Min Xu scite author profile

Protecting kernel integrity is one of the fundamental security objectives in building a trustworthy operating system (OS). For this end, a variety of approaches and systems have been proposed and developed. However, access control models used in most of these systems are not expressive enough to capture important security requirements such as continuous policy enforcement and mutable process and object attributes. Even worse, most existing protection mechanisms in these systems reside in the same space as the running OS, which unfortunately can be disabled or subverted after an attacker successfully exploits kernel-level vulnerabilities (or features) to compromise the OS kernel. The increasing number of kernel-level rootkit attacks clearly demonstrates this threat.In this paper we present a simple but effective usage control model UCONKI with unique properties of decision continuity and attribute mutability for OS kernel integrity protection. Further, to enforce UCONKI security policies, we propose a virtual machine monitor (VMM) based architecture that is isolated and protected from other untrusted processes inside a virtual machine (VM). We have implemented a proof-of-concept prototype in Linux to demonstrate the feasibility of our approach. Our experiments with 18 realworld kernel rootkits show that our approach is able to successfully detect and prevent all kernel integrity violations from them. Beyond kernel integrity protection, we also explore additional opportunities for general OS security, such as the confinement of process activities as well as the protection of system utility programs at the VMM level.

show abstract

Area and timing estimation for lookup table based FPGAs

Xu¹,

Kurdahi²

View full text Add to dashboard Cite

The importance of efficient area and timing estimation techniques is well-established in High-Level Synthesis (HLS), since it allows more efficient exploration of the design space while providing HLS tools with the capability of predicting the effects of technologyspecific tools on the design space. Much of previous work has focused on estimation techniques that use very simple cost models based solely on the gate and/or literal count. Those models are not accurate enough to allow effective design space exploration since the effects of interconnect can indeed dominate the final design cost. The situation becomes even worse when the design is targeted to Field Programmable Gate Array (FPGA) technologies since in most FPGA designs, the wire delay may contribute up to 60% of the overall design delay. In this paper, we present an approach of estimating area and timing for lookup table based FPGAs which uses a realistic model since it takes into account not only gate area and delay but also the wiring effects. We select Xilinx XC4OOO series as our main concentration because of their popularity. Our approach is easy to adapt to other similar lookup table based FPGAs. We tested our estimator with several benchmarks and the results show that we can get accurate area and timing estimates efficiently.

show abstract

Towards Session-Aware RBAC Administration and Enforcement with XACML

Wijesekera

Zhang

et al. 2009

View full text Add to dashboard Cite

Abstract-An administrative role-based access control (AR-BAC) model specifies administrative policies over a role-based access control (RBAC) system, where an administrative permission may change an RBAC policy by updating permissions assigned to roles, or assigning/revoking users to/from roles. Consequently, enforcing ARBAC policies over an active access controller while some users are using protected resources would result in conflicts: a policy may be in effect in the RBAC system while being updated by an ARBAC operation. Towards solving this concurrency problem, we propose a session-aware administrative model for RBAC. We show how the concurrency problem can be resolved by enhancing the eXtensible Access Control Markup Language (XACML) reference implementation. In order to do so, we develop an XACML-ARBAC profile to specify ARBAC policies, and enforce these polices by building an ARBAC enforcement module and a session administrative module. The former synchronizes with the evaluation of access control requests. The latter revokes conflicting user sessions immediately prior to enforcing administrative operations. Experimental studies show reasonable performance characteristics of our initial enhancement to Sun's reference implementation.

show abstract

Photoprotective effects of Sargassum thunbergii on ultraviolet B-induced mouse L929 fibroblasts and zebrafish

Chen

et al. 2022

BMC Complement Med Ther

View full text Add to dashboard Cite

Background Chronic exposure to ultraviolet B (UVB) causes a series of adverse skin reactions, such as erythema, sunburn, photoaging, and cancer, by altering signaling pathways related to inflammation, oxidative stress, and DNA damage. Marine algae have abundant amounts and varieties of bioactive compounds that possess antioxidant and anti-inflammatory properties. Thus, the objective of this study was to investigate the photoprotective effects of an ethanol extract of Sargassum thunbergii. Methods Sargassum thunbergii phenolic-rich extract (STPE) was prepared, and its activity against UVB damage was evaluated using L929 fibroblast cells and zebrafish. STPE was extracted and purified by 40% ethanol and macroporous resin XDA-7. Reactive oxygen species (ROS) and antioxidant markers, such as superoxide dismutase (SOD), catalase (CAT) activities, and malondialdehyde (MDA) content were analyzed. The effect of STPE on UVB-induced inflammation was determined by inflammatory cytokine gene and protein expression. The expression of signaling molecules in the Nuclear Factor KappaB (NF-κB) pathway was determined by western blotting. DNA condensation was analyzed and visualized by Hoechst 33342 staining. In vivo evaluation was performed by tail fin area and ROS measurement using the zebrafish model. Results The total polyphenol content of STPE was 72%. STPE reduced ROS content in L929 cells, improved SOD and CAT activities, and significantly reduced MDA content, thereby effectively alleviating UVB radiation-induced oxidative damage. STPE inhibited the mRNA and protein expression of TNF-α, IL-6, and IL-1α. STPE reversed DNA condensation at concentrations of 20 and 40 μg/mL compared with the UVB control. Moreover, STPE inhibited NF-κB signaling pathway activation and alleviated DNA agglutination in L929 cells after UVB irradiation. Additionally, 1.67 μg/mL STPE significantly increased the tail fin area in zebrafish, and 0.8–1.6 μg/mL STPE effectively eliminated excessive ROS after UVB radiation. Conclusions STPE inhibited UVB-induced oxidative stress, inflammatory cytokine expression, and DNA condensation via the downregulation of the NF-κB signaling pathway, suggesting that it prevents UVB-induced photodamage, and has potential for clinical development for skin disease treatment.

show abstract

Artificial bee colony algorithm with generating neighbourhood solution for large scale coloured traveling salesman problem

Dong

Lin

Xu³

et al. 2019

IET Intelligent Transport Systems

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Min Xu

Towards a VMM-based usage control framework for OS kernel integrity protection

Area and timing estimation for lookup table based FPGAs

Towards Session-Aware RBAC Administration and Enforcement with XACML

Photoprotective effects of Sargassum thunbergii on ultraviolet B-induced mouse L929 fibroblasts and zebrafish

Artificial bee colony algorithm with generating neighbourhood solution for large scale coloured traveling salesman problem

Contact Info

Product

Resources

About