Wenliang Du

Jiaqi Zhao, Zeyu Ding, Yong Zhou et al.

Oriented object detection presents a challenging task due to the presence of object instances with multiple orientations, varying scales, and dense distributions. Recently, end-to-end detectors have made significant strides by employing attention mechanisms and refining a fixed number of queries through consecutive decoder layers. However, existing end-to-end oriented object detectors still face two primary challenges: 1) misalignment between positional queries and keys, leading to inconsistency between classification and localization; and 2) the presence of a large number of similar queries, which complicates one-to-one label assignments and optimization. To address these limitations, we propose an end-to-end oriented detector called the Rotated Query Transformer, which integrates two key technologies: Rotated RoI Attention (RRoI Attention) and Selective Distinct Queries (SDQ). First, RRoI Attention aligns positional queries and keys from oriented regions of interest through cross-attention. Second, SDQ collects queries from intermediate decoder layers and filters out similar ones to generate distinct queries, thereby facilitating the optimization of one-to-one label assignments. Finally, extensive experiments conducted on four remote sensing datasets and one scene text dataset demonstrate the effectiveness of our method. To further validate its generalization capability, we also extend our approach to horizontal object detection The code is available at \url{https://github.com/wokaikaixinxin/RQFormer}.

Wenliang Du, Honghao Zeng

In cybersecurity courses, it is quite challenging to do hands-on activities that involve many components of the Internet, such as bringing down the Internet, attacking a blockchain, etc. To solve this problem, we have developed an open-source Internet Emulator, which is a Python library, consisting of the classes for each essential element of the Internet, including autonomous system, network, host, router, BGP router, Internet exchange, etc. It also includes the classes for a variety of services, including Web server, DNS, Botnet, Darknet, Blockchain, and more are being developed. Using these classes, users can construct a mini-Internet to emulate the real-world Internet. Although it is small, it has all the essential elements of the real Internet. The construction is compiled into Docker container files, and the emulation is executed by Docker on a single machine, or on multiple cloud machines. With this Internet Emulator, we can develop a variety of hands-on activities for cybersecurity courses, including BGP prefix hijacking, attacks on smart contract, using Darknet to achieve anonymity, launching Botnet and ransomware attacks, etc. While the emulator was initially developed for cybersecurity courses, it can also be used for network courses, for students to learn how the Internet technologies work, such as routing, BGP, IP Anycast, and DNS. Many other interesting network technologies can also be deployed on the emulator, such as content delivery network and software-defined network.

Paul Ratazzi, Ashok Bommisetti, Nian Ji et al.

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative side effects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if the end-user has only specific security goals. In this paper, we present PINPOINT, a resource isolation strategy that forgoes general-purpose solutions in favor of a "building block" approach that addresses specific end-user security goals. PINPOINT embodies the concept of Linux Namespace lightweight isolation, but does so in the Android Framework by guiding the security designer towards isolation points that are contextually close to the resource(s) that need to be isolated. This strategy allows the rest of the Framework to function fully as intended, transparently. We demonstrate our strategy with a case study on Android System Services, and show four applications of PINPOINTed system services functioning with unmodified market apps. Our evaluation results show that practical security and privacy advantages can be gained using our approach, without inducing the problematic side-effects that other general-purpose designs must address.

Xing Jin, Tongbo Luo, Derek G. Tsui et al.

HTML5-based mobile apps become more and more popular, mostly because they are much easier to be ported across different mobile platforms than native apps. HTML5-based apps are implemented using the standard web technologies, including HTML5, JavaScript and CSS; they depend on some middlewares, such as PhoneGap, to interact with the underlying OS. Knowing that JavaScript is subject to code injection attacks, we have conducted a systematic study on HTML5-based mobile apps, trying to evaluate whether it is safe to rely on the web technologies for mobile app development. Our discoveries are quite surprising. We found out that if HTML5-based mobile apps become popular--it seems to go that direction based on the current projection--many of the things that we normally do today may become dangerous, including reading from 2D barcodes, scanning Wi-Fi access points, playing MP4 videos, pairing with Bluetooth devices, etc. This paper describes how HTML5-based apps can become vulnerable, how attackers can exploit their vulnerabilities through a variety of channels, and what damage can be achieved by the attackers. In addition to demonstrating the attacks through example apps, we have studied 186 PhoneGap plugins, used by apps to achieve a variety of functionalities, and we found that 11 are vulnerable. We also found two real HTML5-based apps that are vulnerable to the attacks.

Paul Ratazzi, Yousra Aafer, Amit Ahlawat et al.

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the system design addresses them. Since the security implications of multi-user support are truly pervasive, we developed a systematic approach to studying the system and identifying problems. Unlike other approaches that focus on specific attacks or threat models, ours systematically identifies critical places where access controls are not present or do not properly identify the subject and object of a decision. Finding these places gives us insight into hypothetical attacks that could result, and allows us to design specific experiments to test our hypothesis. Following an overview of the new features and their implementation, we describe our methodology, present a partial list of our most interesting hypotheses, and describe the experiments we used to test them. Our findings indicate that the current system only partially addresses the new threats, leaving the door open to a number of significant vulnerabilities and privacy issues. Our findings span a spectrum of root causes, from simple oversights, all the way to major system design problems. We conclude that there is still a long way to go before the system can be used in anything more than the most casual of sharing environments.