1,174 research outputs found
Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks
The IoT (Internet of Things) technology has been widely adopted in recent
years and has profoundly changed the people's daily lives. However, in the
meantime, such a fast-growing technology has also introduced new privacy
issues, which need to be better understood and measured. In this work, we look
into how private information can be leaked from network traffic generated in
the smart home network. Although researchers have proposed techniques to infer
IoT device types or user behaviors under clean experiment setup, the
effectiveness of such approaches become questionable in the complex but
realistic network environment, where common techniques like Network Address and
Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic
analysis using traditional methods (e.g., through classical machine-learning
models) is much less effective under those settings, as the features picked
manually are not distinctive any more. In this work, we propose a traffic
analysis framework based on sequence-learning techniques like LSTM and
leveraged the temporal relations between packets for the attack of device
identification. We evaluated it under different environment settings (e.g.,
pure-IoT and noisy environment with multiple non-IoT devices). The results
showed our framework was able to differentiate device types with a high
accuracy. This result suggests IoT network communications pose prominent
challenges to users' privacy, even when they are protected by encryption and
morphed by the network gateway. As such, new privacy protection methods on IoT
traffic need to be developed towards mitigating this new issue
Analysing the Security of Google's implementation of OpenID Connect
Many millions of users routinely use their Google accounts to log in to
relying party (RP) websites supporting the Google OpenID Connect service.
OpenID Connect, a newly standardised single-sign-on protocol, builds an
identity layer on top of the OAuth 2.0 protocol, which has itself been widely
adopted to support identity management services. It adds identity management
functionality to the OAuth 2.0 system and allows an RP to obtain assurances
regarding the authenticity of an end user. A number of authors have analysed
the security of the OAuth 2.0 protocol, but whether OpenID Connect is secure in
practice remains an open question. We report on a large-scale practical study
of Google's implementation of OpenID Connect, involving forensic examination of
103 RP websites which support its use for sign-in. Our study reveals serious
vulnerabilities of a number of types, all of which allow an attacker to log in
to an RP website as a victim user. Further examination suggests that these
vulnerabilities are caused by a combination of Google's design of its OpenID
Connect service and RP developers making design decisions which sacrifice
security for simplicity of implementation. We also give practical
recommendations for both RPs and OPs to help improve the security of real world
OpenID Connect systems
Scalable Detection and Isolation of Phishing
This paper presents a proposal for scalable detection and isolation of phishing. The main ideas are to move the protection from end users towards the network provider and to employ the novel bad neighborhood concept, in order to detect and isolate both phishing e-mail senders and phishing web servers. In addition, we propose to develop a self-management architecture that enables ISPs to protect their users against phishing attacks, and explain how this architecture could be evaluated. This proposal is the result of half a year of research work at the University of Twente (UT), and it is aimed at a Ph.D. thesis in 2012
Do you Trust your Device? Open Challenges in IoT Security Analysis
Several critical contexts, such as healthcare, smart cities, drones, transportation, and agriculture, nowadays rely on IoT, or more in general embedded, devices that require comprehensive security analysis to ensure their integrity before deployment. Security concerns are often related to vulnerabilities that result from inad- equate coding or undocumented features that may create significant privacy issues for users and companies. Current analysis methods, albeit dependent on complex tools, may lead to superficial assessments due to compatibility issues, while authoritative entities struggle with specifying feasible firmware analysis requests for manufacturers within operational contexts. This paper urges the scientific community to collaborate with stakeholdersâmanufacturers, vendors, security analysts, and expertsâto forge a cooperative model that clari- fies manufacturer contributions and aligns analysis demands with operational constraints. Aiming at a modular approach, this paper highlights the crucial need to refine security analysis, ensuring more precise requirements, balanced expectations, and stronger partnerships between vendors and analysts. To achieve this, we propose a threat model based on the feasible interactions of actors involved in the security evaluation of a device, with a particular emphasis on the responsibilities and necessities of all entities involved
Turning Federated Learning Systems Into Covert Channels
Federated learning (FL) goes beyond traditional, centralized machine learning
by distributing model training among a large collection of edge clients. These
clients cooperatively train a global, e.g., cloud-hosted, model without
disclosing their local, private training data. The global model is then shared
among all the participants which use it for local predictions. In this paper,
we put forward a novel attacker model aiming at turning FL systems into covert
channels to implement a stealth communication infrastructure. The main
intuition is that, during federated training, a malicious sender can poison the
global model by submitting purposely crafted examples. Although the effect of
the model poisoning is negligible to other participants, and does not alter the
overall model performance, it can be observed by a malicious receiver and used
to transmit a single bit
Short Paper: Blockcheck the Typechain
Recent efforts have sought to design new smart contract programming languages that make writing blockchain programs safer. But programs on the blockchain are beholden only to the safety properties enforced by the blockchain itself: even the strictest language-only properties can be rendered moot on a language-oblivious blockchain due to inter-contract interactions. Consequently, while safer languages are a necessity, fully realizing their benefits necessitates a language-aware redesign of the blockchain itself. To this end, we propose that the blockchain be viewed as a typechain: a chain of typed programs-not arbitrary blocks-that are included iff they typecheck against the existing chain. Reaching consensus, or blockchecking, validates typechecking in a byzantine fault-tolerant manner. Safety properties traditionally enforced by a runtime are instead enforced by a type system with the aim of statically capturing smart contract correctness. To provide a robust level of safety, we contend that a typechain must minimally guarantee (1) asset linearity and liveness, (2) physical resource availability, including CPU and memory, (3) exceptionless execution, or no early termination, (4) protocol conformance, or adherence to some state machine, and (5) inter-contract safety, including reentrancy safety. Despite their exacting nature, typechains are extensible, allowing for rich libraries that extend the set of verified properties. We expand on typechain properties and present examples of real-world bugs they prevent
XYZ Privacy
Future autonomous vehicles will generate, collect, aggregate and consume
significant volumes of data as key gateway devices in emerging Internet of
Things scenarios. While vehicles are widely accepted as one of the most
challenging mobility contexts in which to achieve effective data
communications, less attention has been paid to the privacy of data emerging
from these vehicles. The quality and usability of such privatized data will lie
at the heart of future safe and efficient transportation solutions.
In this paper, we present the XYZ Privacy mechanism. XYZ Privacy is to our
knowledge the first such mechanism that enables data creators to submit
multiple contradictory responses to a query, whilst preserving utility measured
as the absolute error from the actual original data. The functionalities are
achieved in both a scalable and secure fashion. For instance, individual
location data can be obfuscated while preserving utility, thereby enabling the
scheme to transparently integrate with existing systems (e.g. Waze). A new
cryptographic primitive Function Secret Sharing is used to achieve
non-attributable writes and we show an order of magnitude improvement from the
default implementation.Comment: arXiv admin note: text overlap with arXiv:1708.0188
- âŠ