307 research outputs found
Blindspot: Indistinguishable Anonymous Communications
Communication anonymity is a key requirement for individuals under targeted
surveillance. Practical anonymous communications also require
indistinguishability - an adversary should be unable to distinguish between
anonymised and non-anonymised traffic for a given user. We propose Blindspot, a
design for high-latency anonymous communications that offers
indistinguishability and unobservability under a (qualified) global active
adversary. Blindspot creates anonymous routes between sender-receiver pairs by
subliminally encoding messages within the pre-existing communication behaviour
of users within a social network. Specifically, the organic image sharing
behaviour of users. Thus channel bandwidth depends on the intensity of image
sharing behaviour of users along a route. A major challenge we successfully
overcome is that routing must be accomplished in the face of significant
restrictions - channel bandwidth is stochastic. We show that conventional
social network routing strategies do not work. To solve this problem, we
propose a novel routing algorithm. We evaluate Blindspot using a real-world
dataset. We find that it delivers reasonable results for applications requiring
low-volume unobservable communication.Comment: 13 Page
Models and Algorithms for Graph Watermarking
We introduce models and algorithmic foundations for graph watermarking. Our
frameworks include security definitions and proofs, as well as
characterizations when graph watermarking is algorithmically feasible, in spite
of the fact that the general problem is NP-complete by simple reductions from
the subgraph isomorphism or graph edit distance problems. In the digital
watermarking of many types of files, an implicit step in the recovery of a
watermark is the mapping of individual pieces of data, such as image pixels or
movie frames, from one object to another. In graphs, this step corresponds to
approximately matching vertices of one graph to another based on graph
invariants such as vertex degree. Our approach is based on characterizing the
feasibility of graph watermarking in terms of keygen, marking, and
identification functions defined over graph families with known distributions.
We demonstrate the strength of this approach with exemplary watermarking
schemes for two random graph models, the classic Erd\H{o}s-R\'{e}nyi model and
a random power-law graph model, both of which are used to model real-world
networks
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Attacks and Quantifying Attack Efficacy
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. While there are a number of research articles that study the tactics, techniques and procedures employed by phishers in the literature, in this paper, we present a theoretical yet practical model to study this menacing threat in a formal manner. While it is common folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has not been formalized. Our model attempts to capture a phishing attack in terms of this indistinguishability between the natural and phishing message probability distributions. We view the actions performed by a phisher as an attempt to create messages that are indistinguishable to the victim from that of normal messages. To the best of our knowledge, this is the first study that places phishing on a concrete theoretical framework and offers a new perspective to analyze this threat. We propose metrics to analyze the success probability of a phishing attack taking into account the input used by a phisher and the work involved in creating deceptive email messages. Finally, we study and apply our model to a new class of phishing attacks called collaborative spear phishing that is gaining momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014 and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based marketing business model which enables such targeted spear phishing collaborative attacks. In this sense, our study is very timely and presents new and emerging trends in phishing
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
Preserving Link Privacy in Social Network Based Systems
A growing body of research leverages social network based trust relationships
to improve the functionality of the system. However, these systems expose
users' trust relationships, which is considered sensitive information in
today's society, to an adversary.
In this work, we make the following contributions. First, we propose an
algorithm that perturbs the structure of a social graph in order to provide
link privacy, at the cost of slight reduction in the utility of the social
graph. Second we define general metrics for characterizing the utility and
privacy of perturbed graphs. Third, we evaluate the utility and privacy of our
proposed algorithm using real world social graphs. Finally, we demonstrate the
applicability of our perturbation algorithm on a broad range of secure systems,
including Sybil defenses and secure routing.Comment: 16 pages, 15 figure
Are Social Networks Watermarking Us or Are We (Unawarely) Watermarking Ourself?
In the last decade, Social Networks (SNs) have deeply changed many aspects of
society, and one of the most widespread behaviours is the sharing of pictures.
However, malicious users often exploit shared pictures to create fake profiles
leading to the growth of cybercrime. Thus, keeping in mind this scenario,
authorship attribution and verification through image watermarking techniques
are becoming more and more important. In this paper, firstly, we investigate
how 13 most popular SNs treat the uploaded pictures, in order to identify a
possible implementation of image watermarking techniques by respective SNs.
Secondly, on these 13 SNs, we test the robustness of several image watermarking
algorithms. Finally, we verify whether a method based on the Photo-Response
Non-Uniformity (PRNU) technique can be successfully used as a watermarking
approach for authorship attribution and verification of pictures on SNs. The
proposed method is robust enough in spite of the fact that the pictures get
downgraded during the uploading process by SNs. The results of our analysis on
a real dataset of 8,400 pictures show that the proposed method is more
effective than other watermarking techniques and can help to address serious
questions about privacy and security on SNs.Comment: 43 pages, 6 figure
Graph Models in Information Hiding
Information hiding allows us to hide secret information into digital objects such as images without significantly distorting the objects. The object containing hidden information will be transmitted to a data receiver via a probably insecure channel. To securely transmit the object carrying hidden information, the distortion caused by data embedding should be as low as possible, which is referred to as the rate-distortion optimization problem. Many conventional methods optimize the data embedding procedure by a heuristic fashion, which may be not optimal in terms of the rate-distortion performance. In this chapter, we introduce novel approaches that use graph theory for information hiding. These graph models are general and can be used for improving the rate-distortion performance of information hiding systems. In addition to rate-distortion optimization, recent graph models used for system design of information hiding will be also reviewed. This chapter is intended as a tutorial introducing advanced graph models applied to information hiding
- …