagger' is going to make for scary reading. It's a perfect storm of an almost undetectable attack that can capture passwords, pins, and ultimately obtain all … Continue reading Cloak and dagger: from two permissions to complete control of the UI feedback loop

IoT goes nuclear: creating a ZigBee chain reaction

IoT goes nuclear: creating a ZigBee chain reaction Ronen et al., IEEE Security and Privacy 2017 You probably don't need another reminder about the woeful state of security in IoT, but today's paper choice may well give you further pause for thought about the implications. The opening paragraph sounds like something out of science fiction … Continue reading IoT goes nuclear: creating a ZigBee chain reaction