Dave Singelee

Can Ozkan, Dave Singelee

Shared library hijacking attacks in the Linux ecosystem, including embedded Linux, are a significant concern. It fundamentally exploits the dynamic linker's library-resolution semantics rather than modifying trusted libraries directly. Prior research has extensively analyzed attack vectors exploiting environment variables, embedded search paths, and dynamic loader internals, demonstrating that hijacking is rooted in fundamental loader behavior rather than isolated misconfigurations. Existing defenses either harden or replace the loader, enforce control-flow integrity after libraries are loaded, or apply file-centric integrity mechanisms such as signatures and measurement frameworks. However, these approaches fail to address a critical gap: none verify whether the shared object actually resolved by the loader is the intended and trusted one. In this paper, we argue that shared library hijacking is fundamentally a loader-resolution authenticity problem and present a loader-centric verification framework that enforces authenticity guarantees for the dynamic linker's resolution process. Our design supports both path-bound and location-independent (i.e., Build-ID-based) identity models combined with cryptographic hashing. We implement our approach on GNU libc (glibc) systems and evaluate it on both general-purpose Linux (e.g., Ubuntu) and embedded Linux (e.g., Buildroot) environments under emulation. Our results demonstrate that our proposed mechanism indeed prevents shared library hijacking attacks.

André N. Barreto, Stefan Köpsell, Arsenia Chorti et al.

Imagine interconnected objects with embedded artificial intelligence (AI), empowered to sense the environment, see it, hear it, touch it, interact with it, and move. As future networks of intelligent objects come to life, tremendous new challenges arise for security, but also new opportunities, allowing to address current, as well as future, pressing needs. In this paper we put forward a roadmap towards the realization of a new security paradigm that we articulate as intelligent context-aware security. The premise of this roadmap is that sensing and advanced AI will enable context awareness, which in turn can drive intelligent security mechanisms, such as adaptation and automation of security controls. This concept not only provides immediate answers to burning open questions, in particular with respect to non-functional requirements, such as energy or latency constraints, heterogeneity of radio frequency (RF) technologies and long life span of deployed devices, but also, more importantly, offers a viable answer to scalability by allowing such constraints to be met even in massive connectivity regimes. Furthermore, the proposed roadmap has to be designed ethically, by explicitly placing privacy concerns at its core. The path towards this vision and some of the challenges along the way are discussed in this contribution.

Milad Rezaee, Dave Singelee, Bart Preneel

Relay attacks pose an important threat in wireless ranging and authentication systems. Distance bounding protocols have been proposed as an effective countermeasure against these attacks and allow a verifier and a prover to establish an upper bound on the distance between them. However, secure distance bounding protocols are hard to realize in practice due to stringent implementation requirements. In this paper, we look into a yet unexplored research area and show how the security strength of Ultra Wide Band (UWB) distance bounding protocols can be significantly increased by imposing several additional security constraints during demodulation and decoding at the receiver. We demonstrate that for equal reliability metrics as in state-of-the-art UWB distance bounding protocols, our solution achieves a reduction of the success probability of a relay attack by a factor of 40. Moreover, we also argue that our security solution only needs to be combined with pulse masking and a distance commitment to achieve these security bounds and there is no need to have pulse reordering in our modulation.