11 research outputs found
Adversarial Examples in Constrained Domains
Machine learning algorithms have been shown to be vulnerable to adversarial
manipulation through systematic modification of inputs (e.g., adversarial
examples) in domains such as image recognition. Under the default threat model,
the adversary exploits the unconstrained nature of images; each feature (pixel)
is fully under control of the adversary. However, it is not clear how these
attacks translate to constrained domains that limit which and how features can
be modified by the adversary (e.g., network intrusion detection). In this
paper, we explore whether constrained domains are less vulnerable than
unconstrained domains to adversarial example generation algorithms. We create
an algorithm for generating adversarial sketches: targeted universal
perturbation vectors which encode feature saliency within the envelope of
domain constraints. To assess how these algorithms perform, we evaluate them in
constrained (e.g., network intrusion detection) and unconstrained (e.g., image
recognition) domains. The results demonstrate that our approaches generate
misclassification rates in constrained domains that were comparable to those of
unconstrained domains (greater than 95%). Our investigation shows that the
narrow attack surface exposed by constrained domains is still sufficiently
large to craft successful adversarial examples; and thus, constraints do not
appear to make a domain robust. Indeed, with as little as five randomly
selected features, one can still generate adversarial examples.Comment: 17 pages, 5 figure
Measuring and Mitigating the Risk of IP Reuse on Public Clouds
Public clouds provide scalable and cost-efficient computing through resource
sharing. However, moving from traditional on-premises service management to
clouds introduces new challenges; failure to correctly provision, maintain, or
decommission elastic services can lead to functional failure and vulnerability
to attack. In this paper, we explore a broad class of attacks on clouds which
we refer to as cloud squatting. In a cloud squatting attack, an adversary
allocates resources in the cloud (e.g., IP addresses) and thereafter leverages
latent configuration to exploit prior tenants. To measure and categorize cloud
squatting we deployed a custom Internet telescope within the Amazon Web
Services us-east-1 region. Using this apparatus, we deployed over 3 million
servers receiving 1.5 million unique IP addresses (56% of the available pool)
over 101 days beginning in March of 2021. We identified 4 classes of cloud
services, 7 classes of third-party services, and DNS as sources of exploitable
latent configurations. We discovered that exploitable configurations were both
common and in many cases extremely dangerous; we received over 5 million cloud
messages, many containing sensitive data such as financial transactions, GPS
location, and PII. Within the 7 classes of third-party services, we identified
dozens of exploitable software systems spanning hundreds of servers (e.g.,
databases, caches, mobile applications, and web services). Lastly, we
identified 5446 exploitable domains spanning 231 eTLDs-including 105 in the top
10,000 and 23 in the top 1000 popular domains. Through tenant disclosures we
have identified several root causes, including (a) a lack of organizational
controls, (b) poor service hygiene, and (c) failure to follow best practices.
We conclude with a discussion of the space of possible mitigations and describe
the mitigations to be deployed by Amazon in response to this study
EIPSIM: Modeling Secure IP Address Allocation at Cloud Scale
Public clouds provide impressive capability through resource sharing.
However, recent works have shown that the reuse of IP addresses can allow
adversaries to exploit the latent configurations left by previous tenants. In
this work, we perform a comprehensive analysis of the effect of cloud IP
address allocation on exploitation of latent configuration. We first develop a
statistical model of cloud tenant behavior and latent configuration based on
literature and deployed systems. Through these, we analyze IP allocation
policies under existing and novel threat models. Our resulting framework,
EIPSim, simulates our models in representative public cloud scenarios,
evaluating adversarial objectives against pool policies. In response to our
stronger proposed threat model, we also propose IP scan segmentation, an IP
allocation policy that protects the IP pool against adversarial scanning even
when an adversary is not limited by number of cloud tenants. Our evaluation
shows that IP scan segmentation reduces latent configuration exploitability by
97.1% compared to policies proposed in literature and 99.8% compared to those
currently deployed by cloud providers. Finally, we evaluate our statistical
assumptions by analyzing real allocation and configuration data, showing that
results generalize to deployed cloud workloads. In this way, we show that
principled analysis of cloud IP address allocation can lead to substantial
security gains for tenants and their users
Securing Cloud File Systems using Shielded Execution
Cloud file systems offer organizations a scalable and reliable file storage
solution. However, cloud file systems have become prime targets for
adversaries, and traditional designs are not equipped to protect organizations
against the myriad of attacks that may be initiated by a malicious cloud
provider, co-tenant, or end-client. Recently proposed designs leveraging
cryptographic techniques and trusted execution environments (TEEs) still force
organizations to make undesirable trade-offs, consequently leading to either
security, functional, or performance limitations. In this paper, we introduce
TFS, a cloud file system that leverages the security capabilities provided by
TEEs to bootstrap new security protocols that meet real-world security,
functional, and performance requirements. Through extensive security and
performance analyses, we show that TFS can ensure stronger security guarantees
while still providing practical utility and performance w.r.t. state-of-the-art
systems; compared to the widely-used NFS, TFS achieves up to 2.1X speedups
across micro-benchmarks and incurs <1X overhead for most macro-benchmark
workloads. TFS demonstrates that organizations need not sacrifice file system
security to embrace the functional and performance advantages of outsourcing
Factors Related to the Use of Early Postoperative Enteral Feeding in Thoracic and Abdominal Surgery Patients in the United States
Early postoperative enteral feeding uses the jejunum, which remains motile and available to absorb nutrients after surgery even while gastric and colonic ileus are present. Current nutrition support guidelines of the American Society for Parenteral and Enteral Nutrition (ASPEN) encourage feeding patients as soon as possible, beginning no later than 7 days after surgery. Many researchers and practitioners advocate feeding much sooner. Early feeding promotes optimal nutrition in those who are adequately nourished before surgery and minimizes losses in those who are malnourished before surgery. Additional benefits include preservation of gut mass and gut-associated lymphoid tissue, maintenance of general immunocompetence, and attenuation of metabolic complications of surgical stress. Although benefits of early feeding after surgery have been identified, controversies exist. Consensus has not been reached about the period within which introduction of nutrition support is most effective. However, recent research provides additional support for the use of early enteral feeding. The purpose of this study is to provide descriptive information on the use of early postoperative enteral feeding and to explore factors that may be related to the use of this mode of nutrition support