Showing total 13,635 results

201. MINER: A Hybrid Data-Driven Approach for REST API Fuzzing

Author

Lyu, Chenyang, Xu, Jiacheng, Ji, Shouling, Zhang, Xuhong, Wang, Qinying, Zhao, Binbin, Pan, Gaoning, Cao, Wei, and Beyah, Raheem

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

In recent years, REST API fuzzing has emerged to explore errors on a cloud service. Its performance highly depends on the sequence construction and request generation. However, existing REST API fuzzers have trouble generating long sequences with well-constructed requests to trigger hard-to-reach states in a cloud service, which limits their performance of finding deep errors and security bugs. Further, they cannot find the specific errors caused by using undefined parameters during request generation. Therefore, in this paper, we propose a novel hybrid data-driven solution, named MINER, with three new designs working together to address the above limitations. First, MINER collects the valid sequences whose requests pass the cloud service's checking as the templates, and assigns more executions to long sequence templates. Second, to improve the generation quality of requests in a sequence template, MINER creatively leverages the state-of-the-art neural network model to predict key request parameters and provide them with appropriate parameter values. Third, MINER implements a new data-driven security rule checker to capture the new kind of errors caused by undefined parameters. We evaluate MINER against the state-of-the-art fuzzer RESTler on GitLab, Bugzilla, and WordPress via 11 REST APIs. The results demonstrate that the average pass rate of MINER is 23.42% higher than RESTler. MINER finds 97.54% more unique errors than RESTler on average and 142.86% more reproducible errors after manual analysis. We have reported all the newly found errors, and 7 of them have been confirmed as logic bugs by the corresponding vendors., Comment: Accepted as a full paper at USENIX Security '23

Published

2023

202. Differential Aggregation against General Colluding Attackers

Author

Du, Rong, Ye, Qingqing, Fu, Yue, Hu, Haibo, Li, Jin, Fang, Chengfang, and Shi, Jie

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Local Differential Privacy (LDP) is now widely adopted in large-scale systems to collect and analyze sensitive data while preserving users' privacy. However, almost all LDP protocols rely on a semi-trust model where users are curious-but-honest, which rarely holds in real-world scenarios. Recent works show poor estimation accuracy of many LDP protocols under malicious threat models. Although a few works have proposed some countermeasures to address these attacks, they all require prior knowledge of either the attacking pattern or the poison value distribution, which is impractical as they can be easily evaded by the attackers. In this paper, we adopt a general opportunistic-and-colluding threat model and propose a multi-group Differential Aggregation Protocol (DAP) to improve the accuracy of mean estimation under LDP. Different from all existing works that detect poison values on individual basis, DAP mitigates the overall impact of poison values on the estimated mean. It relies on a new probing mechanism EMF (i.e., Expectation-Maximization Filter) to estimate features of the attackers. In addition to EMF, DAP also consists of two EMF post-processing procedures (EMF* and CEMF*), and a group-wise mean aggregation scheme to optimize the final estimated mean to achieve the smallest variance. Extensive experimental results on both synthetic and real-world datasets demonstrate the superior performance of DAP over state-of-the-art solutions., Comment: This paper has been accepted by ICDE2023

Published

2023

203. A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack Detection

Author

Lyu, Minzhao, Gharakheili, Hassan Habibi, and Sivaraman, Vijay

Subjects

Computer Science - Networking and Internet Architecture, Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Enterprise networks that host valuable assets and services are popular and frequent targets of distributed network attacks. In order to cope with the ever-increasing threats, industrial and research communities develop systems and methods to monitor the behaviors of their assets and protect them from critical attacks. In this paper, we systematically survey related research articles and industrial systems to highlight the current status of this arms race in enterprise network security. First, we discuss the taxonomy of distributed network attacks on enterprise assets, including distributed denial-of-service (DDoS) and reconnaissance attacks. Second, we review existing methods in monitoring and classifying network behavior of enterprise hosts to verify their benign activities and isolate potential anomalies. Third, state-of-the-art detection methods for distributed network attacks sourced from external attackers are elaborated, highlighting their merits and bottlenecks. Fourth, as programmable networks and machine learning (ML) techniques are increasingly becoming adopted by the community, their current applications in network security are discussed. Finally, we highlight several research gaps on enterprise network security to inspire future research., Comment: Journal paper submitted to Elseiver

Published

2023

204. Evaluation Methodologies in Software Protection Research

Author

Kochberger, Patrick, Schrittwieser, Sebastian, Coppens, Bart, and De Sutter, Bjorn

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Man-at-the-end (MATE) attackers have full control over the system on which the attacked software runs, and try to break the confidentiality or integrity of assets embedded in the software. Both companies and malware authors want to prevent such attacks. This has driven an arms race between attackers and defenders, resulting in a plethora of different protection and analysis methods. However, it remains difficult to measure the strength of protections because MATE attackers can reach their goals in many different ways and a universally accepted evaluation methodology does not exist. This survey systematically reviews the evaluation methodologies of papers on obfuscation, a major class of protections against MATE attacks. For 572 papers, we collected 113 aspects of their evaluation methodologies, ranging from sample set types and sizes, over sample treatment, to performed measurements. We provide detailed insights into how the academic state of the art evaluates both the protections and analyses thereon. In summary, there is a clear need for better evaluation methodologies. We identify nine challenges for software protection evaluations, which represent threats to the validity, reproducibility, and interpretation of research results in the context of MATE attacks.

Published

2023

205. Bitcoin's Carbon Footprint Revisited: Proof of Work Mining for Renewable Energy Expansion

Author

Ibañez, Juan Ignacio and Freier, Alexander

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Distributed, Parallel, and Cluster Computing, Distributed, Parallel, and Cluster Computing (cs.DC), Cryptography and Security (cs.CR)

Abstract

Despite their potential in many respects, blockchain and distributed ledger technology (DLT) technology have been the target of criticism for the energy intensity of the proof-of-work (PoW) consensus algorithm in general and of Bitcoin mining in particular. However, mining is also believed to have the potential to drive net decarbonization and renewable penetration in the energy grid by providing ancillary and other services. In this paper, we systematize the state of the art in this regard. Although not completely absent from the literature, the extent to which flexible load response (FLR) through PoW mining may support grid decarbonization remains insufficiently studied and hence contested. We approach this research gap by systematizing both the strengths and the limitations of mining to provide FLR services for energy grids. We find that a net-decarbonizing effect led by renewable-based mining is indeed plausible., Comment: A previous version of this paper was titled "Can Bitcoin Stop Climate Change? Proof of Work, Energy Consumption and Carbon Footprint (SoK)"

Published

2023

206. Location Privacy Protection Game against Adversary through Multi-user Cooperative Obfuscation

Author

Shu Hong and Lingjie Duan

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Networks and Communications, Computer Science - Computer Science and Game Theory, Electrical and Electronic Engineering, Cryptography and Security (cs.CR), Software, Computer Science and Game Theory (cs.GT)

Abstract

In location-based services(LBSs), it is promising for users to crowdsource and share their Point-of-Interest(PoI) information with each other in a common cache to reduce query frequency and preserve location privacy. Yet most studies on multi-user privacy preservation overlook the opportunity of leveraging their service flexibility. This paper is the first to study multiple users' strategic cooperation against an adversary's optimal inference attack, by leveraging mutual service flexibility. We formulate the multi-user privacy cooperation against the adversary as a max-min adversarial game and solve it in a linear program. Unlike the vast literature, even if a user finds the cached information useful, we prove it beneficial to still query the platform to further confuse the adversary. As the linear program's computational complexity still increases superlinearly with the number of users' possible locations, we propose a binary obfuscation scheme in two opposite spatial directions to achieve guaranteed performance with only constant complexity. Perhaps surprisingly, a user with a greater service flexibility should query with a less obfuscated location to add confusion. Finally, we provide guidance on the optimal query sequence among LBS users. Simulation results show that our crowdsourced privacy protection scheme greatly improves users' privacy as compared with existing approaches., Comment: Online technical report for a forthcoming paper in IEEE Transactions on Mobile Computing (TMC)

Published

2023

207. New Approach to Malware Detection Using Optimized Convolutional Neural Network

Author

Omar, Marwan

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

Cyber-crimes have become a multi-billion-dollar industry in the recent years. Most cybercrimes/attacks involve deploying some type of malware. Malware that viciously targets every industry, every sector, every enterprise and even individuals has shown its capabilities to take entire business organizations offline and cause significant financial damage in billions of dollars annually. Malware authors are constantly evolving in their attack strategies and sophistication and are developing malware that is difficult to detect and can lay dormant in the background for quite some time in order to evade security controls. Given the above argument, Traditional approaches to malware detection are no longer effective. As a result, deep learning models have become an emerging trend to detect and classify malware. This paper proposes a new convolutional deep learning neural network to accurately and effectively detect malware with high precision. This paper is different than most other papers in the literature in that it uses an expert data science approach by developing a convolutional neural network from scratch to establish a baseline of the performance model first, explores and implements an improvement model from the baseline model, and finally it evaluates the performance of the final model. The baseline model initially achieves 98% accurate rate but after increasing the depth of the CNN model, its accuracy reaches 99.183 which outperforms most of the CNN models in the literature. Finally, to further solidify the effectiveness of this CNN model, we use the improved model to make predictions on new malware samples within our dataset.

Published

2023

208. Generative AI for Cyber Threat-Hunting in 6G-enabled IoT Networks

Author

Ferrag, Mohamed Amine, Debbah, Merouane, and Al-Hawawreh, Muna

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

The next generation of cellular technology, 6G, is being developed to enable a wide range of new applications and services for the Internet of Things (IoT). One of 6G's main advantages for IoT applications is its ability to support much higher data rates and bandwidth as well as to support ultra-low latency. However, with this increased connectivity will come to an increased risk of cyber threats, as attackers will be able to exploit the large network of connected devices. Generative Artificial Intelligence (AI) can be used to detect and prevent cyber attacks by continuously learning and adapting to new threats and vulnerabilities. In this paper, we discuss the use of generative AI for cyber threat-hunting (CTH) in 6G-enabled IoT networks. Then, we propose a new generative adversarial network (GAN) and Transformer-based model for CTH in 6G-enabled IoT Networks. The experimental analysis results with a new cyber security dataset demonstrate that the Transformer-based security model for CTH can detect IoT attacks with a high overall accuracy of 95%. We examine the challenges and opportunities and conclude by highlighting the potential of generative AI in enhancing the security of 6G-enabled IoT networks and call for further research to be conducted in this area., Comment: The paper is accepted and will be published in the IEEE/ACM CCGrid 2023 Conference Proceedings

Published

2023

209. Learning across Data Owners with Joint Differential Privacy

Author

Huang, Yangsibo, Jiang, Haotian, Liu, Daogao, Mahdian, Mohammad, Mao, Jieming, and Mirrokni, Vahab

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Optimization and Control (math.OC), FOS: Mathematics, Mathematics - Optimization and Control, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

In this paper, we study the setting in which data owners train machine learning models collaboratively under a privacy notion called joint differential privacy [Kearns et al., 2018]. In this setting, the model trained for each data owner $j$ uses $j$'s data without privacy consideration and other owners' data with differential privacy guarantees. This setting was initiated in [Jain et al., 2021] with a focus on linear regressions. In this paper, we study this setting for stochastic convex optimization (SCO). We present an algorithm that is a variant of DP-SGD [Song et al., 2013; Abadi et al., 2016] and provides theoretical bounds on its population loss. We compare our algorithm to several baselines and discuss for what parameter setups our algorithm is more preferred. We also empirically study joint differential privacy in the multi-class classification problem over two public datasets. Our empirical findings are well-connected to the insights from our theoretical results.

Published

2023

210. OblivIO: Securing reactive programs by oblivious execution with bounded traffic overheads

Author

Blaabjerg, Jeppe Fredsgaard and Askarrov, Aslan

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Programming Languages, Traffic analysis, Data-oblivious programming, Language-based security, Cryptography and Security (cs.CR), Noninterference, Programming Languages (cs.PL)

Abstract

Traffic analysis attacks remain a significant problem for online security. Communication between nodes can be observed by network level attackers as it inherently takes place in the open. Despite online services increasingly using encrypted traffic, the shape of the traffic is not hidden. To prevent traffic analysis, the shape of a system's traffic must be independent of secrets. We investigate adapting the data-oblivious approach the reactive setting and present OblivIO, a secure language for writing reactive programs driven by network events. Our approach pads with dummy messages to hide which program sends are genuinely executed. We use an information-flow type system to provably enforce timing-sensitive noninterference. The type system is extended with potentials to bound the overhead in traffic introduced by our approach. We address challenges that arise from joining data-oblivious and reactive programming and demonstrate the feasibility of our resulting language by developing an interpreter that implements security critical operations as constant-time algorithms., Comment: 40 pages, 16 figures, Technical report for paper submitted to CSF 2023

Published

2023

211. Cross Chain Bribery Contracts: Majority vs Mighty Minority

Author

Tran, Quang, Chen, Lin, Xu, Lei, Lu, Yang, Karanjai, Rabimba, and Shi, Weidong

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Computer Science and Game Theory, Cryptography and Security (cs.CR), Computer Science and Game Theory (cs.GT)

Abstract

Bribery is a perilous issue in the real world, especially in an economical aspect. This fraudulence is unavoidable, and more importantly, it is more difficult to trace in case smart contracts are utilized for bribing on a distributed public blockchain. In our paper, we propose a new threat to the security of a blockchain system, cross-chain bribery using smart contracts. An arbitrary wealthy briber can utilize cross-chain smart contracts to manipulate a consensus mechanism on a victim's blockchain or to disgrace a victim's blockchain. To better understand this threat, our paper proposes a framework to analyze bribery using cross-chain smart contracts. We analyze the amount of incentive to bribe rational miners in a victim's blockchain and also a full cost of conducting a cross-chain bribery attack. The result is that such attacks can be carried out with a reasonable amount of money or cryptocurrencies.

Published

2023

212. UAV Trajectory and Multi-User Beamforming Optimization for Clustered Users Against Passive Eavesdropping Attacks With Unknown CSI

Author

Abdalla, Aly Sabri, Behfarnia, Ali, and Marojevic, Vuk

Subjects

Signal Processing (eess.SP), FOS: Computer and information sciences, Computer Science - Cryptography and Security, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Computer Science - Information Theory, Information Theory (cs.IT), FOS: Electrical engineering, electronic engineering, information engineering, Electrical Engineering and Systems Science - Signal Processing, Cryptography and Security (cs.CR)

Abstract

This paper tackles the fundamental passive eavesdropping problem in modern wireless communications in which the location and the channel state information (CSI) of the attackers are unknown. In this regard, we propose deploying an unmanned aerial vehicle (UAV) that serves as a mobile aerial relay (AR) to help ground base station (GBS) support a subset of vulnerable users. More precisely, our solution (1) clusters the single-antenna users in two groups to be either served by the GBS directly or via the AR, (2) employs optimal multi-user beamforming to the directly served users, and (3) optimizes the AR's 3D position, its multi-user beamforming matrix and transmit powers by combining closed-form solutions with machine learning techniques. Specifically, we design a plain beamforming and power optimization combined with a deep reinforcement learning (DRL) algorithm for an AR to optimize its trajectory for the security maximization of the served users. Numerical results show that the multi-user multiple input, single output (MU-MISO) system split between a GBS and an AR with optimized transmission parameters without knowledge of the eavesdropping channels achieves high secrecy capacities that scale well with increasing the number of users., Comment: This paper has been accepted for publication in the IEEE Transactions on Vehicular Technology

Published

2023

213. Improving Transferability of Adversarial Examples via Bayesian Attacks

Author

Li, Qizhang, Guo, Yiwen, Yang, Xiaochen, Zuo, Wangmeng, and Chen, Hao

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Computer Vision and Pattern Recognition (cs.CV), Computer Science - Computer Vision and Pattern Recognition, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

This paper presents a substantial extension of our work published at ICLR. Our ICLR work advocated for enhancing transferability in adversarial examples by incorporating a Bayesian formulation into model parameters, which effectively emulates the ensemble of infinitely many deep neural networks, while, in this paper, we introduce a novel extension by incorporating the Bayesian formulation into the model input as well, enabling the joint diversification of both the model input and model parameters. Our empirical findings demonstrate that: 1) the combination of Bayesian formulations for both the model input and model parameters yields significant improvements in transferability; 2) by introducing advanced approximations of the posterior distribution over the model input, adversarial transferability achieves further enhancement, surpassing all state-of-the-arts when attacking without model fine-tuning. Moreover, we propose a principled approach to fine-tune model parameters in such an extended Bayesian formulation. The derived optimization objective inherently encourages flat minima in the parameter space and input space. Extensive experiments demonstrate that our method achieves a new state-of-the-art on transfer-based attacks, improving the average success rate on ImageNet and CIFAR-10 by 19.14% and 2.08%, respectively, when comparing with our ICLR basic Bayesian method. We will make our code publicly available.

Published

2023

214. How Effective Are Neural Networks for Fixing Security Vulnerabilities

Author

Wu, Yi, Jiang, Nan, Pham, Hung Viet, Lutellier, Thibaud, Davis, Jordan, Tan, Lin, Babkin, Petr, and Shah, Sameena

Subjects

Software Engineering (cs.SE), FOS: Computer and information sciences, Computer Science - Software Engineering, Computer Science - Cryptography and Security, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Cryptography and Security (cs.CR)

Abstract

Security vulnerability repair is a difficult task that is in dire need of automation. Two groups of techniques have shown promise: (1) large code language models (LLMs) that have been pre-trained on source code for tasks such as code completion, and (2) automated program repair (APR) techniques that use deep learning (DL) models to automatically fix software bugs. This paper is the first to study and compare Java vulnerability repair capabilities of LLMs and DL-based APR models. The contributions include that we (1) apply and evaluate five LLMs (Codex, CodeGen, CodeT5, PLBART and InCoder), four fine-tuned LLMs, and four DL-based APR techniques on two real-world Java vulnerability benchmarks (Vul4J and VJBench), (2) design code transformations to address the training and test data overlapping threat to Codex, (3) create a new Java vulnerability repair benchmark VJBench, and its transformed version VJBench-trans and (4) evaluate LLMs and APR techniques on the transformed vulnerabilities in VJBench-trans. Our findings include that (1) existing LLMs and APR models fix very few Java vulnerabilities. Codex fixes 10.2 (20.4%), the most number of vulnerabilities. (2) Fine-tuning with general APR data improves LLMs' vulnerability-fixing capabilities. (3) Our new VJBench reveals that LLMs and APR models fail to fix many Common Weakness Enumeration (CWE) types, such as CWE-325 Missing cryptographic step and CWE-444 HTTP request smuggling. (4) Codex still fixes 8.3 transformed vulnerabilities, outperforming all the other LLMs and APR models on transformed vulnerabilities. The results call for innovations to enhance automated Java vulnerability repair such as creating larger vulnerability repair training data, tuning LLMs with such data, and applying code simplification transformation to facilitate vulnerability repair., Comment: This paper has been accepted to appear in the proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023), and to be presented at the conference, that will be held in Seattle, USA, 17-21 July 2023

Published

2023

215. SoK: Pragmatic Assessment of Machine Learning for Network Intrusion Detection

Author

Apruzzese, Giovanni, Laskov, Pavel, and Schneider, Johannes

Subjects

Computer Science - Networking and Internet Architecture, Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

Machine Learning (ML) has become a valuable asset to solve many real-world tasks. For Network Intrusion Detection (NID), however, scientific advances in ML are still seen with skepticism by practitioners. This disconnection is due to the intrinsically limited scope of research papers, many of which primarily aim to demonstrate new methods ``outperforming'' prior work -- oftentimes overlooking the practical implications for deploying the proposed solutions in real systems. Unfortunately, the value of ML for NID depends on a plethora of factors, such as hardware, that are often neglected in scientific literature. This paper aims to reduce the practitioners' skepticism towards ML for NID by "changing" the evaluation methodology adopted in research. After elucidating which "factors" influence the operational deployment of ML in NID, we propose the notion of "pragmatic assessment", which enable practitioners to gauge the real value of ML methods for NID. Then, we show that the state-of-research hardly allows one to estimate the value of ML for NID. As a constructive step forward, we carry out a pragmatic assessment. We re-assess existing ML methods for NID, focusing on the classification of malicious network traffic, and consider: hundreds of configuration settings; diverse adversarial scenarios; and four hardware platforms. Our large and reproducible evaluations enable estimating the quality of ML for NID. We also validate our claims through a user-study with security practitioners.

Published

2023

216. PMFault: Faulting and Bricking Server CPUs through Management Interfaces

Author

Chen, Zitai and Oswald, David

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Apart from the actual CPU, modern server motherboards contain other auxiliary components, for example voltage regulators for power management. Those are connected to the CPU and the separate Baseboard Management Controller (BMC) via the I2C-based PMBus. In this paper, using the case study of the widely used Supermicro X11SSL motherboard, we show how remotely exploitable software weaknesses in the BMC (or other processors with PMBus access) can be used to access the PMBus and then perform hardware-based fault injection attacks on the main CPU. The underlying weaknesses include insecure firmware encryption and signing mechanisms, a lack of authentication for the firmware upgrade process and the IPMI KCS control interface, as well as the motherboard design (with the PMBus connected to the BMC and SMBus by default). First, we show that undervolting through the PMBus allows breaking the integrity guarantees of SGX enclaves, bypassing Intel's countermeasures against previous undervolting attacks like Plundervolt/V0ltPwn. Second, we experimentally show that overvolting outside the specified range has the potential of permanently damaging Intel Xeon CPUs, rendering the server inoperable. We assess the impact of our findings on other server motherboards made by Supermicro and ASRock. Our attacks, dubbed PMFault, can be carried out by a privileged software adversary and do not require physical access to the server motherboard or knowledge of the BMC login credentials. We responsibly disclosed the issues reported in this paper to Supermicro and discuss possible countermeasures at different levels. To the best of our knowledge, the 12th generation of Supermicro motherboards, which was designed before we reported PMFault to Supermicro, is not vulnerable., Comment: For demo and source code, visit https://zt-chen.github.io/PMFault/

Published

2023

217. Backdoor Attacks to Pre-trained Unified Foundation Models

Author

Yuan, Zenghui, Liu, Yixin, Zhang, Kai, Zhou, Pan, and Sun, Lichao

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

The rise of pre-trained unified foundation models breaks down the barriers between different modalities and tasks, providing comprehensive support to users with unified architectures. However, the backdoor attack on pre-trained models poses a serious threat to their security. Previous research on backdoor attacks has been limited to uni-modal tasks or single tasks across modalities, making it inapplicable to unified foundation models. In this paper, we make proof-of-concept level research on the backdoor attack for pre-trained unified foundation models. Through preliminary experiments on NLP and CV classification tasks, we reveal the vulnerability of these models and suggest future research directions for enhancing the attack approach., Comment: This paper is accepted as a poster for NDSS 2023

Published

2023

218. Anomaly Detection Dataset for Industrial Control Systems

Author

Dehlaghi-Ghadim, Alireza, Moghadam, Mahshid Helali, Balador, Ali, and Hansson, Hans

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

Over the past few decades, Industrial Control Systems (ICSs) have been targeted by cyberattacks and are becoming increasingly vulnerable as more ICSs are connected to the internet. Using Machine Learning (ML) for Intrusion Detection Systems (IDS) is a promising approach for ICS cyber protection, but the lack of suitable datasets for evaluating ML algorithms is a challenge. Although there are a few commonly used datasets, they may not reflect realistic ICS network data, lack necessary features for effective anomaly detection, or be outdated. This paper presents the 'ICS-Flow' dataset, which offers network data and process state variables logs for supervised and unsupervised ML-based IDS assessment. The network data includes normal and anomalous network packets and flows captured from simulated ICS components and emulated networks. The anomalies were injected into the system through various attack techniques commonly used by hackers to modify network traffic and compromise ICSs. We also proposed open-source tools, `ICSFlowGenerator' for generating network flow parameters from Raw network packets. The final dataset comprises over 25,000,000 raw network packets, network flow records, and process variable logs. The paper describes the methodology used to collect and label the dataset and provides a detailed data analysis. Finally, we implement several ML models, including the decision tree, random forest, and artificial neural network to detect anomalies and attacks, demonstrating that our dataset can be used effectively for training intrusion detection ML models.

Published

2023

219. Personalized Privacy Auditing and Optimization at Test Time

Author

Tran, Cuong and Fioretto, Ferdinando

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Cryptography and Security (cs.CR), Machine Learning (cs.LG)

Abstract

A number of learning models used in consequential domains, such as to assist in legal, banking, hiring, and healthcare decisions, make use of potentially sensitive users' information to carry out inference. Further, the complete set of features is typically required to perform inference. This not only poses severe privacy risks for the individuals using the learning systems, but also requires companies and organizations massive human efforts to verify the correctness of the released information. This paper asks whether it is necessary to require \emph{all} input features for a model to return accurate predictions at test time and shows that, under a personalized setting, each individual may need to release only a small subset of these features without impacting the final decisions. The paper also provides an efficient sequential algorithm that chooses which attributes should be provided by each individual. Evaluation over several learning tasks shows that individuals may be able to report as little as 10\% of their information to ensure the same level of accuracy of a model that uses the complete users' information.

Published

2023

220. Less is More: Revisiting Gaussian Mechanism for Differential Privacy

Author

Ji, Tianxi and Li, Pan

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

In this paper, we identify that the classic Gaussian mechanism and its variants for differential privacy all suffer from \textbf{the curse of full-rank covariance matrices}, and hence the expected accuracy losses of these mechanisms applied to high dimensional query results, e.g., in $\mathbb{R}^M$, all increase linearly with $M$. To lift this curse, we design a Rank-1 Singular Multivariate Gaussian Mechanism (R1SMG). It achieves $(\epsilon,\delta)$-DP on query results in $\mathbb{R}^M$ by perturbing the results with noise following a singular multivariate Gaussian distribution, whose covariance matrix is a \textbf{randomly} generated rank-1 positive semi-definite matrix. In contrast, the classic Gaussian mechanism and its variants all consider \textbf{deterministic} full-rank covariance matrices. Our idea is motivated by a clue from Dwork et al.'s work on Gaussian mechanism that has been ignored in the literature: when projecting multivariate Gaussian noise with a full-rank covariance matrix onto a set of orthonormal basis in $\mathbb{R}^M$, only the coefficient of a single basis can contribute to the privacy guarantee. This paper makes the following technical contributions. (i) R1SMG achieves $(\epsilon,\delta)$-DP guarantee on query results in $\mathbb{R}^M$, while the magnitude of the additive noise decreases with $M$. Therefore, \textbf{less is more}, i.e., less amount of noise is able to sanitize higher dimensional query results. When $M\rightarrow \infty$, the expected accuracy loss converges to ${2(\Delta_2f)^2}/{\epsilon}$, where $\Delta_2f$ is the $l_2$ sensitivity of the query function $f$. (ii) Compared with other mechanisms, R1SMG is less likely to generate noise with large magnitude that overwhelms the query results, because the kurtosis and skewness of the nondeterministic accuracy loss introduced by R1SMG is larger than that introduced by other mechanisms.

Published

2023

221. Don't Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs

Author

Zhang, Yue, Yang, Yuqing, and Lin, Zhiqiang

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Mobile mini-programs in WeChat have gained significant popularity since their debut in 2017, reaching a scale similar to that of Android apps in the Play Store. Like Google, Tencent, the provider of WeChat, offers APIs to support the development of mini-programs and also maintains a mini-program market within the WeChat app. However, mini-program APIs often manage sensitive user data within the social network platform, both on the WeChat client app and in the cloud. As a result, cryptographic protocols have been implemented to secure data access. In this paper, we demonstrate that WeChat should have required the use of the "appsecret" master key, which is used to authenticate a mini-program, to be used only in the mini-program back-end. If this key is leaked in the front-end of the mini-programs, it can lead to catastrophic attacks on both mini-program developers and users. Using a mini-program crawler and a master key leakage inspector, we measured 3,450,586 crawled mini-programs and found that 40,880 of them had leaked their master keys, allowing attackers to carry out various attacks such as account hijacking, promotion abuse, and service theft. Similar issues were confirmed through testing and measuring of Baidu mini-programs too. We have reported these vulnerabilities and the list of vulnerable mini-programs to Tencent and Baidu, which awarded us with bug bounties, and also Tencent recently released a new API to defend against these attacks based on our findings., Comment: This is the preprint of our CCS 2023 paper

Published

2023

222. BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects

Author

Yi, Xiao, Fang, Yuzhou, Wu, Daoyuan, and Jiang, Lingxiao

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Due to the open-source nature of the blockchain ecosystem, it is common for new blockchains to fork or partially reuse the code of classic blockchains. For example, the popular Dogecoin, Litecoin, Binance BSC, and Polygon are all variants of Bitcoin/Ethereum. These "forked" blockchains thus could encounter similar vulnerabilities that are propagated from Bitcoin/Ethereum during forking or subsequently commit fetching. In this paper, we conduct a systematic study of detecting and investigating the propagated vulnerabilities in forked blockchain projects. To facilitate this study, we propose BlockScope, a novel tool that can effectively and efficiently detect multiple types of cloned vulnerabilities given an input of existing Bitcoin/Ethereum security patches. Specifically, BlockScope adopts similarity-based code match and designs a new way of calculating code similarity to cover all the syntax-wide variant (i.e., Type-1, Type-2, and Type-3) clones. Moreover, BlockScope automatically extracts and leverages the contexts of patch code to narrow down the search scope and locate only potentially relevant code for comparison. Our evaluation shows that BlockScope achieves good precision and high recall both at 91.8% (1.8 times higher recall than that in ReDeBug). BlockScope allows us to discover 101 previously unknown vulnerabilities in 13 out of the 16 forked projects of Bitcoin and Ethereum, including 16 from Dogecoin, 6 from Litecoin, 1 from Binance, and 4 from Optimism. We have reported all the vulnerabilities to their developers; 40 of them have been patched or accepted, 66 were acknowledged or under pending, and only 4 were rejected. We further investigate the propagation and patching processes of discovered vulnerabilities, and reveal three types of vulnerability propagation from source to forked projects, as well as the long delay (over 200 days) for releasing patches in Bitcoin forks., Comment: The paper was accepted by ISOC NDSS 2023

Published

2023

223. Efficient Secure Aggregation for Privacy-Preserving Federated Machine Learning

Author

Behnia, Rouzbeh, Ebrahimi, Mohammadreza, Riasi, Arman, Chow, Sherman, Padmanabhan, Balaji, and Hoang, Thang

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Secure aggregation protocols ensure the privacy of users' data in the federated learning settings by preventing the disclosure of users' local gradients. Despite their merits, existing aggregation protocols often incur high communication and computation overheads on the participants and might not be optimized to handle the large update vectors for machine learning models efficiently. This paper presents e-SeaFL, an efficient, verifiable secure aggregation protocol taking one communication round in aggregation. e-SeaFL allows the aggregation server to generate proof of honest aggregation for the participants. Our core idea is to employ a set of assisting nodes to help the aggregation server, under similar trust assumptions existing works placed upon the participating users. For verifiability, e-SeaFL uses authenticated homomorphic vector commitments. Our experiments show that the user enjoys five orders of magnitude higher efficiency than the state of the art (PPML 2022) for a gradient vector of a high dimension up to $100,000$., Comment: This paper was submitted to ACM AISec'23

Published

2023

224. ACM with Overlapping Partitions: Implementation and Periodicity Analysis

Author

O'Dea, Anthony

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

The Arnold Cat Map (ACM) is a popular chaotic map used in image encryption. Chaotic maps are known for their sensitivity to initial conditions and their ability to mix, or rearrange, pixels. However, ACM is periodic, and the period is relatively short. This periodicity decreases the effective key space for a cryptosystem. Further, ACM can only be performed on square matrices. For non-square images, this issue can be solved by performing ACM on multiple square partitions of the image. If these partitions overlap, the periodicity will greatly increase. The resulting system will be referred to as overlapping ACM or OACM. This paper will cover the implementation and periodicity analysis for these overlapping systems, which previous papers involving similar overlapping block partitions did not. Viewing OACM as a scan as opposed to a map allows for faster implementation and period analysis.

Published

2023

225. Analysis of the Benefits and Efficacy of the Addition of Variants and Reality Paths to the Blackboard Architecture

Author

Clark, Ben, Tassava, Matthew, Kolodjski, Cameron, and Straub, Jeremy

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

While the Blackboard Architecture has been in use since the 1980s, it has recently been proposed for modeling computer networks to assess their security. To do this, it must account for complex network attack patterns involving multiple attack routes and possible mid-attack system state changes. This paper proposes a data structure which can be used to model paths from an ingress point to a given egress point in Blackboard Architecture-modeled computer networks. It is designed to contain the pertinent information required for a systematic traversal through a changing network. This structure, called a reality path, represents a single potential pathway through the network with a given set of facts in a particular sequence of states. Another structure, called variants, is used during traversal of nodes (called containers) modeled in the network. The two structures - reality paths and variants - facilitate the use of a traversal algorithm, which will find all possible attack paths in Blackboard Architecture-modeled networks. This paper introduces and assesses the efficacy of variants and reality paths

Published

2023

226. Review, Meta-Taxonomy, and Use Cases of Cyberattack Taxonomies of Manufacturing Cybersecurity Threat Attributes and Countermeasures

Author

Rahman, Md Habibor, Wuest, Thorsten, and Shafae, Mohammed

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, FOS: Electrical engineering, electronic engineering, information engineering, Systems and Control (eess.SY), Electrical Engineering and Systems Science - Systems and Control, Cryptography and Security (cs.CR)

Abstract

A thorough and systematic understanding of different elements of cyberattacks is essential for developing the necessary tools to prevent, detect, diagnose, and mitigate cyberattacks in manufacturing systems. In response, researchers have proposed several attack taxonomies as methods for recognizing and categorizing various cyberattack attributes. However, those taxonomies cover selected attack attributes depending on the research focus, sometimes accompanied by inconsistent naming and definitions. These seemingly different taxonomies often overlap and can complement each other to create a comprehensive knowledge base of cyberattack attributes that is currently missing in the literature. Additionally, there is a missing link from creating structured knowledge by using a taxonomy to applying this structure for cybersecurity tools development and aiding practitioners in using it. To tackle these challenges, this article highlights how cyberattack taxonomies can be used to better understand and characterize manufacturing cybersecurity threats. It also reviews and analyzes current taxonomical classifications of manufacturing cybersecurity threat attributes and countermeasures, as well as the proliferation of the scope and coverage in existing taxonomies. As a result, these taxonomies are compiled into a more comprehensive and consistent meta-taxonomy for the smart manufacturing space. The resulting meta-taxonomy provides a holistic analysis of current taxonomies and integrates them into a unified structure. Based on this structure, this paper identifies gaps in current attack taxonomies and provides directions for future improvements. Finally, the paper introduces potential use cases for attack taxonomies in smart manufacturing systems for assessing security threats and their associated risks, devising risk mitigation strategies, and informing the application of cybersecurity frameworks., Comment: 19 pages, 4 figures

Published

2023

227. Residual-Based Detection of Attacks in Cyber-Physical Inverter-Based Microgrids

Author

Intriago, Andres, Liberati, Francesco, Hatziargyriou, Nikos D., and Konstantinou, Charalambos

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, FOS: Electrical engineering, electronic engineering, information engineering, Systems and Control (eess.SY), Electrical Engineering and Systems Science - Systems and Control, Cryptography and Security (cs.CR)

Abstract

This paper discusses the challenges faced by cyber-physical microgrids (MGs) due to the inclusion of information and communication technologies in their already complex, multi-layered systems. The work identifies a research gap in modeling and analyzing stealthy intermittent integrity attacks in MGs, which are designed to maximize damage and cancel secondary control objectives. To address this, the paper proposes a nonlinear residual-based observer approach to detect and mitigate such attacks. In order to ensure a stable operation of the MG, the formulation then incorporates stability constraints along with the detection observer. The proposed design is validated through case studies on a MG benchmark with four distributed generators, demonstrating its effectiveness in detecting attacks while satisfying network and stability constraints., Comment: Accepted at IEEE Transactions on Power Systems

Published

2023

228. High-Performance Caching of Homomorphic Encryption for Cloud Databases

Author

Zhao, Dongfang

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Databases, Databases (cs.DB), Cryptography and Security (cs.CR)

Abstract

While homomorphic encryption (HE) has garnered significant research interest in cloud-based outsourced databases due to its algebraic properties over ciphertexts, the computational overhead associated with HE has hindered its widespread adoption in production database systems. Recently, a caching technique called Radix-based additive caching of homomorphic encryption (Rache) was proposed in SIGMOD'23. The primary objective of this paper is to address the performance overhead resulting from the expensive randomization process in Rache. To achieve this, we propose a novel encryption algorithm called $ASEnc$, which replaces the computationally intensive full scan of radixes with the caching of a polynomial number of radix-powers during an offline stage. This design significantly reduces the performance impact caused by randomization. Furthermore, this paper aims to extend Rache's capabilities to support floating-point numbers. To accomplish this, we introduce a new encryption algorithm named $FSEnc$, leveraging efficient constant multiplication available in state-of-the-art fully homomorphic encryption (FHE) schemes. Notably, $FSEnc$ offers the flexibility to cache the coefficients instead of the radixes themselves, which may result in a large number of cached ciphertexts. However, we manage this efficiently by streaming the dynamically cached ciphertexts through a vector of circular buffers. We demonstrate that both encryption algorithms guarantee semantic security (IND-CPA). To validate their performance, we implement both algorithms as loadable functions in MySQL 8.0 and deploy the system prototype on a 96-core server hosted in the Chameleon Cloud. Experimental results showcase that $ASEnc$ outperforms Rache by 2.3--3.3$\times$, while $FSEnc$ surpasses the state-of-the-art floating-point FHE CKKS by 1.8--5.6$\times$.

Published

2023

229. Secure Composition of Robust and Optimising Compilers

Author

Kruse, Matthis, Backes, Michael, and Patrignani, Marco

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Programming Languages, Cryptography and Security (cs.CR), Programming Languages (cs.PL)

Abstract

To ensure that secure applications do not leak their secrets, they are required to uphold several security properties such as spatial and temporal memory safety as well as cryptographic constant time. Existing work shows how to enforce these properties individually, in an architecture-independent way, by using secure compiler passes that each focus on an individual property. Unfortunately, given two secure compiler passes that each preserve a possibly different security property, it is unclear what kind of security property is preserved by the composition of those secure compiler passes. This paper is the first to study what security properties are preserved across the composition of different secure compiler passes. Starting from a general theory of property composition for security-relevant properties (such as the aforementioned ones), this paper formalises a theory of composition of secure compilers. Then, it showcases this theory a secure multi-pass compiler that preserves the aforementioned security-relevant properties. Crucially, this paper derives the security of the multi-pass compiler from the composition of the security properties preserved by its individual passes, which include security-preserving as well as optimisation passes. From an engineering perspective, this is the desirable approach to building secure compilers., Comment: Submitted to POPL'24

Published

2023

230. TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors (Technical Report)

Author

Chakraborty, Dhiman, Schwarz, Michael, and Bugiel, Sven

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Platforms are nowadays typically equipped with tristed execution environments (TEES), such as Intel SGX and ARM TrustZone. However, recent microarchitectural attacks on TEEs repeatedly broke their confidentiality guarantees, including the leakage of long-term cryptographic secrets. These systems are typically also equipped with a cryptographic coprocessor, such as a TPM or Google Titan. These coprocessors offer a unique set of security features focused on safeguarding cryptographic secrets. Still, despite their simultaneous availability, the integration between these technologies is practically nonexistent, which prevents them from benefitting from each other's strengths. In this paper, we propose TALUS, a general design and a set of three main requirements for a secure symbiosis between TEEs and cryptographic coprocessors. We implement a proof-of-concept of TALUS based on Intel SGX and a hardware TPM. We show that with TALUS, the long-term secrets used in the SGX life cycle can be moved to the TPM. We demonstrate that our design is robust even in the presence of transient execution attacks, preventing an entire class of attacks due to the reduced attack surface on the shared hardware., Comment: In proceedings of Financial Cryptography 2023. This is the technical report of the published paper

Published

2023

231. An Insider Threat Mitigation Framework Using Attribute Based Access Control

Author

Balogun, Olusesi and Takabi, Daniel

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Insider Threat is a significant and potentially dangerous security issue in corporate settings. It is difficult to mitigate because, unlike external threats, insiders have knowledge of an organization's access policies, access hierarchy, access protocols, and access scheduling. Several approaches to reducing insider threat have been proposed in the literature. However, the integration of access control and moving target defense (MTD) for deceiving insiders has not been adequately discussed. In this paper, we combine MTD, deception, and attribute-based access control to make it more difficult and expensive for an insider to gain unauthorized access. We introduce the concept of correlated attributes into ABAC and extend the ABAC model with MTD by generating mutated policy using the correlated attributes for insider threat mitigation. The evaluation results show that the proposed framework can effectively identify correlated attributes and produce adequate mutated policy without affecting the usability of the access control systems., Comment: This paper was presented and published with open access at the 7th Workshop on Research for Insider Threats (WRIT) - Annual Computer Security Applications Conference (ACSAC) 2022

Published

2023

232. ChatGPT for Digital Forensic Investigation: The Good, The Bad, and The Unknown

Author

Scanlon, Mark, Breitinger, Frank, Hargreaves, Christopher, Hilgert, Jan-Niclas, and Sheppard, John

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Science - Computation and Language, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Cryptography and Security (cs.CR), Computation and Language (cs.CL)

Abstract

The disruptive application of ChatGPT (GPT-3.5, GPT-4) to a variety of domains has become a topic of much discussion in the scientific community and society at large. Large Language Models (LLMs), e.g., BERT, Bard, Generative Pre-trained Transformers (GPTs), LLaMA, etc., have the ability to take instructions, or prompts, from users and generate answers and solutions based on very large volumes of text-based training data. This paper assesses the impact and potential impact of ChatGPT on the field of digital forensics, specifically looking at its latest pre-trained LLM, GPT-4. A series of experiments are conducted to assess its capability across several digital forensic use cases including artefact understanding, evidence searching, code generation, anomaly detection, incident response, and education. Across these topics, its strengths and risks are outlined and a number of general conclusions are drawn. Overall this paper concludes that while there are some potential low-risk applications of ChatGPT within digital forensics, many are either unsuitable at present, since the evidence would need to be uploaded to the service, or they require sufficient knowledge of the topic being asked of the tool to identify incorrect assumptions, inaccuracies, and mistakes. However, to an appropriately knowledgeable user, it could act as a useful supporting tool in some circumstances.

Published

2023

233. An electronic warfare approach for deploying a software-based Wi-Fi jammer

Author

Keshav Kaushik, Rahul Negi, and Prabhav Dev

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Some prominent instances have been centered on electronic warfare. For example, the American military has made significant investments in automation through UAV programs, only for competitors like the Iranians to create strategies to interfere with these systems. Iran managed to capture a top-secret U.S. surveil-lance drone by fooling it into descending in the incorrect place by jamming its control signals and providing it with bogus GPS data. In this paper, the authors have focused on the electronic warfare approach for deploying a software-based Wi-Fi jammer. The software-based Wi-Fi jammer can disconnect the targets using the DoS pursuit mode. The paper describes the unique methodology of how software can also be used for jamming wireless signals.

Published

2022

234. StyleID: Identity Disentanglement for Anonymizing Faces

Author

Le, Minh-Ha and Carlsson, Niklas

Subjects

FOS: Computer and information sciences, I.2, Computer Science - Machine Learning, Computer Science - Cryptography and Security, I.4, Computer Science - Artificial Intelligence, Computer Vision and Pattern Recognition (cs.CV), Computer Science - Computer Vision and Pattern Recognition, K.4, Machine Learning (cs.LG), Multimedia (cs.MM), Artificial Intelligence (cs.AI), 68T45, 68T07, 68P27, General Earth and Planetary Sciences, Cryptography and Security (cs.CR), Computer Science - Multimedia, General Environmental Science

Abstract

Privacy of machine learning models is one of the remaining challenges that hinder the broad adoption of Artificial Intelligent (AI). This paper considers this problem in the context of image datasets containing faces. Anonymization of such datasets is becoming increasingly important due to their central role in the training of autonomous cars, for example, and the vast amount of data generated by surveillance systems. While most prior work de-identifies facial images by modifying identity features in pixel space, we instead project the image onto the latent space of a Generative Adversarial Network (GAN) model, find the features that provide the biggest identity disentanglement, and then manipulate these features in latent space, pixel space, or both. The main contribution of the paper is the design of a feature-preserving anonymization framework, StyleID, which protects the individuals' identity, while preserving as many characteristics of the original faces in the image dataset as possible. As part of the contribution, we present a novel disentanglement metric, three complementing disentanglement methods, and new insights into identity disentanglement. StyleID provides tunable privacy, has low computational complexity, and is shown to outperform current state-of-the-art solutions., Accepted to Privacy Enhancing Technologies Symposium (PETS), July 2023. Will appear in Proceedings on Privacy Enhancing Technologies (PoPETs), volume 1, 2023. 15 pages including references and appendix, 16 figures, 5 tables

Published

2022

235. Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software

Author

Lefeuvre, Hugo, Bădoiu, Vlad-Andrei, Chien, Yi, Huici, Felipe, Dautenhahn, Nathan, and Olivier, Pierre

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, compartmentalization-interface-vulnerabilities, ndss23, Cryptography and Security (cs.CR), fuzzing

Abstract

This artifact contains the source code of ConfFuzz, the proof of-concept of our CIV fuzzer presented at NDSS'23 ("Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software"), along with the full CIV data set and processing scripts. The goal of this artifact is to allow readers to access the CIV data set, and build new research on top of ConfFuzz. Abstract of the paper: Least-privilege separation decomposes applications into compartments limited to accessing only what they need. When compartmentalizing existing software, many approaches neglect securing the new inter-compartment interfaces, although what used to be a function call from/to a trusted component is now potentially a targeted attack from a malicious compartment. This results in an entire class of security bugs: Compartment Interface Vulnerabilities (CIVs). This paper provides an in-depth study of CIVs. We taxonomize these issues and show that they affect all known compartmentalization approaches. We propose ConfFuzz, an in-memory fuzzer specialized to detect CIVs at possible compartment boundaries. We apply ConfFuzz to a set of 25 popular applications and 36 possible compartment APIs, to uncover a wide data-set of 629 vulnerabilities. We systematically study these issues, and extract numerous insights on the prevalence of CIVs, their causes, impact, and the complexity to address them. We stress the critical importance of CIVs in compartmentalization approaches, demonstrating an attack to extract isolated keys in OpenSSL and uncovering a decade-old vulnerability in sudo. We show, among others, that not all interfaces are affected in the same way, that API size is uncorrelated with CIV prevalence, and that addressing interface vulnerabilities goes beyond writing simple checks. We conclude the paper with guidelines for CIV-aware compartment interface design, and appeal for more research towards systematic CIV detection and mitigation., Paper on arXiv: https://arxiv.org/abs/2212.12904. Other funding sources: NSF CNS #2008867, #2146537, and ONR N00014-22-1-2057.

Published

2022

236. On Cache-Aided Multi-User Private Information Retrieval with Small Caches

Author

Rajput, Charul and Rajan, B. Sundar

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Information Theory (cs.IT), Computer Science - Information Theory, Cryptography and Security (cs.CR), Information Retrieval (cs.IR), Computer Science - Information Retrieval

Abstract

In this paper, we propose a scheme for the problem of cache-aided multi-user private information retrieval with small caches, in which $K$ users are connected to $S$ non-colluding databases via shared links. Each database contains a set of $N$ files, and each user has a dedicated cache of size equivalent to the size of $M$ files. All the users want to retrieve a file without revealing their demands to the databases. During off-peak hours, all the users will fill their caches, and when required, users will demand their desired files by cooperatively generating query sets for each database. After receiving the transmissions from databases, all the users should get their desired files using transmitted data and their cache contents. This problem has been studied in [X. Zhang, K. Wan, H. Sun, M. Ji and G. Caire, \tqt{Fundamental limits of cache-aided multiuser private information retrieval}, IEEE Trans. Commun., 2021], in which authors proposed a product design scheme. In this paper, we propose a scheme that gives a better rate for a particular value of $M$ than the product design scheme. We consider a slightly different approach for the placement phase. Instead of a database filling the caches of all users directly, a database will broadcast cache content for all users on a shared link, and then the users will decide unitedly which part of the broadcasted content will be stored in the cache of each user. This variation facilitates maintaining the privacy constraint at a reduced rate., 35 pages, 7 tables and 3 figures. Two figures have been added

Published

2022

237. Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems

Author

Jeonghyun Woo, Gururaj Saileshwar, and Prashant J. Nair

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

As Dynamic Random Access Memories (DRAM) scale, they are becoming increasingly susceptible to Row Hammer. By rapidly activating rows of DRAM cells (aggressor rows), attackers can exploit inter-cell interference through Row Hammer to flip bits in neighboring rows (victim rows). A recent work, called Randomized Row-Swap (RRS), proposed proactively swapping aggressor rows with randomly selected rows before an aggressor row can cause Row Hammer. Our paper observes that RRS is neither secure nor scalable. We first propose the `Juggernaut attack pattern' that breaks RRS in under 1 day. Juggernaut exploits the fact that the mitigative action of RRS, a swap operation, can itself induce additional target row activations, defeating such a defense. Second, this paper proposes a new defense Secure Row-Swap mechanism that avoids the additional activations from swap (and unswap) operations and protects against Juggernaut. Furthermore, this paper extends Secure Row-Swap with attack detection to defend against even future attacks. While this provides better security, it also allows for securely reducing the frequency of swaps, thereby enabling Scalable and Secure Row-Swap. The Scalable and Secure Row-Swap mechanism provides years of Row Hammer protection with 3.3X lower storage overheads as compared to the RRS design. It incurs only a 0.7% slowdown as compared to a not-secure baseline for a Row Hammer threshold of 1200.

Published

2022

238. Federated Learning Attacks Revisited: A Critical Discussion of Gaps, Assumptions, and Evaluation Setups

Author

Aidmar Wainakh, Ephraim Zimmer, Sandeep Subedi, Jens Keim, Tim Grube, Shankar Karuppayah, Alejandro Sanchez Guinea, and Max Mühlhäuser

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Electrical and Electronic Engineering, Cryptography and Security (cs.CR), Biochemistry, Instrumentation, federated learning, inference attacks, poisoning attacks, systematic mapping study, Atomic and Molecular Physics, and Optics, Analytical Chemistry

Abstract

Federated learning (FL) enables a set of entities to collaboratively train a machine learning model without sharing their sensitive data, thus, mitigating some privacy concerns. However, an increasing number of works in the literature propose attacks that can manipulate the model and disclose information about the training data in FL. As a result, there has been a growing belief in the research community that FL is highly vulnerable to a variety of severe attacks. Although these attacks do indeed highlight security and privacy risks in FL, some of them may not be as effective in production deployment because they are feasible only under special -- sometimes impractical -- assumptions. Furthermore, some attacks are evaluated under limited setups that may not match real-world scenarios. In this paper, we investigate this issue by conducting a systematic mapping study of attacks against FL, covering 48 relevant papers from 2016 to the third quarter of 2021. On the basis of this study, we provide a quantitative analysis of the proposed attacks and their evaluation settings. This analysis reveals several research gaps with regard to the type of target ML models and their architectures. Additionally, we highlight unrealistic assumptions in the problem settings of some attacks, related to the hyper-parameters of the ML model and data distribution among clients. Furthermore, we identify and discuss several fallacies in the evaluation of attacks, which open up questions on the generalizability of the conclusions. As a remedy, we propose a set of recommendations to avoid these fallacies and to promote adequate evaluations., Comment: In Section 5.2, incomplete information are mentioned on reference [9] ("How To Backdoor Federated Learning"). This part of text will be revised and enriched

Published

2022

239. A comparison, analysis, and provision of methods in identifying types of malware and means of malware detection and protection against them

Author

Grochola, Sebastian and Milliner, Andrew

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cyber Security and Human Factors, Cryptography and Security (cs.CR)

Abstract

In this research paper, our intent is to outline different types of malware, their means of operation, and how they are detected in order to protect yourself against such attacks. Varied permission, and limited technical resources mean that detecting malware and such attacks becomes more difficult. With the normal user being limited to the UI, their ability to see what happens in the background is virtually limited to none. Many do not have control on how they distribute permission over the data the applications they use controls, or how that data is stored or distributed. They also do not receive any notification as to whether their data is protected against various attacks and if it has not been attacked already. In this paper, we present evidence on what malware is, how malware operates, different types of malware, and the general means of defence., 6 pages, 3 figures, 15 references

Published

2022

240. Pedagogic Challenges in Teaching Cyber Security -- a UK Perspective

Author

Harjinder, Lallie, Jane, Sinclair, Mike, Joy, Helge, Janicke, Blaine, Price, and Richard, Howley

Subjects

FOS: Computer and information sciences, Computer Science - Computers and Society, Computer Science - Cryptography and Security, Computers and Society (cs.CY), Cryptography and Security (cs.CR)

Abstract

Cyber security has become an issue of national concern in the UK, USA and many other countries worldwide. Universities have reacted to this by launching numerous cyber security degree programmes. In this paper we explore the structure of these degrees and in particular highlight the challenges faced by academics teaching on them. We explore the issues relating to student expectations and the CSI effect in students entering cyber security. We highlight the science vs tools debate to bring focus to some of the pedagogic tensions between students/industry and the academics who teach on the degree courses. Cyber security is subject to numerous ethical issues and nowhere is this more so than in a university environment. We analyse some of the ethical teaching related issues in cyber security. This paper will be of interest to professionals in industry as well as academics interested in exploring the shape, flavour and structure of cyber security related degree courses and also the challenges presented to the academics that teach these degrees., 13 pages, 1 figure

Published

2022

241. Digital Twins for Dynamic Management of Blockchain Systems

Author

Diamantopoulos, Georgios, Tziritas, Nikos, Bahsoon, Rami, and Theodoropoulos, Georgios

Subjects

FOS: Computer and information sciences, Artificial Intelligence (cs.AI), Computer Science - Cryptography and Security, Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Artificial Intelligence, Distributed, Parallel, and Cluster Computing (cs.DC), Cryptography and Security (cs.CR)

Abstract

Blockchain systems are challenged by the so-called Trilemma tradeoff: decentralization, scalability and security. Infrastructure and node configuration, choice of the Consensus Protocol and complexity of the application transactions are cited amongst the factors that affect the tradeoffs balance. Given that Blockchains are complex, dynamic dynamic systems, a dynamic approach to their management and reconfiguration at runtime is deemed necessary to reflect the changes in the state of the infrastructure and application. This paper introduces the utilisation of Digital Twins for this purpose. The novel contribution of the paper is design of a framework and conceptual architecture of a Digital Twin that can assist in maintaining the Trilemma tradeoffs of time critical systems. The proposed Digital Twin is illustrated via an innovative approach to dynamic selection of Consensus Protocols. Simulations results show that the proposed framework can effectively support the dynamic adaptation and management of the Blockchain, 12 pages, 5 figures, submitted to Winter Simulation Conference 2022

Published

2022

242. Fast, Cheap and Good: Lightweight Methods Are Undervalued

Author

Shostack, Adam

Subjects

FOS: Computer and information sciences, D.2.2, Computer Science - Cryptography and Security, D.2.10, Cryptography and Security (cs.CR)

Abstract

Engineering techniques to address the endless parade of security issues are an important area of research. Properties of practices in industrial use are rarely studied. Security workers satisfice. There is a widespread perception that security work must be cumbersome, and thus there's no value to assessing levels of effort. This is complemented by a belief that the nth day of work will produce value equal to the first. These perceptions impact both practice and research. This paper expands the acceptable paradigms for security analysis to include the fast, cheap and good enough. "Nothing" is often enough for industry. This paper makes a case for valuing lightweight ("fast and cheap") methods, presents a set of case studies and evaluation criteria for such tools, including card decks and role playing games., 9 pages, one figure

Published

2022

243. A Novel Efficient Signcryption Scheme for Resource-Constrained Smart Terminals in Cyber-Physical Power Systems

Author

Li, Xue, Jiang, Cheng, Du, Dajun, Wang, Shengyi, Fei, Minrui, and Wu, Lei

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

Most of the existing signcryption schemes generate pseudonym by key generation center (KGC) and usually choose bilinear pairing to construct authentication schemes. The drawback is that these schemes not only consume heavy computation and communication costs during information exchange, but also can not eliminate security risks due to not updating pseudonym, which do not work well for resource-constrained smart terminals in cyber-physical power systems (CPPSs). The main objective of this paper is to propose a novel efficient signcryption scheme for resource-constrained smart terminals. First, a dynamical pseudonym self-generation mechanism (DPSGM) is explored to achieve privacy preservation and avoid the source being linked. Second, combined with DPSGM, an efficient signcryption scheme based on certificateless cryptography (CLC) and elliptic curve cryptography (ECC) is designed, which reduces importantly computation and communication burden. Furthermore, under random oracle model (ROM), the confidentiality and non-repudiation of the proposed signcryption scheme are transformed into elliptic curve discrete logarithm and computational Diffie-Hellman problems that cannot be solved in polynomial time, which guarantees the security. Finally, the effectiveness and feasibility of the proposed signcryption scheme are confirmed by experimental analyses., The submitted paper is a draft and the highlight i.e., remark 1 in section I and section IV.B is error. Therefore, the submitted paper must be withdrawed

Published

2022

244. Systematic review of automatic translation of high-level security policy into firewall rules

Author

Kovačević, Ivan, Štengl, Bruno, Groš, Stjepan, and Skala, Karolj

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), network security, security policy, firewall

Abstract

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction, with statements such as "web browsing is allowed only on workstations inside the office network", and needs to be translated into low-level firewall rules to be enforceable. There has been a lot of work regarding optimization, analysis and platform independence of firewall rules, but an area that has seen much less success is automatic translation of high-level security policies into firewall rules. In addition to improving rules' readability, such translation would make it easier to detect errors.This paper surveys of over twenty papers that aim to generate firewall rules according to a security policy specified on a higher level of abstraction. It also presents an overview of similar features in modern firewall systems. Most approaches define specialized domain languages that get compiled into firewall rule sets, with some of them relying on formal specification, ontology, or graphical models. The approaches' have improved over time, but there are still many drawbacks that need to be solved before wider application., 6 pages, 1 figure; Published in the 2022 45th Jubilee International Convention on Information, Communication and Electronic Technology (MIPRO)

Published

2022

245. The Future of Integrated Digital Governance in the EU: EBSI and GLASS

Author

Buchanan, William J, Abubakar, Mwarwan, Lo, Owen, Chrysoulas, Christos, Pitropakis, Nikolaos, Papadopoulos, Pavlos, Sayeed, Sarwar, and Sel, Marc

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)

Abstract

In the past, citizen identity has been used within siloed data areas, and where government agencies have linked citizens across different services. Often these identifiers were simple alphanumeric strings, and which were assigned by government agencies. These identifiers are then linked in some way to the citizen, and where citizens often have to request access to documents that prove certain aspects of their citizenship. These systems, too, often use paper-based approaches and have little in the way of real digital trust. But, in an information age, we now have the ability to provide unique digital identifiers for each citizen, and then for them to claim access to their citizenship documents. This might be in the form of their academic qualifications, their tax status, or even their driver's licence. While, at one time, these documents were either held by the trusted issuers of the information, or in a paper form, we now have the opportunity for these documents to be linked to a citizen wallet. This would allow citizens the opportunity to request documents once, but use them many times. A core part of this is the unique private key associated with the citizen, and in the usage of digital signing by trusted entities. While many countries have struggled to implement a digital identity scheme, the EU Commission has the ambition to provide every EU citizen with a digital wallet, and thus moved towards improved freedom of movement and integration of the countries within the EU. The scale of this cannot be underestimated, and it could break down the barriers that have been created by legacy systems. In order to harmonise the integration of both citizens and trusted signers, the EU Commission proposes the usage of EBSI (European Blockchain Services Infrastructure).

Published

2022

246. On Zero-Knowledge Proofs over the Quantum Internet

Author

Carney, Mark

Subjects

FOS: Computer and information sciences, Quantum Physics, Computer Science - Cryptography and Security, FOS: Physical sciences, Quantum Physics (quant-ph), Cryptography and Security (cs.CR)

Abstract

This paper presents a new method for quantum identity authentication (QIA) protocols. The logic of classical zero-knowledge proofs (ZKPs) due to Schnorr is applied in quantum circuits and algorithms. This novel approach gives an exact way with which a prover $P$ can prove they know some secret by encapsulating it in a quantum state before sending to a verifier $V$ by means of a quantum channel - allowing for a ZKP wherein an eavesdropper or manipulation can be detected with a fail-safe design. This is achieved by moving away from the hardness of the Discrete Logarithm Problem towards the hardness of estimating quantum states. This paper presents a method with which this can be achieved and some bounds for the security of the protocol provided. With the anticipated advent of a `quantum internet', such protocols and ideas may soon have utility and execution in the real world., 7 pages, no figures or tables

Published

2022

247. Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System

Author

Shahid, Abdur R., Imteaj, Ahmed, Wu, Peter Y., Igoche, Diane A., and Alam, Tauhidul

Subjects

Signal Processing (eess.SP), FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, FOS: Electrical engineering, electronic engineering, information engineering, Computer Science - Human-Computer Interaction, Electrical Engineering and Systems Science - Signal Processing, Cryptography and Security (cs.CR), Human-Computer Interaction (cs.HC), Machine Learning (cs.LG)

Abstract

Human Activity Recognition (HAR) is a problem of interpreting sensor data to human movement using an efficient machine learning (ML) approach. The HAR systems rely on data from untrusted users, making them susceptible to data poisoning attacks. In a poisoning attack, attackers manipulate the sensor readings to contaminate the training set, misleading the HAR to produce erroneous outcomes. This paper presents the design of a label flipping data poisoning attack for a HAR system, where the label of a sensor reading is maliciously changed in the data collection phase. Due to high noise and uncertainty in the sensing environment, such an attack poses a severe threat to the recognition system. Besides, vulnerability to label flipping attacks is dangerous when activity recognition models are deployed in safety-critical applications. This paper shades light on how to carry out the attack in practice through smartphone-based sensor data collection applications. This is an earlier research work, to our knowledge, that explores attacking the HAR models via label flipping poisoning. We implement the proposed attack and test it on activity recognition models based on the following machine learning algorithms: multi-layer perceptron, decision tree, random forest, and XGBoost. Finally, we evaluate the effectiveness of K-nearest neighbors (KNN)-based defense mechanism against the proposed attack., Submitted to IEEE SSCI 2022 Conference

Published

2022

248. Attack-aware Synchronization-free Data Timestamping in LoRaWAN

Author

Jun Huang, Chaojie Gu, Linshan Jiang, Rui Tan, and Mo Li

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Networks and Communications, business.industry, Computer science, Timestamping, Wireless security, Computer Science - Networking and Internet Architecture, Monitoring data, Synchronization (computer science), business, Cryptography and Security (cs.CR), Wireless sensor network, Computer network

Abstract

Low-power wide-area network technologies such as LoRaWAN are promising for collecting low-rate monitoring data from geographically distributed sensors, in which timestamping the sensor data is a critical system function. This paper considers a synchronization-free approach to timestamping LoRaWAN uplink data based on signal arrival time at the gateway, which well matches LoRaWAN's one-hop star topology and releases bandwidth from transmitting timestamps and synchronizing end devices' clocks at all times. However, we show that this approach is susceptible to a {\em frame delay attack} consisting of malicious frame collision and delayed replay. Real experiments show that the attack can affect the end devices in large areas up to about $50,000\,\text{m}^2$. In a broader sense, the attack threatens any system functions requiring timely deliveries of LoRaWAN frames. To address this threat, we propose a $\mathsf{LoRaTS}$ gateway design that integrates a commodity LoRaWAN gateway and a low-power software-defined radio receiver to track the inherent frequency biases of the end devices. Based on an analytic model of LoRa's chirp spread spectrum modulation, we develop signal processing algorithms to estimate the frequency biases with high accuracy beyond that achieved by LoRa's default demodulation. The accurate frequency bias tracking capability enables the detection of the attack that introduces additional frequency biases. We also investigate and implement a more crafty attack that uses advanced radio apparatuses to eliminate the frequency biases. To address this crafty attack, we propose a pseudorandom interval hopping scheme to enhance our frequency bias tracking approach. Extensive experiments show the effectiveness of our approach in deployments with real affecting factors such as temperature variations., Comment: This paper has been accepted by ACM Transactions on Sensor Networks (TOSN)

Published

2021

249. Comparative Analysis and Enhancement of CFG-based Hardware-Assisted CFI Schemes

Author

Mario Telesklav and Stefan Tauner

Subjects

FOS: Computer and information sciences, Scheme (programming language), Computer Science - Cryptography and Security, business.industry, Computer science, Binary number, Porting, Control flow, Hardware and Architecture, Hardware Architecture (cs.AR), Benchmark (computing), C.0, Control flow graph, Computer Science - Hardware Architecture, business, Field-programmable gate array, Cryptography and Security (cs.CR), computer, Implementation, Software, Computer hardware, computer.programming_language

Abstract

Subverting the flow of instructions (e.g., by use of code-reuse attacks) still poses a serious threat to the security of today’s systems. Various control flow integrity (CFI) schemes have been proposed as a powerful technique to detect and mitigate such attacks. In recent years, many hardware-assisted implementations of CFI enforcement based on control flow graphs (CFGs) have been presented by academia. Such approaches check whether control flow transfers follow the intended CFG by limiting the valid target addresses. However, these papers all target different platforms and were evaluated with different sets of benchmark applications, which makes quantitative comparisons hardly possible. For this paper, we have implemented multiple promising CFG-based CFI schemes on a common platform comprising a RISC-V within FPGA. By porting almost 40 benchmark applications to this system we can present a meaningful comparison of the various techniques in terms of run-time performance, hardware utilization, and binary size. In addition, we present an enhanced CFI approach that is inspired by what we consider the best concepts and ideas of previously proposed mechanisms. We have made this approach more practical and feature-complete by tackling some problems largely ignored previously. We show with this fine-grained scheme that CFI can be achieved with even less overheads than previously demonstrated.

Published

2021

250. Statistical inference attack against PHY-layer key extraction and countermeasures

Author

Tao Shu, Huirong Fu, and Rui Zhu

Subjects

FOS: Computer and information sciences, 021110 strategic, defence & security studies, Computer Science - Cryptography and Security, Computer Networks and Communications, business.industry, Computer science, 0211 other engineering and technologies, Physical layer, Inference, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Information security, computer.software_genre, Least significant bit, 0202 electrical engineering, electronic engineering, information engineering, Statistical inference, Wireless, Data mining, Electrical and Electronic Engineering, business, Cryptography and Security (cs.CR), computer, Information Systems, Communication channel

Abstract

The establishment of secure secret keys ahead of transmissions is one of the key issues in the field of information security. The security of traditional cryptographic secret key establishment mechanisms is seriously challenged by computing-intensive attacks, with the fast growth of high-performance computing. As an alternative, considerable efforts have been made to develop physical (PHY) layer security measures in recent years, such as link-signature-based (LSB) secret key extraction techniques. Those mechanisms have been believed secure, based on the fundamental assumption that wireless signals received at two locations are uncorrelated when separated by more than half a wavelength. However, this assumption does not hold in some circumstances under latest observations, rendering LSB key extraction mechanisms vulnerable to attacks. To address this problem, the formal theoretical analysis on channel correlations in both real indoor and outdoor environments is provided in this paper. Moreover, this paper proposes empirical statistical inference attacks (SIA) against LSB key extraction, whereby an adversary infers the signature of a target link. Consequently, the secret key extracted from that signature has been recovered by observing the surrounding links. In contrast to prior literature that assumes theoretical link-correlation models for the inference, our study does not make any assumption on link correlation. Instead, we employ machine learning (ML) methods for link inference based on empirically measured link signatures. We further propose a countermeasure against the SIAs, called forward-backward cooperative key extraction protocol with helpers (FBCH). In the FBCH, helpers (other trusted wireless nodes) are introduced to provide more randomness in the key extraction. Our experimental results have shown that the proposed inference methods are still quite effective even without making assumptions on link correlation. Furthermore, the effectiveness of the proposed FBCH protocol is validated by our experiment results.

Published

2021