186 research outputs found
RADIS: Remote Attestation of Distributed IoT Services
Remote attestation is a security technique through which a remote trusted
party (i.e., Verifier) checks the trustworthiness of a potentially untrusted
device (i.e., Prover). In the Internet of Things (IoT) systems, the existing
remote attestation protocols propose various approaches to detect the modified
software and physical tampering attacks. However, in an interoperable IoT
system, in which IoT devices interact autonomously among themselves, an
additional problem arises: a compromised IoT service can influence the genuine
operation of other invoked service, without changing the software of the
latter. In this paper, we propose a protocol for Remote Attestation of
Distributed IoT Services (RADIS), which verifies the trustworthiness of
distributed IoT services. Instead of attesting the complete memory content of
the entire interoperable IoT devices, RADIS attests only the services involved
in performing a certain functionality. RADIS relies on a control-flow
attestation technique to detect IoT services that perform an unexpected
operation due to their interactions with a malicious remote service. Our
experiments show the effectiveness of our protocol in validating the integrity
status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table
Know Your Enemy: Stealth Configuration-Information Gathering in SDN
Software Defined Networking (SDN) is a network architecture that aims at
providing high flexibility through the separation of the network logic from the
forwarding functions. The industry has already widely adopted SDN and
researchers thoroughly analyzed its vulnerabilities, proposing solutions to
improve its security. However, we believe important security aspects of SDN are
still left uninvestigated. In this paper, we raise the concern of the
possibility for an attacker to obtain knowledge about an SDN network. In
particular, we introduce a novel attack, named Know Your Enemy (KYE), by means
of which an attacker can gather vital information about the configuration of
the network. This information ranges from the configuration of security tools,
such as attack detection thresholds for network scanning, to general network
policies like QoS and network virtualization. Additionally, we show that an
attacker can perform a KYE attack in a stealthy fashion, i.e., without the risk
of being detected. We underline that the vulnerability exploited by the KYE
attack is proper of SDN and is not present in legacy networks. To address the
KYE attack, we also propose an active defense countermeasure based on network
flows obfuscation, which considerably increases the complexity for a successful
attack. Our solution offers provable security guarantees that can be tailored
to the needs of the specific network under consideratio
No Place to Hide that Bytes won't Reveal: Sniffing Location-Based Encrypted Traffic to Track a User's Position
News reports of the last few years indicated that several intelligence
agencies are able to monitor large networks or entire portions of the Internet
backbone. Such a powerful adversary has only recently been considered by the
academic literature. In this paper, we propose a new adversary model for
Location Based Services (LBSs). The model takes into account an unauthorized
third party, different from the LBS provider itself, that wants to infer the
location and monitor the movements of a LBS user. We show that such an
adversary can extrapolate the position of a target user by just analyzing the
size and the timing of the encrypted traffic exchanged between that user and
the LBS provider. We performed a thorough analysis of a widely deployed
location based app that comes pre-installed with many Android devices:
GoogleNow. The results are encouraging and highlight the importance of devising
more effective countermeasures against powerful adversaries to preserve the
privacy of LBS users.Comment: 14 pages, 9th International Conference on Network and System Security
(NSS 2015
Hacking Smart Machines with Smarter Ones: How to Extract Meaningful Data from Machine Learning Classifiers
Machine Learning (ML) algorithms are used to train computers to perform a
variety of complex tasks and improve with experience. Computers learn how to
recognize patterns, make unintended decisions, or react to a dynamic
environment. Certain trained machines may be more effective than others because
they are based on more suitable ML algorithms or because they were trained
through superior training sets. Although ML algorithms are known and publicly
released, training sets may not be reasonably ascertainable and, indeed, may be
guarded as trade secrets. While much research has been performed about the
privacy of the elements of training sets, in this paper we focus our attention
on ML classifiers and on the statistical information that can be unconsciously
or maliciously revealed from them. We show that it is possible to infer
unexpected but useful information from ML classifiers. In particular, we build
a novel meta-classifier and train it to hack other classifiers, obtaining
meaningful information about their training sets. This kind of information
leakage can be exploited, for example, by a vendor to build more effective
classifiers or to simply acquire trade secrets from a competitor's apparatus,
potentially violating its intellectual property rights
FedComm: Federated Learning as a Medium for Covert Communication
Proposed as a solution to mitigate the privacy implications related to the
adoption of deep learning, Federated Learning (FL) enables large numbers of
participants to successfully train deep neural networks without having to
reveal the actual private training data. To date, a substantial amount of
research has investigated the security and privacy properties of FL, resulting
in a plethora of innovative attack and defense strategies. This paper
thoroughly investigates the communication capabilities of an FL scheme. In
particular, we show that a party involved in the FL learning process can use FL
as a covert communication medium to send an arbitrary message. We introduce
FedComm, a novel multi-system covert-communication technique that enables
robust sharing and transfer of targeted payloads within the FL framework. Our
extensive theoretical and empirical evaluations show that FedComm provides a
stealthy communication channel, with minimal disruptions to the training
process. Our experiments show that FedComm successfully delivers 100% of a
payload in the order of kilobits before the FL procedure converges. Our
evaluation also shows that FedComm is independent of the application domain and
the neural network architecture used by the underlying FL scheme.Comment: 18 page
Minerva: A File-Based Ransomware Detector
Ransomware is a rapidly evolving type of malware designed to encrypt user
files on a device, making them inaccessible in order to exact a ransom.
Ransomware attacks resulted in billions of dollars in damages in recent years
and are expected to cause hundreds of billions more in the next decade. With
current state-of-the-art process-based detectors being heavily susceptible to
evasion attacks, no comprehensive solution to this problem is available today.
This paper presents Minerva, a new approach to ransomware detection. Unlike
current methods focused on identifying ransomware based on process-level
behavioral modeling, Minerva detects ransomware by building behavioral profiles
of files based on all the operations they receive in a time window. Minerva
addresses some of the critical challenges associated with process-based
approaches, specifically their vulnerability to complex evasion attacks. Our
evaluation of Minerva demonstrates its effectiveness in detecting ransomware
attacks, including those that are able to bypass existing defenses. Our results
show that Minerva identifies ransomware activity with an average accuracy of
99.45% and an average recall of 99.66%, with 99.97% of ransomware detected
within 1 second.Comment: 19 pages, 3 figure
Flexible Transaction Dependencies in Database Systems
Numerous extended transaction models have been proposed in the literature to overcome the limitations of the traditional transaction model for advanced applications characterized by their long durations, cooperation between activities and access to multiple databases (like CAD/CAM and office automation). However, most of these extended models have been proposed with specific applications in mind and almost always fail to support applications with slightly different requirements.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/44828/1/10619_2004_Article_270346.pd
- …