2018년 June 1일

ASIACCS 2018 Proceeding

ASIACCS ’18- Proceedings of the 2018 on Asia Conference on Computer and Communications Security

ASIACCS ’18- Proceedings of the 2018 on Asia Conference on Computer and Communications Security

Full Citation in the ACM Digital Library

SESSION: Session 1: Embedded System Security

DeWiCam: Detecting Hidden Wireless Cameras via Smartphones

  • Yushi Cheng
  • Xiaoyu Ji
  • Tianyang Lu
  • Wenyuan Xu

Wireless cameras are widely deployed in surveillance systems for security guarding. However, the privacy concerns associated with unauthorized videotaping, are drawing an increasing attention recently. Existing detection methods for unauthorized wireless cameras are either limited by their detection accuracy or requiring dedicated devices. In this paper, we propose DeWiCam, a lightweight and effective detection mechanism using smartphones. The basic idea of DeWiCam is to utilize the intrinsic traffic patterns of flows from wireless cameras. Compared with traditional traffic pattern analysis, DeWiCam is more challenging because it cannot access the encrypted information in the data packets. Yet, DeWiCam overcomes the difficulty and can detect nearby wireless cameras reliably. To further identify whether a camera is in an interested room, we propose a human-assisted identification model. We implement DeWiCam on the Android platform and evaluate it with extensive experiments on 20 cameras. The evaluation results show that DeWiCam can detect cameras with an accuracy of 99% within 2.7 s.

Leaky Wires: Information Leakage and Covert Communication Between FPGA Long Wires

  • Ilias Giechaskiel
  • Kasper B. Rasmussen
  • Ken Eguro

Field-Programmable Gate Arrays (FPGAs) are integrated circuits that implement reconfigurable hardware. They are used in modern systems, creating specialized, highly-optimized integrated circuits without the need to design and manufacture dedicated chips. As the capacity of FPGAs grows, it is increasingly common for designers to incorporate implementations of algorithms and protocols from a range of third-party sources. The monolithic nature of FPGAs means that all on-chip circuits, including third party black-box designs, must share common on-chip infrastructure, such as routing resources. In this paper, we observe that a “long” routing wire carrying a logical 1 reduces the propagation delay of other adjacent but unconnected long wires in the FPGA interconnect, thereby leaking information about its state. We exploit this effect and propose a communication channel that can be used for both covert transmissions between circuits, and for exfiltration of secrets from the chip. We show that the effect is measurable for both static and dynamic signals, and that it can be detected using very small on-board circuits. In our prototype, we are able to correctly infer the logical state of an adjacent long wire over 99% of the time, even without error correction, and for signals that are maintained for as little as 82us. Using a Manchester encoding scheme, our channel bandwidth is as high as 6kbps. We characterize the channel in detail and show that it is measurable even when multiple competing circuits are present and can be replicated on different generations and families of Xilinx devices (Virtex 5, Virtex 6, and Artix 7). Finally, we propose countermeasures that can be deployed by systems and tools designers to reduce the impact of this information leakage.

HlcAuth: Key-free and Secure Communications via Home-Limited Channel

  • Chaohao Li
  • Xiaoyu Ji
  • Xinyan Zhou
  • Juchuan Zhang
  • Jing Tian
  • Yanmiao Zhang
  • Wenyuan Xu

Nowadays most IoT devices in smart homes rely on radio frequency channels for communication, making them exposed to various attacks. Existing methods using encryption keys may be inapplicable on these resource-constrained devices that cannot afford the computationally expensive encryption operations. Thus, in this paper we design a key-free communication method for such devices. In particular, we introduce the Home-limited Channel (HLC) that can be accessed only within a house yet inaccessible for an outside-house attacker. Utilizing HLCs, we propose a challenge-response mechanism to authenticate the communications inside a house. The advantages of the HlcAuth protocol are low cost, lightweight as well as key-free, and requiring no human intervention. We show that HlcAuth can defeat replay attacks, message-forgery attacks, and man-in-the-middle (MiTM) attacks, among others. HlcAuth achieves 100% true positive rate (TPR) within 4.2m for in-house devices while 0% false positive rate (FPR) for outside attackers.

SESSION: Session 2: Applied Crypto 1

Ciphertext Integrity with Misuse and Leakage: Definition and Efficient Constructions with Symmetric Primitives

  • Francesco Berti
  • François Koeune
  • Olivier Pereira
  • Thomas Peters
  • François-Xavier Standaert

Leakage resilience (LR) and misuse resistance (MR) are two important properties for the deployment of authenticated encryption (AE) schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss the interactions and incompatibilities between these two properties.

We start from the usual definition of MR for AE schemes from Rogaway and Shrimpton, and argue that it may be overly demanding in the presence of leakages. As a result, we turn back to the basic security requirements for AE: ciphertext integrity (INT-CTXT) and CPA security, and propose to focus on a new notion of CIML security, which is an extension of INT-CTXT in the presence of misuse and leakages.

We discuss the extent to which CIML security is offered by previous proposals of MR AE schemes, conclude by the negative, and propose two new efficient CIML-secure AE schemes: the DTE scheme offers security in the standard model, while the DCE scheme offers security in the random oracle model, but comes with some efficiency benefits. On our way, we observe that these constructions are not trivial, and show for instance that the composition of a LR MAC and a LR encryption scheme, while providing a (traditional) MR AE scheme, can surprisingly lose the MR property in the presence of leakages and does not achieve CIML security. Eventually, we show the LR CPA security of DTE and DCE.

On the Memory-Hardness of Data-Independent Password-Hashing Functions

  • Joel Alwen
  • Peter Gazi
  • Chethan Kamath
  • Karen Klein
  • Georg Osang
  • Krzysztof Pietrzak
  • Lenoid Reyzin
  • Michal Rolinek
  • Michal Rybar

We show attacks on five data-independent memory-hard functions (iMHF) that were submitted to the password hashing competition (PHC). Informally, an MHF is a function which cannot be evaluated on dedicated hardware, like ASICs, at significantly lower hardware and/or energy cost than evaluating a single instance on a standard single-core architecture. Data-independent means the memory access pattern of the function is independent of the input; this makes iMHFs harder to construct than data-dependent ones, but the latter can be attacked by various side-channel attacks.

Following [Alwen-Blocki’16], we capture the evaluation of an iMHF as a directed acyclic graph (DAG). The cumulative parallel pebbling complexity of this DAG is a measure for the hardware cost of evaluating the iMHF on an ASIC. Ideally, one would like the complexity of a DAG underlying an iMHF to be as close to quadratic in the number of nodes of the graph as possible.

Instead, we show that (the DAGs underlying) the following iMHFs are far from this bound: Rig.v2, TwoCats and Gambit each having an exponent no more than 1.75. Moreover, we show that the complexity of the iMHF modes of the PHC finalists Pomelo and Lyra2 have exponents at most 1.83 and 1.67 respectively. To show this we investigate a combinatorial property of each underlying DAG (called its depth-robustness. By establishing upper bounds on this property we are then able to apply the general technique of [Alwen-Block’16] for analyzing the hardware costs of an iMHF.

Non-interactive and Output Expressive Private Comparison from Homomorphic Encryption

  • Wen-jie Lu
  • Jun-jie Zhou
  • Jun Sakuma

Private comparison is about privately determining whether a > b, given two input integers a and b which are held as private information. Private comparison is an important building block for applications such as secure auction and privacy-preserving decision tree evaluation.

In this paper, we consider a variant setting in which the inputs a and b as well as the result bit 1 {a > b} are encrypted. Using a ring variant of a fully homomorphic encryption scheme, our solution takes as input the ciphertexts of a and b and produces only one ciphertext which decrypts to the bit 1 {a > b} without any interaction with the secret key holder. Our approach does not encrypt the inputs bit-wisely and requires only a multiplicative depth of one, giving about 48 – 90 fold speed up over previous solutions.

SESSION: Session 3: Authentication

The Personal Identification Chord: A Four ButtonAuthentication System for Smartwatches

  • Ian Oakley
  • Jun Ho Huh
  • Junsung Cho
  • Geumhwan Cho
  • Rasel Islam
  • Hyoungshick Kim

Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.

2MA: Verifying Voice Commands via Two Microphone Authentication

  • Logan Blue
  • Hadi Abdullah
  • Luis Vargas
  • Patrick Traynor

Voice controlled interfaces have vastly improved the usability of many devices (e.g., headless IoT systems). Unfortunately, the lack of authentication for these interfaces has also introduced command injection vulnerabilities – whether via compromised IoT devices, television ads or simply malicious nearby neighbors, causing such devices to perform unauthenticated sensitive commands is relatively easy. We address these weaknesses with Two Microphone Authentication (2MA), which takes advantage of the presence of multiple ambient and personal devices operating in the same area. We develop an embodiment of 2MA that combines approximate localization through Direction of Arrival (DOA) techniques with Robust Audio Hashes (RSHs). Our results show that our 2MA system can localize a source to within a narrow physical cone ($<30^\circ $) with zero false positives, eliminate replay attacks and prevent the injection of inaudible/hidden commands. As such, we dramatically increase the difficulty for an adversary to carry out such attacks and demonstrate that 2MA is an effective means of authenticating and localizing voice commands.

Beat-PIN: A User Authentication Mechanism for Wearable Devices Through Secret Beats

  • Ben Hutchins
  • Anudeep Reddy
  • Wenqiang Jin
  • Michael Zhou
  • Ming Li
  • Lei Yang

Wearable devices that capture users’ rich information regarding their daily activities have unmet authentication needs. Today’s solutions, which primarily rely on indirect authentication mechanisms via users’ smartphones, thus cumbersome and susceptible to adversary intrusions. Even though there have been some efforts trying to fill this gap, they either rely on some superior sensors, such as cameras and electrocardiogram (ECG) pads, or are awkward to use, e.g., users are asked to perform some pre-defined movement/gesture for authentication. Therefore, an authentication mechanism for wearable devices that is accurate, robust, light-weight and convenient is in dire need.

In this paper, we present the design, implementation and evaluation of a user authentication mechanism, Beat-PIN, for wearable devices that are equipped with touch sensors. A user’s password is a set of recorded beats when he/she taps the device. We call this rhythm-based password as a beat-PIN, which is represented by the timing of its beats. To achieve high authentication accuracy with short training overhead, we propose a novel classification method. Through extensive experimental evaluation with 124 participants, we show that our mechanism can achieve the average EER of 7.2% with only 7 training samples. Besides, its login time is as low as 1.7s. We also show that its average power consumption for training and login is 337.2mW and 181.4mW, separately, which is lower than that for most common operations on smartwatches. More importantly, we provide a theoretical analysis over the beat-PIN’s raw space size and show that it is much larger than that of digit-PINs and traditional passwords.

SESSION: Session 4: Mobile

iOracle: Automated Evaluation of Access Control Policies in iOS

  • Luke Deshotels
  • Razvan Deaconescu
  • Costin Carabas
  • Iulia Manda
  • William Enck
  • Mihai Chiroiu
  • Ninghui Li
  • Ahmad-Reza Sadeghi

Modern operating systems, such as iOS, use multiple access control policies to define an overall protection system. However, the complexity of these policies and their interactions can hide policy flaws that compromise the security of the protection system. We propose iOracle, a framework that logically models the iOS protection system such that queries can be made to automatically detect policy flaws. iOracle models policies and runtime context extracted from iOS firmware images, developer resources, and jailbroken devices, and iOracle significantly reduces the complexity of queries by modeling policy semantics. We evaluate iOracle by using it to successfully triage executables likely to have policy flaws and comparing our results to the executables exploited in four recent jailbreaks. When applied to iOS 10, iOracle identifies previously unknown policy flaws that allow attackers to modify or bypass access control policies. For compromised system processes, consequences of these policy flaws include sandbox escapes (with respect to read/write file access) and changing the ownership of arbitrary files. By automating the evaluation of iOS access control policies, iOracle provides a practical approach to hardening iOS security by identifying policy flaws before they are exploited.

Source Attribution of Cryptographic API Misuse in Android Applications

  • Ildar Muslukhov
  • Yazan Boshmaf
  • Konstantin Beznosov

Recent research suggests that 88% of Android applications that use Java cryptographic APIs make at least one mistake, which results in an insecure implementation. It is unclear, however, if these mistakes originate from code written by application or third-party library developers. Understanding the responsible party for a misuse case is important for vulnerability disclosure. In this paper, we bridge this knowledge gap and introduce source attribution to the analysis of cryptographic API misuse. We developed BinSight, a static program analyzer that supports source attribution, and we analyzed 132K Android applications collected in years 2012, 2015, and 2016. Our results suggest that third-party libraries are the main source of cryptographic API misuse. In particular, 90% of the violating applications, which contain at least one call-site to Java cryptographic API, originate from libraries. When compared to 2012, we found the use of ECB mode for symmetric ciphers has significantly decreased in 2016, for both application and third-party library code. Unlike application code, however, third-party libraries have significantly increased their reliance on static encryption keys for symmetric ciphers and static IVs for CBC mode ciphers. Finally, we found that the insecure RC4 and DES ciphers were the second and the third most used ciphers in 2016.

Don’t throw me away: Threats Caused by the Abandoned Internet Resources Used by Android Apps

  • Elkana Pariwono
  • Daiki Chiba
  • Mitsuaki Akiyama
  • Tatsuya Mori

This study aims to understand the threats caused by abandoned Internet resources used by Android apps. By abandoned, we mean Internet resources that support apps that were published and are still available on the mobile app marketplace, but have not been maintained and hence are at risk for abuse by an outsider. Internet resources include domain names and hard-coded IP addresses, which could be used for nefarious purposes, e.g., stealing sensitive private information, scamming and phishing, click fraud, and injecting malware distribution URL. As a result of the analysis of 1.1 M Android apps published in the official marketplace, we uncovered 3,628 of abandoned Internet resources associated with 7,331 available mobile apps. These resources are subject to hijack by outsiders. Of these apps, 13 apps have been installed more than a million of times, a measure of the breadth of the threat. Based on the findings of empirical experiments, we discuss potential threats caused by abandoned Internet resources and propose countermeasures against these threats.

SESSION: Session 5: Machine Learning 1

Protecting Intellectual Property of Deep Neural Networks with Watermarking

  • Jialong Zhang
  • Zhongshu Gu
  • Jiyong Jang
  • Hui Wu
  • Marc Ph. Stoecklin
  • Heqing Huang
  • Ian Molloy

Deep learning technologies, which are the key components of state-of-the-art Artificial Intelligence (AI) services, have shown great success in providing human-level capabilities for a variety of tasks, such as visual analysis, speech recognition, and natural language processing and etc. Building a production-level deep learning model is a non-trivial task, which requires a large amount of training data, powerful computing resources, and human expertises. Therefore, illegitimate reproducing, distribution, and the derivation of proprietary deep learning models can lead to copyright infringement and economic harm to model creators. Therefore, it is essential to devise a technique to protect the intellectual property of deep learning models and enable external verification of the model ownership.

In this paper, we generalize the “digital watermarking” concept from multimedia ownership verification to deep neural network (DNNs) models. We investigate three DNN-applicable watermark generation algorithms, propose a watermark implanting approach to infuse watermark into deep learning models, and design a remote verification mechanism to determine the model ownership. By extending the intrinsic generalization and memorization capabilities of deep neural networks, we enable the models to learn specially crafted watermarks at training and activate with pre-specified predictions when observing the watermark patterns at inference. We evaluate our approach with two image recognition benchmark datasets. Our framework accurately (100%) and quickly verifies the ownership of all the remotely deployed deep learning models without affecting the model accuracy for normal input data. In addition, the embedded watermarks in DNN models are robust and resilient to different counter-watermark mechanisms, such as fine-tuning, parameter pruning, and model inversion attacks.

Towards Fast and Semi-supervised Identification of Smart Meters Launching Data Falsification Attacks

  • Shameek Bhattacharjee
  • Aditya Thakur
  • Sajal K. Das

Compromised smart meters sending false power consumption data in Advanced Metering Infrastructure (AMI) may have drastic consequences on the smart grid»s operation. Most existing defense models only deal with electricity theft from individual customers (isolated attacks) using supervised classification techniques that do not offer scalable or real time solutions. Furthermore, the cyber and interconnected nature of AMIs can also be exploited by organized adversaries who have the ability to orchestrate simultaneous data falsification attacks after compromising several meters, and also have more complex goals than just electricity theft. In this paper, we first propose a real time semi-supervised anomaly based consensus correction technique that detects the presence and type of smart meter data falsification, and then performs a consensus correction accordingly. Subsequently, we propose a semi-supervised consensus based trust scoring model, that is able to identify the smart meters injecting false data. The main contribution of the proposed approach is to provide a practical framework for compromised smart meter identification that (i) is not supervised (ii) enables quick identification (iii) scales classification error rates better for larger sized AMIs; (iv) counters threats from both isolated and orchestrated attacks; and (v) simultaneously works for a variety of data falsification types. Extensive experimental validation using two real datasets from USA and Ireland, demonstrates the ability of our proposed method to identify compromised meters in near real time across different datasets.

Detecting Malicious PowerShell Commands using Deep Neural Networks

  • Danny Hendler
  • Shay Kels
  • Amir Rubin

Microsoft»s PowerShell is a command-line shell and scripting language that is installed by default on Windows machines. Based on Microsoft»s .NET framework, it includes an interface that allows programmers to access operating system services. While PowerShell can be configured by administrators for restricting access and reducing vulnerabilities, these restrictions can be bypassed. Moreover, PowerShell commands can be easily generated dynamically, executed from memory, encoded and obfuscated, thus making the logging and forensic analysis of code executed by PowerShell challenging. For all these reasons, PowerShell is increasingly used by cybercriminals as part of their attacks» tool chain, mainly for downloading malicious contents and for lateral movement. Indeed, a recent comprehensive technical report by Symantec dedicated to PowerShell»s abuse by cybercrimials \citeSymantec16 reported on a sharp increase in the number of malicious PowerShell samples they received and in the number of penetration tools and frameworks that use PowerShell. This highlights the urgent need of developing effective methods for detecting malicious PowerShell commands. In this work, we address this challenge by implementing several novel detectors of malicious PowerShell commands and evaluating their performance. We implemented both “traditional” natural language processing (NLP) based detectors and detectors based on character-level convolutional neural networks (CNNs). Detectors» performance was evaluated using a large real-world dataset. Our evaluation results show that, although our detectors (and especially the traditional NLP-based ones) individually yield high performance, an ensemble detector that combines an NLP-based classifier with a CNN-based classifier provides the best performance, since the latter classifier is able to detect malicious commands that succeed in evading the former. Our analysis of these evasive commands reveals that some obfuscation patterns automatically detected by the CNN classifier are intrinsically difficult to detect using the NLP techniques we applied. Our detectors provide high recall values while maintaining a very low false positive rate, making us cautiously optimistic that they can be of practical value.

Detection under Privileged Information

  • Z. Berkay Celik
  • Patrick McDaniel
  • Rauf Izmailov
  • Nicolas Papernot
  • Ryan Sheatsley
  • Raquel Alvarez
  • Ananthram Swami

For well over a quarter century, detection systems have been driven by models learned from input features collected from real or simulated environments. An artifact (e.g., network event, potential malware sample, suspicious email) is deemed malicious or non-malicious based on its similarity to the learned model at runtime. However, the training of the models has been historically limited to only those features available at runtime. In this paper, we consider an alternate learning approach that trains models using privileged information–features available at training time but not at runtime–to improve the accuracy and resilience of detection systems. In particular, we adapt and extend recent advances in knowledge transfer, model influence, and distillation to enable the use of forensic or other data unavailable at runtime in a range of security domains. An empirical evaluation shows that privileged information increases precision and recall over a system with no privileged information: we observe up to 7.7% relative decrease in detection error for fast-flux bot detection, 8.6% for malware traffic detection, 7.3% for malware classification, and 16.9% for face recognition. We explore the limitations and applications of different privileged information techniques in detection systems. Such techniques provide a new means for detection systems to learn from data that would otherwise not be available at runtime.

SESSION: Session 6: Privacy 1

Entwining Sanitization and Personalization on Databases

  • Sébastien Gambs
  • Julien Lolive
  • Jean-Marc Robert

In the last decade, a lot of research has been done to prevent the illegal distribution of digital content, % in the context in which the proprietary content is a medium such as musical works and movies. However, only few works have tackled this problem for databases, and even less for databases containing personal and sensitive information (\emphe.g, a medical database). In this work, we address this latter issue by proposing øuralgo\ (for Sanitization and Personalization of Databases ), an approach in which the owner of a database personalizes it before distributing it to ensure that a malicious buyer can be traced back in case of an illegal redistribution. Our novel solution entwines the personalization step with a sanitization mechanism to prevent the leak of personal information and limit the privacy risks. Thus, our objective is to release a sanitized and personalized database, both to protect the privacy of the concerned individuals and to prevent the illegal redistribution, even from a collusion of malicious buyers.

Large-Scale Privacy-Preserving Statistical Computations for Distributed Genome-Wide Association Studies

  • Oleksandr Tkachenko
  • Christian Weinert
  • Thomas Schneider
  • Kay Hamacher

We present privacy-preserving solutions for Genome-Wide Association Studies (GWAS) based on Secure Multi-Party Computation (SMPC). Using SMPC, we protect the privacy of patients when medical institutes collaborate for computing statistics on genomic data in a distributed fashion. Previous solutions for this task lack efficiency and/or use inadequate algorithms that are of limited practical value. Concretely, we optimize and implement multiple algorithms for the χ^2 $-, G-, and P-test in the ABY framework (Demmler et al., NDSS»15) and evaluate them in a distributed GWAS scenario. Statistical tests generally require advanced mathematical operations. For operations that cannot be calculated in integer arithmetic, we make use of the existing IEEE 754 floating point arithmetic implementation in ABY (Demmler et al., CCS»15). To improve performance, we extend the mixed-protocol capabilities of ABY by optimizing and implementing the integer to floating point conversion protocols of Aliasgari et al.\ (NDSS»13), which may be of independent interest. Furthermore, we consider extended contingency tables for the χ^2$- and G-test that use codeword counts instead of counts for only two alleles, thereby allowing for advanced, realistic analyses. Finally, we consider an outsourcing scenario where two non-colluding semi-trusted third parties process secret-shared input data from multiple institutes. Our extensive evaluation shows, compared to the prior art of Constable et al.\ (BMC Medical Informatics and Decision Making»15), an improved run-time efficiency of the χ^2 $-test by up to factor 37x. We additionally demonstrate practicality in scenarios with millions of participants and hundreds of collaborating institutes.

Secure Similar Sequence Query on Outsourced Genomic Data

  • Ke Cheng
  • Yantian Hou
  • Liangmin Wang

The growing availability of genomic data is unlocking research potentials on genomic-data analysis. It is of great importance to outsource the genomic-analysis tasks onto clouds to leverage their powerful computational resources over the large-scale genomic sequences. However, the remote placement of the data raises personal-privacy concerns, and it is challenging to evaluate data-analysis functions on outsourced genomic data securely and efficiently. In this work, we study the secure similar-sequence-query (SSQ) problem over outsourced genomic data, which has not been fully investigated. To address the challenges of security and efficiency, we propose two protocols in the mixed form, which combine two-party secure secret sharing, garbled circuit, and partial homomorphic encryptions together and use them to jointly fulfill the secure SSQ function. In addition, our protocols support multi-user queries over a joint genomic data set collected from multiple data owners, making our solution scalable. We formally prove the security of protocols under the semi-honest adversary model, and theoretically analyze the performance. We use extensive experiments over real-world dataset on a commercial cloud platform to validate the efficacy of our proposed solution, and demonstrate the performance improvements compared with state-of-the-art works.

A Linear Distinguisher and its Application for Analyzing Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation

  • Liang Zhao
  • Liqun Chen

A distinguisher is employed by an adversary to explore the privacy property of a cryptographic primitive. If a cryptographic primitive is said to be private, there is no distinguisher algorithm that can be used by an adversary to distinguish the encodings generated by this primitive with non-negligible advantage. Recently, two privacy-preserving matrix transformations first proposed by Salinas et al. have been widely used to achieve the matrix-related verifiable (outsourced) computation in data protection. Salinas et al. proved that these transformations are private (in terms of indistinguishability). In this paper, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. Then, we take those two matrix transformations (including Salinas et al.$’$s original work and Yu et al.$’$s modification) as example targets and analyze their privacy property when our linear distinguisher algorithms are employed by the adversaries. The results show that those transformations are not private even against passive eavesdropping.

SESSION: Session 7: Cellular, Phone, and Email

FBSleuth: Fake Base Station Forensics via Radio Frequency Fingerprinting

  • Zhou Zhuang
  • Xiaoyu Ji
  • Taimin Zhang
  • Juchuan Zhang
  • Wenyuan Xu
  • Zhenhua Li
  • Yunhao Liu

Fake base station (FBS) crime is a type of wireless communication crime that has appeared recently. The key to enforcing the laws on regulating FBS based crime is not only to arrest but also to convict criminals effectively. Much work on FBS discovering, localization, and tracking can assist the arresting, but the problem of collecting evidence accurately to support a proper conviction has not been addressed yet.

To fill in the gap of enforcing the laws on FBS crimes, we design FBSleuth, an FBS crime forensics framework utilizing “radio frequency (RF) fingerprints”, e.g., the unique characteristics of the FBS transmitters embedded in the electromagnetic signals. Essentially, such fingerprints stem from the imperfections in hardware manufacturing and thus represent a consistent bond between an individual FBS device and its committed crime. We model the RF fingerprint from the subtle variance of the modulation errors, instantaneous frequency, and phases of the RF signals. Our validation of FBSleuth on six FBSes from four cities over more than 5 months shows that FBSleuth can achieve over 99% precision, 96.4% recall, and 97.94% F1 score in a dynamic wild environment.

Augmenting Telephone Spam Blacklists by Mining Large CDR Datasets

  • Jienan Liu
  • Babak Rahbarinia
  • Roberto Perdisci
  • Haitao Du
  • Li Su

Telephone spam has become an increasingly prevalent problem in many countries all over the world. For example, the US Federal Trade Commission’s (FTC) National Do Not Call Registry’s number of cumulative complaints of spam/scam calls reached 30.9 million submissions in 2016. Naturally, telephone carriers can play an important role in the fight against spam. However, due to the extremely large volume of calls that transit across large carrier networks, it is challenging to mine their vast amounts of call detail records (CDRs) to accurately detect and block spam phone calls. This is because CDRs only contain high-level metadata (e.g., source and destination numbers, call start time, call duration, etc.) related to each phone calls. In addition, ground truth about both benign and spam-related phone numbers is often very scarce (only a tiny fraction of all phone numbers can be labeled). More importantly, telephone carriers are extremely sensitive to false positives, as they need to avoid blocking any non-spam calls, making the detection of spam-related numbers even more challenging. In this paper, we present a novel detection system that aims to discover telephone numbers involved in spam campaigns. Given a small seed of known spam phone numbers, our system uses a combination of unsupervised and supervised machine learning methods to mine new, previously unknown spam numbers from large datasets of call detail records (CDRs). Our objective is not to detect all possible spam phone calls crossing a carrier’s network, but rather to expand the list of known spam numbers while aiming for zero false positives, so that the newly discovered numbers may be added to a phone blacklist, for example. To evaluate our system, we have conducted experiments over a large dataset of real-world CDRs provided by a leading telephony provider in China, while tuning the system to produce no false positives. The experimental results show that our system is able to greatly expand on the initial seed of known spam numbers by up to about 250%.

Towards Measuring the Role of Phone Numbers in Twitter-Advertised Spam

  • Payas Gupta
  • Roberto Perdisci
  • Mustaque Ahamad

The telephony channel has become an attractive target for cyber criminals, who are using it to craft a variety of attacks. In addition to delivering voice and messaging spam, this channel is also being used to lure victims into calling phone numbers that are controlled by the attackers. One way this is done is by aggressively advertising phone numbers on social media (e.g., Twitter). This form of spam is then monetized over the telephony channel, via messages/calls made by victims. We refer to this type of attacks as outgoing phone communication (OPC) attacks.

By collecting approximately 70M tweets containing over 5,786 phone numbers over a period of 14 months, we are able to measure properties of multiple spam campaigns, including well-known tech support scams. Our contributions include a novel data collection technique that amplifies tweets containing phone numbers, clustering of tweets that are part of a given OPC attack campaign, and brief analysis of particularly interesting campaigns. We also show that some of the campaigns we analyze appear to attempt to avoid account suspension by Twitter, by including reputable URLs in their tweets. In fact, we find that Twitter suspended only about 3.5% of the accounts that participated in the top 15 spam campaigns we measured. Our results not only demonstrate a new kind of abuse exploiting the telephony channel but also show the potential benefits of using phone numbers to fight spam on Twitter.

Use-After-FreeMail: Generalizing the Use-After-Free Problem and Applying it to Email Services

  • Daniel Gruss
  • Michael Schwarz
  • Matthias Wübbeling
  • Simon Guggi
  • Timo Malderle
  • Stefan More
  • Moritz Lipp

Use-after-free is a type of vulnerability commonly present in software written in memory-unsafe languages like C or C++, where a program frees a memory buffer too early. By placing counterfeit structures at the freed memory location, an attacker can leak information or gain execution control upon subsequent access.

In this paper, we show that the concept of use-after-free can be generalized to any environment and situation where resources can be silently exchanged. As an instance of our generalization we demonstrate Use-After-FreeMail attacks. Use-After-FreeMail attacks gather email addresses from publicly available database leaks. The fully automated quantitative analysis brought to light that 33.5% of all free-mail addresses we tested are not valid anymore. In two user studies with 100 and 31 participants we found that 11-19% of users are affected by our attack. In qualitative case studies we investigated what information can be gained in Use-After-FreeMail attacks, e.g., payment information, and how far currently used accounts can be compromised (identity theft). Finally, drawing the connection between mitigations against traditional use-after-free scenarios and the Use-After-FreeMail scenario, we provide a concise list of recommendations to free-mail providers and users as a protection against use-after-free attacks.

SESSION: Session 8: Trust

Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems Security

  • Xavier Carpent
  • Karim Eldefrawy
  • Norrathep Rattanavipanon
  • Gene Tsudik

Assuring integrity of information (e.g., data and/or software) is usually accomplished by cryptographic means, such as hash functions or message authentication codes (MACs). Computing such integrity-ensuring functions can be time-consuming if the amount of input data is large and/or the computing platform is weak. At the same time, in real-time or safety-critical settings, it is often impractical or even undesirable to guarantee atomicity of computing a time-consuming integrity-ensuring function. Meanwhile, standard correctness and security definitions of such functions assume that input data (regardless of its size) remains consistent throughout computation. However, temporal consistency may be lost if another process interrupts execution of an integrity-ensuring function and modifies portions of input that either or both: (1) were already processed, or (2) were not processed yet. Lack of temporal consistency might yield an integrity result that is non-sensical or simply incorrect. Such subtleties and discrepancies between (implicit) assumptions in definitions and implementations can be a source of inconsistenceies, which might lead to vulnerabilities.

In this paper, we systematically explore the notion of temporal consistency of cryptographic integrity-ensuring functions. We show that its lack in implementations of such functions can lead to inconsistent results and security violations in protocols and systems using them, e.g., remote attestation, remote updates and secure resets. We consider several mechanisms that guarantee temporal consistency of implementations of integrity-ensuring functions in embedded systems with a focus on remote attestation. We also assess performance of proposed mechanisms on two commodity hardware platforms: I.MX6-SabreLite and ODROID-XU4.

SALAD: Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks

  • Florian Kohnhäuser
  • Niklas Büscher
  • Stefan Katzenbeisser

Today, tiny embedded Internet of Things (IoT) devices are increasingly used in safety- and privacy-critical application scenarios. In many of these scenarios, devices perform a certain task collectively as a swarm. Remote attestation is an important cornerstone for the security of these IoT devices, as it allows to verify the integrity of the software on remote devices. Recently proposed collective attestation protocols are able to attest entire device swarms in an efficient way. However, these protocols are inefficient or even inapplicable when devices in the network are mobile or lack continuous connectivity. This work presents SALAD, the first collective attestation protocol for highly dynamic and disruptive networks. SALAD uses a novel distributed approach, where devices incrementally establish a common view on the integrity of all devices in the network. In contrast to existing protocols, SALAD performs well in highly dynamic and disruptive network topologies, increases resilience against targeted Denial of Service (DoS) attacks, and allows to obtain the attestation result from any device. Moreover, SALAD is capable of mitigating physical attacks in an efficient manner, which is achieved by adapting and extending recently proposed aggregation schemes. We demonstrate the security of SALAD and show its effectiveness by providing large-scale simulation results.

Can You Trust Your Encrypted Cloud?: An Assessment of SpiderOakONE’s Security

  • Anders P. K. Dalskov
  • Claudio Orlandi

This paper presents an independent security review of a popular encrypted cloud storage service (ECS) SpiderOakONE. Contrary to previous work analyzing similar programs, we formally define a minimal security requirements for confidentiality in ECS which takes into account the possibility that the ECS actively turns against its users in an attempt to break the confidentiality of the users» data. Our analysis uncovered several serious issues, which either directly or indirectly damage the confidentiality of a user»s files, therefore breaking the claimed Zero- or No-Knowledge property (i.e., the claim that even the ECS itself cannot access the users» data). After responsibly disclosing the issues we found to SpiderOak, most have been fixed.

On the Strategy and Behavior of Bitcoin Mining with N-attackers

  • Hanqing Liu
  • Na Ruan
  • Rongtian Du
  • Weijia Jia

Selfish mining is a well-known mining attack strategy discovered by Eyal and Sirer in 2014. After that, the attackers’ strategy has been further discussed by many other works, which analyze the strategy and behavior of a single attacker. The extension of the strategy research is greatly restricted by the assumption that there is only one attacker in the blockchain network, since, in many cases, a proof of work blockchain has multiple attackers. The attackers can be independent of others instead of sharing information and attacking the blockchain as a whole. In this paper, we will establish a new model to analyze the miners’ behavior in a proof of work blockchain with multiple attackers. Based on our model, we extend the attackers’ strategy by proposing a new strategy set publish-n. Meanwhile, we will also review other attacking strategies such as selfish mining and stubborn mining in our model to explore whether these strategies work or not when there are multiple attackers. The performances of different strategies are compared using relative stale block rate of the attackers. In a proof of work blockchain model with two attackers, strategy publish-n can beat selfish mining by up to 26.3%.

SESSION: Session 9: Software Security

A Leak-Resilient Dual Stack Scheme for Backward-Edge Control-Flow Integrity

  • Philipp Zieris
  • Julian Horsch

Manipulations of return addresses on the stack are the basis for a variety of attacks on programs written in memory unsafe languages. Dual stack schemes for protecting return addresses promise an efficient and effective defense against such attacks. By introducing a second, safe stack to separate return addresses from potentially unsafe stack objects, they prevent attacks that, for example, maliciously modify a return address by overflowing a buffer. However, the security of dual stacks is based on the concealment of the safe stack in memory. Unfortunately, all current dual stack schemes are vulnerable to information disclosure attacks that are able to reveal the safe stack location, and therefore effectively break their promised security properties. In this paper, we present a new, leak-resilient dual stack scheme capable of withstanding sophisticated information disclosure attacks. We carefully study previous dual stack schemes and systematically develop a novel design for stack separation that eliminates flaws leading to the disclosure of safe stacks. We show the feasibility and practicality of our approach by presenting a full integration into the LLVM compiler framework with support for the x86-64 and ARM64 architectures. With an average of 2.7% on x86-64 and 0.0% on ARM64, the performance overhead of our implementation is negligible.

CUP: Comprehensive User-Space Protection for C/C++

  • Nathan Burow
  • Derrick McKee
  • Scott A. Carr
  • Mathias Payer

Memory corruption vulnerabilities in C/C++ applications enable attackers to execute code, change data, and leak information. Current memory sanitizers do not provide comprehensive coverage of a program»s data. In particular, existing tools focus primarily on heap allocations with limited support for stack allocations and globals. Orthogonally, existing tools focus on the main executable with limited support for system libraries. Existing tools also suffer from both false positives and false negatives. We present Comprehensive User-Space Protection for C/C++, \sysname, an LLVM sanitizer that provides complete spatial and probabilistic temporal memory safety for C/C++ programs on 64-bit architectures (with a prototype implementation for x86\_64). \sysname uses a hybrid metadata scheme that supports all program data including globals, heap, or stack and maintains Application Binary Interface (ABI) compatibility. Existing approaches have false positives and 8%-25% false negatives on the NIST Juliet test suite. In contrast, \sysname has no false negatives or false positives. \sysname instruments all user-space code, including libc and other system libraries, removing these libraries from the trusted computing base. Supporting all of user space allows \sysname to treat a missed check as a failed check, leading to no false negatives for \sysname. The overhead introduced by \sysname is half that of the state-of-the-art full memory protection on benchmarks where both mechanisms run, and imposes 1.58x overhead when compared to baseline on all benchmarks. Consequently, \sysname is intended as a sanitizer for use by system developers, and to protect truly critical systems.

BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering

  • Vishal Karande
  • Swarup Chandra
  • Zhiqiang Lin
  • Juan Caballero
  • Latifur Khan
  • Kevin Hamlen

Complex software is built by composing components implementing largely independent blocks of functionality. However, once the sources are compiled into an executable, that modularity is lost. This is unfortunate for code recipients, for whom knowing the components has many potential benefits, such as improved program understanding for reverse-engineering, identifying shared code across different programs, binary code reuse, and authorship attribution. A novel approach for decomposing such source-free program executables into components is here proposed. Given an executable, the approach first statically builds a decomposition graph, where nodes are functions and edges capture three types of relationships: code locality, data references, and function calls. It then applies a graph-theoretic approach to partition the functions into disjoint components. A prototype implementation, BCD, demonstrates the approach’s efficacy: Evaluation of BCD with 25 C++ binary programs to recover the methods belonging to each class achieves high precision and recall scores for these tested programs.

SESSION: Session 10: Network Security 1

To Intercept or Not to Intercept: Analyzing TLS Interception in Network Appliances

  • Louis Waked
  • Mohammad Mannan
  • Amr Youssef

Many enterprise-grade network appliances host a TLS proxy to facilitate interception of TLS-protected traffic for various purposes, including malware scanning, phishing detection, and preventing data exfiltration. When deployed, the TLS proxy acts as the security validating client for external TLS web servers, on behalf of the original requesting client; on the other hand, the proxy acts as the web server to the client. Consequently, TLS proxies must maintain a reliable level of security, at least, at the same level as modern web browsers and properly configured TLS servers. Failure to do so increases the attack surface of all the proxied clients served the network appliance. We develop a framework for testing TLS inspecting appliances, combining and extending tests from existing work on client-end and network-based interception. Utilizing this framework, we analyze six representative network appliances, and uncover several security issues regarding TLS version and certificate parameters mapping, CA trusted stores, private keys, and certificate validation tests. For instance, we found that two appliances perform no certificate validation at all, exposing their end-clients to trivial Man-in-the-Middle attacks. The remaining appliances that perform certificate validation, still do not follow current best practices, and thus making them vulnerable against certain attacks. We also found that all the tested appliances deceive the requesting clients, by offering TLS parameters that are different from the proxy-to-server TLS parameters, such as the TLS versions, hashing algorithms, and RSA key sizes. We hope that this work bring focus on the risks and vulnerabilities of using TLS proxies that are being widely deployed in many enterprise and government environments, potentially affecting all their users and systems.

Software-Defined Firewall: Enabling Malware Traffic Detection and Programmable Security Control

  • Shang Gao
  • Zecheng Li
  • Yuan Yao
  • Bin Xiao
  • Songtao Guo
  • Yuanyuan Yang

Network-based malware has posed serious threats to the security of host machines. When malware adopts a private TCP/IP stack for communications, personal and network firewalls may fail to identify the malicious traffic. Current firewall policies do not have a convenient update mechanism, which makes the malicious traffic detection difficult.

In this paper, we propose Software-Defined Firewall (SDF), a new security design to protect host machines and enable programmable security policy control by abstracting the firewall architecture into control and data planes. The control plane strengthens the easy security control policy update, as in the SDN (Software-Defined Networking) architecture. The difference is that it further collects host information to provide application-level traffic control and improve the malicious traffic detection accuracy. The data plane accommodates all incoming/outgoing network traffic in a network hardware to avoid malware bypassing it. The design of SDF is easy to be implemented and deployed in today’s network. We implement a prototype of SDF and evaluate its performance in real-world experiments. Experimental results show that SDF can successfully monitor all network traffic (i.e., no traffic bypassing) and improves the accuracy of malicious traffic identification. Two examples of use cases indicate that SDF provides easier and more flexible solutions to today’s host security problems than current firewalls.

Where’s Wally?: How to Privately Discover your Friends on the Internet

  • Panagiotis Papadopoulos
  • Antonios A. Chariton
  • Elias Athanasopoulos
  • Evangelos P. Markatos

Internet friends who would like to connect with each other (e.g., VoIP, chat) use point-to-point communication applications such as Skype or WhatsApp. Apart from providing the necessary communication channel, these applications also facilitate contact discovery, where users upload their address-book and learn the network address of their friends. Although handy, this discovery process comes with a significant privacy cost: users are forced to reveal to the service provider every person they are socially connected with, even if they do not ever communicate with them through the app. In this paper, we show that it is possible to implement a scalable User Discovery service, without requiring any centralized entity that users have to blindly trust. Specifically, we distribute the maintenance of the users» contact information, and allow their friends to query for it, just as they normally query the network for machine services. We implement our approach in PROUD: a distributed privacy-preserving User Discovery service, which capitalizes on DNS. The prevalence of DNS makes PROUD immediately applicable, able to scale to millions of users. Preliminary evaluation shows that PROUD provides competitive performance for all practical purposes, imposing an overhead of less than 0.3 sec per operation.

SESSION: Session 11: Malware and Web

You Are Your Photographs: Detecting Multiple Identities of Vendors in the Darknet Marketplaces

  • Xiangwen Wang
  • Peng Peng
  • Chun Wang
  • Gang Wang

Darknet markets are online services behind Tor where cybercriminals trade illegal goods and stolen datasets. In recent years, security analysts and law enforcement start to investigate the darknet markets to study the cybercriminal networks and predict future incidents. However, vendors in these markets often create multiple accounts (\em i.e., Sybils), making it challenging to infer the relationships between cybercriminals and identify coordinated crimes. In this paper, we present a novel approach to link the multiple accounts of the same darknet vendors through photo analytics. The core idea is that darknet vendors often have to take their own product photos to prove the possession of the illegal goods, which can reveal their distinct photography styles. To fingerprint vendors, we construct a series deep neural networks to model the photography styles. We apply transfer learning to the model training, which allows us to accurately fingerprint vendors with a limited number of photos. We evaluate the system using real-world datasets from 3 large darknet markets (7,641 vendors and 197,682 product photos). A ground-truth evaluation shows that the system achieves an accuracy of 97.5%, outperforming existing stylometry-based methods in both accuracy and coverage. In addition, our system identifies previously unknown Sybil accounts within the same markets (23) and across different markets (715 pairs). Further case studies reveal new insights into the coordinated Sybil activities such as price manipulation, buyer scam, and product stocking and reselling.

Investigating Web Defacement Campaigns at Large

  • Federico Maggi
  • Marco Balduzzi
  • Ryan Flores
  • Lion Gu
  • Vincenzo Ciancaglini

Website defacement is the practice of altering the web pages of a website after its compromise. The altered pages, calleddeface pages, can negatively affect the reputation and business of the victim site. Previous research has focused primarily on detection, rather than exploring the defacement phenomenon in depth. While investigating several defacements, we observed that the artifacts left by the defacers allow an expert analyst to investigate the actors’ modus operandi and social structure, and expand from the single deface page to a group of related defacements (i.e., acampaign ). However, manually performing such analysis on millions of incidents is tedious, and poses scalability challenges. From these observations, we propose an automated approach that efficiently builds intelligence information out of raw deface pages. Our approach streamlines the analysts job by automatically recognizing defacement campaigns, and assigning meaningful textual labels to them. Applied to a comprehensive dataset of 13 million defacement records, from Jan. 1998 to Sept. 2016, our approach allowed us to conduct the first large-scale measurement on web defacement campaigns. In addition, our approach is meant to be adopted operationally by analysts to identify live campaigns on the field.

We go beyond confirming anecdotal evidence. We analyze the social structure of modern defacers, which includes lone individuals as well as actors that cooperate with each others, or with teams, which evolve over time and dominate the scene. We conclude by drawing a parallel between the time line of World-shaping events and defacement campaigns, representing the evolution of the interests and orientation of modern defacers.

Hardware Performance Counters Can Detect Malware: Myth or Fact?

  • Boyou Zhou
  • Anmol Gupta
  • Rasoul Jahanshahi
  • Manuel Egele
  • Ajay Joshi

The ever-increasing prevalence of malware has led to the explorations of various detection mechanisms. Several recent works propose to use Hardware Performance Counters (HPCs) values with machine learning classification models for malware detection. HPCs are hardware units that record low-level micro-architectural behavior, such as cache hits/misses, branch (mis)prediction, and load/store operations. However, this information does not reliably capture the nature of the application, i.e. whether it is benign or malicious. In this paper, we claim and experimentally support that using the micro-architectural level information obtained from HPCs cannot distinguish between benignware and malware. We evaluate the fidelity of malware detection using HPCs. We perform quantitative analysis using Principal Component Analysis (PCA) to systematically select micro-architectural events that have the most predictive powers. We then run 1,924 programs, 962 benignware and 962 malware, on our experimental setups. We achieve 83.39%, 84.84%, 83.59%, 75.01%, 78.75%, and 14.32% F1-score (a metric of detection rates) of Decision Tree (DT), Random Forest (RF), K Nearest Neighbors (KNN), Adaboost, Neural Net (NN), and Naive Bayes, respectively. We cross-validate our models 1,000 times to show the distributions of detection rates in various models. Our cross-validation analysis shows that many of the experiments produce low F1-scores. The F1-score of models in DT, RF, KNN, Adaboost, NN, and Naive Bayes is 80.22%, 81.29%, 80.22%, 70.32%, 35.66%, and 9.903%, respectively. To further highlight the incapability of malware detection using HPCs, we show that one benignware (Notepad++) infused with malware (ransomware) cannot be detected by HPC-based malware detection.

le-git-imate: Towards Verifiable Web-based Git Repositories

  • Hammad Afzali
  • Santiago Torres-Arias
  • Reza Curtmola
  • Justin Cappos

Web-based Git hosting services such as GitHub and GitLab are popular choices to manage and interact with Git repositories. However, they lack an important security feature – the ability to sign Git commits. Users instruct the server to perform repository operations on their behalf and have to trust that the server will execute their requests faithfully. Such trust may be unwarranted though because a malicious or a compromised server may execute the requested actions in an incorrect manner, leading to a different state of the repository than what the user intended.

In this paper, we show a range of high-impact attacks that can be executed stealthily when developers use the web UI of a Git hosting service to perform common actions such as editing files or merging branches. We then propose le-git-imate, a defense against these attacks which provides security guarantees comparable and compatible with Git’s standard commit signing mechanism. We implement le-git-imate as a Chrome browser extension. le-git-imate does not require changes on the server side and can thus be used immediately. It also preserves current workflows used in Github/GitLab and does not require the user to leave the browser, and it allows anyone to verify that the server’s actions faithfully follow the user’s requested actions. Moreover, experimental evaluation using the browser extension shows that le-git-imate has comparable performance with Git’s standard commit signature mechanism. With our solution in place, users can take advantage of GitHub/GitLab’s web-based features without sacrificing security, thus paving the way towards verifiable web-based Git repositories.

SESSION: Session 12: Physical Attacks and Defense

NoisePrint: Attack Detection Using Sensor and Process Noise Fingerprint in Cyber Physical Systems

  • Chuadhry Mujeeb Ahmed
  • Martin Ochoa
  • Jianying Zhou
  • Aditya P. Mathur
  • Rizwan Qadeer
  • Carlos Murguia
  • Justin Ruths

An attack detection scheme is proposed to detect data integrity attacks on sensors in Cyber-Physical Systems (CPSs). A combined fingerprint for sensor and process noise is created during the normal operation of the system. Under sensor spoofing attack, noise pattern deviates from the fingerprinted pattern enabling the proposed scheme to detect attacks. To extract the noise (difference between expected and observed value) a representative model of the system is derived. A Kalman filter is used for the purpose of state estimation. By subtracting the state estimates from the real system states, a residual vector is obtained. It is shown that in steady state the residual vector is a function of process and sensor noise. A set of time domain and frequency domain features is extracted from the residual vector. Feature set is provided to a machine learning algorithm to identify the sensor and process. Experiments are performed on two testbeds, a real-world water treatment (SWaT) facility and a water distribution (WADI) testbed. A class of zero-alarm attacks, designed for statistical detectors on SWaT are detected by the proposed scheme. It is shown that a multitude of sensors can be uniquely identified with accuracy higher than 90% based on the noise fingerprint.

Electromagnetic Induction Attacks Against Embedded Systems

  • Jayaprakash Selvaraj
  • Gökçen Y?lmaz Dayanıklı
  • Neelam Prabhu Gaunkar
  • David Ware
  • Ryan M. Gerdes
  • Mani Mina

Embedded and cyber-physical systems are critically dependent on the integrity of input and output signals for proper operation. Input signals acquired from sensors are assumed to correspond to the phenomenon the system is monitoring and responding to. Similarly, when such systems issue an actuation signal it is expected that the mechanism being controlled will respond in a predictable manner. Recent work has shown that sensors can be manipulated through the use of intentional electromagnetic interference (IEMI). In this work, we demonstrate thatboth input and output signals, analog and digital, can be remotely manipulated via the physical layer—thus bypassing traditional integrity mechanisms. Through the use of specially crafted IEMI it is shown that the physical layer signaling used for sensor input to, and digital communications between, embedded systems may be undermined to an attacker’s advantage. Three attack scenarios are analyzed and their efficacy demonstrated. In the first scenario the analog sensing channel is manipulated to produce arbitrary sensor readings, while in the second it is shown that an attacker may induce bit flips in serial communications. Finally, a commonly used actuation signal is shown to be vulnerable to IEMI. The attacks are effective over appreciable distances and at low power.

Sensor CON-Fusion: Defeating Kalman Filter in Signal Injection Attack

  • Shoei Nashimoto
  • Daisuke Suzuki
  • Takeshi Sugawara
  • Kazuo Sakiyama

In recent years, information systems have become increasingly able to interact with the real world by using relatively cheap connected embedded devices. In such systems, sensors are crucial components because systems can observe the real world only through sensors. Recently, there have been emerging threats to sensors, which involve the injection of false information in the physical/analog domain. To counter such attacks, sensor fusion is considered a promising approach because the robustness of a measurement can be improved by combining data from redundant sensors. However, sensor fusion algorithms were not originally designed to consider security, and thus their effectiveness is unclear. For this reason, in this paper, we evaluate in detail the security of sensor fusion. Notably, we consider a sensor fusion scenario that involves measuring inclination, with a combination of an accelerometer, gyroscope, and magnetometer using Kalman filter. Based on a theoretical analysis of the algorithm, two concrete attacks that defeat the sensor fusion are proposed. The feasibility of the proposed attacks is verified by performing experiments in emulated and real environments. We also propose a countermeasure that thwarts the new attacks. Furthermore, we logically prove that the proposed countermeasure detects all possible attacks.

TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems

  • Qin Lin
  • Sridha Adepu
  • Sicco Verwer
  • Aditya Mathur

Industrial Control Systems (ICS) such as water and power are critical to any society. Process anomaly detection mechanisms have been proposed to protect such systems to minimize the risk of damage or loss of resources. In this paper, a graphical model-based approach is proposed for profiling normal operational behavior of an operational ICS referred to as SWaT (Secure Water Treatment). Timed automata are learned as a model of regular behaviors shown in sensors signal like fluctuations of water level in tanks. Bayesian networks are learned to discover dependencies between sensors and actuators. The models are used as a one-class classifier for process anomaly detection, recognizing irregular behavioral patterns and dependencies. The detection results can be interpreted and the abnormal sensors or actuators localized due to the interpretability of the graphical models. This approach is applied to a dataset collected from SWaT. Experimental results demonstrate the model’s superior performance on both precision and run-time over methods including support vector machine and deep neural networks. The underlying idea is generic and applicable to other industrial control systems such as power and transportation.

SESSION: Session 13: Privacy 2

SecSAKE: Towards Secure and Efficient Outsourcing of Clinical MRI Reconstruction

  • Zihao Shan
  • Zhan Qin
  • Leslie Ying
  • Kui Ren

Magnetic Resonance Imaging (MRI) is a widely used technique to help form images of internal body structures for medical diagnosis. Recently, the Simultaneous Auto-calibrating and K-space Estimation (SAKE) becomes one of the most popular rapid imaging reconstruction methods to restore key information from scanned MRI data. This technique intrinsically requires a fair amount of high-resolution MRI data to accommodate the need of accurate diagnosis and imposes vast computational overhead onto resource-constrained clinics. To solve this problem, the practitioners start seeking the help of cloud computing platform to utilize its robust and economical computation power. However, the privacy concerns with outsourcing patients’ private data to public cloud servers are ignited and hinder those practitioners from enjoying the benefits of cloud computing

Motivated by this practical need, we investigate the privacy requirements of MRI data and reconstruction process and propose the first secure and efficient clinical MRI reconstruction outsourcing scheme, SecSAKE. Our solution enables a clinic to outsource the most computationally-intensive tasks in SAKE to the resource-abundant cloud servers. In particular, two different protocols are put forward in SecSAKE, with extra emphasis on security and efficiency, respectively. In the first protocol, we carefully enforce a low-complexity matrix transformation in the k-space domain on the clinic end and harness the cloud server to perform iterative computation tasks. The corresponding security analysis shows that the outsourced MRI data are computationally indistinguishable under Chosen Plaintext Attack (CPA). In the second protocol, we largely reduce the computational complexity on the clinic side by leveraging a multi-server architecture of the cloud. The clinic only needs to perform a one-round data transformation to retrieve the reconstructed MRI data. Moreover, we conduct thorough privacy and efficiency analysis and extensive experiments over real-world image benchmark to evaluate the performance of the proposed designs. Compared with the original SAKE, the experimental results demonstrate that the proposed privacy-preserving mechanism can provide significant reconstruction time savings while achieving comparative performance on the quality of reconstructed images.

Highly-Efficient Fully-Anonymous Dynamic Group Signatures

  • David Derler
  • Daniel Slamanig

Group signatures are a central tool in privacy-enhancing cryptography, which allow members of a group to anonymously produce signatures on behalf of the group. Consequently, they are an attractive means to implement privacy-friendly authentication mechanisms. Ideally, group signatures are dynamic and thus allow to dynamically and concurrently enroll new members to a group. For such schemes, Bellare et al. (CT-RSA»05) proposed the currently strongest security model (BSZ model). This model, in particular, ensures desirable anonymity guarantees. Given the prevalence of the resource asymmetry in current computing scenarios, i.e., a multitude of (highly) resource-constrained devices are communicating with powerful (cloud-powered) services, it is of utmost importance to have group signatures that are highly-efficient and can be deployed in such scenarios. Satisfying these requirements in particular means that the signing (client) operations are lightweight.

We propose a novel, generic approach to construct dynamic group signature schemes, being provably secure in the BSZ model and particularly suitable for resource-constrained devices. Our results are interesting for various reasons: We can prove our construction secure without requiring random oracles. Moreover, when opting for an instantiation in the random oracle model (ROM) the so obtained scheme is extremely efficient and outperforms the fastest constructions providing anonymity in the BSZ model – which also rely on the ROM – known to date. Regarding constructions providing a weaker anonymity notion than BSZ, we surprisingly outperform the popular short BBS group signature scheme (CRYPTO»04; also proven secure in the ROM) and thereby even obtain shorter signatures. We provide a rigorous comparison with existing schemes that highlights the benefits of our scheme. On a more theoretical side, we provide the first construction following the “without encryption” paradigm introduced by Bichsel et al. (SCN»10) in the strong BSZ model.

Direct Anonymous Attestation with Efficient Verifier-Local Revocation for Subscription System

  • Vireshwar Kumar
  • He Li
  • Noah Luther
  • Pranav Asokan
  • Jung-Min (Jerry) Park
  • Kaigui Bian
  • Martin B. H. Weiss
  • Taieb Znati

For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform’s hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform’s signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA’s online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER’s performance related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.

SESSION: Session 14: CPU Security

Single Trace Attack Against RSA Key Generation in Intel SGX SSL

  • Samuel Weiser
  • Raphael Spreitzer
  • Lukas Bodner

Microarchitectural side-channel attacks have received significant attention recently. However, while side-channel analyses on secret key operations such as decryption and signature generation are well established, the process of key generation did not receive particular attention so far. Especially due to the fact that microarchitectural attacks usually require multiple observations (more than one measurement trace) to break an implementation, one-time operations such as key generation routines are often considered as uncritical and out of scope. However, this assumption is no longer valid for shielded execution architectures, where sensitive code is executed – in the realm of a potential attacker – inside hardware enclaves. In such a setting, an untrusted operating system can conduct noiseless controlled-channel attacks by exploiting page access patterns. In this work, we identify a critical vulnerability in the RSA key generation procedure of Intel SGX SSL (and the underlying OpenSSL library) that allows to recover secret keys from observations of a single execution. In particular, we mount a controlled-channel attack on the binary Euclidean algorithm (BEA), which is used for checking the validity of the RSA key parameters generated within an SGX enclave. Thereby, we recover all but 16 bits of one of the two prime factors of the public modulus. For an 8192-bit RSA modulus, we recover the remaining 16 bits and thus the full key in less than 12 seconds on a commodity PC. In light of these results, we urge for careful re-evaluation of cryptographic libraries with respect to single trace attacks, especially if they are intended for shielded execution environments such as Intel SGX.

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

  • Michael Schwarz
  • Daniel Gruss
  • Moritz Lipp
  • Clémentine Maurice
  • Thomas Schuster
  • Anders Fogh
  • Stefan Mangard

Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread. If an unprivileged attacker changes the value at the right time, the privileged operation becomes inconsistent, leading to a change in control flow, and thus an escalation of privileges for the attacker. More severely, such double-fetch bugs can be introduced by the compiler, entirely invisible on the source-code level. We propose novel techniques to efficiently detect, exploit, and eliminate double-fetch bugs. We demonstrate the first combination of state-of-the-art cache attacks with kernel-fuzzing techniques to allow fully automated identification of double fetches. We demonstrate the first fully automated reliable detection and exploitation of double-fetch bugs, making manual analysis as in previous work superfluous. We show that cache-based triggers outperform state-of-the-art exploitation techniques significantly, leading to an exploitation success rate of up to 97%. Our modified fuzzer automatically detects double fetches and automatically narrows down this candidate set for double-fetch bugs to the exploitable ones. We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner. We extend defensive programming techniques by retrofitting arbitrary code with automated double-fetch prevention, both in trusted execution environments as well as in syscalls, with a performance overhead below 1%.

Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses

  • Sanchuan Chen
  • Fangfei Liu
  • Zeyu Mi
  • Yinqian Zhang
  • Ruby B. Lee
  • Haibo Chen
  • XiaoFeng Wang

A program’s use of CPU caches may reveal its memory access pattern and thus leak sensitive information when the program performs secret-dependent memory accesses. In recent studies, it has been demonstrated that cache side-channel attacks that extract secrets by observing the victim program’s cache uses can be conducted under a variety of scenarios, among which the most concerning are cross-VM attacks and those against SGX enclaves. In this paper, we propose a mechanism that leverages hardware transactional memory (HTM) to enable software programs to defend themselves against various cache side-channel attacks. We observe that when the HTM is implemented by retrofitting cache coherence protocols, as is the case of Intel’s Transactional Synchronization Extensions, the cache interference that is necessary in cache side-channel attacks will inevitably terminate hardware transactions. We provide a systematic analysis of the security requirements that a software-only solution must meet to defeat cache attacks, propose a software design that leverages HTM to satisfy these requirements and devise several optimization techniques in our implementation to reduce performance impact caused by transaction aborts. The empirical evaluation suggests that the performance overhead caused by the HTM-based solution is low.

SESSION: Session 15: Network Security 2

Cybercrime After the Sunrise: A Statistical Analysis of DNS Abuse in New gTLDs

  • Maciej Korczynski
  • Maarten Wullink
  • Samaneh Tajalizadehkhoob
  • Giovane C. M. Moura
  • Arman Noroozian
  • Drew Bagley
  • Cristian Hesselman

To enhance competition and choice in the domain name system, ICANN introduced the new gTLD program, which added hundreds of new gTLDs (e.g. .nyc, .io) to the root DNS zone. While the program arguably increased the range of domain names available to consumers, it might also have created new opportunities for cybercriminals. To investigate that, we present the first comparative study of abuse in the domains registered under the new gTLD program and legacy gTLDs (18 in total, such as .com, .org). We combine historical datasets from various sources, including DNS zone files, WHOIS records, passive and active DNS and HTTP measurements, and 11 reputable abuse feeds to study abuse across gTLDs. We find that the new gTLDs appear to have diverted abuse from the legacy gTLDs: while the total number of domains abused for spam remains stable across gTLDs, we observe a growing number of spam domains in new gTLDs which suggests a shift from legacy gTLDs to new gTLDs. Although legacy gTLDs had a rate of 56.9 spam domains per 10,000 registrations (Q4 2016), new gTLDs experienced a rate of 526.6 in the same period-which is almost one order of magnitude higher. In this study, we also analyze the relationship between DNS abuse, operator security indicators and the structural properties of new gTLDs. The results indicate that there is an inverse correlation between abuse and stricter registration policies. Our findings suggest that cybercriminals increasingly prefer to register, rather than hack, domain names and some new gTLDs have become a magnet for malicious actors. ICANN is currently using these results to review the existing anti-abuse safeguards, evaluate their joint effects and to introduce more effective safeguards before an upcoming new gTLD rollout.

Who is knocking on the Telnet Port: A Large-Scale Empirical Study of Network Scanning

  • Hwanjo Heo
  • Seungwon Shin

Network scanning is the primary procedure preceding many network attacks. Until recently, network scanning has been widely studied to report a continued growth in volume and Internet-wide trends including the underpinning of distributed scannings by lingering Internet worms. It is, nevertheless, imperative to keep us informed with the current state of network scanning, for factual and comprehensive understanding of the security threats we are facing, and new trends to serve as the presage of imminent threats.

In this paper, we analyze the up-to-date connection-level log data of a large-scale campus network to study the recent scanning trends in breadth. We find, most importantly, the scanning landscape is greatly shifted, predominantly by an unprecedented rise in Telnet service scannings. Furthermore, not only are the scan sources comprehensively identified in terms of targeted services and geographical/network locations, but also their characteristics, such as being responsible in scanning and their connection-level behavior, are studied.

Towards Sustainable Evolution for the TLS Public-Key Infrastructure

  • Taeho Lee
  • Christos Pappas
  • Pawel Szalachowski
  • Adrian Perrig

Motivated by the weaknesses of today’s TLS public-key infrastructure (PKI), recent studies have proposed numerous enhancements to fortify the PKI ecosystem. Deploying one particular enhancement is no panacea, since each one solves only a subset of the problems. At the same time, the high deployment barrier makes the benefit-cost ratio tilt in the wrong direction, leading to disappointing adoption rates for most proposals.

As a way to escape from this conundrum, we propose a framework that supports the deployment of multiple PKI enhancements, with the ability to accommodate new, yet unforeseen, enhancements in the future. To enable mass adoption, we enlist the cloud as a “centralized” location where multiple enhancements can be accessed with high availability. Our approach is compatible with existing protocols and networking practices, with the ambition that a few changes will enable sustainable evolution for PKI enhancements. We provide extensive evaluation to show that the approach is scalable, cost-effective, and does not degrade communication performance. As a use case, we implement and evaluate two PKI enhancements.

No One In The Middle: Enabling Network Access Control Via Transparent Attribution

  • Jeremy Erickson
  • Qi Alfred Chen
  • Xiaochen Yu
  • Erinjen Lin
  • Robert Levy
  • Z. Morley Mao

Commodity small networks typically rely on NAT as a perimeter defense, but are susceptible to a variety of well-known intra-network attacks, such as ARP spoofing. With the increased prevalence of oft-compromised Internet-of-Things (IoT) devices now taking up residence in homes and small businesses, the potential for abuse has never been higher. In this work, we present a novel mechanism for strongly attributing local network traffic to its originating principal, fully-compatible with existing legacy devices. We eliminate Man-in-the-Middle attacks at both the link and service discovery layers, and enable users to identify and block malicious devices from direct attacks against other endpoints. Despite the prevalence of prior work with similar goals, previous solutions have either been unsuited to non-Enterprise environments or have broken compatibility with existing network devices and therefore failed to be adopted. Our prototype imposes negligible performance overhead, runs on an inexpensive commodity router, and retains full compatibility with modern and legacy devices.

SESSION: Session 16: Applied Crypto 2

Achieving Flexibility for ABE with Outsourcing via Proxy Re-Encryption

  • Zuoxia Yu
  • Man Ho Au
  • Rupeng Yang
  • Junzuo Lai
  • Qiuliang Xu

Outsourcing the decryption of attribute-based encryption (ABE) ciphertext is a promising way to tackle the question of how users can perform decryption efficiently. However, existing solutions require the type of the target ciphertext to be determined at the setup of the outsourcing scheme. As such, making the target cryptosystems (or the clients) to be versatile becomes an issue that warrants investigations. In this paper, the problem we wish to tackle is to transform an ABE ciphertext to any client who is using the same, or possibly different, public-key encryption (PKE) system with the sender. The problem is of practical interest since it is hard to require all clients to use the same PKE, especially in the case of remote and cross-system data sharing. In addition, we also consider whether robust client-side decryption scheme can be adopted. This feature is not supported in the existing ABE with outsourcing.

We introduce cross-system proxy re-encryptions (CS-PRE), a new re-encryption paradigm in which a semi-trusted proxy converts a ciphertext of a source cryptosystem ($¶i_0$) into a ciphertext for a target cryptosystem ($¶i$). We formalize CS-PRE and present a construction that performs well in the following aspects. (1)Versatility: $¶i_0$ can be any attribute-based encryption (ABE) within Attrapadung’s pair encoding framework. $¶i$ can be any public-key encryption. Furthermore, the keys and public parameters can be generated independently. (2) Compatibility: CS-PRE does not modify the public parameters and keys of $¶i_0$ and $¶i$. Besides, input for the conversion is an ordinary ciphertext of $¶i_0$. (3) Efficiency: The computational cost for re-encryption and decryption of the re-encrypted ciphertext are roughly the same as a decryption in $¶i_0$ and $¶i$ respectively. We prove that our construction is fully secure assuming $¶i_0$ is secure in Attrapadung’s framework and $¶i$ is IND-CPA secure. Furthermore, it remains secure when there are multiple target cryptosystems. As with other proxy re-encryption, CS-PRE enables flexible sharing of cloud data, as the owner can instruct the cloud server to re-encrypt his ciphertext to those for the intended recipient. In addition, it allows lightweight devices to enjoy access to remote data encrypted under powerful but possibly costly encryption, such as functional encryption, by utilizing the server’s power in converting the ciphertext to a simpler encryption, such as RSA. Finally, instances of CS-PRE can be viewed as new proxy re-encryption schemes, such as a PRE supporting ABE for regular language to Hierarchical IBE or Doubly Spatial Encryption to lattice-based encryptions (e.g. NTRUCCA).

Pseudoentropic Isometries: A New Framework for Fuzzy Extractor Reusability

  • Quentin Alamélou
  • Paul-Edmond Berthier
  • Chloé Cachet
  • Stéphane Cauchie
  • Benjamin Fuller
  • Philippe Gaborit
  • Sailesh Simhadri

Fuzzy extractors (Dodiset al., Eurocrypt 2004) turn a noisy secret into a stable, uniformly distributed key. Reusable fuzzy extractors remain secure when multiple keys are produced from a single noisy secret (Boyen, CCS 2004). Boyen showed information-theoretically secure reusable fuzzy extractors are subject to strong limitations. Simoens et al. (IEEE S&P, 2009) then showed deployed constructions suffer severe security breaks when reused. Canetti et al. (Eurocrypt 2016) used computational security to sidestep this problem, building a computationally secure reusable fuzzy extractor that corrects a sublinear fraction of errors.

We introduce a generic approach to constructing reusable fuzzy extractors. We define a new primitive called a reusable pseudoentropic isometry that projects an input metric space to an output metric space. This projection preserves distance and entropy even if the same input is mapped to multiple output metric spaces. A reusable pseudoentropy isometry yields a reusable fuzzy extractor by 1) randomizing the noisy secret using the isometry and 2) applying a traditional fuzzy extractor to derive a secret key.

We propose reusable pseudoentropic isometries for the set difference and Hamming metrics. The set difference construction is built from composable digital lockers (Canetti and Dakdouk, Eurocrypt 2008). For the Hamming metric, we show that the second construction of Canetti et al.(Eurocrypt 2016) can be seen as an instantiation of our framework. In both cases, the pseudoentropic isometry’s reusability requires noisy secrets distributions to have entropy in each symbol of the alphabet. Our constructions yield the first reusable fuzzy extractors that correct a constant fraction of errors. We also implement our set difference solution and describe two use cases.

Efficient Two-level Homomorphic Encryption in Prime-order Bilinear Groups and A Fast Implementation in WebAssembly

  • Nuttapong Attrapadung
  • Goichiro Hanaoka
  • Shigeo Mitsunari
  • Yusuke Sakai
  • Kana Shimizu
  • Tadanori Teruya

We construct an efficient two-level homomorphic public-key encryption in prime-order bilinear groups. Such a scheme supports polynomially many homomorphic additions and one multiplication over encrypted data, similar to the cryptosystem of Boneh, Goh, and Nissim (BGN, presented at TCC 2005), which was constructed in composite-order bilinear groups. Prior to our work, the state-of-the-art for two-level homomorphic public-key encryption is the Freeman scheme (presented at Eurocrypt 2010), which is indeed the prime-order realization of the BGN scheme. Our proposed scheme significantly improves efficiency for almost all the aspects of the Freeman scheme, while retains the same ciphertext sizes. Our scheme is surprisingly simple as it is indeed (a concatenation of two copies of) the ElGamal encryption “in the exponent” resided in an asymmetric bilinear groups.

We provide a software implementation of our scheme in the x86 architecture. Besides this usual implementation, we also implement our scheme in WebAssembly (wasm), which is a portable low-level bytecode format; this allows our scheme to be run (very fast) on any popular web browser, without any plugins required.

Isogrammic-Fusion ORAM: Improved Statistically Secure Privacy-Preserving Cloud Data Access for Thin Clients

  • Michael T. Goodrich

We study oblivious random access machine (ORAM) simulation, in cloud computing environments where a thin client outsources her data to a server using O(1)-sized messages.

SESSION: Session 17: Machine Learning 2

Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications

  • M. Sadegh Riazi
  • Christian Weinert
  • Oleksandr Tkachenko
  • Ebrahim M. Songhori
  • Thomas Schneider
  • Farinaz Koushanfar

We present Chameleon, a novel hybrid (mixed-protocol) framework for secure function evaluation (SFE) which enables two parties to jointly compute a function without disclosing their private inputs. Chameleon combines the best aspects of generic SFE protocols with the ones that are based upon additive secret sharing. In particular, the framework performs linear operations in the ring $\mathbbZ _2^l $ using additively secret shared values and nonlinear operations using Yao’s Garbled Circuits or the Goldreich-Micali-Wigderson protocol. Chameleon departs from the common assumption of additive or linear secret sharing models where three or more parties need to communicate in the online phase: the framework allows two parties with private inputs to communicate in the online phase under the assumption of a third node generating correlated randomness in an offline phase. Almost all of the heavy cryptographic operations are precomputed in an offline phase which substantially reduces the communication overhead. Chameleon is both scalable and significantly more efficient than the ABY framework (NDSS’15) it is based on. Our framework supports signed fixed-point numbers. In particular, Chameleon’s vector dot product of signed fixed-point numbers improves the efficiency of mining and classification of encrypted data for algorithms based upon heavy matrix multiplications. Our evaluation of Chameleon on a 5 layer convolutional deep neural network shows 133x and 4.2x faster executions than Microsoft CryptoNets (ICML’16) and MiniONN (CCS’17), respectively.

A Data-driven Attack against Support Vectors of SVM

  • Shigang Liu
  • Jun Zhang
  • Yu Wang
  • Wanlei Zhou
  • Yang Xiang
  • Olivier De Vel.

Machine learning (ML) is commonly used in multiple disciplines and real-world applications, such as information retrieval, financial systems, health, biometrics and online social networks. However, their security profiles against deliberate attacks have not often been considered. Sophisticated adversaries can exploit specific vulnerabilities exposed by classical ML algorithms to deceive intelligent systems. It is emerging to perform a thorough security evaluation as well as potential attacks against the machine learning techniques before developing novel methods to guarantee that machine learning can be securely applied in adversarial setting. In this paper, an effective attack strategy for crafting foreign support vectors in order to attack a classic ML algorithm, the Support Vector Machine (SVM) has been proposed with mathematical proof. The new attack can minimize the margin around the decision boundary and maximize the hinge loss simultaneously. We evaluate the new attack in different real-world applications including social spam detection, Internet traffic classification and image recognition. Experimental results highlight that the security of classifiers can be worsened by poisoning a small group of support vectors.

Efficient Repair of Polluted Machine Learning Systems via Causal Unlearning

  • Yinzhi Cao
  • Alexander Fangxiao Yu
  • Andrew Aday
  • Eric Stahl
  • Jon Merwine
  • Junfeng Yang

Machine learning systems, though being successful in many real-world applications, are known to remain prone to errors and attacks. A major attack, called data pollution, injects maliciously crafted training data samples into the training set, causing the system to learn an incorrect model and subsequently misclassify testing samples. A natural solution to a data pollution attack is to remove the polluted data from the training set and relearn a clean model. Unfortunately, the training set of a real-world machine learning system can contain millions of samples; it is thus hopeless for an administrator to manually inspect all of them to weed out the polluted ones.

This paper presents an approach called causal unlearning and a corresponding system called KARMA to efficiently repair a polluted learning system. KARMA dramatically reduces the manual effort of administrators by automatically detecting the set of polluted training data samples with high precision and recall. Evaluation on three learning systems show that KARMA greatly reduces manual effort for repair, and has high precision and recall.

SESSION: Session 18: Android

ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android

  • Raphael Spreitzer
  • Felix Kirchengast
  • Daniel Gruss
  • Stefan Mangard

The procfs has been identified as a viable source of side-channel information leaks on mobile devices. Starting with Android M (Android 6), access to the procfs has been continuously restricted in order to cope with these attacks. Yet, more recent papers demonstrated that even if access to process-specific information is restricted within the procfs, global statistics can still be exploited. However, with state-of-the-art techniques, the search for procfs information leaks requires a significant amount of manual work. This makes an exhaustive analysis of existing and newly introduced procfs resources in terms of information leaks impractical. We introduce ProcHarvester, a systematic and fully automated technique to assess procfs information leaks. ProcHarvester automatically triggers events of interest and later on applies machine learning techniques to identify procfs information leaks. We demonstrate the power of ProcHarvester by identifying information leaks to infer app starts from a set of 100 apps with an accuracy of 96% on Android N (Android 7). Thereby, we outperform the most accurate app inference attack by about 10 percentage points. We also demonstrate the ease of applicability of ProcHarvester by showing how to profile other events such as website launches as well as keyboard gestures, and we identify the first procfs side channels on Android O (Android 8). ProcHarvester advances investigations of procfs information leaks to the next level and will hopefully help to reduce the attack surface of side-channel attacks.

Droid M+: Developer Support for Imbibing Android’s New Permission Model

  • Ioannis Gasparis
  • Azeem Aqil
  • Zhiyun Qian
  • Chengyu Song
  • Srikanth V. Krishnamurthy
  • Rajiv Gupta
  • Edward Colbert

In Android 6.0, Google revamped its long criticized permission model to prompt the user during runtime, and allow her to dynamically revoke granted permissions. Towards steering developers to this new model and improve user experience, Google also provides guidelines on (a) how permission requests should be formulated (b) how to educate users on why a permission is needed and (c) how to provide feedback when a permission is denied. In this paper we perform, to the best of our knowledge, the first measurement study on the adoption of Android’s new model on recently updated apps from the official Google Play Store. We find that, unfortunately, (1) most apps have not been migrated to this new model and (2) for those that do support the model, many do not adhere to Google’s guidelines. We attribute this unsatisfying status quo to the lack of automated transformation tools that can help developers refactor their code; via an IRB approved study we find that developers felt that there was a non-trivial effort involved in migrating their apps to the new model. Towards solving this problem, we develop Droid M+, a system that helps developers to easily retrofit their legacy code to support the new permission model and adhere to Google’s guidelines. We believe that Droid M+ offers a significant step in preserving user privacy and improving user experience.

Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities

  • Ryan Johnson
  • Mohamed Elsabagh
  • Angelos Stavrou
  • Jeff Offutt

Android devices are an integral part of modern life from phone to media boxes to smart home appliances and cameras. With 38.9% of market share, Android is now the most used operating system not just in terms of mobile devices but considering all OSes. As applications’ complexity and features increased, Android relied more heavily on code and data sharing among apps for faster response times and richer user experience. To achieve that, Android apps reuse functionality and data by means of inter-app message passing where each app defines the messages it expects to receive. In this paper, we analyze the proliferation of exploitable inter-app communication vulnerabilities using a rich corpus of 1) a representative sample of 32 Android devices, 2) 59 official Google Android versions, and 3) the top 18,583 apps from 2016 to 2017. This corpus covers $91$ Android builds from version 4.4 to present. To the best of our knowledge, ours is the first longitudinal study looking into the propagation of vulnerabilities across AOSP builds, between AOSP and a diverse set of devices, and across app versions over a period of 13 months. To identify inter-app vulnerabilities, we developed Daze as a swift and fully-automated framework for extracting app components and fuzzing all app interfaces. Daze needs only about three hours for full-device analysis or two minutes per app on average. We identified 14,413 vulnerabilities and quantified their exposure time and the number of versions affected. Our findings revealed that $51.7%$ of Android devices and $49%$ of the top $300$ apps on Google Play contained at least one critical inter-app vulnerability. We found that about $15%$ of fixed vulnerabilities lived for more than $100$ days before being patched, more than $20%$ of unpatched vulnerabilities have existed for at least $180$ days, and $45%$ of unpatched vulnerabilities persisted through the latest two to four consecutive app versions in our dataset.

SESSION: Poster Session

POSTER: Understanding the Hidden Cost of Software Vulnerabilities: Measurements and Predictions

  • Afsah Anwar
  • Aminollah Khormali
  • Aziz Mohaisen

In this work, we study the hidden cost of software vulnerabilities reported in the National Vulnerability Database (NVD) through stock price analysis. We perform a high-fidelity data augmentation to ensure data reliability for estimating vulnerability disclosure dates as a baseline for assessing software vulnerabilities’ implication. We further build a model for stock price prediction using the NARX Neural Network model to estimate the effect of vulnerability disclosure on the stock price. Compared to prior work, which relies on linear regression models, our approach is shown to provide better accuracy. Our analysis shows that the effect of vulnerabilities on vendors varies, and greatly depends on the specific industry.

POSTER: DeepCRACk: Using Deep Learning to Automatically CRack Audio CAPTCHAs

  • William Aiken
  • Hyoungshick Kim

A Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a defensive mechanism designed to differentiate humans and computers to prevent unauthorized use of online services by automated attacks. They often consist of a visual or audio test that humans can perform easily but that bots cannot solve. However, with current machine learning techniques and open-source neural network architectures, it is now possible to create a self-contained system that is able to solve specific CAPTCHA types and outperform some human users. In this paper, we present a neural network that leverages Mozilla’s open source implementation of Baidu’s Deep Speech architecture; our model is currently able to solve the audio version of an open-source CATPCHA system (named SimpleCaptcha) with 98.8% accuracy. Our network was trained on 100,000 audio samples generated from SimpleCaptcha and can solve new SimpleCaptcha audio tests in 1.25 seconds on average (with a standard deviation of 0.065 seconds). Our implementation seems additionally promising because it does not require a powerful server to function and is robust to adversarial examples that target Deep Speech’s pre-trained models.

POSTER: Undetectable Task Bypassing OS Scheduler via Hardware Task Switching

  • Kyeong Joo Jung
  • Bang Hun Lee
  • Yeon Nam Gung
  • Jun Seok Kim
  • Hyung Suk Kim
  • Ju Seong Han
  • Tomaspeter Kim
  • Bong Jun (David) Choi

Recently, malicious mining using CPUs has become a trend – mining which the task is not detected by the users is even more of a threat. In this paper, we focused on discovering a new IA-32\footnoteIt stands for Intel Architecture-32bit. It is the 32-bit version of the x86 instruction set architecture which supports 32-bit computing. vulnerability and found an undetectable task using hardware task switching method. The created task is undetectable by the operating system and thus hidden from the system user. Although hardware task switching methods are replaced by more convenient software switching methods in the recent years, they still exist on modern computer systems. By manually manipulating hardware task switching, which is directly managed by the CPU, we show that it is possible to create a hidden scheduler aside from the ones created by the operating system. We demonstrate using a simple CPU consumption example that these hidden tasks have potential to evolve into more sophisticated malicious attacks that can go unnoticed by users.

POSTER: Zero-Day Evasion Attack Analysis on Race between Attack and Defense

  • Hyun Kwon
  • Hyunsoo Yoon
  • Daeseon Choi

Deep neural networks (DNNs) exhibit excellent performance in machine learning tasks such as image recognition, pattern recognition, speech recognition, and intrusion detection. However, the usage of adversarial examples, which are intentionally corrupted by noise, can lead to misclassification. As adversarial examples are serious threats to DNNs, both adversarial attacks and methods of defending against adversarial examples have been continuously studied. Zero-day adversarial examples are created with new test data and are unknown to the classifier; hence, they represent a more significant threat to DNNs. To the best of our knowledge, there are no analytical studies in the literature of zero-day adversarial examples with a focus on attack and defense methods through experiments using several scenarios. Therefore, in this study, zero-day adversarial examples are practically analyzed with an emphasis on attack and defense methods through experiments using various scenarios composed of a fixed target model and an adaptive target model. The Carlini method was used for a state-of-the-art attack, while an adversarial training method was used as a typical defense method. We used the MNIST dataset and analyzed success rates of zero-day adversarial examples, average distortions, and recognition of original samples through several scenarios of fixed and adaptive target models. Experimental results demonstrate that changing the parameters of the target model in real time leads to resistance to adversarial examples in both the fixed and adaptive target models.

POSTER: Deterring DDoS Attacks on Blockchain-based Cryptocurrencies through Mempool Optimization

  • Muhammad Saad
  • My T. Thai
  • Aziz Mohaisen

In this paper, we highlight a new form of distributed denial of service (DDoS) attack that impacts the memory pools of cryptocurrency systems causing massive transaction backlog and higher mining fees. Towards that, we study such an attack on Bitcoin mempools and explore its effects on the mempool size and transaction fees paid by the legitimate users. We also propose countermeasures to contain such an attack. Our countermeasures include fee-based and age-based designs, which optimize the mempool size and help to counter the effects of DDoS attacks. We evaluate our designs using simulations in diverse attack conditions.

POSTER: Can We Use Biometric Authentication on Cloud?: Fingerprint Authentication Using Homomorphic Encryption

  • Taeyun Kim
  • Hyoungshick Kim

Even though biometric authentication such as fingerprint authentication is popularly used, there are few network services supporting biometric authentication because many users have serious privacy concerns about leakage of the biometric data on a server. For example, in fingerprint authentication, a user’s raw fingerprint is typically stored in plaintext form. Unlike conventional text passwords, we cannot use a cryptographic hash function such as SHA-256 because it is very hard to obtain the same fingerprint features even when the exactly same finger is scanned multiple times. In this paper, we present a fingerprint authentication mechanism using the Fastest Homomorphic Encryption in the West (FHEW) library for Learning With Errors (LWE) scheme. Our implementation allows us to securely store fingerprint data on a network server using homomorphic encryption to calculate the distance between two encrypted fingerprint data without decrypting them. To show the efficiency of our implementation, we used “NIST special database 9” containing 4,000 fingerprint samples. Our results show that two fingerprints can be efficiently compared with about 209 seconds on average even when they are securely stored in encrypted form.

POSTER: Evaluating Privacy Metrics for Graph Anonymization and De-anonymization

  • Yuchen Zhao
  • Isabel Wagner

Many modern communication systems generate graph data, for example social networks and email networks. Such graph data can be used for recommender systems and data mining. However, because graph data contains sensitive information about individuals, sharing or publishing graph data may pose privacy risks. To protect graph privacy, data anonymization has been proposed to prevent individual users in a graph from being identified by adversaries. The effectiveness of both anonymization and de-anonymization techniques is usually evaluated using the adversary’s success rate. However, the success rate does not measure privacy for individual users in a graph because it is an aggregate per-graph metric. In addition, it is unclear whether the success rate is monotonic, i.e. whether it indicates higher privacy for weaker adversaries, and lower privacy for stronger adversaries. To address these gaps, we propose a methodology to systematically evaluate the monotonicity of graph privacy metrics, and present preliminary results for the monotonicity of 25 graph privacy metrics.

Poster: Physics-Based Attack Detection for an Insider Threat Model in a Cyber-Physical System

  • Anand Agrawal
  • Chuadhry Mujeeb Ahmed
  • Ee-Chien Chang

To ensure the proper functioning of critical systems, it is important to design secure Cyber Physical Systems (CPS). Since CPS are connected systems, most studies consider external adversaries as a threat model, which might not be able to cater for an insider threat with the physical access to the system. In this article, we proposed an attack detection mechanism for an insider who has physical access to a CPS. The proposed method exploits the dynamics of the system and detects an attack based on the laws of Physics. Based on the mass flow equations, we analyze the rate of change in the plant’s process and create a feature vector based on the process dynamics. The model has been trained by passing rate of change in system’s state as input to Support Vector Machine (SVM), to detect the abnormal behavior in the system. Based on the proposed framework, experiments are performed on a real water treatment testbed, to validate our model and to measure the efficiency of the plant in normal and under attack scenarios. The detection result shows that proposed scheme can detect attacks with accuracy as high as $96%$.

POSTER: A Framework for Phylogenetic Analysis in Mobile Environment

  • Fabio Martinelli
  • Francesco Mercaldo
  • Andrea Ssaracino

To maximize the probability of successful attacks and reduce the odds of being detected, malware developers implement different versions of the same malicious payloads. As a matter of fact, malware writers often generate new malicious code starting from existing ones, adding small programmed variations, or applying obfuscation mechanisms, that change the code structure, without altering the malicious functionalities. For these reasons phylogenetic analysis is becoming of interest as instrument for malware analysts in order to understand the derivation of a malicious payload, being thus able to reconduct a derived piece of code to its original, known originator. In this poster we describe a framework designed to infer and shape the phylogenetic tree of mobile malicious applications. The framework considers multi-level features with rule-based machine learning algorithm to retrieve antecedents and descendants of malicious samples.

POSTER: CPS Security Testbed Development Using Controller-in-the-Middle

  • Seungoh Choi
  • Woomyo Lee
  • Hyeok-Ki Shin
  • Jeong-Han Yun
  • Sin-Kyu Kim

Cyber-physical systems (CPSs) are used in a variety of domains such as critical infrastructure, smart factory, transportation, etc. Since dependable CPSs tend to be configured for specific tasks that are performed repeatedly, security threats to CPSs have started increasing. To enhance CPS security, it is necessary to realistically reproduce and test scenarios that reflect the characteristics of the target system. Prior to developing technologies for CPS security, individual experimental environments are necessary to evaluate the developed technologies. In this paper, we propose a Controller-in-the-Middle (CitM) scheme that provides a flexible experimental environment for CPS security, which consists of an independent process exchanged between field devices and a complex process combining different independent processes. Using the proposed scheme, various scenarios and test environment can be reproduced flexibly.

POSTER: I Can’t Hear This Because I Am Human: A Novel Design of Audio CAPTCHA System

  • Jusop Choi
  • Taekkyung Oh
  • William Aiken
  • Simon S. Woo
  • Hyoungshick Kim

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) provides the first line of defense to protect websites against bots and automatic crawling. Recently, audio-based CAPTCHA systems are started to use for visually impaired people in many internet services. However, with the recent improvement of speech recognition and machine learning system, audio CAPTCHAs have come to struggle to distinguish machines from users, and this situation will likely continue to worsen. Unlike conventional CAPTCHA systems, we propose a new conceptual audio CAPTCHA system, combining certain sound, which is only understandable by a machine. Our experiment results demonstrate that the tested speech recognition systems always provide correct responses for our CAPTCHA samples while humans cannot possibly understand them. Based on this computational gap between the human and machine, we can detect bots with their correct responses, rather than their incorrect ones.

POSTER: On Compressing PKI Certificates for Resource Limited Internet of Things Devices

  • HyukSang Kwon
  • Shahid Raza
  • JeongGil Ko

Certificate-based Public Key Infrastructure (PKI) schemes are used to authenticate the identity of distinct nodes on the Internet. Using certificates for the Internet of Things (IoT) can allow many privacy sensitive applications to be trusted over the larger Internet architecture. However, since IoT devices are typically resource limited, full sized PKI certificates are not suitable for use in the IoT domain. This work outlines our approach in compressing standards-compliant X.509 certificates so that their sizes are reduced and can be effectively used on IoT nodes. Our scheme combines the use of Concise Binary Object Representation (CBOR) and also a scheme that compresses all data that can be implicitly inferenced within the IoT sub-network. Our scheme shows a certificate compression rate of up to ~30%, which allows effective energy reduction when using X.509-based certificates on IoT platforms.

POSTER: Mining with Proof-of-Probability in Blockchain

  • Sungmin Kim
  • Joongheon Kim

As interest in cryptocurrency has increased, problems have arisen with Proof-of-Work (PoW) and Proof-of-Stake (PoS) methods, the most representative methods of acquiring cryptocurrency in a blockchain. The PoW method is uneconomical and the PoS method can be easily monopolized by a few people. To cope with this issue, this paper introduces a Proof-of-Probability (PoP) method. The PoP is a method where each node sorts the encrypted actual hash as well as a number of fake hash, and then the first node to decrypt actual hash creates block. In addition, a wait time is used when decrypting one hash and then decrypting the next hash for restricting the excessive computing power competition. In addition, the centralization by validaters with many stakes can be avoided in the proposed PoP method.

POSTER: Address Authentication Based on Location History

  • Hosung Park
  • Daeyong Kwon
  • Seungsoo Nam
  • Daeseon Choi

This paper proposes an address authentication method based on the user’s location history. For address authentication, existing studies discover the user’s regular locations called location of interest (LOI) from the location history by using clustering algorithms. They authenticate an address if the address is contained in one of the LOIs. However, unnecessary LOIs which are unrelated to the address may lead to false authentications of illegitimate addresses, i.e. other users’ addresses or feigned addresses. The proposed method tries to reduce the authentication error rate by eliminating unnecessary LOIs with the distinguishing properties of address. In other words, only few LOIs that satisfy the properties (long duration, high density, and consistency) are kept and utilized for address authentication. Experimental results show that the proposed method decreases the authentication error rate compared with previous approaches using time-based clustering and density-based clustering.

POSTER: Authenticated Key-Exchange Protocol for Heterogeneous CPS

  • Boyapally Harishma
  • Sikhar Patranabis
  • Urbi Chatterjee
  • Debdeep Mukhopadhyay

The widespread advent of Cyber-Physical Systems~(CPS), intertwined with the Internet of Things~(IoT), allows billions of resource-constrained embedded devices to be connected at the same time. While this significantly enhances the scope for productivity, it also throws up security issues which, unless addressed, could lead to catastrophic consequences. The biggest challenge in an IoT network is to ensure inter-device authentication and secure key-exchange, while taking into account the heterogeneous nature of the participating devices in terms of processing capacity and memory bandwidth. In this paper, we propose a secure and operationally asymmetric authenticated key-exchange protocol targeting oT networks and CPS. Our protocol balances security and efficiency, delegates complex cryptographic operations to the resource-equipped servers, and carefully manages the workload on the resource- constrained nodes via the use of unconventional lightweight primitives such as Physically Unclonable Functions (PUFs). The security of our protocol is based on well-established cryptographic assumptions.