It’s Always April Fools’ Day! On the Difficulty of Social Network Misinformation Classification via Propagation Features

Given the huge impact that Online Social Networks (OSN) had in the way people get informed and form their opinion, they became an attractive playground for malicious entities that want to spread misinformation, and leverage their effect. In fact, misinformation easily spreads on OSN and is a huge threat for modern society, possibly influencing also the outcome of elections, or even putting people’s life at risk (e.g., spreading “anti-vaccines” misinformation). Therefore, it is of paramount importance for our society to have some sort of “validation” on information spreading through OSN. The need for a wide-scale validation would greatly benefit from automatic tools. In this paper, we show that it is difficult to carry out an automatic classification of misinformation considering only structural properties of content propagation cascades. We focus on structural properties, because they would be inherently dif- ficult to be manipulated, with the the aim of circumventing classification systems. To support our claim, we carry out an extensive evaluation on Facebook posts belonging to conspiracy theories (as representative of misinformation), and scientific news (representative of fact-checked content). Our findings show that conspiracy content actually reverberates in a way which is hard to distinguish from the one scientific content does: for the classification mechanisms we investigated, classification F1-score never exceeds 0.65 during content propagation stages, and is still less than 0.7 even after propagation is complete

TEEvil: Identity Lease via Trusted Execution Environments

We investigate identity lease, a new type of service in which users lease their identities to third parties by providing them with full or restricted access to their online accounts or credentials. We discuss how identity lease could be abused to subvert the digital society, facilitating the spread of fake news and subverting electronic voting by enabling the sale of votes. We show that the emergence of Trusted Execution Environments and anonymous cryptocurrencies, for the first time, allows the implementation of such a lease service while guaranteeing fairness, plausible deniability and anonymity, therefore shielding the users and account renters from prosecution. To show that such a service can be practically implemented, we build an example service that we call TEEvil leveraging Intel SGX and ZCash. Finally, we discuss defense mechanisms and challenges in the mitigation of identity lease services.Comment: 21 pages, 5 figure

PILOT: Password and PIN Information Leakage from Obfuscated Typing Videos

This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the form of masked characters that indicate keystrokes. To this end, we developed an attack called Password and Pin Information Leakage from Obfuscated Typing Videos (PILOT). Our attack extracts inter-keystroke timing information from videos of password masking characters displayed when users type their password on a computer, or their PIN at an ATM. We conducted several experiments in various attack scenarios. Results indicate that, while in some cases leakage is minor, it is quite substantial in others. By leveraging inter-keystroke timings, PILOT recovers 8-character alphanumeric passwords in as little as 19 attempts. When guessing PINs, PILOT significantly improved on both random guessing and the attack strategy adopted in our prior work [4]. In particular, we were able to guess about 3% of the PINs within 10 attempts. This corresponds to a 26-fold improvement compared to random guessing. Our results strongly indicate that secure password masking GUIs must consider the information leakage identified in this paper

Linkage map saturation, construction, and comparison in four populations of Prunus

One of the objectives of the ISAFRUIT Project was to perform genetic analyses in four populations of Prunus, two of peach (P. persica) and two of apricot (P. armeniaca), in order to identify major genes and quantitative trait loci (QTLs) for characters related to fruit quality. This required the construction of saturated marker maps in each of these populations. Marker maps were available for an intra-specific peach × peach F2, a BC2 peach × P. davidiana (using peach as the recurrent parent), and an apricot × apricot F1. We have further saturated these maps mainly with SSR (simple sequence repeat) markers. A new map, constructed uniquely from SSRs was prepared for a fourth apricot × apricot F1 population. Using anchor markers, we compared these four maps with the reference Prunus map, constructed using an almond × peach F2 population. As previously observed, conservation of synteny and co-linearity were the general rule, providing additional evidence of the high level of similarity between all Prunus genomes. Comparisons of genetic distances between the maps suggested that those involving similar genomes had higher levels of recombination than those with more distant genomes, particularly the inter-specific crosses.The ISAFRUIT Project is funded by the European Commission under Thematic Priority 5 – Food Quality and Safety of the 6th Framework Programme of RTD (Contract No. FP6-FOOD-CT-2006-016279).Peer reviewe

Il Futuro della Cybersecurity in Italia: Ambiti Progettuali Strategici

Il presente volume nasce come continuazione del precedente, con l’obiettivo di delineare un insieme di ambiti progettuali e di azioni che la comunità nazionale della ricerca ritiene essenziali a complemento e a supporto di quelli previsti nel DPCM Gentiloni in materia di sicurezza cibernetica, pubblicato nel febbraio del 2017. La lettura non richiede particolari conoscenze tecniche; il testo è fruibile da chiunque utilizzi strumenti informatici o navighi in rete. Nel volume vengono considerati molteplici aspetti della cybersecurity, che vanno dalla definizione di infrastrutture e centri necessari a organizzare la difesa alle azioni e alle tecnologie da sviluppare per essere protetti al meglio, dall’individuazione delle principali tecnologie da difendere alla proposta di un insieme di azioni orizzontali per la formazione, la sensibilizzazione e la gestione dei rischi. Gli ambiti progettuali e le azioni, che noi speriamo possano svilupparsi nei prossimi anni in Italia, sono poi accompagnate da una serie di raccomandazioni agli organi preposti per affrontare al meglio, e da Paese consapevole, la sfida della trasformazione digitale. Le raccomandazioni non intendono essere esaustive, ma vanno a toccare dei punti che riteniamo essenziali per una corretta implementazione di una politica di sicurezza cibernetica a livello nazionale. Politica che, per sua natura, dovrà necessariamente essere dinamica e in continua evoluzione in base ai cambiamenti tecnologici, normativi, sociali e geopolitici. All’interno del volume, sono riportati dei riquadri con sfondo violetto o grigio; i primi sono usati nel capitolo introduttivo e nelle conclusioni per mettere in evidenza alcuni concetti ritenuti importanti, i secondi sono usati negli altri capitoli per spiegare il significato di alcuni termini tecnici comunemente utilizzati dagli addetti ai lavori. In conclusione, ringraziamo tutti i colleghi che hanno contribuito a questo volume: un gruppo di oltre 120 ricercatori, provenienti da circa 40 tra Enti di Ricerca e Università, unico per numerosità ed eccellenza, che rappresenta il meglio della ricerca in Italia nel settore della cybersecurity. Un grazie speciale va a Gabriella Caramagno e ad Angela Miola che hanno contribuito a tutte le fasi di produzione del libro. Tra i ringraziamenti ci fa piacere aggiungere il supporto ottenuto dai partecipanti al progetto FILIERASICURA

Phishing in Organizations: Findings from a Large-Scale and Long-Term Study

In this paper, we present findings from a largescale and long-term phishing experiment that we conducted in collaboration with a partner company. Our experiment ran for 15 months during which time more than 14,000 study participants (employees of the company) received different simulated phishing emails in their normal working context. We also deployed a reporting button to the company’s email client which allowed the participants to report suspicious emails they received. We measured click rates for phishing emails, dangerous actions such as submitting credentials, and reported suspicious emails. The results of our experiment provide three types of contributions. First, some of our findings support previous literature with improved ecological validity. One example of such results is good effectiveness of warnings on emails. Second, some of our results contradict prior literature and common industry practices. Surprisingly, we find that embedded training during simulated phishing exercises, as commonly deployed in the industry today, does not make employees more resilient to phishing, but instead it can have unexpected side effects that can make employees even more susceptible to phishing. And third, we report new findings. In particular, we are the first to demonstrate that using the employees as a collective phishing detection mechanism is practical in large organizations. Our results show that such crowd-sourcing allows fast detection of new phishing campaigns, the operational load for the organization is acceptable, and the employees remain active over long periods of time

Poster: A roaming-based denial of service attack on LTE networks

During the last ten years, mobile communications greatly evolved. Along this process, the main goal was to satisfy users' needs such as coverage, communication speed, and availability. However, less attention has been posed to prevent attacks such as Denial of Service (DoS), which aim to render the mobile network unserviceable. In this paper, we present a novel method to implement a distributed DoS attack on a target mobile operator's Control Network. We exploit the lack of coordination between local and remote components of the LTE network during the roaming authentication process to realize a pulse DoS using temporal lensing. Finally, we discuss the feasibility of our attack on future 5G networks