3,918 research outputs found
Measuring Information Leakage in Website Fingerprinting Attacks and Defenses
Tor provides low-latency anonymous and uncensored network access against a
local or network adversary. Due to the design choice to minimize traffic
overhead (and increase the pool of potential users) Tor allows some information
about the client's connections to leak. Attacks using (features extracted from)
this information to infer the website a user visits are called Website
Fingerprinting (WF) attacks. We develop a methodology and tools to measure the
amount of leaked information about a website. We apply this tool to a
comprehensive set of features extracted from a large set of websites and WF
defense mechanisms, allowing us to make more fine-grained observations about WF
attacks and defenses.Comment: In Proceedings of the 2018 ACM SIGSAC Conference on Computer and
Communications Security (CCS '18
CALLOC: Curriculum Adversarial Learning for Secure and Robust Indoor Localization
Indoor localization has become increasingly vital for many applications from
tracking assets to delivering personalized services. Yet, achieving pinpoint
accuracy remains a challenge due to variations across indoor environments and
devices used to assist with localization. Another emerging challenge is
adversarial attacks on indoor localization systems that not only threaten
service integrity but also reduce localization accuracy. To combat these
challenges, we introduce CALLOC, a novel framework designed to resist
adversarial attacks and variations across indoor environments and devices that
reduce system accuracy and reliability. CALLOC employs a novel adaptive
curriculum learning approach with a domain specific lightweight scaled-dot
product attention neural network, tailored for adversarial and variation
resilience in practical use cases with resource constrained mobile devices.
Experimental evaluations demonstrate that CALLOC can achieve improvements of up
to 6.03x in mean error and 4.6x in worst-case error against state-of-the-art
indoor localization frameworks, across diverse building floorplans, mobile
devices, and adversarial attacks scenarios
Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications
Wireless sensor networks monitor dynamic environments that change rapidly
over time. This dynamic behavior is either caused by external factors or
initiated by the system designers themselves. To adapt to such conditions,
sensor networks often adopt machine learning techniques to eliminate the need
for unnecessary redesign. Machine learning also inspires many practical
solutions that maximize resource utilization and prolong the lifespan of the
network. In this paper, we present an extensive literature review over the
period 2002-2013 of machine learning methods that were used to address common
issues in wireless sensor networks (WSNs). The advantages and disadvantages of
each proposed algorithm are evaluated against the corresponding problem. We
also provide a comparative guide to aid WSN designers in developing suitable
machine learning solutions for their specific application challenges.Comment: Accepted for publication in IEEE Communications Surveys and Tutorial
Recommended from our members
Efficient, portable template attacks
Template attacks recover data values processed by tamper-resistant
devices from side-channel waveforms, such as supply-current
fluctuations (power analysis) or electromagnetic emissions. They
first profile a device to generate multivariate statistics of the
waveforms emitted for each of a set of known processed values, which
then identify maximum-likelihood candidates of unknown processed
values during an attack. We identify several practical obstacles
arising in the implementation of template attacks, ranging from
numerical errors to the incompatibility of templates across
different devices, and propose and compare several solutions. We
identify pooled covariance matrices and prior dimensionality
reduction through Fisher's Linear Discriminant Analysis as
particularly efficient and effective, especially where many attack
traces can be acquired. We evaluate alternative algorithms not only
for the task of recovering key bytes from a hardware implementation
of the Advanced Encryption Standard; we even reconstruct the value
transferred by an individual byte-load instruction, with success
rates reaching 85% (or a guessing entropy of less than a quarter
bit remaining) after 1000 attack traces, thereby demonstrating
direct eavesdropping of 8-bit parallel data lines. Using different
devices during the profiling and attack phase can substantially
reduce the effectiveness of template attacks. We demonstrate that
the same problem can also occur across different measurement
campaigns with the same device and that DC offsets (e.g. due to
temperature drift) are a significant cause. We improve the
portability of template parameters across devices by manipulating
the DC content of the eigenvectors that form the projection matrix
used for dimensionality reduction of the waveforms
Advances in SCA and RF-DNA Fingerprinting Through Enhanced Linear Regression Attacks and Application of Random Forest Classifiers
Radio Frequency (RF) emissions from electronic devices expose security vulnerabilities that can be used by an attacker to extract otherwise unobtainable information. Two realms of study were investigated here, including the exploitation of 1) unintentional RF emissions in the field of Side Channel Analysis (SCA), and 2) intentional RF emissions from physical devices in the field of RF-Distinct Native Attribute (RF-DNA) fingerprinting. Statistical analysis on the linear model fit to measured SCA data in Linear Regression Attacks (LRA) improved performance, achieving 98% success rate for AES key-byte identification from unintentional emissions. However, the presence of non-Gaussian noise required the use of a non-parametric classifier to further improve key guessing attacks. RndF based profiling attacks were successful in very high dimensional data sets, correctly guessing all 16 bytes of the AES key with a 50,000 variable dataset. With variable reduction, Random Forest still outperformed Template Attack for this data set, requiring fewer traces and achieving higher success rates with lower misclassification rate. Finally, the use of a RndF classifier is examined for intentional RF emissions from ZigBee devices to enhance security using RF-DNA fingerprinting. RndF outperformed parametric MDA/ML and non-parametric GRLVQI classifiers, providing up to GS =18.0 dB improvement (reduction in required SNR). Network penetration, measured using rogue ZigBee devices, show that the RndF method improved rogue rejection in noisier environments - gains of up to GS =18.0 dB are realized over previous methods
- …