RISE: Robust Wireless Sensing Using Probabilistic and Statistical Assessments

Peer reviewe

Exploiting wireless received signal strength indicators to detect evil-twin attacks in smart homes

Evil-twin is becoming a common attack in Smart Home environments where an attacker can set up a fake AP to compromise the security of the connected devices. To identify the fake APs, The current approaches of detecting Evil-twin attacks all rely on information such as SSIDs, the MAC address of the genuine AP or network traffic patterns. However, such information can be faked by the attacker, often leading to low detection rates and weak protection. This paper presents a novel evil-twin attack detection method based on the received signal strength indicator (RSSI). Our key insight is that the location of the genuine AP rarely moves in a home environment and as a result the RSSI of the genuine AP is relatively stable. Our approach considers the RSSI as a fingerprint of APs and uses the fingerprint of the genuine AP to identify fake ones. We provide two schemes to detect a fake AP in two different scenarios where the genuine AP can be located at either a single or multiple locations in the property, by exploiting the multipath effect of the WIFI signal. As a departure from prior work, our approach does not rely on any professional measurement devices. Experimental results show that our approach can successfully detect 90% of the fake APs, at the cost of an one-off, modest connection delay

Exploiting dynamic scheduling for VM-based code obfuscation

Code virtualization built upon virtual machine (VM) technologies is emerging as a viable method for implementing code obfuscation to protect programs against unauthorized analysis. State-of-the-art VM-based protection approaches use a fixed scheduling structure where the program follows a single, static execution path for the same input. Such approaches, however, are vulnerable to certain scenarios where the attacker can reuse knowledge extracted from previously seen software to crack applications using similar protection schemes. This paper presents DSVMP, a novel VM-based code obfuscation approach for software protection. DSVMP brings together two techniques to provide stronger code protection than prior VM-based schemes. Firstly, it uses a dynamic instruction scheduler to randomly direct the program to execute different paths without violating the correctness across different runs. By randomly choosing the program execution paths, the application exposes diverse behavior, making it much more difficult for an attacker to reuse the knowledge collected from previous runs or similar applications to perform attacks. Secondly, it employs multiple VMs to further obfuscate the relationship between VM bytecode and their interpreters, making code analysis even harder. We have implemented DSVMP in a prototype system and evaluated it using a set of widely used applications. Experimental results show that DSVMP provides stronger protection with comparable runtime overhead and code size when compared to two commercial VMbased code obfuscation tools

Maize microrna166 inactivation confers plant development and abiotic stress resistance

MicroRNAs are important regulators in plant developmental processes and stress responses. In this study, we generated a series of maize STTM166 transgenic plants. Knock-down of miR166 resulted in various morphological changes, including rolled leaves, enhanced abiotic stress resistance, inferior yield-related traits, vascular pattern and epidermis structures, tassel architecture, as well as abscisic acid (ABA) level elevation and indole acetic acid (IAA) level reduction in maize. To profile miR166 regulated genes, we performed RNA-seq and qRT-PCR analysis. A total of 178 differentially expressed genes (DEGs) were identified, including 118 up-regulated and 60 down-regulated genes. These DEGs were strongly enriched in cell and intercellular components, cell membrane system components, oxidoreductase activity, single organism metabolic process, carbohydrate metabolic process, and oxidation reduction process. These results indicated that miR166 plays important roles in auxin and ABA interaction in monocots, yet the specific mechanism may differ from dicots. The enhanced abiotic stress resistance is partly caused via rolling leaves, high ABA content, modulated vascular structure, and the potential changes of cell membrane structure. The inferior yield-related traits and late flowering are partly controlled by the decreased IAA content, the interplay of miR166 with other miRNAs and AGOs. Taken together, the present study uncovered novel functions of miR166 in maize, and provide insights on applying short tandem target mimics (STTM) technology in plant breeding

Protect sensitive information against channel state information based attacks

Channel state information (CSI) has been recently shown to be useful in performing security attacks in public WiFi environments. By analyzing how CSI is affected by the finger motions, CSI-based attacks can effectively reconstruct text-based passwords and locking patterns. This paper presents WiGuard, a novel system to protect sensitive on-screen gestures in a public place. Our approach carefully exploits the WiFi channel interference to introduce noise into the attacker's CSI measurement to reduce the success rate of the attack. Our approach automatically detects when a CSI-based attack happens. We evaluate our approach by applying it to protect text-based passwords and pattern locks on mobile devices. Experimental results show that our approach is able to reduce the success rate of CSI attacks from 92% to 42% for text-based passwords and from 82% to 22% for pattern lock

Find Me A Safe Zone:A Countermeasure for Channel State Information Based Attacks

Recently, channel state information (CSI) is shown to be an effective side-channel to perform attacks in public environments. Prior work has demonstrated that by analyzing how the CSI measurements of the wireless signal are affected by the mobile user's finger movements or gestures, an attacker can recover the user's input with a high success rate. Furthermore, the setup of this new attack is trivial, where the adversary only needs to place one or two malicious wireless devices near the target user. It would be difficult for many users to identify the nearby malicious devices while they want to continue to use mobile applications in public places. This dilemma makes protection of CSI-based attacks an urgent need. This article presents the first countermeasure for CSI-based attacks. Our key insight is that the success of any CSI-based attack requires high-quality CSI measurements; and we can significantly reduce the risk of information leakage by directing the user to a nearby location where the CSI readings are inherently noisy. To this end, we develop a regression based method to assess the risk of CSI-based attacks and exploit a well-established localization technique to identify potential malicious wireless devices. We then use this information to guide the user to a safe zone. We evaluate our approach by applying it to protect pattern lock and keystrokes in various indoor and outdoor environments. Experimental results show that our approach can effectively protect mobile users against CSI-based attacks

Protect sensitive information against channel state information based attacks

Channel state information (CSI) has been recently shown to be useful in performing security attacks in public WiFi environments. By analyzing how CSI is affected by the finger motions, CSI-based attacks can effectively reconstruct text-based passwords and locking patterns. This paper presents WiGuard, a novel system to protect sensitive on-screen gestures in a public place. Our approach carefully exploits the WiFi channel interference to introduce noise into the attacker's CSI measurement to reduce the success rate of the attack. Our approach automatically detects when a CSI-based attack happens. We evaluate our approach by applying it to protect text-based passwords and pattern locks on mobile devices. Experimental results show that our approach is able to reduce the success rate of CSI attacks from 92% to 42% for text-based passwords and from 82% to 22% for pattern lock

Enhance virtual-machine-based code obfuscation security through dynamic bytecode scheduling

Code virtualization built upon virtual machine (VM) technologies is emerging as a viable method for implementing code obfuscation to protect programs against unauthorized analysis. State-of-the-art VM-based protection approaches use a fixed scheduling structure where the program always follows a single, deterministic execution path for the same input. Such approaches, however, are vulnerable in certain scenarios where the attacker can reuse knowledge extracted from previously seen software to crack applications protected with the same obfuscation scheme. This paper presents Dsvmp, a novel VM-based code obfuscation approach for software protection. Dsvmp brings together two techniques to provide stronger code protection than prior VM-based approaches. Firstly, it uses a dynamic instruction scheduler to randomly direct the program to execute different paths without violating the correctness across different runs. By randomly choosing the program execution path, the application exposes diverse behavior, making it much more difficult for an attacker to reuse the knowledge collected from previous runs or similar applications to launch an attack. Secondly, it employs multiple VMs to further obfuscate the mapping from VM opcode to native machine instructions, so that the same opcode could be mapped to different native instructions at runtime, making code analysis even harder. We have implemented Dsvmp in a prototype system and evaluated it using a set of widely used applications. Experimental results show that Dsvmp provides stronger protection with comparable runtime overhead and code size, when it is compared to two commercial VM-based code obfuscation tools