A new computer program, FLASH (Flow-Log Analysis of Single Holes), is presented for the analysis of borehole vertical flow logs. The code is based on an analytical solution for steady-state multilayer radial flow to a borehole. The code includes options for (1) discrete fractures and (2) multilayer aquifers. Given vertical flow profiles collected under both ambient and stressed (pumping or inje...

This paper describes a technology aiming at enforcing semiautomatically counter-measures against fault injection attacks of smart cards. This technology addresses in a generic way the whole software embedded on the card. In particular, it addresses threats going beyond cryptography-related parts of the embedded software, like threats against the firewall of the Java Card embedded virtual machin...

The majority of all security problems in today’s Web applications is caused by stringbased code injection, with Cross-site Scripting (XSS) being the dominant representative of this vulnerability class. This thesis discusses XSS and suggests defense mechanisms. We do so in three stages: First, we conduct a thorough analysis of JavaScript’s capabilities and explain how these capabilities are util...

This paper introduces ∆Breakpad. It extends the Breakpad crash reporting system to handle software diversity effectively and efficiently by replicating and patching the debug information of diversified software versions. Simple adaptations to existing open source compiler tools are presented that on the one hand introduce significant amounts of diversification in the code and stack layout of AR...

In this paper, we consider the well-known unital embedding from $\FF_{q^k}$ into $M_k(\FF_q)$ seen as a map of vector spaces over $\FF_q$ and apply in linear block code rate $\rho/\ell$ $\FF_{q^k}$. This natural extension gives rise to rank-metric with $k$ rows, $k\ell$ columns, dimension $\rho$ minimum distance that satisfies Singleton bound. Given specific skeleton code, can be Ferrers diagra...

The rapid growth in natural gas consumption has increased the need for gas storage, in particular in the form of injection into depleted reservoirs. Also, CO2 sequestration into the depleted reservoirs has attracted a large attention recently. However, it is important to ensure that the injection pressure is maintained below a certain limit to avoid unsealing the cap rock or reactivation of any...

This note1 describes a software-implemented Fault Injection system (Fig. 1) suited to be used with embedded microprocessor-based boards and based on some features available in the most recent microprocessors and microcontrollers. Although these features were originally introduced to easy code development and debugging, they are very well suited for supporting the implementation of efficient and...

Stanley, Dannie M. Ph.D., Purdue University, December 2013. Improved Kernel Security Through Code Validation, Diversification, and Minimization. Major Professors: Eugene H. Spafford and Dongyan Xu. The vast majority of hosts on the Internet, including mobile clients, are running one of three commodity, general-purpose operating system families. In such operating systems the kernel software exec...

The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Runtime attacks seem to be a major threat, in particular, codereuse attacks that do not require any external code injection (e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by appl...