naken_asm: lightweight assembler/disassembler

naken_asm is lightweight assembler / disassembler with a focus on being easy to compile (no dependencies) and easy to use. It was originally called naken430asm, but since it has been expanded to support many more CPUs it has been renamed to naken_asm. Additionally, there is a simulator for of the supported CPUs.



An Empirical Study on Android-related Vulnerabilities

Mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. For this and other reasons, mobile devices, and in particular the software that runs on them, are considered first-class citizens in the software-vulnerabilities landscape. Several studies investigated the software-vulnerabilities phenomenon in the context of mobile apps and, more in general, mobile devices. Most of these studies focused on vulnerabilities that could affect mobile apps, while just few investigated vulnerabilities affecting the underlying platform on which mobile apps run: the Operating System (OS). Also, these studies have been run on a very limited set of vulnerabilities. In this paper we present the largest study at date investigating Android-related vulnerabilities, with a specific focus on the ones affecting the Android OS. In particular, we (i) define a detailed taxonomy of the types of Android-related vulnerability; (ii) investigate the layers and subsystems from the Android OS affected by vulnerabilities; and (iii) study the survivability of vulnerabilities (i.e., the number of days between the vulnerability introduction and its fixing). Our findings could help OS and apps developers in focusing their verification & validation activities, and researchers in building vulnerability detection tools tailored for the mobile world.




Workshop on Security for Embedded and Mobile Systems

Secure and Efficient RNS software implementation for Elliptic Curve Cryptography
Practical Power Analysis on KCipher-2 Software on Low-End Microcontrollers
Use of simulators for side-channel analysis
Secure positioning: From GPS to IoT
Permutation-based cryptography for embedded and mobile systems
The Curious Case of the Curious Case: Detecting touchscreen events using a smartphone case
Are You Really My Friend? Efficient and Secure Friend-matching in Mobile Social Networks
From Smashed Screens to Smashed Stacks: Attacking Mobile Phones using Malicious Aftermarket Parts



CHIPSEC whitelist gets updated