Security Issues of Mobile and Smart Wearable Devices

Mobile and smart devices (ranging from popular smartphones and tablets to wearable fitness trackers equipped with sensing, computing and networking capabilities) have proliferated lately and redefined the way users carry out their day-to-day activities. These devices bring immense benefits to society and boast improved quality of life for users. As mobile and smart technologies become increasingly ubiquitous, the security of these devices becomes more urgent, and users should take precautions to keep their personal information secure. Privacy has also been called into question as so many of mobile and smart devices collect, process huge quantities of data, and store them on the cloud as a matter of fact. Ensuring confidentiality, integrity, and authenticity of the information is a cybersecurity challenge with no easy solution. Unfortunately, current security controls have not kept pace with the risks posed by mobile and smart devices, and have proven patently insufficient so far. Thwarting attacks is also a thriving research area with a substantial amount of still unsolved problems. The pervasiveness of smart devices, the growing attack vectors, and the current lack of security call for an effective and efficient way of protecting mobile and smart devices. This thesis deals with the security problems of mobile and smart devices, providing specific methods for improving current security solutions. Our contributions are grouped into two related areas which present natural intersections and corresponds to the two central parts of this document: (1) Tackling Mobile Malware, and (2) Security Analysis on Wearable and Smart Devices. In the first part of this thesis, we study methods and techniques to assist security analysts to tackle mobile malware and automate the identification of malicious applications. We provide threefold contributions in tackling mobile malware: First, we introduce a Secure Message Delivery (SMD) protocol for Device-to-Device (D2D) networks, with primary objective of choosing the most secure path to deliver a message from a sender to a destination in a multi-hop D2D network. Second, we illustrate a survey to investigate concrete and relevant questions concerning Android code obfuscation and protection techniques, where the purpose is to review code obfuscation and code protection practices. We evaluate efficacy of existing code de-obfuscation tools to tackle obfuscated Android malware (which provide attackers with the ability to evade detection mechanisms). Finally, we propose a Machine Learning-based detection framework to hunt malicious Android apps by introducing a system to detect and classify newly-discovered malware through analyzing applications. The proposed system classifies different types of malware from each other and helps to better understanding how malware can infect devices, the threat level they pose and how to protect against them. Our designed system leverages more complete coverage of apps’ behavioral characteristics than the state-of-the-art, integrates the most performant classifier, and utilizes the robustness of extracted features. The second part of this dissertation conducts an in-depth security analysis of the most popular wearable fitness trackers on the market. Our contributions are grouped into four central parts in this domain: First, we analyze the primitives governing the communication between fitness tracker and cloud-based services. In addition, we investigate communication requirements in this setting such as: (i) Data Confidentiality, (ii) Data Integrity, and (iii) Data Authenticity. Second, we show real-world demos on how modern wearable devices are vulnerable to false data injection attacks. Also, we document successful injection of falsified data to cloud-based services that appears legitimate to the cloud to obtain personal benefits. Third, we circumvent End-to-End protocol encryption implemented in the most advanced and secure fitness trackers (e.g., Fitbit, as the market leader) through Hardware-based reverse engineering. Last but not least, we provide guidelines for avoiding similar vulnerabilities in future system designs

To ChatGPT, or not to ChatGPT: That is the question!

ChatGPT has become a global sensation. As ChatGPT and other Large Language Models (LLMs) emerge, concerns of misusing them in various ways increase, such as disseminating fake news, plagiarism, manipulating public opinion, cheating, and fraud. Hence, distinguishing AI-generated from human-generated becomes increasingly essential. Researchers have proposed various detection methodologies, ranging from basic binary classifiers to more complex deep-learning models. Some detection techniques rely on statistical characteristics or syntactic patterns, while others incorporate semantic or contextual information to improve accuracy. The primary objective of this study is to provide a comprehensive and contemporary assessment of the most recent techniques in ChatGPT detection. Additionally, we evaluated other AI-generated text detection tools that do not specifically claim to detect ChatGPT-generated content to assess their performance in detecting ChatGPT-generated content. For our evaluation, we have curated a benchmark dataset consisting of prompts from ChatGPT and humans, including diverse questions from medical, open Q&A, and finance domains and user-generated responses from popular social networking platforms. The dataset serves as a reference to assess the performance of various techniques in detecting ChatGPT-generated content. Our evaluation results demonstrate that none of the existing methods can effectively detect ChatGPT-generated content

BayBFed: Bayesian Backdoor Defense for Federated Learning

Federated learning (FL) allows participants to jointly train a machine learning model without sharing their private data with others. However, FL is vulnerable to poisoning attacks such as backdoor attacks. Consequently, a variety of defenses have recently been proposed, which have primarily utilized intermediary states of the global model (i.e., logits) or distance of the local models (i.e., L2-norm) from the global model to detect malicious backdoors. However, as these approaches directly operate on client updates, their effectiveness depends on factors such as clients' data distribution or the adversary's attack strategies. In this paper, we introduce a novel and more generic backdoor defense framework, called BayBFed, which proposes to utilize probability distributions over client updates to detect malicious updates in FL: it computes a probabilistic measure over the clients' updates to keep track of any adjustments made in the updates, and uses a novel detection algorithm that can leverage this probabilistic measure to efficiently detect and filter out malicious updates. Thus, it overcomes the shortcomings of previous approaches that arise due to the direct usage of client updates; as our probabilistic measure will include all aspects of the local client training strategies. BayBFed utilizes two Bayesian Non-Parametric extensions: (i) a Hierarchical Beta-Bernoulli process to draw a probabilistic measure given the clients' updates, and (ii) an adaptation of the Chinese Restaurant Process (CRP), referred by us as CRP-Jensen, which leverages this probabilistic measure to detect and filter out malicious updates. We extensively evaluate our defense approach on five benchmark datasets: CIFAR10, Reddit, IoT intrusion detection, MNIST, and FMNIST, and show that it can effectively detect and eliminate malicious updates in FL without deteriorating the benign performance of the global model

ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks

IoT application domains, device diversity and connectivity are rapidly growing. IoT devices control various functions in smart homes and buildings, smart cities, and smart factories, making these devices an attractive target for attackers. On the other hand, the large variability of different application scenarios and inherent heterogeneity of devices make it very challenging to reliably detect abnormal IoT device behaviors and distinguish these from benign behaviors. Existing approaches for detecting attacks are mostly limited to attacks directly compromising individual IoT devices, or, require predefined detection policies. They cannot detect attacks that utilize the control plane of the IoT system to trigger actions in an unintended/malicious context, e.g., opening a smart lock while the smart home residents are absent. In this paper, we tackle this problem and propose ARGUS, the first self-learning intrusion detection system for detecting contextual attacks on IoT environments, in which the attacker maliciously invokes IoT device actions to reach its goals. ARGUS monitors the contextual setting based on the state and actions of IoT devices in the environment. An unsupervised Deep Neural Network (DNN) is used for modeling the typical contextual device behavior and detecting actions taking place in abnormal contextual settings. This unsupervised approach ensures that ARGUS is not restricted to detecting previously known attacks but is also able to detect new attacks. We evaluated ARGUS on heterogeneous real-world smart-home settings and achieve at least an F1-Score of 99.64% for each setup, with a false positive rate (FPR) of at most 0.03%.Comment: To appear in the 32nd USENIX Security Symposium, August 2022, Anaheim CA, US

Comparative Efficacy of Analgesics for Pain Relief in Patients with Symptomatic Irreversible Pulpitis Prior to Emergency Endodontic Treatment: A Randomized Controlled Trial

Introduction This study aimed to compare the efficacy of ibuprofen, Novafen, mefenamic acid (MA), and celecoxib for pain relief in patients with symptomatic irreversible pulpitis prior to emergency endodontic treatment. Materials and Methods: This clinical trial was conducted on 120 patients with moderate to severe pain due to symptomatic irreversible pulpitis seeking emergency endodontic treatment. The patients were randomly divided into 4 groups to receive Novafen, MA, Celecoxib, and ibuprofen. The pain score of patients was measured before and 1 hour after analgesic intake using a visual analog scale (VAS). The success of analgesic treatment was analyzed by the binary logistic regression model. Results: A total of 117 patients including 76 females and 41 males with a mean age of 30.29 years completed the study and were statistically analyzed. Ibuprofen had the highest analgesic efficacy followed by Novafen, and caused a significantly greater reduction in pain score compared with MA and celecoxib [OR (Ibuprofen vs MA)=1.28, OR (Ibuprofen vs Celecoxib)=3.74, OR (Novafen vs MA)=2.94, OR (Novafen vs Celecoxib)=2.94, P<0.05]. Ibuprofen and Novafen had no significant difference in analgesic efficacy (P>0.05). Baseline pain score was a predictive factor for the success of analgesics (P<0.05). The success of analgesic treatment decreased by 0.68 times with each unit increase in pain score (P<0.05). Gender and age of patients had no significant effect on success of analgesics (P>0.05). Conclusion: Both ibuprofen and Novafen can serve as the analgesics of choice for pain relief in patients with symptomatic irreversible pulpitis with moderate to severe pain when emergency endodontic treatment cannot be immediately performed

Breaking Fitness Records without Moving: Reverse Engineering and Spoofing Fitbit

Tens of millions of wearable fitness trackers are shipped yearly to consumers who routinely collect information about their exercising patterns. Smartphones push this health-related data to vendors' cloud platforms, enabling users to analyze summary statistics on-line and adjust their habits. Third-parties including health insurance providers now offer discounts and financial rewards in exchange for such private information and evidence of healthy lifestyles. Given the associated monetary value, the authenticity and correctness of the activity data collected becomes imperative. In this paper, we provide an in-depth security analysis of the operation of fitness trackers commercialized by Fitbit, the wearables market leader. We reveal an intricate security through obscurity approach implemented by the user activity synchronization protocol running on the devices we analyze. Although non-trivial to interpret, we reverse engineer the message semantics, demonstrate how falsified user activity reports can be injected, and argue that based on our discoveries, such attacks can be performed at scale to obtain financial gains. We further document a hardware attack vector that enables circumvention of the end-to-end protocol encryption present in the latest Fitbit firmware, leading to the spoofing of valid encrypted fitness data. Finally, we give guidelines for avoiding similar vulnerabilities in future system designs

Peek-a-Boo: I see your smart home activities, even encrypted!

A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data contains a lot of sensitive information about the user and devices. However, an attacker inside or near a smart home environment can potentially exploit the innate wireless medium used by these devices to exfiltrate sensitive information from the encrypted payload (i.e., sensor data) about the users and their activities, invading user privacy. With this in mind,in this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment. It is realized utilizing state-of-the-art machine-learning approaches for detecting and identifying the types of IoT devices, their states, and ongoing user activities in a cascading style by only passively sniffing the network traffic from smart home devices and sensors. The attack effectively works on both encrypted and unencrypted communications. We evaluate the efficiency of the attack with real measurements from an extensive set of popular off-the-shelf smart home IoT devices utilizing a set of diverse network protocols like WiFi, ZigBee, and BLE. Our results show that an adversary passively sniffing the traffic can achieve very high accuracy (above 90%) in identifying the state and actions of targeted smart home devices and their users. To protect against this privacy leakage, we also propose a countermeasure based on generating spoofed traffic to hide the device states and demonstrate that it provides better protection than existing solutions.Comment: Update (May 13, 2020): This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '20), July 8-10, 2020, Linz (Virtual Event), Austria, https://doi.org/10.1145/3395351.339942

Security Issues of Mobile and Smart Wearable Devices

Mobile and smart devices (ranging from popular smartphones and tablets to wearable fitness trackers equipped with sensing, computing and networking capabilities) have proliferated lately and redefined the way users carry out their day-to-day activities. These devices bring immense benefits to society and boast improved quality of life for users. As mobile and smart technologies become increasingly ubiquitous, the security of these devices becomes more urgent, and users should take precautions to keep their personal information secure. Privacy has also been called into question as so many of mobile and smart devices collect, process huge quantities of data, and store them on the cloud as a matter of fact. Ensuring confidentiality, integrity, and authenticity of the information is a cybersecurity challenge with no easy solution. Unfortunately, current security controls have not kept pace with the risks posed by mobile and smart devices, and have proven patently insufficient so far. Thwarting attacks is also a thriving research area with a substantial amount of still unsolved problems. The pervasiveness of smart devices, the growing attack vectors, and the current lack of security call for an effective and efficient way of protecting mobile and smart devices. This thesis deals with the security problems of mobile and smart devices, providing specific methods for improving current security solutions. Our contributions are grouped into two related areas which present natural intersections and corresponds to the two central parts of this document: (1) Tackling Mobile Malware, and (2) Security Analysis on Wearable and Smart Devices. In the first part of this thesis, we study methods and techniques to assist security analysts to tackle mobile malware and automate the identification of malicious applications. We provide threefold contributions in tackling mobile malware: First, we introduce a Secure Message Delivery (SMD) protocol for Device-to-Device (D2D) networks, with primary objective of choosing the most secure path to deliver a message from a sender to a destination in a multi-hop D2D network. Second, we illustrate a survey to investigate concrete and relevant questions concerning Android code obfuscation and protection techniques, where the purpose is to review code obfuscation and code protection practices. We evaluate efficacy of existing code de-obfuscation tools to tackle obfuscated Android malware (which provide attackers with the ability to evade detection mechanisms). Finally, we propose a Machine Learning-based detection framework to hunt malicious Android apps by introducing a system to detect and classify newly-discovered malware through analyzing applications. The proposed system classifies different types of malware from each other and helps to better understanding how malware can infect devices, the threat level they pose and how to protect against them. Our designed system leverages more complete coverage of apps’ behavioral characteristics than the state-of-the-art, integrates the most performant classifier, and utilizes the robustness of extracted features. The second part of this dissertation conducts an in-depth security analysis of the most popular wearable fitness trackers on the market. Our contributions are grouped into four central parts in this domain: First, we analyze the primitives governing the communication between fitness tracker and cloud-based services. In addition, we investigate communication requirements in this setting such as: (i) Data Confidentiality, (ii) Data Integrity, and (iii) Data Authenticity. Second, we show real-world demos on how modern wearable devices are vulnerable to false data injection attacks. Also, we document successful injection of falsified data to cloud-based services that appears legitimate to the cloud to obtain personal benefits. Third, we circumvent End-to-End protocol encryption implemented in the most advanced and secure fitness trackers (e.g., Fitbit, as the market leader) through Hardware-based reverse engineering. Last but not least, we provide guidelines for avoiding similar vulnerabilities in future system designs.I dispositivi mobili e intelligenti (dai popolari smartphone e tablet ai braccialetti per il fitness indossabili dotati di capacita' di rilevamento, elaborazione e connessione Internet) si sono recentemente diffusi e hanno ridefinito il modo in cui gli utenti svolgono le loro attivita' quotidiane. Questi dispositivi introducono enormi benefici nella societa' e portano a un miglioramento della qualita' della vita degli utenti. Man mano che le tecnologie mobili e intelligenti diventano sempre piu' diffuse, la sicurezza di questi dispositivi diventa pero' piu' urgente e gli utenti devono prendere precauzioni per mantenere le loro informazioni personali al sicuro. Anche la privacy e' stata presa in considerazione dal momento che cosi' tanti dispositivi mobili e intelligenti raccolgono, elaborano e memorizzano sul cloud enormi quantita' di dati. Garantire la riservatezza, l'integrita' e l'autenticita' delle informazioni e' una sfida nell'ambito della sicurezza informatica di non facile soluzione. Sfortunatamente, gli attuali controlli di sicurezza non hanno mantenuto il passo con i rischi introdotti dai dispositivi mobili e intelligenti, e si sono finora rivelati chiaramente insufficienti. Inoltre, la prevenzione di attacchi e' di per se' un'area di ricerca in crescita, ma con una notevole quantita' di problemi ancora irrisolti. La pervasivita' dei dispositivi intelligenti, il crescente numero di vettori di attacco e l'attuale mancanza di sicurezza richiedono un modo efficace ed efficiente di proteggere i dispositivi mobili e intelligenti. Questa tesi affronta i problemi di sicurezza dei dispositivi mobili e intelligenti, fornendo metodi specifici per migliorare le attuali soluzioni di sicurezza. I nostri contributi si raggruppano in due aree correlate, che presentano naturali sovrapposizioni e corrispondono alle due componenti centrali di questo documento: (1) il confronto con i malware mobile e (2) l'analisi della sicurezza per dispositivi indossabili e intelligenti. Nella prima parte di questa tesi, si affrontano metodi e tecniche per aiutare gli analisti della sicurezza ad affrontare i malware mobile e ad automatizzare l'identificazione di applicazioni dannose. Nell'ambito dei malware mobile, forniamo tre contributi. Per prima cosa, introduciamo un protocollo Secure Message Delivery (SMD) per reti Device-to-Device (D2D), con l'obiettivo principale di individuare il percorso piu' sicuro per inviare un messaggio dal mittente al destinatario in una rete D2D multi-hop. In secondo luogo, presentiamo un'indagine condotta col fine di indagare i problemi concreti e rilevanti che riguardano le tecniche di offuscamento e protezione del codice Android, indagine il cui scopo e' esaminare le pratiche di offuscamento e di protezione del codice. Valutiamo l'efficacia degli strumenti di de-offuscamento del codice esistenti per confrontarci con i malware Android offuscati (quelli che permettono agli hacker di sfuggire ai meccanismi di rilevamento). Infine, proponiamo un framework di rilevamento basato sul Machine Learning, che identifica le applicazioni Android maligne attraverso l'introduzione di un sistema per il rilevamento e la classificazione dei malware piu' recentemente scoperti mediante analisi delle applicazioni. Il sistema proposto classifica i malware in differenti tipi e aiuta a capire meglio come i malware possano infettare i dispositivi, il livello di minaccia che rappresentano e come ci si possa proteggere da essi. Il sistema progettato sfrutta in maniera piu' completa le caratteristiche comportamentali delle app rispetto allo stato dell'arte, integra il classificatore piu' performante e utilizza la robustezza delle funzionalita' individuate. La seconda parte di questa tesi illustra un'analisi approfondita degli aspetti di sicurezza per i braccialetti per il fitness indossabili piu' popolari sul mercato. I nostri contributi si raggruppano in quattro parti all'interno di questo contesto: come primo contributo, analizziamo le primitive che regolano la comunicazione tra i braccialetti per il fitness e i servizi sul cloud. Successivamente, esaminiamo i requisiti di comunicazione di questo contesto, quali: (i) Riservatezza dei dati, (ii) Integrita' dei dati e (iii) Autenticita' dei dati. Come secondo contributo, presentiamo delle reali dimostrazioni su come i moderni dispositivi indossabili siano vulnerabili agli attacchi di false data injection. Inoltre, documentiamo il successo di un'injection di dati falsificati all'interno servizi basati su cloud, dati che vengono considerati legittimi dal cloud e permettono di ottenere vantaggi personali. Come terzo contributo, aggiriamo la crittografia del protocollo End-to-End implementato nei piu' avanzati e sicuri braccialetti per il fitness (ad esempio, Fitbit, che e' il leader del mercato) attraverso il reverse engineering dell'hardware. Ultimo ma non meno importante, forniamo linee guida per prevenire vulnerabilita' simili nelle future progettazioni di sistemi