The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions

In recent years, the current Internet has experienced an unexpected paradigm shift in the usage model, which has pushed researchers towards the design of the Information-Centric Networking (ICN) paradigm as a possible replacement of the existing architecture. Even though both Academia and Industry have investigated the feasibility and effectiveness of ICN, achieving the complete replacement of the Internet Protocol (IP) is a challenging task. Some research groups have already addressed the coexistence by designing their own architectures, but none of those is the final solution to move towards the future Internet considering the unaltered state of the networking. To design such architecture, the research community needs now a comprehensive overview of the existing solutions that have so far addressed the coexistence. The purpose of this paper is to reach this goal by providing the first comprehensive survey and classification of the coexistence architectures according to their features (i.e., deployment approach, deployment scenarios, addressed coexistence requirements and architecture or technology used) and evaluation parameters (i.e., challenges emerging during the deployment and the runtime behaviour of an architecture). We believe that this paper will finally fill the gap required for moving towards the design of the final coexistence architecture.Comment: 23 pages, 16 figures, 3 table

On the Feasibility of Profiling Electric Vehicles through Charging Data

Electric vehicles (EVs) represent the long-term green substitute for traditional fuel-based vehicles. To encourage EV adoption, the trust of the end-users must be assured. In this work, we focus on a recently emerging privacy threat of profiling and identifying EVs via the analog electrical data exchanged during the EV charging process. The core focus of our work is to investigate the feasibility of such a threat at scale. To this end, we first propose an improved EV profiling approach that outperforms the state-of-the-art EV profiling techniques. Next, we exhaustively evaluate the performance of our improved approach to profile EVs in real-world settings. In our evaluations, we conduct a series of experiments including 25032 charging sessions from 530 real EVs, sub-sampled datasets with different data distributions, etc. Our results show that even with our improved approach, profiling and individually identifying the growing number of EVs is not viable in practice; at least with the analog charging data utilized throughout the literature. We believe that our findings from this work will further foster the trust of potential users in the EV ecosystem, and consequently, encourage EV adoption.Comment: This is an extended version of our paper in VehicleSec 2023 (co-located with NDSS Symposium 2023), San Diego, C

A Survey of Layer-Two Blockchain Protocols

After the success of the Bitcoin blockchain, came several cryptocurrencies and blockchain solutions in the last decade. Nonetheless, Blockchain-based systems still suffer from low transaction rates and high transaction processing latencies, which hinder blockchains' scalability. An entire class of solutions, called Layer-1 scalability solutions, have attempted to incrementally improve such limitations by adding/modifying fundamental blockchain attributes. Recently, a completely different class of works, called Layer-2 protocols, have emerged to tackle the blockchain scalability issues using unconventional approaches. Layer-2 protocols improve transaction processing rates, periods, and fees by minimizing the use of underlying slow and costly blockchains. In fact, the main chain acts just as an instrument for trust establishment and dispute resolution among Layer-2 participants, where only a few transactions are dispatched to the main chain. Thus, Layer-2 blockchain protocols have the potential to transform the domain. However, rapid and discrete developments have resulted in diverse branches of Layer-2 protocols. In this work, we systematically create a broad taxonomy of such protocols and implementations. We discuss each Layer-2 protocol class in detail and also elucidate their respective approaches, salient features, requirements, etc. Moreover, we outline the issues related to these protocols along with a comparative discussion. Our thorough study will help further systematize the knowledge dispersed in the domain and help the readers to better understand the field of Layer-2 protocols.Comment: 21 pages, 15 figures, 2 table

BLEWhisperer: Exploiting BLE Advertisements for Data Exfiltration

Bluetooth technology has enabled short-range wireless communication for billions of devices. Bluetooth Low-Energy (BLE) variant aims at improving power consumption on battery-constrained devices. BLE-enabled devices broadcast information (e.g., as beacons) to nearby devices via advertisements. Unfortunately, such functionality can become a double-edged sword at the hands of attackers. In this paper, we primarily show how an attacker can exploit BLE advertisements to exfiltrate information from BLE-enable devices. In particular, our attack establishes a communication medium between two devices without requiring any prior authentication or pairing. We develop a proof-of-concept attack framework on the Android ecosystem and assess its performance via a thorough set of experiments. Our results indicate that such an exfiltration attack is indeed possible though with a low data rate. Nevertheless, we also demonstrate potential use cases and enhancements to our attack that can further its severeness. Finally, we discuss possible countermeasures to prevent such an attack.Comment: 20 pages, 6 figure

Improving Password Guessing via Representation Learning

Learning useful representations from unstructured data is one of the core challenges, as well as a driving force, of modern data-driven approaches. Deep learning has demonstrated the broad advantages of learning and harnessing such representations. In this paper, we introduce a deep generative model representation learning approach for password guessing. We show that an abstract password representation naturally offers compelling and versatile properties that can be used to open new directions in the extensively studied, and yet presently active, password guessing field. These properties can establish novel password generation techniques that are neither feasible nor practical with the existing probabilistic and non-probabilistic approaches. Based on these properties, we introduce:(1) A general framework for conditional password guessing that can generate passwords with arbitrary biases; and (2) an Expectation Maximization-inspired framework that can dynamically adapt the estimated password distribution to match the distribution of the attacked password set.Comment: This paper appears in the proceedings of the 42nd IEEE Symposium on Security and Privacy (Oakland) S&P 202

Security and Privacy Implications of Cryptocurrencies

Le criptovalute sono valute digitali basate sulla crittografia. A differenza delle tradizionali valute legali emesse da sistemi bancari centralizzati, le criptovalute sono decentralizzate e mantenute attraverso meccanismi di consenso distribuito. Nel novembre 2008 Satoshi Nakamoto ha introdotto la prima criptovaluta veramente funzionale: il Bitcoin. Dopo alcuni anni passati nell’ombra, Bitcoin guadagnò rapidamente notorietà, creando un'economia da miliardi di dollari. Sull’onda del successo di Bitcoin il mercato ha visto nascere diverse altre criptovalute. A settembre 2019 si sono registrate più di 2500 criptovalute attive per un mercato di oltre 250 miliardi di Dollari e quasi 50 miliardi di Dollari di volume giornaliero. Ogni criptovaluta ha un funzionamento peculiare a seconda del proprio obiettivo: alcune si focalizzano sulla limitazione del numero di transazioni, altre sulle prestazioni. Ogni criptovaluta garantisce un certo livello di anonimato dell'utente. Al livello più basso, gli utenti rimangono pseudo-anonimi, ovvero le identità reali del pagatore e del beneficiario rimangono nascoste. I criminali informatici hanno sfruttato l'anonimato offerto dalle criptovalute per perpetrare vari reati, come il riciclaggio di denaro e il finanziamento del terrorismo. Questa tesi indaga sulle implicazioni di sicurezza e privacy delle criptovalute e si compone di tre parti che trattano di recenti ed importanti problematiche relative a: (i) Bitcoin; (ii) Algorand; e (iii) Cryptominers. Nella prima parte di questa tesi, studiamo due questioni relative al Bitcoin che rivestono un'importanza significativa in questa era di criptovalute. In particolare, ci concentriamo sull’aumento allarmante delle campagne ransomware e sui problemi di privacy relativi alle app di Bitcoin wallet per smartphone. Abbiamo quindi condotto uno studio completo e longitudinale sui recenti attacchi di ransomware e riportando l'impatto economico riscontrato sui pagamenti in Bitcoin. Abbiamo inoltre condotto un lavoro per l’identificazione di attività sensibili sulle app di Bitcoin wallet. Queste app sono comunemente utilizzate per l'invio, la ricezione e il trading di Bitcoin. La seconda parte di questa tesi si concentra su Algorand. Algorand è un protocollo di consenso blockchain democratico che ha il potenziale ridisegnare il futuro della tecnologia blockchain. Questo è il primo studio formale proposto per Algorand. Nella nostra analisi di sicurezza, presentiamo un attacco realmente attuabile su Algorand nonché possibili contromisure. Nella terza parte di questa tesi, esploriamo il covert cryptomining. La richiesta di cryptomining è aumentata drasticamente con la crescente popolarità delle criptovalute. Parallelamente alle legittime richieste di crittografia, la covert cryptomining è emersa come un mezzo per gli attori malintenzionati per ottenere incentivi finanziari. Le criptovalute come Monero hanno ulteriormente aggravato la situazione, consentendo anche agli utenti ingenui di effettuare cryptomining tramite un'applicazione browser. Considerando la gravità del problema, proponiamo due soluzioni efficienti per rilevare la covert cryptomining in diversi scenari realistici.Cryptocurrencies are cryptography-based digital currencies. In contrast to the traditional fiat currencies that are issued by centralized banking systems, cryptocurrencies are decentralized and maintained through distributed consensus mechanisms. The first truly functional cryptocurrency, i.e., Bitcoin, was introduced in November 2008 by Satoshi Nakamoto. Within a few years of its quiet launch, Bitcoin flourished to make a billion-dollar economy. After the massive success of Bitcoin, several other cryptocurrencies have been introduced to the market. As of September 2019, there are over 2500 active cryptocurrencies with more than 250 billion dollars total market capitalization and nearly 50 billion dollars daily volume. Different cryptocurrencies work differently and aim to achieve different goals, e.g., some cryptocurrencies focus on limiting transaction throughput while others concentrate on performance. However, each cryptocurrency ensures a certain level of user anonymity. At the lowest level, users remain pseudo-anonymous, i.e., the real identities of payer and payee remain obscure. Consequently, cybercriminals have exploited the anonymity offered by cryptocurrencies in various crimes, including money laundering and terror financing. Moreover, cryptocurrencies bring several other severe concerns. This thesis investigates the security and privacy implications of cryptocurrencies. This thesis is composed of three logical parts that focus on recently thriving, prominent, and severe concerns related to: (i) Bitcoin; (ii) Algorand; and(iii) Cryptominers. In the first part of this thesis, we investigate two issues related to Bitcoin that hold significant importance in this era of cryptocurrencies. In particular, we focus on alarmingly increasing ransomware campaigns and the privacy concerns related to smartphone-based Bitcoin wallet apps. For the former, we present our comprehensive and longitudinal study on the recent ransomware attacks and report the economic impact of such ransomware from the Bitcoin payment perspective. For the latter, we present our work on identifying sensitive user activities on Bitcoin wallet apps that are commonly used for sending, receiving, and trading Bitcoin. The second part of this thesis focuses on Algorand. Algorand is a truly democratic blockchain consensus protocol that has the potential to shape the future of blockchain technology. To the best of our knowledge, it is the first formal study on Algorand. In our security analysis, we propose a practically feasible attack on Algorand and its possible countermeasures. In the third part of this thesis, we explore covert cryptomining. The demand for cryptomining has increased drastically with the increasing popularity of cryptocurrencies. In parallel to legitimate cryptomining demands, covert cryptomining has emerged as a utility for malicious actors to gain financial incentives. Cryptocurrencies, such as Monero, have further aggravated the situation by enabling even naive users to mine via a browser application. Considering the severity of the issue, we propose two efficient solutions to detect covert cryptomining under different real-world scenarios

On the economic significance of ransomware campaigns: A Bitcoin transactions perspective

Bitcoin cryptocurrency system enables users to transact securely and pseudo-anonymously by using an arbitrary number of aliases (Bitcoin addresses). Cybercriminals exploit these characteristics to commit immutable and presumably untraceable monetary fraud, especially via ransomware; a type of malware that encrypts files of the infected system and demands ransom for decryption. In this paper, we present our comprehensive study on all recent ransomware and report the economic impact of such ransomware from the Bitcoin payment perspective. We also present a lightweight framework to identify, collect, and analyze Bitcoin addresses managed by the same user or group of users (cybercriminals, in this case), which includes a novel approach for classifying a payment as ransom. To verify the correctness of our framework, we compared our findings on CryptoLocker ransomware with the results presented in the literature. Our results align with the results found in the previous works except for the final valuation in USD. The reason for this discrepancy is that we used the average Bitcoin price on the day of each ransom payment whereas the authors of the previous studies used the Bitcoin price on the day of their evaluation. Furthermore, for each investigated ransomware, we provide a holistic view of its genesis, development, the process of infection and execution, and characteristic of ransom demands. Finally, we also release our dataset that contains a detailed transaction history of all the Bitcoin addresses we identified for each ransomware.Comment: 24 page