Proceedings of the 18th International Conference on Availability, Reliability and Security最新文献_第7页

You Only Get One-Shot: Eavesdropping Input Images to Neural Network by Spying SoC-FPGA Internal Bus 你只有一次机会:通过监视SoC-FPGA内部总线窃听输入图像到神经网络

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600189

M. Thu, Maria Méndez Real, M. Pelcat, P. Besnier

{"title":"You Only Get One-Shot: Eavesdropping Input Images to Neural Network by Spying SoC-FPGA Internal Bus","authors":"M. Thu, Maria Méndez Real, M. Pelcat, P. Besnier","doi":"10.1145/3600160.3600189","DOIUrl":"https://doi.org/10.1145/3600160.3600189","url":null,"abstract":"Deep learning is currently integrated into edge devices with strong energy consumption and real-time constraints. To fulfill such requirements, high hardware performances can be provided by hardware acceleration of heterogeneous integrated circuits (IC) such as System-on-Chip (SoC)-field programmable gate arrays (FPGAs). With the rising popularity of hardware accelerators for artificial intelligence (AI), more and more neural networks are employed in a variety of domains, involving computer vision applications. Autonomous driving, defence and medical domains are well-known examples from which the latter two in particular require processing sensitive and private data. Security issues of such systems should be addressed to prevent the breach of privacy and unauthorised exploitation of systems. In this paper, we demonstrate a confidentiality vulnerability in a SoC-based FPGA binarized neural network (BNN) accelerator implemented with a recent mainstream framework, FINN, and successfully extract the secret BNN input image by using an electromagnetic (EM) side-channel attack. Experiments demonstrate that with the help of a near-field magnetic probe, an attacker can, with only one inference, directly retrieve sensitive information from EM emanations produced by the internal bus of the SoC-FPGA. Our attack reconstructs SoC-FPGA internal images and recognizes a handwritten digit image with an average accuracy of 89% using a non-retrained MNIST classifier. Such vulnerability jeopardizes the confidentiality of SoC-FPGA embedded AI systems by exploiting side-channels that withstand the protection of chip I/Os through cryptographic methods.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122203047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Practical Verifiable & Privacy-Preserving Double Auctions 实用的可验证和隐私保护双重拍卖

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600190

Armin Memar Zahedani, Jelle Vos, Z. Erkin

{"title":"Practical Verifiable & Privacy-Preserving Double Auctions","authors":"Armin Memar Zahedani, Jelle Vos, Z. Erkin","doi":"10.1145/3600160.3600190","DOIUrl":"https://doi.org/10.1145/3600160.3600190","url":null,"abstract":"Double auctions are procedures to trade commodities such as electricity or parts of the wireless spectrum at optimal prices. Buyers and sellers inform the auctioneer what quantity they want to buy or sell at specific prices. The auctioneer aggregates these offers into demand and supply curves and finds the intersection representing the optimal price. In this way, commodities exchange owners in an economically-efficient manner. Ideally, the auctioneer is a trusted third party that does not abuse the information they gain. However, the offers reveal sensitive information about the traders, which the auctioneer may use for economic gain as insider information. These concerns are not theoretical; investigations against auctioneers in electricity and advertisement auctions for manipulating auctions are ongoing. These concerns call for solutions that conduct double auctions in a privacy-preserving and verifiable way. However, current solutions are impractical: To the best of our knowledge, the only solutions satisfying these properties require full interaction of all participants. In this work, we design a more practical solution. We propose the first privacy-preserving and verifiable double auction scheme that does not require traders to interact actively, tailored to electricity trading on (inter)national exchanges. Our solution relies on homomorphic encryption, commitments, and zero-knowledge proofs. In a simulated auction with 256 traders, we observe that traders take up to 10 seconds to generate their order, the auctioneer takes 10 seconds to verify an order, and the auction result is computed and verified in 30 seconds. We extrapolate these results to larger auctions to show the practical potential.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122342125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Nakula: Coercion Resistant Data Storage against Time-Limited Adversary Nakula:对抗时间限制对手的抗强制数据存储

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600175

Hayyu Imanda, K. Rasmussen

{"title":"Nakula: Coercion Resistant Data Storage against Time-Limited Adversary","authors":"Hayyu Imanda, K. Rasmussen","doi":"10.1145/3600160.3600175","DOIUrl":"https://doi.org/10.1145/3600160.3600175","url":null,"abstract":"Both private citizens and professionals including journalists and whistleblowers can find themselves in a situation where they need to physically carry confidential data on a mobile device, through a situation where they might have their device seized and be subject to interrogation. In that case the user may be required to hand over the data by providing the password to unlock the device, violating confidentiality. Many existing proposals to address this issue involve the user lying to the interrogator to convince them that there is no data present, or that they forgot the password, or provide them with a second password that reveal different information. Although data hiding or alternative passwords can be useful solutions, we want to avoid this and instead focus on a scheme where the user can show that they cannot possibly access the data. In this paper we propose Nakula, a mechanism that enables a user to lock down data with a single click (or voice command, gesture, etc.), enabling secure data transport. The information remains confidential against a very strong adversary who has full control over both the network and the device; and has the ability to force the user to cooperate through coercion. Nakula is designed so that the user does not have to lie or provide any misleading information at all. To achieve this, the user temporarily loses the ability to access the data and will need a trusted third party to recover it. We present a detailed design and security analysis of Nakula, and a proof-of-concept implementation that demonstrates the feasibility of using standard mobile phones to carry data. Finally we discuss several context-specific authentication methods that can be used with the scheme to enable data recovery in a variety of situations.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127329342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A2P2 - An Android Application Patching Pipeline Based On Generic Changesets A2P2 -基于通用变更集的Android应用补丁管道

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600172

Florian Draschbacher

{"title":"A2P2 - An Android Application Patching Pipeline Based On Generic Changesets","authors":"Florian Draschbacher","doi":"10.1145/3600160.3600172","DOIUrl":"https://doi.org/10.1145/3600160.3600172","url":null,"abstract":"Inspecting and manipulating runtime behavior of Android applications is a common need in mobile security research. However, existing tools lack a holistic application-agnostic approach. They either require changes to be manually adapted to each target application, or they focus exclusively on executable code parts, neglecting the key role the application manifest and resources play in the Android ecosystem. This limits their use for research purposes, where a specific series of modifications on various app components frequently has to be applied to a whole body of applications. In this paper, we present A2P2, a flexible patching pipeline for compiled Android applications. Our system encompasses a custom declarative patch format for specifying complex manipulations on all parts of an application package. Patch projects are developed inside the Android Studio IDE and compiled into patch packages. These may then be applied to an arbitrary number of application package (APK) files through our flexible patching pipeline implementation. Existing pipeline stages may be freely arranged and augmented with user-supplied custom stages so that entirely new sophisticated transformations may be implemented from a range of core primitives. For manipulating Dalvik bytecode, we provide two different rewriting backends and an abstraction that enables addition of new rewriting technologies transparently to patch projects. We demonstrate A2P2’s efficiency and efficacy by providing estimates for deployment speed and effects on compatibility, application size, and runtime performance for typical use cases. Lastly, we implement A2P2 patches that reproduce previous research and facilitate common security analysis tasks.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129281216","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The DYNABIC approach to resilience of critical infrastructures 关键基础设施弹性的动态方法

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605055

Erkuden Rios, Eider Iturbe, Angel Rego, Nicolas Ferry, J. Tigli, S. Lavirotte, Gérald Rocher, Phu Nguyen, Hui Song, R. Dautov, Wissam Mallouli, A. Cavalli

{"title":"The DYNABIC approach to resilience of critical infrastructures","authors":"Erkuden Rios, Eider Iturbe, Angel Rego, Nicolas Ferry, J. Tigli, S. Lavirotte, Gérald Rocher, Phu Nguyen, Hui Song, R. Dautov, Wissam Mallouli, A. Cavalli","doi":"10.1145/3600160.3605055","DOIUrl":"https://doi.org/10.1145/3600160.3605055","url":null,"abstract":"With increasing interdependencies and evolving threats, maintaining operational continuity in critical systems has become a significant challenge. This paper presents the DYNABIC (Dynamic business continuity of critical infrastructures on top of adaptive multi-level cybersecurity) approach as a comprehensive framework to enhance the resilience of critical infrastructures. The DYNABIC approach provides the resilience enhancement through dynamic adaptation, automated response, collaboration, risk assessment, and continuous improvement. By fostering a proactive and collaborative approach to resilience, the DYNABIC framework empowers critical infrastructure sectors to effectively mitigate disruptions and recover from incidents. The paper explores the key components and architecture of the DYNABIC approach and highlights its potential to strengthen the resilience of critical infrastructures using the concept of Digital Twins in the face of evolving threats and complex operating environments involving cascading effects.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127780512","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Digital Forensics Triage App for Android 数字取证分类应用程序为Android

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605017

Jannik Neth, Marko Schuba, Karsten Brodkorb, Georg Neugebauer, T. Hoener, Sacha Hack

{"title":"Digital Forensics Triage App for Android","authors":"Jannik Neth, Marko Schuba, Karsten Brodkorb, Georg Neugebauer, T. Hoener, Sacha Hack","doi":"10.1145/3600160.3605017","DOIUrl":"https://doi.org/10.1145/3600160.3605017","url":null,"abstract":"Digital forensics of smartphones is of utmost importance in many criminal cases. As modern smartphones store chats, photos, videos etc. that can be relevant for investigations and as they can have storage capacities of hundreds of gigabytes, they are a primary target for forensic investigators. However, it is exactly this large amount of data that is causing problems: extracting and examining the data from multiple phones seized in the context of a case is taking more and more time. This bears the risk of wasting a lot of time with irrelevant phones while there is not enough time left to analyze a phone which is worth examination. Forensic triage can help in this case: Such a triage is a preselection step based on a subset of data and is performed before fully extracting all the data from the smartphone. Triage can accelerate subsequent investigations and is especially useful in cases where time is essential. The aim of this paper is to determine which and how much data from an Android smartphone can be made directly accessible to the forensic investigator – without tedious investigations. For this purpose, an app has been developed that can be used with extremely limited storage of data in the handset and which outputs the extracted data immediately to the forensic workstation in a human- and machine-readable format.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130485534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Security level evaluation with F4SLE 使用F4SLE进行安全级别评估

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605045

M. Seeba, Tarmo Oja, M. Murumaa, Václav Stupka

引用次数: 0

A Forensic I/O Recorder for Industrial Control Systems Using PLCs and OPC UA 使用plc和OPC UA的工业控制系统的取证I/O记录器

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605059

Alexios Karagiozidis, M. Gergeleit

{"title":"A Forensic I/O Recorder for Industrial Control Systems Using PLCs and OPC UA","authors":"Alexios Karagiozidis, M. Gergeleit","doi":"10.1145/3600160.3605059","DOIUrl":"https://doi.org/10.1145/3600160.3605059","url":null,"abstract":"The increasing network connectivity of automation or industrial control systems (ICS) through Industrie 4.0 has led to higher risks of attacks, where remote attackers can compromise industrial devices or networks to maliciously change or inject data, as well as send malicious commands that can damage machines or impair production efficiency. However, evidence gathering for such attacks can be challenging due to the lack of forensic compliant logging capabilities, as well as the high heterogeneity of these devices that makes it difficult to find generalized approaches for collecting evidence or artifacts from an ICS system. Furthermore industrial devices have limited hardware and CPU resources making established IT forensics not applicable to these devices. To address this challenge, we use an industrial device, specifically a Programmable Logic Controller (PLC), as a non intrusive I/O recorder to log I/O changes in a forensically compliant manner. In addition, we use OPC UA to securely transmit the data as well as to allow deployment of the approach to a broader range of devices by establishing a forensic information model or OPC UA server interface.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132625029","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Comprehensive Study on Third-Party User Tracking in Mobile Applications 移动应用中第三方用户跟踪的综合研究

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605079

F. Paci, Jacopo Pizzoli, Nicola Zannone

{"title":"A Comprehensive Study on Third-Party User Tracking in Mobile Applications","authors":"F. Paci, Jacopo Pizzoli, Nicola Zannone","doi":"10.1145/3600160.3605079","DOIUrl":"https://doi.org/10.1145/3600160.3605079","url":null,"abstract":"Third-party tracking is becoming a prevalent practice in mobile app ecosystems. While providing benefits for app developers, this practice also introduces several privacy issues for end-users. The European General Data Protection Regulation (GDPR) and the ePrivacy Directive (ePD) mandate that mobile apps must obtain user consent before sharing users’ personal data with third-party trackers. This work presents an empirical study investigating the compliance of 400 popular mobile apps (200 Android apps and their corresponding version for iOS) with the ePD and GDPR requirements on valid consent. Moreover, we determined whether these mobile apps actually enforce the consent given by users on being tracked and which are the more common third-party tracker domains contacted by the apps. The analysis shows that none of the studied apps fully comply with ePD and GDPR requirements on valid consent. The most common violations were associated with the principles of freely-given, specific, and revocable consent. Moreover, we found that almost half of the analyzed apps contact third-party tracker domains even when the user has not given their consent to be tracked.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131128861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Linux-based IoT Benchmark Generator For Firmware Security Analysis Tools 基于linux的物联网基准生成器固件安全分析工具

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600181

Dairo de Ruck, Victor Goeman, M. Willocx, Jorn Lapon, Vincent Naessens

{"title":"Linux-based IoT Benchmark Generator For Firmware Security Analysis Tools","authors":"Dairo de Ruck, Victor Goeman, M. Willocx, Jorn Lapon, Vincent Naessens","doi":"10.1145/3600160.3600181","DOIUrl":"https://doi.org/10.1145/3600160.3600181","url":null,"abstract":"There is a growing interest of IoT manufacturers to incorporate firmware analysis tools in their development pipeline to evaluate the security of new embedded devices. This has the advantage of discovering security issues before the device is marketed. However, each device has its own design, including different architectures, services and communication protocols, programmed and configured in different programming languages. This diversity results in potentially complete categories of vulnerabilities discarded by the firmware security analysis tools. Hence, a positive outcome of such tools may result in incorrect conclusions. To address this challenge, we propose B4IoT, a platform that generates customized Linux-based firmware benchmarks, that are representative of the manufacturers’ devices. It enables those organizations to evaluate both static and dynamic firmware security analysis tools, to gain insight into what categories of vulnerabilities are found, and which aren’t. This allows either to discard tools completely or complement them with additional tools that focus on the missing categories. The platform will be made available online and is evaluated using five state-of-the-art open-source firmware analysis tools.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126717042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0