Distributed execution designs challenge behavioral analyses of anti-malware solutions by spreading seemingly benign chunks of a malicious payload to multiple processes. Researchers have explored methods to chop payloads, spread chunks to victim applications through process injection techniques, and orchestrate the execution. However, these methods can hardly be practical as they exhibit conspicuous features and make use of primitives that anti-malware solutions and operating system mitigations readily detect. In this paper we reason on fundamental requirements and properties for a stealth implementation of distributed malware. We propose a new covert design, Rope, that minimizes its footprint by making use of commodity techniques like transacted files and return-oriented programming for covert communication and payload distribution. We report on how synthetic Rope samples eluded a number of state-of-the-art anti-virus and endpoint security solutions, and bypassed the opt-in mitigations of Windows 10 for hardening applications. We then discuss directions and practical remediations to mitigate such threats.
The Internet of Things (IoT) is characterized by many technologies, standards, tools and devices for a wide range of application fields and often, for the end-users (makers and developers), is hard to orientate in an equally wide range of offers from various manufacturers. In recent years, the Bluetooth Low Energy (BLE) communication protocol is achieving a large portion of the market, thanks to its low-power and low-cost orientation and its pervasiveness in mobile devices, like smartphones. For these reasons, BLE is increasingly used in IoT-oriented Wireless Personal Area Networks (WPAN), where a small set of devices arranged in star topology network and connected to a smartphone and a Wi-Fi gateway, can cover a large number of monitoring and controlling use case scenarios. This work presents the ST’s STM32 Open Development Environment (ODE), a complete suite of hardware and software tools representing a reference point for end-users willing to create BLE-based star topology networks for a wide range of applications. Through a simple use case in a smart home context, it is shown how all provided tools can be used to fast prototype applications addressing all user requirements.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.