11,364 research outputs found
CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition
Architectures relying on continuous authentication require a secure way to
challenge the user's identity without trusting that the Continuous
Authentication Subsystem (CAS) has not been compromised, i.e., that the
response to the layer which manages service/application access is not fake. In
this paper, we introduce the CALIPER protocol, in which a separate Continuous
Access Verification Entity (CAVE) directly challenges the user's identity in a
continuous authentication regime. Instead of simply returning authentication
probabilities or confidence scores, CALIPER's CAS uses live hard and soft
biometric samples from the user to extract a cryptographic private key embedded
in a challenge posed by the CAVE. The CAS then uses this key to sign a response
to the CAVE. CALIPER supports multiple modalities, key lengths, and security
levels and can be applied in two scenarios: One where the CAS must authenticate
its user to a CAVE running on a remote server (device-server) for access to
remote application data, and another where the CAS must authenticate its user
to a locally running trusted computing module (TCM) for access to local
application data (device-TCM). We further demonstrate that CALIPER can leverage
device hardware resources to enable privacy and security even when the device's
kernel is compromised, and we show how this authentication protocol can even be
expanded to obfuscate direct kernel object manipulation (DKOM) malwares.Comment: Accepted to CVPR 2016 Biometrics Worksho
Towards Baselines for Shoulder Surfing on Mobile Authentication
Given the nature of mobile devices and unlock procedures, unlock
authentication is a prime target for credential leaking via shoulder surfing, a
form of an observation attack. While the research community has investigated
solutions to minimize or prevent the threat of shoulder surfing, our
understanding of how the attack performs on current systems is less well
studied. In this paper, we describe a large online experiment (n=1173) that
works towards establishing a baseline of shoulder surfing vulnerability for
current unlock authentication systems. Using controlled video recordings of a
victim entering in a set of 4- and 6-length PINs and Android unlock patterns on
different phones from different angles, we asked participants to act as
attackers, trying to determine the authentication input based on the
observation. We find that 6-digit PINs are the most elusive attacking surface
where a single observation leads to just 10.8% successful attacks, improving to
26.5\% with multiple observations. As a comparison, 6-length Android patterns,
with one observation, suffered 64.2% attack rate and 79.9% with multiple
observations. Removing feedback lines for patterns improves security from
35.3\% and 52.1\% for single and multiple observations, respectively. This
evidence, as well as other results related to hand position, phone size, and
observation angle, suggests the best and worst case scenarios related to
shoulder surfing vulnerability which can both help inform users to improve
their security choices, as well as establish baselines for researchers.Comment: Will appear in Annual Computer Security Applications Conference
(ACSAC
Address Space Layout Randomization Next Generation
[EN] Systems that are built using low-power computationally-weak devices, which force developers to favor performance over security; which jointly with its high connectivity, continuous and autonomous operation makes those devices specially appealing to attackers. ASLR (Address Space Layout Randomization) is one of the most effective mitigation techniques against remote code execution attacks, but when it is implemented in a practical system its effectiveness is jeopardized by multiple constraints: the size of the virtual memory space, the potential fragmentation problems, compatibility limitations, etc. As a result, most ASLR implementations (specially in 32-bits) fail to provide the necessary protection. In this paper we propose a taxonomy of all ASLR elements, which categorizes the entropy in three dimensions: (1) how, (2) when and (3) what; and includes novel forms of entropy. Based on this taxonomy we have created, ASLRA, an advanced statistical analysis tool to assess the effectiveness of any ASLR implementation. Our analysis show that all ASLR implementations suffer from several weaknesses, 32-bit systems provide a poor ASLR, and OS X has a broken ASLR in both 32- and 64-bit systems. This is jeopardizing not only servers and end users devices as smartphones but also the whole IoT ecosystem. To overcome all these issues, we present ASLR-NG, a novel ASLR that provides the maximum possible absolute entropy and removes all correlation attacks making ASLR-NG the best solution for both 32- and 64-bit systems. We implemented ASLR-NG in the Linux kernel 4.15. The comparative evaluation shows that ASLR-NG overcomes PaX, Linux and OS X implementations, providing strong protection to prevent attackers from abusing weak ASLRs.Marco-Gisbert, H.; Ripoll-Ripoll, I. (2019). Address Space Layout Randomization Next Generation. Applied Sciences. 9(14):1-25. https://doi.org/10.3390/app9142928S125914Aga, M. T., & Austin, T. (2019). Smokestack: Thwarting DOP Attacks with Runtime Stack Layout Randomization. 2019 IEEE/ACM International Symposium on Code Generation and Optimization (CGO). doi:10.1109/cgo.2019.8661202Object Size Checking to Prevent (Some) Buffer Overflows (GCC FORTIFY) http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.htmlShahriar, H., & Zulkernine, M. (2012). Mitigating program security vulnerabilities. ACM Computing Surveys, 44(3), 1-46. doi:10.1145/2187671.2187673Carlier, M., Steenhaut, K., & Braeken, A. (2019). Symmetric-Key-Based Security for Multicast Communication in Wireless Sensor Networks. Computers, 8(1), 27. doi:10.3390/computers8010027Choudhary, J., Balasubramanian, P., Varghese, D., Singh, D., & Maskell, D. (2019). Generalized Majority Voter Design Method for N-Modular Redundant Systems Used in Mission- and Safety-Critical Applications. Computers, 8(1), 10. doi:10.3390/computers8010010Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., & Boneh, D. (2004). On the effectiveness of address-space randomization. Proceedings of the 11th ACM conference on Computer and communications security - CCS ’04. doi:10.1145/1030083.1030124Marco-Gisbert, H., & Ripoll, I. (2013). Preventing Brute Force Attacks Against Stack Canary Protection on Networking Servers. 2013 IEEE 12th International Symposium on Network Computing and Applications. doi:10.1109/nca.2013.12Friginal, J., de Andres, D., Ruiz, J.-C., & Gil, P. (2010). Attack Injection to Support the Evaluation of Ad Hoc Networks. 2010 29th IEEE Symposium on Reliable Distributed Systems. doi:10.1109/srds.2010.11Jun Xu, Kalbarczyk, Z., & Iyer, R. K. (s. f.). Transparent runtime randomization for security. 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings. doi:10.1109/reldis.2003.1238076Zhan, X., Zheng, T., & Gao, S. (2014). Defending ROP Attacks Using Basic Block Level Randomization. 2014 IEEE Eighth International Conference on Software Security and Reliability-Companion. doi:10.1109/sere-c.2014.28Iyer, V., Kanitkar, A., Dasgupta, P., & Srinivasan, R. (2010). Preventing Overflow Attacks by Memory Randomization. 2010 IEEE 21st International Symposium on Software Reliability Engineering. doi:10.1109/issre.2010.22Van der Veen, V., dutt-Sharma, N., Cavallaro, L., & Bos, H. (2012). Memory Errors: The Past, the Present, and the Future. Lecture Notes in Computer Science, 86-106. doi:10.1007/978-3-642-33338-5_5PaX Address Space Layout Randomization (ASLR) http://pax.grsecurity.net/docs/aslr.txtKernel Address Space Layout Randomization https://lwn.net/Articles/569635Rahman, M. A., & Asyhari, A. T. (2019). The Emergence of Internet of Things (IoT): Connecting Anything, Anywhere. Computers, 8(2), 40. doi:10.3390/computers8020040Bojinov, H., Boneh, D., Cannings, R., & Malchev, I. (2011). Address space randomization for mobile devices. Proceedings of the fourth ACM conference on Wireless network security - WiSec ’11. doi:10.1145/1998412.1998434Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., & Davidson, J. W. (2012). ILR: Where’d My Gadgets Go? 2012 IEEE Symposium on Security and Privacy. doi:10.1109/sp.2012.39Xu, H., & Chapin, S. J. (2009). Address-space layout randomization using code islands. Journal of Computer Security, 17(3), 331-362. doi:10.3233/jcs-2009-0322Wartell, R., Mohan, V., Hamlen, K. W., & Lin, Z. (2012). Binary stirring. Proceedings of the 2012 ACM conference on Computer and communications security - CCS ’12. doi:10.1145/2382196.2382216Growable Maps Removal https://lwn.net/Articles/294001/Silent Stack-Heap Collision under GNU/Linux https://gcc.gnu.org/ml/gcc-help/2014-07/msg00076.htmlAMD Bulldozer Linux ASLR Weakness: Reducing Entropy by 87.5% http://hmarco.org/bugs/AMD-Bulldozer-linux-ASLR-weakness-reducing-mmaped-files-by-eight.htmlCVE-2015-1593—Linux ASLR Integer Overflow: Reducing Stack Entropy by Four http://hmarco.org/bugs/linux-ASLR-integer-overflow.htmlLinux ASLR Mmap Weakness: Reducing Entropy by Half http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.htmlLESNE, A. (2014). Shannon entropy: a rigorous notion at the crossroads between probability, information theory, dynamical systems and statistical physics. Mathematical Structures in Computer Science, 24(3). doi:10.1017/s0960129512000783Scraps of Notes on Remote Stack Overflow Exploitation http://www.phrack.org/issues.html?issue=67&id=13#articleUchenick, G. M., & Vanfleet, W. M. (2005). Multiple independent levels of safety and security: high assurance architecture for MSLS/MLS. MILCOM 2005 - 2005 IEEE Military Communications Conference. doi:10.1109/milcom.2005.1605749Lee, B., Lu, L., Wang, T., Kim, T., & Lee, W. (2014). From Zygote to Morula: Fortifying Weakened ASLR on Android. 2014 IEEE Symposium on Security and Privacy. doi:10.1109/sp.2014.34The Heartbleed Bug http://heartbleed.co
Code-Reuse Attacks and Defenses
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almost three decades and no end seems to be in sight. In particular, code-reuse techniques such as return-oriented programming offer a robust attack technique that is extensively used to exploit memory corruption vulnerabilities in modern software programs (e.g. web browsers or document viewers). Whereas conventional control-flow attacks (runtime exploits)
require the injection of malicious code, code-reuse attacks leverage
code that is already present in the address space of an application to undermine the security model of data execution prevention (DEP). In addition, code-reuse attacks in conjunction with memory disclosure attack techniques circumvent the widely applied memory protection model of address space layout randomization (ASLR). To counter this ingenious attack strategy, several proposals for enforcement of control-flow integrity (CFI) and fine-grained code randomization have emerged.
In this dissertation, we explore the limitations of existing defenses against code-reuse attacks. In particular, we demonstrate that various
coarse-grained CFI solutions can be effectively undermined, even under weak adversarial assumptions. Moreover, we explore a new return-oriented programming attack technique that is solely based on indirect jump and call instructions to evade detection from defenses that perform integrity checks for return addresses.
To tackle the limitations of existing defenses, this dissertation introduces the design and implementation of several new countermeasures. First, we present a generic and fine-grained CFI framework for mobile devices targeting ARM-based platforms. This framework preserves static code signatures by instrumenting mobile
applications on-the-fly in memory. Second, we tackle the performance and security limitations of existing CFI defenses by introducing hardware-assisted CFI for embedded devices. To this end, we present a CFI-based hardware implementation for Intel Siskiyou Peak using dedicated CFI machine instructions. Lastly, we explore fine-grained code randomization techniques
On the Relation Between Mobile Encounters and Web Traffic Patterns: A Data-driven Study
Mobility and network traffic have been traditionally studied separately.
Their interaction is vital for generations of future mobile services and
effective caching, but has not been studied in depth with real-world big data.
In this paper, we characterize mobility encounters and study the correlation
between encounters and web traffic profiles using large-scale datasets (30TB in
size) of WiFi and NetFlow traces. The analysis quantifies these correlations
for the first time, across spatio-temporal dimensions, for device types grouped
into on-the-go Flutes and sit-to-use Cellos. The results consistently show a
clear relation between mobility encounters and traffic across different
buildings over multiple days, with encountered pairs showing higher traffic
similarity than non-encountered pairs, and long encounters being associated
with the highest similarity. We also investigate the feasibility of learning
encounters through web traffic profiles, with implications for dissemination
protocols, and contact tracing. This provides a compelling case to integrate
both mobility and web traffic dimensions in future models, not only at an
individual level, but also at pairwise and collective levels. We have released
samples of code and data used in this study on GitHub, to support
reproducibility and encourage further research
(https://github.com/BabakAp/encounter-traffic).Comment: Technical report with details for conference paper at MSWiM 2018, v3
adds GitHub lin
- …