Tag Archive for: Demonstrate

Virtual reality headsets are vulnerable to hackers, demonstrate studies

/in


virtual reality
Credit: CC0 Public Domain

While augmented reality (AR) and virtual reality (VR) are envisioned as the next iteration of the internet immersing us in new digital worlds, the associated headset hardware and virtual keyboard interfaces create new opportunities for hackers.

Such are the findings of computer scientists at the University of California, Riverside, which are detailed in two papers to be presented this week at the annual Usenix Security Symposium in Anaheim, a leading international conference on cyber security.

The emerging metaverse technology, now under intensive development by Facebook’s Mark Zuckerberg and other tech titans, relies on headsets that interpret our bodily motions— reaches, nods, steps, and blinks—to navigate new worlds of AR and VR to play games, socialize, meet co-workers, and perhaps shop or conduct other forms of business.

A computer science team at UCR’s Bourns College of Engineering led by professors Jiasi Chen and Nael Abu-Ghazaleh, however, has demonstrated that spyware can watch and record our every motion and then use artificial intelligence to translate those movements into words with 90% or better accuracy.

“Basically, we show that if you run multiple applications, and one of them is malicious, it can spy on the other applications,” Abu-Ghazaleh said. “It can spy on the environment around you, for example showing people are around you and how far they are. And it can also expose to the attacker your interactions with the headset.”

For instance, if you take a break from a virtual game to check your Facebook messages by air typing the password on a virtual keyboard generated by the headset, the spyware could capture your password. Similarly, spies could potentially interpret your body movements to gain access to your actions during a virtual meeting in which confidential information is disclosed and discussed.

The two papers to be presented at the cybersecurity conference are co-authored Abu-Ghazaleh and Chen toether with Yicheng Zhang, a UCR computer…

Source…

S. Korean armed forces demonstrate readiness with joint landing operationNews

/in



A South Korean Air Force P-3C maritime patrol aircraft flies over the coastline of Yeongilman along with an E-737 Peace Eye.
The operation code is “Peacemaker.”
Soon, the Air Force’s aerial refueling aircraft KC-330 will make its way above the coastline guarded by military fighter jets– F-35A and F-15K.
With purple smoke RF-16 Global Hawk aircrafts soar into the sky followed by the loud noise of a sonic boom.
Their mission is to hit the Air Force’s main target.
Now, it’s the turn of the Korea Assault Amphibious Vehicle.
With yellow and white smoke shooting out of the sea 48 KAAVs and 48 IBS inflatable boats land along the coastline while Apache attack helicopters along with several Surions, Chinooks, and Black Hawks, which provide airborne firepower support.
Soon after landing with loud shouts some 8-hundred marines fully equipped with military gear run forward from the KAAVs.
Their unit target is secured.

(STANDUP) ed: Steve
“One of the highlights from this year’s event: joint forces from the Army, Navy, and Air Force demonstrated their amphibious operations.”

For the first time in history, the South Korean Marine Corps was the host for this year’s Armed Forces Day taking place in the southeastern port of Pohang– the home of the Marine Corps since 1959.
More importantly, Pohang is where UN forces initiated its first amphibious mission during the Korean War which became one of the war’s most pivotal areas.

(KOREAN- )
“To prepare for the 73rd Armed Forces Day, the Army, Navy, Air Force, and Marine Corps trained and practiced together. The whole process was a chance to be able to check our military’s readiness for joint operations.”

Finally, the joint landing mission is completed. with the raising of the South Korean flag.
The country’s armed forces vow to develop an integrated air defense systemand to prepare for a modernized military defense as well as a cyber warfare system based on Artificial Intelligence.
Choi Won-jong, Arirang News, Pohang.

Source…

Researchers demonstrate how malware can detect its environment using the trap bit

/in


Recently, security researchers demonstrated how the use of the trap bit in x86 processors could inform running malware if it is running in a virtual environment or not. What is the purpose of the trap bit, how can it benefit malware, and what does this mean for future CPU hardware and virtualisation?

In the x86 CPU architecture, the trap bit is a special flag in the EFLAG register that raises an interrupt after completing a single instruction once the flag is set. For example, a piece of machine code would first set the trap flag, execute an instruction, and this would then trigger the CPU to execute a special interrupt that runs a subroutine.

While there is no specific purpose for the trap flag, it is convenient for debugging as it allows for code to be executed step-by-step. Furthermore, the interrupt allows for viewing the CPU contents, including registers, program counter, and stack pointer.

Recently, researchers from Palo Alto Networks demonstrated how the trap bit in x86 processors could be abused by malware to determine if the malware is being executed on a real computer or in a virtual machine. The cause of the exploit lies in how virtual machines emulate the behaviour of the trap flag. If a piece of malware sets the trap flag after executing certain special instructions such as RDTSC and CPUID, the CPU should return to the malware code with the trap bit cleared. While this is the case in real hardware, virtual machines may not catch this and return to the code with the trap bit still set.

The calling of a special instruction sees the CPU handle the interrupt, but if the trap bit is enabled on a basic instruction such as NOP, the malware can use its interrupt handler to detect this. Thus, if the malware interrupt handler is fired with the trap bit set, it knows it is running on a virtual machine. If no exception is thrown, then the malware knows that it is running on a real system.

One practical use of virtualisation is to test unknown code and applications to see how they behave. For example, an individual could find a USB flash drive lying around with no idea what is inside. While one could risk…

Source…

Researchers demonstrate that malware can be concealed in neural networks

/in


Last updated on
Jul 31, 2021, 02:48 pm

Researchers demonstrate that malware can be concealed in neural networks
Chinese researchers successfully hid malware in a neural network while keeping latter’s functioning intact

In our pursuit to develop better software that powers our everyday lives, we seem to have forgotten that malware can be hidden in almost anything that runs on a computer.

According to a recent study, malware can be embedded into the neural networks of a machine learning model so effectively that it cannot be detected, all while the neural network continues to operate normally.

Malware-embedded neural network model had just 1% more errors

Malware-embedded neural network model had just 1% more errors

A research paper published recently by Zhi Wang, Chaoge Liu, and Xiang Cui presented a method of hiding 36.9MB of malware in a 178MB AlexNet model designed to classify images.

The malware-embedded model was able to perform within a 1% error margin of the original malware-free image classification model.

The malware embedded in the model also managed to avoid detection.

Malware remained undetected by 50 common antivirus programs

Malware remained undetected by 50 common antivirus programs

Source…