Search

Your search keyword '"CONTI, MAURO"' showing total 1,842 results
Start Over Author "CONTI, MAURO"

Refine your results

more »

more »

more »

more »
1,842 results on '"CONTI, MAURO"'

1. Revealing The Secret Power: How Algorithms Can Influence Content Visibility on Social Media

Author

Conti, Mauro, De Cristofaro, Emiliano, Galeazzi, Alessandro, Paudel, Pujan, and Stringhini, Gianluca

Subjects
Computer Science - Social and Information Networks
Abstract

Online social media platforms significantly influence public debates by shaping the information users encounter. Content visibility on these platforms is regulated by recommendation algorithms designed to maximize user engagement using individual-level data, including personal preferences and interactions. These algorithms play a crucial role in information dissemination, yet their inner workings are often undisclosed, raising concerns about potential manipulation of visibility. While algorithms may be intended to limit the spread of harmful content, they can also be exploited to suppress dissenting voices without users' awareness. The suspicion that platforms deliberately reduce the visibility of certain users or content - commonly known as shadow banning - has garnered significant public attention, with numerous figures advocating for greater transparency around this practice. In this study, we perform a quantitative study geared to identify suspicious changes in content visibility on Twitter (now known as X). We build and study a dataset of over 13 million tweets from more than 5 million users discussing the Ukraine conflict, including each tweet's number of views and metadata, aiming to detect reduced or inflated visibility patterns. We investigate how visibility correlates with factors such as authors' stance, role, interaction networks, and content narratives. Our findings reveal significant variations in visibility, likely driven by algorithmic interventions. These results highlight the need for greater transparency in regulating online information ecosystems to prevent algorithmic manipulation that could undermine public discourse and the fairness of debates.

Published
2024

2. Towards a Self-rescuing System for UAVs Under GNSS Attack

Author

Rigoni, Giulio, Scremin, Nicola, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

There has been substantial growth in the UAV market along with an expansion in their applications. However, the successful execution of a UAV mission is very often dependent on the use of a GNSS. Unfortunately, the vulnerability of GNSS signals, due to their lack of encryption and authentication, poses a significant cybersecurity issue. This vulnerability makes various attacks, particularly the "GNSS spoofing attack," and "GNSS jamming attack" easily executable. Generally speaking, during this attack, the drone is manipulated into altering its path, usually resulting in an immediate forced landing or crash. As far as we know, we are the first to propose a lightweight-solution that enable a drone to autonomously rescue itself, assuming it is under GNSS attack and the GNSS is no longer available, and return safely to its initial takeoff position, thereby preventing any potential crashes. During the flight, wind plays a critical role as it can instantaneously alter the drone's position. To solve this problem, we have devised a highly effective 2-phases solution: (i) Forward Phase, for monitoring and recording the forward journey, and (ii) Backward Phase, that generates a backward route, based on the Forward Phase and wind presence. The final solution ensures strong performance in consistently returning the drone to the original position, even in wind situations, while maintaining a very fast computation time., Comment: This article has been accepted for publication in the proceedings of the 2024 IEEE International Conference on Wireless and Mobile Computing, Networking And Communications (WiMob)

Published
2024

3. Subject Data Auditing via Source Inference Attack in Cross-Silo Federated Learning

Author

Li, Jiaxin, Arazzi, Marco, Nocera, Antonino, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence
Abstract

Source Inference Attack (SIA) in Federated Learning (FL) aims to identify which client used a target data point for local model training. It allows the central server to audit clients' data usage. In cross-silo FL, a client (silo) collects data from multiple subjects (e.g., individuals, writers, or devices), posing a risk of subject information leakage. Subject Membership Inference Attack (SMIA) targets this scenario and attempts to infer whether any client utilizes data points from a target subject in cross-silo FL. However, existing results on SMIA are limited and based on strong assumptions on the attack scenario. Therefore, we propose a Subject-Level Source Inference Attack (SLSIA) by removing critical constraints that only one client can use a target data point in SIA and imprecise detection of clients utilizing target subject data in SMIA. The attacker, positioned on the server side, controls a target data source and aims to detect all clients using data points from the target subject. Our strategy leverages a binary attack classifier to predict whether the embeddings returned by a local model on test data from the target subject include unique patterns that indicate a client trains the model with data from that subject. To achieve this, the attacker locally pre-trains models using data derived from the target subject and then leverages them to build a training set for the binary attack classifier. Our SLSIA significantly outperforms previous methods on three datasets. Specifically, SLSIA achieves a maximum average accuracy of 0.88 over 50 target subjects. Analyzing embedding distribution and input feature distance shows that datasets with sparse subjects are more susceptible to our attack. Finally, we propose to defend our SLSIA using item-level and subject-level differential privacy mechanisms.

Published
2024

4. Membership Privacy Evaluation in Deep Spiking Neural Networks

Author

Li, Jiaxin, Abad, Gorka, Picek, Stjepan, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence
Abstract

Artificial Neural Networks (ANNs), commonly mimicking neurons with non-linear functions to output floating-point numbers, consistently receive the same signals of a data point during its forward time. Unlike ANNs, Spiking Neural Networks (SNNs) get various input signals in the forward time of a data point and simulate neurons in a biologically plausible way, i.e., producing a spike (a binary value) if the accumulated membrane potential of a neuron is larger than a threshold. Even though ANNs have achieved remarkable success in multiple tasks, e.g., face recognition and object detection, SNNs have recently obtained attention due to their low power consumption, fast inference, and event-driven properties. While privacy threats against ANNs are widely explored, much less work has been done on SNNs. For instance, it is well-known that ANNs are vulnerable to the Membership Inference Attack (MIA), but whether the same applies to SNNs is not explored. In this paper, we evaluate the membership privacy of SNNs by considering eight MIAs, seven of which are inspired by MIAs against ANNs. Our evaluation results show that SNNs are more vulnerable (maximum 10% higher in terms of balanced attack accuracy) than ANNs when both are trained with neuromorphic datasets (with time dimension). On the other hand, when training ANNs or SNNs with static datasets (without time dimension), the vulnerability depends on the dataset used. If we convert ANNs trained with static datasets to SNNs, the accuracy of MIAs drops (maximum 11.5% with a reduction of 7.6% on the test accuracy of the target model). Next, we explore the impact factors of MIAs on SNNs by conducting a hyperparameter study. Finally, we show that the basic data augmentation method for static data and two recent data augmentation methods for neuromorphic data can considerably (maximum reduction of 25.7%) decrease MIAs' performance on SNNs.

Published
2024

5. Effectiveness of learning-based image codecs on fingerprint storage

Author

Mari, Daniele, Cavasin, Saverio, Milani, Simone, and Conti, Mauro

Subjects
Electrical Engineering and Systems Science - Image and Video Processing, Computer Science - Computer Vision and Pattern Recognition
Abstract

The success of learning-based coding techniques and the development of learning-based image coding standards, such as JPEG-AI, point towards the adoption of such solutions in different fields, including the storage of biometric data, like fingerprints. However, the peculiar nature of learning-based compression artifacts poses several issues concerning their impact and effectiveness on extracting biometric features and landmarks, e.g., minutiae. This problem is utterly stressed by the fact that most models are trained on natural color images, whose characteristics are very different from usual biometric images, e.g, fingerprint or iris pictures. As a matter of fact, these issues are deemed to be accurately questioned and investigated, being such analysis still largely unexplored. This study represents the first investigation about the adaptability of learning-based image codecs in the storage of fingerprint images by measuring its impact on the extraction and characterization of minutiae. Experimental results show that at a fixed rate point, learned solutions considerably outperform previous fingerprint coding standards, like JPEG2000, both in terms of distortion and minutiae preservation. Indeed, experimental results prove that the peculiarities of learned compression artifacts do not prevent automatic fingerprint identification (since minutiae types and locations are not significantly altered), nor do compromise image quality for human visual inspection (as they gain in terms of BD rate and PSNR of 47.8% and +3.97dB respectively)., Comment: Accepted ad Wifs 2024

Published
2024

6. The Impact of SBOM Generators on Vulnerability Assessment in Python: A Comparison and a Novel Approach

Author

Benedetti, Giacomo, Cofano, Serena, Brighente, Alessandro, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

The Software Supply Chain (SSC) security is a critical concern for both users and developers. Recent incidents, like the SolarWinds Orion compromise, proved the widespread impact resulting from the distribution of compromised software. The reliance on open-source components, which constitute a significant portion of modern software, further exacerbates this risk. To enhance SSC security, the Software Bill of Materials (SBOM) has been promoted as a tool to increase transparency and verifiability in software composition. However, despite its promise, SBOMs are not without limitations. Current SBOM generation tools often suffer from inaccuracies in identifying components and dependencies, leading to the creation of erroneous or incomplete representations of the SSC. Despite existing studies exposing these limitations, their impact on the vulnerability detection capabilities of security tools is still unknown. In this paper, we perform the first security analysis on the vulnerability detection capabilities of tools receiving SBOMs as input. We comprehensively evaluate SBOM generation tools by providing their outputs to vulnerability identification software. Based on our results, we identify the root causes of these tools' ineffectiveness and propose PIP-sbom, a novel pip-inspired solution that addresses their shortcomings. PIP-sbom provides improved accuracy in component identification and dependency resolution. Compared to best-performing state-of-the-art tools, PIP-sbom increases the average precision and recall by 60%, and reduces by ten times the number of false positives.

Published
2024

7. EmoBack: Backdoor Attacks Against Speaker Identification Using Emotional Prosody

Author

Schoof, Coen, Koffas, Stefanos, Conti, Mauro, and Picek, Stjepan

Subjects
Computer Science - Cryptography and Security
Abstract

Speaker identification (SI) determines a speaker's identity based on their spoken utterances. Previous work indicates that SI deep neural networks (DNNs) are vulnerable to backdoor attacks. Backdoor attacks involve embedding hidden triggers in DNNs' training data, causing the DNN to produce incorrect output when these triggers are present during inference. This is the first work that explores SI DNNs' vulnerability to backdoor attacks using speakers' emotional prosody, resulting in dynamic, inconspicuous triggers. We conducted a parameter study using three different datasets and DNN architectures to determine the impact of emotions as backdoor triggers on the accuracy of SI systems. Additionally, we have explored the robustness of our attacks by applying defenses like pruning, STRIP-ViTA, and three popular preprocessing techniques: quantization, median filtering, and squeezing. Our findings show that the aforementioned models are prone to our attack, indicating that emotional triggers (sad and neutral prosody) can be effectively used to compromise the integrity of SI systems. However, the results of our pruning experiments suggest potential solutions for reinforcing the models against our attacks, decreasing the attack success rate up to 40%.

Published
2024

8. MoRSE: Bridging the Gap in Cybersecurity Expertise with Retrieval Augmented Generation

Author

Simoni, Marco, Saracino, Andrea, P., Vinod, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Information Retrieval
Abstract

In this paper, we introduce MoRSE (Mixture of RAGs Security Experts), the first specialised AI chatbot for cybersecurity. MoRSE aims to provide comprehensive and complete knowledge about cybersecurity. MoRSE uses two RAG (Retrieval Augmented Generation) systems designed to retrieve and organize information from multidimensional cybersecurity contexts. MoRSE differs from traditional RAGs by using parallel retrievers that work together to retrieve semantically related information in different formats and structures. Unlike traditional Large Language Models (LLMs) that rely on Parametric Knowledge Bases, MoRSE retrieves relevant documents from Non-Parametric Knowledge Bases in response to user queries. Subsequently, MoRSE uses this information to generate accurate answers. In addition, MoRSE benefits from real-time updates to its knowledge bases, enabling continuous knowledge enrichment without retraining. We have evaluated the effectiveness of MoRSE against other state-of-the-art LLMs, evaluating the system on 600 cybersecurity specific questions. The experimental evaluation has shown that the improvement in terms of relevance and correctness of the answer is more than 10\% compared to known solutions such as GPT-4 and Mixtral 7x8.

Published
2024

9. Obfuscated Location Disclosure for Remote ID Enabled Drones

Author

Brighente, Alessandro, Conti, Mauro, Schotsman, Matthijs, and Sciancalepore, Savio

Subjects
Computer Science - Cryptography and Security
Abstract

The Remote ID (RID) regulation recently introduced by several aviation authorities worldwide (including the US and EU) forces commercial drones to regularly (max. every second) broadcast plaintext messages on the wireless channel, providing information about the drone identifier and current location, among others. Although these regulations increase the accountability of drone operations and improve traffic management, they allow malicious users to track drones via the disclosed information, possibly leading to drone capture and severe privacy leaks. In this paper, we propose Obfuscated Location disclOsure for RID-enabled drones (OLO-RID), a solution modifying and extending the RID regulation while preserving drones' location privacy. Rather than disclosing the actual drone's location, drones equipped with OLO-RID disclose a differentially private obfuscated location in a mobile scenario. OLO-RID also extends RID messages with encrypted location information, accessible only by authorized entities and valuable to obtain the current drone's location in safety-critical use cases. We design, implement, and deploy OLO-RID on a Raspberry Pi 3 and release the code of our implementation as open-source. We also perform an extensive performance assessment of the runtime overhead of our solution in terms of processing, communication, memory, and energy consumption. We show that OLO-RID can generate RID messages on a constrained device in less than 0.16 s while also requiring a minimal energy toll on a relevant device (0.0236% of energy for a DJI Mini 2). We also evaluate the utility of the proposed approach in the context of three reference use cases involving the drones' location usage, demonstrating minimal performance degradation when trading off location privacy and utility for next-generation RID-compliant drone ecosystems., Comment: 18 pages, 8 figures. Submitted and under review for journal publication

Published
2024

10. Your Car Tells Me Where You Drove: A Novel Path Inference Attack via CAN Bus and OBD-II Data

Author

Bianchi, Tommaso, Brighente, Alessandro, Conti, Mauro, and Valori, Andrea

Subjects
Computer Science - Cryptography and Security
Abstract

Despite its well-known security issues, the Controller Area Network (CAN) is still the main technology for in-vehicle communications. Attackers posing as diagnostic services or accessing the CAN bus can threaten the drivers' location privacy to know the exact location at a certain point in time or to infer the visited areas. This represents a serious threat to users' privacy, but also an advantage for police investigations to gather location-based evidence. In this paper, we present On Path Diagnostic - Intrusion \& Inference (OPD-II), a novel path inference attack leveraging a physical car model and a map matching algorithm to infer the path driven by a car based on CAN bus data. Differently from available attacks, our approach only requires the attacker to know the initial location and heading of the victim's car and is not limited by the availability of training data, road configurations, or the need to access other victim's devices (e.g., smartphones). We implement our attack on a set of four different cars and a total number of 41 tracks in different road and traffic scenarios. We achieve an average of 95% accuracy on reconstructing the coordinates of the recorded path by leveraging a dynamic map-matching algorithm that outperforms the 75% and 89% accuracy values of other proposals while removing their set of assumptions.

Published
2024

11. Fingerprint Membership and Identity Inference Against Generative Adversarial Networks

Author

Cavasin, Saverio, Mari, Daniele, Milani, Simone, and Conti, Mauro

Subjects
Computer Science - Computer Vision and Pattern Recognition, I.4.9, I.5.4
Abstract

Generative models are gaining significant attention as potential catalysts for a novel industrial revolution. Since automated sample generation can be useful to solve privacy and data scarcity issues that usually affect learned biometric models, such technologies became widely spread in this field. In this paper, we assess the vulnerabilities of generative machine learning models concerning identity protection by designing and testing an identity inference attack on fingerprint datasets created by means of a generative adversarial network. Experimental results show that the proposed solution proves to be effective under different configurations and easily extendable to other biometric measurements., Comment: Paper submitted at "Pattern Recognition Letters", 9 pages, 6 images

Published
2024

12. SeCTIS: A Framework to Secure CTI Sharing

Author

Arikkat, Dincy R., Cihangiroglu, Mert, Conti, Mauro, A., Rafidha Rehiman K., Nicolazzo, Serena, Nocera, Antonino, and P, Vinod

Subjects
Computer Science - Cryptography and Security
Abstract

The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. As a growing number of organizations include smart, interconnected devices in their systems to automate their processes, the attack surface becomes much bigger, and the complexity and frequency of attacks pose a significant threat. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to leaks of both proprietary and confidential data. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality, and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. An extensive experimental campaign demonstrates our framework's correctness and performance, and the detailed attack model discusses its robustness against attacks in the context of data and model quality.

Published
2024

13. Deep Learning Fusion For Effective Malware Detection: Leveraging Visual Features

Author

Johny, Jahez Abraham, P., Vinod, A., Asmitha K., Radhamani, G., A., Rafidha Rehiman K., and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Malware has become a formidable threat as it has been growing exponentially in number and sophistication, thus, it is imperative to have a solution that is easy to implement, reliable, and effective. While recent research has introduced deep learning multi-feature fusion algorithms, they lack a proper explanation. In this work, we investigate the power of fusing Convolutional Neural Network models trained on different modalities of a malware executable. We are proposing a novel multimodal fusion algorithm, leveraging three different visual malware features: Grayscale Image, Entropy Graph, and SimHash Image, with which we conducted exhaustive experiments independently on each feature and combinations of all three of them using fusion operators such as average, maximum, add, and concatenate for effective malware detection and classification. The proposed strategy has a detection rate of 1.00 (on a scale of 0-1) in identifying malware in the given dataset. We explained its interpretability with visualization techniques such as t-SNE and Grad-CAM. Experimental results show the model works even for a highly imbalanced dataset. We also assessed the effectiveness of the proposed method on obfuscated malware and achieved state-of-the-art results. The proposed methodology is more reliable as our findings prove VGG16 model can detect and classify malware in a matter of seconds in real-time.

Published
2024

14. GAN-GRID: A Novel Generative Attack on Smart Grid Stability Prediction

Author

Efatinasab, Emad, Brighente, Alessandro, Rampazzo, Mirco, Azadi, Nahal, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Electrical Engineering and Systems Science - Signal Processing
Abstract

The smart grid represents a pivotal innovation in modernizing the electricity sector, offering an intelligent, digitalized energy network capable of optimizing energy delivery from source to consumer. It hence represents the backbone of the energy sector of a nation. Due to its central role, the availability of the smart grid is paramount and is hence necessary to have in-depth control of its operations and safety. To this aim, researchers developed multiple solutions to assess the smart grid's stability and guarantee that it operates in a safe state. Artificial intelligence and Machine learning algorithms have proven to be effective measures to accurately predict the smart grid's stability. Despite the presence of known adversarial attacks and potential solutions, currently, there exists no standardized measure to protect smart grids against this threat, leaving them open to new adversarial attacks. In this paper, we propose GAN-GRID a novel adversarial attack targeting the stability prediction system of a smart grid tailored to real-world constraints. Our findings reveal that an adversary armed solely with the stability model's output, devoid of data or model knowledge, can craft data classified as stable with an Attack Success Rate (ASR) of 0.99. Also by manipulating authentic data and sensor values, the attacker can amplify grid issues, potentially undetected due to a compromised stability prediction system. These results underscore the imperative of fortifying smart grid security mechanisms against adversarial manipulation to uphold system stability and reliability.

Published
2024
Full Text
View/download PDF

15. Work-in-Progress: Crash Course: Can (Under Attack) Autonomous Driving Beat Human Drivers?

Author

Marchiori, Francesco, Brighente, Alessandro, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Autonomous driving is a research direction that has gained enormous traction in the last few years thanks to advancements in Artificial Intelligence (AI). Depending on the level of independence from the human driver, several studies show that Autonomous Vehicles (AVs) can reduce the number of on-road crashes and decrease overall fuel emissions by improving efficiency. However, security research on this topic is mixed and presents some gaps. On one hand, these studies often neglect the intrinsic vulnerabilities of AI algorithms, which are known to compromise the security of these systems. On the other, the most prevalent attacks towards AI rely on unrealistic assumptions, such as access to the model parameters or the training dataset. As such, it is unclear if autonomous driving can still claim several advantages over human driving in real-world applications. This paper evaluates the inherent risks in autonomous driving by examining the current landscape of AVs and establishing a pragmatic threat model. Through our analysis, we develop specific claims highlighting the delicate balance between the advantages of AVs and potential security challenges in real-world scenarios. Our evaluation serves as a foundation for providing essential takeaway messages, guiding both researchers and practitioners at various stages of the automation pipeline. In doing so, we contribute valuable insights to advance the discourse on the security and viability of autonomous driving in real-world applications., Comment: Accepted at ACSW 2024

Published
2024

16. Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments

Author

Klement, Felix, Brighente, Alessandro, Polese, Michele, Conti, Mauro, and Katzenbeisser, Stefan

Subjects
Computer Science - Cryptography and Security
Abstract

In this paper, we investigate the security implications of virtualized and software-based Open Radio Access Network (RAN) systems, specifically focusing on the architecture proposed by the O-RAN ALLIANCE and O-Cloud deployments based on the O-RAN Software Community (OSC) stack and infrastructure. Our key findings are based on a thorough security assessment and static scanning of the OSC Near Real-Time RAN Intelligent Controller (RIC) cluster. We highlight the presence of potential vulnerabilities and misconfigurations in the Kubernetes infrastructure supporting the RIC, also due to the usage of outdated versions of software packages, and provide an estimation of their criticality using various deployment auditing frameworks (e.g., MITRE ATT&CK and the NSA CISA). In addition, we propose methodologies to minimize these issues and harden the Open RAN virtualization infrastructure. These encompass the integration of security evaluation methods into the deployment process, implementing deployment hardening measures, and employing policy-based control for RAN components. We emphasize the need to address the problems found in order to improve the overall security of virtualized Open RAN systems.

Published
2024

17. Offensive AI: Enhancing Directory Brute-forcing Attack with the Use of Language Models

Author

Castagnaro, Alberto, Conti, Mauro, and Pajola, Luca

Subjects
Computer Science - Cryptography and Security
Abstract

Web Vulnerability Assessment and Penetration Testing (Web VAPT) is a comprehensive cybersecurity process that uncovers a range of vulnerabilities which, if exploited, could compromise the integrity of web applications. In a VAPT, it is common to perform a \textit{Directory brute-forcing Attack}, aiming at the identification of accessible directories of a target website. Current commercial solutions are inefficient as they are based on brute-forcing strategies that use wordlists, resulting in enormous quantities of trials for a small amount of success. Offensive AI is a recent paradigm that integrates AI-based technologies in cyber attacks. In this work, we explore whether AI can enhance the directory enumeration process and propose a novel Language Model-based framework. Our experiments -- conducted in a testbed consisting of 1 million URLs from different web application domains (universities, hospitals, government, companies) -- demonstrate the superiority of the LM-based attack, with an average performance increase of 969%., Comment: Under submission

Published
2024

18. Can LLMs Understand Computer Networks? Towards a Virtual System Administrator

Author

Donadel, Denis, Marchiori, Francesco, Pajola, Luca, and Conti, Mauro

Subjects
Computer Science - Networking and Internet Architecture, Computer Science - Artificial Intelligence, Computer Science - Emerging Technologies, C.2.1, C.2.5, I.2.1
Abstract

Recent advancements in Artificial Intelligence, and particularly Large Language Models (LLMs), offer promising prospects for aiding system administrators in managing the complexity of modern networks. However, despite this potential, a significant gap exists in the literature regarding the extent to which LLMs can understand computer networks. Without empirical evidence, system administrators might rely on these models without assurance of their efficacy in performing network-related tasks accurately. In this paper, we are the first to conduct an exhaustive study on LLMs' comprehension of computer networks. We formulate several research questions to determine whether LLMs can provide correct answers when supplied with a network topology and questions on it. To assess them, we developed a thorough framework for evaluating LLMs' capabilities in various network-related tasks. We evaluate our framework on multiple computer networks employing proprietary (e.g., GPT4) and open-source (e.g., Llama2) models. Our findings in general purpose LLMs using a zero-shot scenario demonstrate promising results, with the best model achieving an average accuracy of 79.3%. Proprietary LLMs achieve noteworthy results in small and medium networks, while challenges persist in comprehending complex network topologies, particularly for open-source models. Moreover, we provide insight into how prompt engineering can enhance the accuracy of some tasks.

Published
2024

19. RedactBuster: Entity Type Recognition from Redacted Documents

Author

Beltrame, Mirco, Conti, Mauro, Guglielmin, Pierpaolo, Marchiori, Francesco, and Orazi, Gabriele

Subjects
Computer Science - Cryptography and Security
Abstract

The widespread exchange of digital documents in various domains has resulted in abundant private information being shared. This proliferation necessitates redaction techniques to protect sensitive content and user privacy. While numerous redaction methods exist, their effectiveness varies, with some proving more robust than others. As such, the literature proposes several deanonymization techniques, raising awareness of potential privacy threats. However, while none of these methods are successful against the most effective redaction techniques, these attacks only focus on the anonymized tokens and ignore the sentence context. In this paper, we propose RedactBuster, the first deanonymization model using sentence context to perform Named Entity Recognition on reacted text. Our methodology leverages fine-tuned state-of-the-art Transformers and Deep Learning models to determine the anonymized entity types in a document. We test RedactBuster against the most effective redaction technique and evaluate it using the publicly available Text Anonymization Benchmark (TAB). Our results show accuracy values up to 0.985 regardless of the document nature or entity type. In raising awareness of this privacy issue, we propose a countermeasure we call character evasion that helps strengthen the secrecy of sensitive information. Furthermore, we make our model and testbed open-source to aid researchers and practitioners in evaluating the resilience of novel redaction techniques and enhancing document privacy.

Published
2024

20. CANEDERLI: On The Impact of Adversarial Training and Transferability on CAN Intrusion Detection Systems

Author

Marchiori, Francesco and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

The growing integration of vehicles with external networks has led to a surge in attacks targeting their Controller Area Network (CAN) internal bus. As a countermeasure, various Intrusion Detection Systems (IDSs) have been suggested in the literature to prevent and mitigate these threats. With the increasing volume of data facilitated by the integration of Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication networks, most of these systems rely on data-driven approaches such as Machine Learning (ML) and Deep Learning (DL) models. However, these systems are susceptible to adversarial evasion attacks. While many researchers have explored this vulnerability, their studies often involve unrealistic assumptions, lack consideration for a realistic threat model, and fail to provide effective solutions. In this paper, we present CANEDERLI (CAN Evasion Detection ResiLIence), a novel framework for securing CAN-based IDSs. Our system considers a realistic threat model and addresses the impact of adversarial attacks on DL-based detection systems. Our findings highlight strong transferability properties among diverse attack methodologies by considering multiple state-of-the-art attacks and model architectures. We analyze the impact of adversarial training in addressing this threat and propose an adaptive online adversarial training technique outclassing traditional fine-tuning methodologies with F1 scores up to 0.941. By making our framework publicly available, we aid practitioners and researchers in assessing the resilience of IDSs to a varied adversarial landscape., Comment: Accepted at WiseML 2024

Published
2024
Full Text
View/download PDF

21. 'Are Adversarial Phishing Webpages a Threat in Reality?' Understanding the Users' Perception of Adversarial Webpages

Author

Yuan, Ying, Hao, Qingying, Apruzzese, Giovanni, Conti, Mauro, and Wang, Gang

Subjects
Computer Science - Cryptography and Security
Abstract

Machine learning based phishing website detectors (ML-PWD) are a critical part of today's anti-phishing solutions in operation. Unfortunately, ML-PWD are prone to adversarial evasions, evidenced by both academic studies and analyses of real-world adversarial phishing webpages. However, existing works mostly focused on assessing adversarial phishing webpages against ML-PWD, while neglecting a crucial aspect: investigating whether they can deceive the actual target of phishing -- the end users. In this paper, we fill this gap by conducting two user studies (n=470) to examine how human users perceive adversarial phishing webpages, spanning both synthetically crafted ones (which we create by evading a state-of-the-art ML-PWD) as well as real adversarial webpages (taken from the wild Web) that bypassed a production-grade ML-PWD. Our findings confirm that adversarial phishing is a threat to both users and ML-PWD, since most adversarial phishing webpages have comparable effectiveness on users w.r.t. unperturbed ones. However, not all adversarial perturbations are equally effective. For example, those with added typos are significantly more noticeable to users, who tend to overlook perturbations of higher visual magnitude (such as replacing the background). We also show that users' self-reported frequency of visiting a brand's website has a statistically negative correlation with their phishing detection accuracy, which is likely caused by overconfidence. We release our resources.

Published
2024
Full Text
View/download PDF

22. FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids

Author

Efatinasab, Emad, Marchiori, Francesco, Brighente, Alessandro, Rampazzo, Mirco, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Electrical Engineering and Systems Science - Signal Processing
Abstract

Predicting and classifying faults in electricity networks is crucial for uninterrupted provision and keeping maintenance costs at a minimum. Thanks to the advancements in the field provided by the smart grid, several data-driven approaches have been proposed in the literature to tackle fault prediction tasks. Implementing these systems brought several improvements, such as optimal energy consumption and quick restoration. Thus, they have become an essential component of the smart grid. However, the robustness and security of these systems against adversarial attacks have not yet been extensively investigated. These attacks can impair the whole grid and cause additional damage to the infrastructure, deceiving fault detection systems and disrupting restoration. In this paper, we present FaultGuard, the first framework for fault type and zone classification resilient to adversarial attacks. To ensure the security of our system, we employ an Anomaly Detection System (ADS) leveraging a novel Generative Adversarial Network training layer to identify attacks. Furthermore, we propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. We comprehensively evaluate the framework's performance against various adversarial attacks using the IEEE13-AdvAttack dataset, which constitutes the state-of-the-art for resilient fault prediction benchmarking. Our model outclasses the state-of-the-art even without considering adversaries, with an accuracy of up to 0.958. Furthermore, our ADS shows attack detection capabilities with an accuracy of up to 1.000. Finally, we demonstrate how our novel training layers drastically increase performances across the whole framework, with a mean increase of 154% in ADS accuracy and 118% in model accuracy.

Published
2024
Full Text
View/download PDF

23. Kronos: A Secure and Generic Sharding Blockchain Consensus with Optimized Overhead

Author

Liu, Yizhong, Liu, Andi, Lu, Yuan, Pan, Zhuocheng, Li, Yinuo, Liu, Jianwei, Bian, Song, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Sharding enhances blockchain scalability by dividing the network into shards, each managing specific unspent transaction outputs or accounts. As an introduced new transaction type, cross-shard transactions pose a critical challenge to the security and efficiency of sharding blockchains. Currently, there is a lack of a generic sharding consensus pattern that achieves both security and low overhead. In this paper, we present Kronos, a secure sharding blockchain consensus achieving optimized overhead. In particular, we propose a new secure sharding consensus pattern, based on a buffer managed jointly by shard members. Valid transactions are transferred to the payee via the buffer, while invalid ones are rejected through happy or unhappy paths. Kronos is proved to achieve security with atomicity under malicious clients with optimal intra-shard overhead $kB$ ($k$ for involved shard number and $B$ for a Byzantine fault tolerance (BFT) cost). Besides, we propose secure cross-shard certification methods based on batch certification and reliable cross-shard transfer. The former combines hybrid trees or vector commitments, while the latter integrates erasure coding. Handling $b$ transactions, Kronos is proved to achieve reliability with low cross-shard overhead $O(n b \lambda)$ ($n$ for shard size and $\lambda$ for the security parameter). Notably, Kronos imposes no restrictions on BFT and does not rely on time assumptions, offering optional constructions in various modules. We implement Kronos using two prominent BFT protocols: asynchronous Speeding Dumbo and partial synchronous Hotstuff. Extensive experiments demonstrate Kronos scales the consensus nodes to thousands, achieving a substantial throughput of 320 ktx/sec with 2.0 sec latency. Compared with the past solutions, Kronos outperforms, achieving up to a 12* improvement in throughput and a 50% reduction in latency., Comment: The algorithms in Section 4 contain defects and inaccurate descriptions that require correction

Published
2024

24. Exploring Jamming and Hijacking Attacks for Micro Aerial Drones

Author

Mekdad, Yassine, Acar, Abbas, Aris, Ahmet, Fergougui, Abdeslam El, Conti, Mauro, Lazzeretti, Riccardo, and Uluagac, Selcuk

Subjects
Computer Science - Cryptography and Security
Abstract

Recent advancements in drone technology have shown that commercial off-the-shelf Micro Aerial Drones are more effective than large-sized drones for performing flight missions in narrow environments, such as swarming, indoor navigation, and inspection of hazardous locations. Due to their deployments in many civilian and military applications, safe and reliable communication of these drones throughout the mission is critical. The Crazyflie ecosystem is one of the most popular Micro Aerial Drones and has the potential to be deployed worldwide. In this paper, we empirically investigate two interference attacks against the Crazy Real Time Protocol (CRTP) implemented within the Crazyflie drones. In particular, we explore the feasibility of experimenting two attack vectors that can disrupt an ongoing flight mission: the jamming attack, and the hijacking attack. Our experimental results demonstrate the effectiveness of such attacks in both autonomous and non-autonomous flight modes on a Crazyflie 2.1 drone. Finally, we suggest potential shielding strategies that guarantee a safe and secure flight mission. To the best of our knowledge, this is the first work investigating jamming and hijacking attacks against Micro Aerial Drones, both in autonomous and non-autonomous modes., Comment: Accepted at IEEE International Conference on Communications (ICC) 2024

Published
2024

25. Federated Learning Under Attack: Exposing Vulnerabilities through Data Poisoning Attacks in Computer Networks

Author

Nowroozi, Ehsan, Haider, Imran, Taheri, Rahim, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Computers and Society, Computer Science - Machine Learning, Computer Science - Networking and Internet Architecture
Abstract

Federated Learning (FL) is a machine learning (ML) approach that enables multiple decentralized devices or edge servers to collaboratively train a shared model without exchanging raw data. During the training and sharing of model updates between clients and servers, data and models are susceptible to different data-poisoning attacks. In this study, our motivation is to explore the severity of data poisoning attacks in the computer network domain because they are easy to implement but difficult to detect. We considered two types of data-poisoning attacks, label flipping (LF) and feature poisoning (FP), and applied them with a novel approach. In LF, we randomly flipped the labels of benign data and trained the model on the manipulated data. For FP, we randomly manipulated the highly contributing features determined using the Random Forest algorithm. The datasets used in this experiment were CIC and UNSW related to computer networks. We generated adversarial samples using the two attacks mentioned above, which were applied to a small percentage of datasets. Subsequently, we trained and tested the accuracy of the model on adversarial datasets. We recorded the results for both benign and manipulated datasets and observed significant differences between the accuracy of the models on different datasets. From the experimental results, it is evident that the LF attack failed, whereas the FP attack showed effective results, which proved its significance in fooling a server. With a 1% LF attack on the CIC, the accuracy was approximately 0.0428 and the ASR was 0.9564; hence, the attack is easily detectable, while with a 1% FP attack, the accuracy and ASR were both approximately 0.9600, hence, FP attacks are difficult to detect. We repeated the experiment with different poisoning percentages.

Published
2024

26. Penetration Testing of 5G Core Network Web Technologies

Author

Giambartolomei, Filippo, Barceló, Marc, Brighente, Alessandro, Urbieta, Aitor, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Thanks to technologies such as virtual network function the Fifth Generation (5G) of mobile networks dynamically allocate resources to different types of users in an on-demand fashion. Virtualization extends up to the 5G core, where software-defined networks and network slicing implement a customizable environment. These technologies can be controlled via application programming interfaces and web technologies, inheriting hence their security risks and settings. An attacker exploiting vulnerable implementations of the 5G core may gain privileged control of the network assets and disrupt its availability. However, there is currently no security assessment of the web security of the 5G core network. In this paper, we present the first security assessment of the 5G core from a web security perspective. We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks. Thanks to a suite of security testing tools, we cover all of these threats and test the security of the 5G core. In particular, we test the three most relevant open-source 5G core implementations, i.e., Open5GS, Free5Gc, and OpenAirInterface. Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors, demanding increased security measures in the development of future 5G core networks.

Published
2024

30. Augmenting Security and Privacy in the Virtual Realm: An Analysis of Extended Reality Devices

Author

Cayir, Derin, Acar, Abbas, Lazzeretti, Riccardo, Angelini, Marco, Conti, Mauro, and Uluagac, Selcuk

Subjects
Computer Science - Cryptography and Security
Abstract

In this work, we present a device-centric analysis of security and privacy attacks and defenses on Extended Reality (XR) devices, highlighting the need for robust and privacy-aware security mechanisms. Based on our analysis, we present future research directions and propose design considerations to help ensure the security and privacy of XR devices., Comment: This is the author's version of the work. It is posted here for personal/educational use only. The definitive version was published in IEEE Security & Privacy Magazine Jan/Feb 2024

Published
2024
Full Text
View/download PDF

31. A Survey on Decentralized Identifiers and Verifiable Credentials

Author

Mazzocca, Carlo, Acar, Abbas, Uluagac, Selcuk, Montanari, Rebecca, Bellavista, Paolo, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Computers and Society
Abstract

Digital identity has always been considered the keystone for implementing secure and trustworthy communications among parties. The ever-evolving digital landscape has gone through many technological transformations that have also affected the way entities are digitally identified. During this digital evolution, identity management has shifted from centralized to decentralized approaches. The last era of this journey is represented by the emerging Self-Sovereign Identity (SSI), which gives users full control over their data. SSI leverages decentralized identifiers (DIDs) and verifiable credentials (VCs), which have been recently standardized by the World Wide Web Community (W3C). These technologies have the potential to build more secure and decentralized digital identity systems, remarkably contributing to strengthening the security of communications that typically involve many distributed participants. It is worth noting that the scope of DIDs and VCs extends beyond individuals, encompassing a broad range of entities including cloud, edge, and Internet of Things (IoT) resources. However, due to their novelty, existing literature lacks a comprehensive survey on how DIDs and VCs have been employed in different application domains, which go beyond SSI systems. This paper provides readers with a comprehensive overview of such technologies from different perspectives. Specifically, we first provide the background on DIDs and VCs. Then, we analyze available implementations and offer an in-depth review of how these technologies have been employed across different use-case scenarios. Furthermore, we examine recent regulations and initiatives that have been emerging worldwide. Finally, we present some challenges that hinder their adoption in real-world scenarios and future research directions., Comment: 30 pages, 15 figures, and 9 tables

Published
2024

32. 'All of Me': Mining Users' Attributes from their Public Spotify Playlists

Author

Tricomi, Pier Paolo, Pajola, Luca, Pasa, Luca, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning, Computer Science - Social and Information Networks
Abstract

In the age of digital music streaming, playlists on platforms like Spotify have become an integral part of individuals' musical experiences. People create and publicly share their own playlists to express their musical tastes, promote the discovery of their favorite artists, and foster social connections. These publicly accessible playlists transcend the boundaries of mere musical preferences: they serve as sources of rich insights into users' attributes and identities. For example, the musical preferences of elderly individuals may lean more towards Frank Sinatra, while Billie Eilish remains a favored choice among teenagers. These playlists thus become windows into the diverse and evolving facets of one's musical identity. In this work, we investigate the relationship between Spotify users' attributes and their public playlists. In particular, we focus on identifying recurring musical characteristics associated with users' individual attributes, such as demographics, habits, or personality traits. To this end, we conducted an online survey involving 739 Spotify users, yielding a dataset of 10,286 publicly shared playlists encompassing over 200,000 unique songs and 55,000 artists. Through extensive statistical analyses, we first assess a deep connection between a user's Spotify playlists and their real-life attributes. For instance, we found individuals high in openness often create playlists featuring a diverse array of artists, while female users prefer Pop and K-pop music genres. Building upon these observed associations, we create accurate predictive models for users' attributes, presenting a novel DeepSet application that outperforms baselines in most of these users' attributes.

Published
2024

33. A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols

Author

Lotto, Alessandro, Marchiori, Francesco, Brighente, Alessandro, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

The large number of Electronic Control Units (ECUs) mounted on modern cars and their expansive communication capabilities create a substantial attack surface for potential exploitation. Despite the evolution of automotive technology, the continued use of the originally insecure Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field., Comment: This work has been submitted to the IEEE for possible publication

Published
2024

34. Privacy-Preserving in Blockchain-based Federated Learning Systems

Author

M., Sameera K., Nicolazzo, Serena, Arazzi, Marco, Nocera, Antonino, A., Rafidha Rehiman K., P, Vinod, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning
Abstract

Federated Learning (FL) has recently arisen as a revolutionary approach to collaborative training Machine Learning models. According to this novel framework, multiple participants train a global model collaboratively, coordinating with a central aggregator without sharing their local data. As FL gains popularity in diverse domains, security, and privacy concerns arise due to the distributed nature of this solution. Therefore, integrating this strategy with Blockchain technology has been consolidated as a preferred choice to ensure the privacy and security of participants. This paper explores the research efforts carried out by the scientific community to define privacy solutions in scenarios adopting Blockchain-Enabled FL. It comprehensively summarizes the background related to FL and Blockchain, evaluates existing architectures for their integration, and the primary attacks and possible countermeasures to guarantee privacy in this setting. Finally, it reviews the main application scenarios where Blockchain-Enabled FL approaches have been proficiently applied. This survey can help academia and industry practitioners understand which theories and techniques exist to improve the performance of FL through Blockchain to preserve privacy and which are the main challenges and future directions in this novel and still under-explored context. We believe this work provides a novel contribution respect to the previous surveys and is a valuable tool to explore the current landscape, understand perspectives, and pave the way for advancements or improvements in this amalgamation of Blockchain and Federated Learning., Comment: 44 pages, 11 figures

Published
2024
Full Text
View/download PDF

35. DynamiQS: Quantum Secure Authentication for Dynamic Charging of Electric Vehicles

Author

Bianchi, Tommaso, Brighente, Alessandro, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Dynamic Wireless Power Transfer (DWPT) is a novel technology that allows charging an electric vehicle while driving thanks to a dedicated road infrastructure. DWPT's capabilities in automatically establishing charging sessions and billing without users' intervention make it prone to cybersecurity attacks. Hence, security is essential in preventing fraud, impersonation, and user tracking. To this aim, researchers proposed different solutions for authenticating users. However, recent advancements in quantum computing jeopardize classical public key cryptography, making currently existing solutions in DWPT authentication nonviable. To avoid the resource burden imposed by technology upgrades, it is essential to develop post-quantum-resistant solutions. In this paper, we propose DynamiQS, the first post-quantum secure authentication protocol for dynamic wireless charging. DynamiQS is privacy-preserving and secure against attacks on the DWPT. We leverage an Identity-Based Encryption with Lattices in the Ring Learning With Error framework. Furthermore, we show the possibility of using DynamiQS in a real environment, leveraging the results of cryptographic computation on real constrained devices and simulations. DynamiQS reaches a total time cost of around 281 ms, which is practicable in dynamic charging settings (car and charging infrastructure).

Published
2023

36. Topology-Based Reconstruction Prevention for Decentralised Learning

Author

Dekker, Florine W., Erkin, Zekeriya, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Discrete Mathematics, Computer Science - Machine Learning, C.2.4, D.4.6, G.2.2
Abstract

Decentralised learning has recently gained traction as an alternative to federated learning in which both data and coordination are distributed over its users. To preserve data confidentiality, decentralised learning relies on differential privacy, multi-party computation, or a combination thereof. However, running multiple privacy-preserving summations in sequence may allow adversaries to perform reconstruction attacks. Unfortunately, current reconstruction countermeasures either cannot trivially be adapted to the distributed setting, or add excessive amounts of noise. In this work, we first show that passive honest-but-curious adversaries can infer other users' private data after several privacy-preserving summations. For example, in subgraphs with 18 users, we show that only three passive honest-but-curious adversaries succeed at reconstructing private data 11.0% of the time, requiring an average of 8.8 summations per adversary. The success rate depends only on the adversaries' direct neighbourhood, independent of the size of the full network. We consider weak adversaries, who do not control the graph topology and can exploit neither the inner workings of the summation protocol nor the specifics of users' data. We develop a mathematical understanding of how reconstruction relates to topology and propose the first topology-based decentralised defence against reconstruction attacks. Specifically, we show that reconstruction requires a number of adversaries linear in the length of the network's shortest cycle. Consequently, reconstructing private data from privacy-preserving summations is impossible in acyclic networks. Our work is a stepping stone for a formal theory of topology-based reconstruction defences. Such a theory would generalise our countermeasure beyond summation, define confidentiality in terms of entropy, and describe the effects of differential privacy., Comment: 13 pages, 8 figures, submitted to PETS 2024, for associated experiment source code see doi:10.4121/21572601

Published
2023

37. Dr. Jekyll and Mr. Hyde: Two Faces of LLMs

Author

Collu, Matteo Gioele, Janssen-Groesbeek, Tom, Koffas, Stefanos, Conti, Mauro, and Picek, Stjepan

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning
Abstract

Recently, we have witnessed a rise in the use of Large Language Models (LLMs), especially in applications like chatbots. Safety mechanisms are implemented to prevent improper responses from these chatbots. In this work, we bypass these measures for ChatGPT and Gemini by making them impersonate complex personas with personality characteristics that are not aligned with a truthful assistant. First, we create elaborate biographies of these personas, which we then use in a new session with the same chatbots. Our conversations then follow a role-play style to elicit prohibited responses. Using personas, we show that prohibited responses are provided, making it possible to obtain unauthorized, illegal, or harmful information in both ChatGPT and Gemini. We also introduce several ways of activating such adversarial personas, showing that both chatbots are vulnerable to this attack. With the same principle, we introduce two defenses that push the model to interpret trustworthy personalities and make it more robust against such attacks.

Published
2023

38. Alpha Phi-Shing Fraternity: Phishing Assessment in a Higher Education Institution

Author

Casagrande, Marco, Conti, Mauro, Fedeli, Monica, and Losiouk, Eleonora

Abstract

Phishing is a common social engineering attack aimed to steal personal information. Universities attract phishing attacks because: (1) they store employees and students sensitive data; (2) they save confidential documents; and (3) their infrastructures often lack security. In this paper, we showcase a phishing assessment at the University of Redacted aimed to identify the people, and the features of such people, that are more susceptible to phishing attacks. We delivered phishing emails to 1.508 subjects in three separate batches, collecting a clickrate equal to 30%, 11% and 13%, respectively. We considered several features (i.e., age, gender, role, working/studying field, email template) in univariate and multivariate analyses and found that students are more susceptible to phishing attacks than professors or technical/administrative staff, and that emails designed through a spearphishing approach receive a highest clickrate. We believe this work provides the foundations for setting up an effective educational campaign to prevent phishing attacks not only at the University of Redacted, but in any other university

Published
2023

42. NLP-Based Techniques for Cyber Threat Intelligence

Author

Arazzi, Marco, Arikkat, Dincy R., Nicolazzo, Serena, Nocera, Antonino, A., Rafidha Rehiman K., P., Vinod, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

In the digital era, threat actors employ sophisticated techniques for which, often, digital traces in the form of textual data are available. Cyber Threat Intelligence~(CTI) is related to all the solutions inherent to data collection, processing, and analysis useful to understand a threat actor's targets and attack behavior. Currently, CTI is assuming an always more crucial role in identifying and mitigating threats and enabling proactive defense strategies. In this context, NLP, an artificial intelligence branch, has emerged as a powerful tool for enhancing threat intelligence capabilities. This survey paper provides a comprehensive overview of NLP-based techniques applied in the context of threat intelligence. It begins by describing the foundational definitions and principles of CTI as a major tool for safeguarding digital assets. It then undertakes a thorough examination of NLP-based techniques for CTI data crawling from Web sources, CTI data analysis, Relation Extraction from cybersecurity data, CTI sharing and collaboration, and security threats of CTI. Finally, the challenges and limitations of NLP in threat intelligence are exhaustively examined, including data quality issues and ethical considerations. This survey draws a complete framework and serves as a valuable resource for security professionals and researchers seeking to understand the state-of-the-art NLP-based threat intelligence techniques and their potential impact on cybersecurity.

Published
2023

43. Invisible Threats: Backdoor Attack in OCR Systems

Author

Conti, Mauro, Farronato, Nicola, Koffas, Stefanos, Pajola, Luca, and Picek, Stjepan

Subjects
Computer Science - Cryptography and Security, Computer Science - Computer Vision and Pattern Recognition, Computer Science - Machine Learning
Abstract

Optical Character Recognition (OCR) is a widely used tool to extract text from scanned documents. Today, the state-of-the-art is achieved by exploiting deep neural networks. However, the cost of this performance is paid at the price of system vulnerability. For instance, in backdoor attacks, attackers compromise the training phase by inserting a backdoor in the victim's model that will be activated at testing time by specific patterns while leaving the overall model performance intact. This work proposes a backdoor attack for OCR resulting in the injection of non-readable characters from malicious input images. This simple but effective attack exposes the state-of-the-art OCR weakness, making the extracted text correct to human eyes but simultaneously unusable for the NLP application that uses OCR as a preprocessing step. Experimental results show that the attacked models successfully output non-readable characters for around 90% of the poisoned instances without harming their performance for the remaining instances.

Published
2023

44. AGIR: Automating Cyber Threat Intelligence Reporting with Natural Language Generation

Author

Perrina, Filippo, Marchiori, Francesco, Conti, Mauro, and Verde, Nino Vincenzo

Subjects
Computer Science - Cryptography and Security, Computer Science - Computation and Language
Abstract

Cyber Threat Intelligence (CTI) reporting is pivotal in contemporary risk management strategies. As the volume of CTI reports continues to surge, the demand for automated tools to streamline report generation becomes increasingly apparent. While Natural Language Processing techniques have shown potential in handling text data, they often struggle to address the complexity of diverse data sources and their intricate interrelationships. Moreover, established paradigms like STIX have emerged as de facto standards within the CTI community, emphasizing the formal categorization of entities and relations to facilitate consistent data sharing. In this paper, we introduce AGIR (Automatic Generation of Intelligence Reports), a transformative Natural Language Generation tool specifically designed to address the pressing challenges in the realm of CTI reporting. AGIR's primary objective is to empower security analysts by automating the labor-intensive task of generating comprehensive intelligence reports from formal representations of entity graphs. AGIR utilizes a two-stage pipeline by combining the advantages of template-based approaches and the capabilities of Large Language Models such as ChatGPT. We evaluate AGIR's report generation capabilities both quantitatively and qualitatively. The generated reports accurately convey information expressed through formal language, achieving a high recall value (0.99) without introducing hallucination. Furthermore, we compare the fluency and utility of the reports with state-of-the-art approaches, showing how AGIR achieves higher scores in terms of Syntactic Log-Odds Ratio (SLOR) and through questionnaires. By using our tool, we estimate that the report writing time is reduced by more than 40%, therefore streamlining the CTI production of any organization and contributing to the automation of several CTI tasks., Comment: 10 pages, 7 figures

Published
2023

45. De-authentication using Ambient Light Sensor

Author

Gangwal, Ankit, Paliwal, Aashish, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

While user authentication happens before initiating or resuming a login session, de-authentication detects the absence of a previously-authenticated user to revoke her currently active login session. The absence of proper de-authentication can lead to well-known lunchtime attacks, where a nearby adversary takes over a carelessly departed user's running login session. The existing solutions for automatic de-authentication have distinct practical limitations, e.g., extraordinary deployment requirements or high initial cost of external equipment. In this paper, we propose "DE-authentication using Ambient Light sensor" (DEAL), a novel, inexpensive, fast, and user-friendly de-authentication approach. DEAL utilizes the built-in ambient light sensor of a modern computer to determine if the user is leaving her work-desk. DEAL, by design, is resilient to natural shifts in lighting conditions and can be configured to handle abrupt changes in ambient illumination (e.g., due to toggling of room lights). We collected data samples from 4800 sessions with 120 volunteers in 4 typical workplace settings and conducted a series of experiments to evaluate the quality of our proposed approach thoroughly. Our results show that DEAL can de-authenticate a departing user within 4 seconds with a hit rate of 89.15% and a fall-out of 7.35%. Finally, bypassing DEAL to launch a lunchtime attack is practically infeasible as it requires the attacker to either take the user's position within a few seconds or manipulate the sensor readings sophisticatedly in real-time., Comment: This paper has been accepted for publication in IEEE ACCESS

Published
2023
Full Text
View/download PDF

46. HoneyEVSE: An Honeypot to emulate Electric Vehicle Supply Equipments

Author

Baldo, Massimiliano, Bianchi, Tommaso, Conti, Mauro, Trevisan, Alessio, and Turrin, Federico

Subjects
Computer Science - Cryptography and Security
Abstract

To fight climate change, new "green" technology are emerging, most of them using electricity as a power source. Among the solutions, Electric Vehicles (EVs) represent a central asset in the future transport system. EVs require a complex infrastructure to enable the so-called Vehicle-to-Grid (V2G) paradigm to manage the charging process between the smart grid and the EV. In this paradigm, the Electric Vehicle Supply Equipment (EVSE), or charging station, is the end device that authenticates the vehicle and delivers the power to charge it. However, since an EVSE is publicly exposed and connected to the Internet, recent works show how an attacker with physical tampering and remote access can target an EVSE, exposing the security of the entire infrastructure and the final user. For this reason, it is important to develop novel strategies to secure such infrastructures. In this paper we present HoneyEVSE, the first honeypot conceived to simulate an EVSE. HoneyEVSE can simulate with high fidelity the EV charging process and, at the same time, enables a user to interact with it through a dashboard. Furthermore, based on other charging columns exposed on the Internet, we emulate the login and device information pages to increase user engagement. We exposed HoneyEVSE for 30 days to the Internet to assess its capability and measured the interaction received with its Shodan Honeyscore. Results show that HoneyEVSE can successfully evade the Shodan honeyscore metric while attracting a high number of interactions on the exposed services., Comment: 15 pages

Published
2023

47. Your Battery Is a Blast! Safeguarding Against Counterfeit Batteries with Authentication

Author

Marchiori, Francesco and Conti, Mauro

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning
Abstract

Lithium-ion (Li-ion) batteries are the primary power source in various applications due to their high energy and power density. Their market was estimated to be up to 48 billion U.S. dollars in 2022. However, the widespread adoption of Li-ion batteries has resulted in counterfeit cell production, which can pose safety hazards to users. Counterfeit cells can cause explosions or fires, and their prevalence in the market makes it difficult for users to detect fake cells. Indeed, current battery authentication methods can be susceptible to advanced counterfeiting techniques and are often not adaptable to various cells and systems. In this paper, we improve the state of the art on battery authentication by proposing two novel methodologies, DCAuth and EISthentication, which leverage the internal characteristics of each cell through Machine Learning models. Our methods automatically authenticate lithium-ion battery models and architectures using data from their regular usage without the need for any external device. They are also resilient to the most common and critical counterfeit practices and can scale to several batteries and devices. To evaluate the effectiveness of our proposed methodologies, we analyze time-series data from a total of 20 datasets that we have processed to extract meaningful features for our analysis. Our methods achieve high accuracy in battery authentication for both architectures (up to 0.99) and models (up to 0.96). Moreover, our methods offer comparable identification performances. By using our proposed methodologies, manufacturers can ensure that devices only use legitimate batteries, guaranteeing the operational state of any system and safety measures for the users., Comment: 18 pages, 11 figures

Published
2023

49. Label Inference Attacks against Node-level Vertical Federated GNNs

Author

Arazzi, Marco, Conti, Mauro, Koffas, Stefanos, Krcek, Marina, Nocera, Antonino, Picek, Stjepan, and Xu, Jing

Subjects
Computer Science - Machine Learning, Computer Science - Cryptography and Security
Abstract

Federated learning enables collaborative training of machine learning models by keeping the raw data of the involved workers private. Three of its main objectives are to improve the models' privacy, security, and scalability. Vertical Federated Learning (VFL) offers an efficient cross-silo setting where a few parties collaboratively train a model without sharing the same features. In such a scenario, classification labels are commonly considered sensitive information held exclusively by one (active) party, while other (passive) parties use only their local information. Recent works have uncovered important flaws of VFL, leading to possible label inference attacks under the assumption that the attacker has some, even limited, background knowledge on the relation between labels and data. In this work, we are the first (to the best of our knowledge) to investigate label inference attacks on VFL using a zero-background knowledge strategy. To formulate our proposal, we focus on Graph Neural Networks (GNNs) as a target model for the underlying VFL. In particular, we refer to node classification tasks, which are widely studied, and GNNs have shown promising results. Our proposed attack, BlindSage, provides impressive results in the experiments, achieving nearly 100% accuracy in most cases. Even when the attacker has no information about the used architecture or the number of classes, the accuracy remains above 90% in most instances. Finally, we observe that well-known defenses cannot mitigate our attack without affecting the model's performance on the main classification task.

Published
2023

50. EPUF: A Novel Scheme Based on Entropy Features of Latency-based DRAM PUFs Providing Lightweight Authentication in IoT Networks

Author

Najafi, Fatemeh, Kaveh, Masoud, Mosavi, Mohammad Reza, Brighente, Alessandro, and Conti, Mauro

Subjects
Computer Science - Cryptography and Security
Abstract

Physical unclonable functions (PUFs) are hardware-oriented primitives that exploit manufacturing variations to generate a unique identity for a physical system. Recent advancements showed how DRAM can be exploited to implement PUFs. DRAM PUFs require no additional circuits for PUF operations and can be used in most of the applications with resource-constrained nodes such as Internet of Things (IoT) networks. However, the existing DRAM PUF solutions either require to interrupt other functions in the host system, or provide unreliable responses due to their sensitiveness to the environmental conditions. In this paper, we propose EPUF, a novel strategy to extract random and unique features from DRAM cells to generate reliable PUF responses. In particular, we use the bitmap images of the binary DRAM values and their entropy features. We show via real device experiments that EPUF is approximately $1.7$ times faster than other state of the art solutions, achieves $100\%$ reliability, generates features with $47.79\%$ uniqueness, and supports a large set of CRP that leads to new potentials for DRAM PUF-based authentication. We also propose a lightweight authentication protocol based on EPUF, which not only provides far better security guarantees but also outperforms the state-of-the-art in terms of communication overhead and computational cost.

Published
2023

Catalog

Books, media, physical & digital resources
See catalog results