Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security最新文献

{"title":"Towards Building a Responsible Data Economy","authors":"D. Song","doi":"10.1145/3460120.3482789","DOIUrl":"https://doi.org/10.1145/3460120.3482789","url":null,"abstract":"Data is a key driver of modern economy and AI/machine learning, however, a lot of this data is sensitive and handling the sensitive data has caused unprecedented challenges for both individuals and businesses. These challenges will only get more severe as we move forward in the digital era. In this talk, I will talk about technologies needed for responsible data use including secure computing, differential privacy, federated learning, as well as blockchain technologies for data rights, and how to combine privacy computing technologies and blockchain to building a platform for a responsible data economy, to enable more responsible use of data that maximizes social welfare & economic efficiency while protecting users' data rights and enable fair distribution of value created from data. I will also talk about new paradigms that this approach enables including decentralized data science and data DAO. I will also discuss new frameworks on data valuation.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"207 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124852664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MaMIoT: Manipulation of Energy Market Leveraging High Wattage IoT Botnets","authors":"Tohid Shekari, Celine Irvene, A. Cárdenas, R. Beyah","doi":"10.1145/3460120.3484581","DOIUrl":"https://doi.org/10.1145/3460120.3484581","url":null,"abstract":"If a trader could predict price changes in the stock market better than other traders, she would make a fortune. Similarly in the electricity market, a trader that could predict changes in the electricity load, and thus electricity prices, would be able to make large profits. Predicting price changes in the electricity market better than other market participants is hard, but in this paper, we show that attackers can manipulate the electricity prices in small but predictable ways, giving them a competitive advantage in the market. Our attack is possible when the adversary controls a botnet of high wattage devices such as air conditioning units, which are able to abruptly change the total demand of the power grid. Such attacks are called Manipulation of Demand via IoT (MaDIoT) attacks. In this paper, we present a new variant of MaDIoT and name it Manipulation of Market via IoT (MaMIoT). MaMIoT is the first energy market manipulation cyberattack that leverages high wattage IoT botnets to slightly change the total demand of the power grid with the aim of affecting the electricity prices in the favor of specific market players. Using real-world data obtained from two major energy markets, we show that MaMIoT can significantly increase the profit of particular market players or financially damage a group of players depending on the motivation of the attacker.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122100678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Demo: Detecting Third-Party Library Problems with Combined Program Analysis","authors":"Grigoris Ntousakis, S. Ioannidis, N. Vasilakis","doi":"10.1145/3460120.3485351","DOIUrl":"https://doi.org/10.1145/3460120.3485351","url":null,"abstract":"Third-party libraries ease the software development process and thus have become an integral part of modern software engineering. Unfortunately, they are not usually vetted by human developers and thus are often responsible for introducing bugs, vulnerabilities, or attacks to programs that will eventually reach end-users. In this demonstration, we present a combined static and dynamic program analysis for inferring and enforcing third-party library permissions in server-side JavaScript. This analysis is centered around a RWX permission system across library boundaries. We demonstrate that our tools can detect zero-day vulnerabilities injected into popular libraries and often missed by state-of-the-art tools such as snyk test and npm audit.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122174868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimized Predictive Control for AGC Cyber Resiliency","authors":"M. Nafees, N. Saxena, P. Burnap","doi":"10.1145/3460120.3485358","DOIUrl":"https://doi.org/10.1145/3460120.3485358","url":null,"abstract":"Automatic Generation Control (AGC) is used in smart grid systems to maintain the grid's frequency to a nominal value. Cyber-attacks such as time delay and false data injection on the tie-line power flow, frequency measurements, and Area Control Error (ACE) control signals can cause frequency excursion that can trigger load shedding, generators' damage, and blackouts. Therefore, resilience and detection of attacks are of paramount importance in terms of the reliable operation of the grid. In contrast with the previous works that overlook ACE resiliency, this paper proposes an approach for cyber-attack detection and resiliency in the overall AGC process. We propose a state estimation algorithm approach for the AGC system by utilizing prior information based on Gaussian process regression, a non-parametric, Bayesian approach to regression. We evaluate our approach using the PowerWorld simulator based on the three-area New England IEEE 39-bus model. Moreover, we utilize the modified version of the New England ISO load data for the three-area power system to create a more realistic dataset. Our results clearly show that our resilient control system approach can mitigate the system using predictive control and detect the attack with a 100 percent detection rate in a shorter period using prior auxiliary information.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124109900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"With a Little Help from My Friends: Constructing Practical Anonymous Credentials","authors":"L. Hanzlik, Daniel Slamanig","doi":"10.1145/3460120.3484582","DOIUrl":"https://doi.org/10.1145/3460120.3484582","url":null,"abstract":"Anonymous credentials (ACs) are a powerful cryptographic tool for the secure use of digital services, when simultaneously aiming for strong privacy guarantees of users combined with strong authentication guarantees for providers of services. They allow users to selectively prove possession of attributes encoded in a credential without revealing any other meaningful information about themselves. While there is a significant body of research on AC systems, modern use-cases of ACs such as mobile applications come with various requirements not sufficiently considered so far. These include preventing the sharing of credentials and coping with resource constraints of the platforms (e.g., smart cards such as SIM cards in smartphones). Such aspects are typically out of scope of AC constructions, and, thus AC systems that can be considered entirely practical have been elusive so far. In this paper we address this problem by introducing and formalizing the notion of core/helper anonymous credentials (CHAC). The model considers a constrained core device (e.g., a SIM card) and a powerful helper device (e.g., a smartphone). The key idea is that the core device performs operations that do not depend on the size of the credential or the number of attributes, but at the same time the helper device is unable to use the credential without its help. We present a provably secure generic construction of CHACs using a combination of signatures with flexible public keys (SFPK) and the novel notion of aggregatable attribute-based equivalence class signatures (AAEQ) along with a concrete instantiation. The key characteristics of our scheme are that the size of showing tokens is independent of the number of attributes in the credential(s) and that the core device only needs to compute a single elliptic curve scalar multiplication, regardless of the number of attributes. We confirm the practical efficiency of our CHACs with an implementation of our scheme on a Multos smart card as the core and an Android smartphone as the helper device. A credential showing requires less than 500 ms on the smart card and around 200 ms on the smartphone (even for a credential with 1000 attributes).","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125901693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"OnionPIR: Response Efficient Single-Server PIR","authors":"M. Mughees, Hao Chen, Ling Ren","doi":"10.1145/3460120.3485381","DOIUrl":"https://doi.org/10.1145/3460120.3485381","url":null,"abstract":"This paper presents OnionPIR and stateful OnionPIR, two single-server PIR schemes that significantly improve the response size and computation cost over state-of-the-art schemes. OnionPIR scheme utilizes recent advances in somewhat homomorphic encryption (SHE) and carefully composes two lattice-based SHE schemes and homomorphic operations to control the noise growth and response size. Stateful OnionPIR uses a technique based on the homomorphic evaluation of copy networks. OnionPIR achieves a response overhead of just 4.2x over the insecure baseline, in contrast to the 100x response overhead of state-of-the-art schemes. Our stateful OnionPIR scheme improves upon the recent stateful PIR framework of Patel et al. and drastically reduces its response overhead by avoiding downloading the entire database in the offline stage. Compared to stateless OnionPIR, Stateful OnionPIR reduces the computation cost by 1.8~x for different database sizes.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126589616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Predictive Cipher-Suite Negotiation for Boosting Deployment of New Ciphers","authors":"Elias Heftrig, Jean-Pierre Seifert, Haya Shulman, M. Waidner, Nils Wisiol","doi":"10.1145/3460120.3485349","DOIUrl":"https://doi.org/10.1145/3460120.3485349","url":null,"abstract":"Deployment of strong cryptographic ciphers for DNSSEC is essential for long term security of DNS. Unfortunately, due to the hurdles involved in adoption of new ciphers coupled with the limping deployment of DNSSEC, most domains use the weak RSA-1024 cipher. The main problem towards deployment of new ciphers is the resulting bloat of DNSSEC-signed responses due to support of multiple ciphers. This causes not only load on network, but worse, it results in DNS lookup failures, e.g., many network devices block such huge packets. Merely dropping the old ciphers and moving to use new stronger ciphers is not an option since this would break the DNS functionality for all the clients which do not support those new ciphers. The requirement to support new ciphers on both clients and servers coupled with the possible DNS failures due to the resulting large responses reduces the motivation to improve the security of DNS. We aim to resolve this vicious circle. In this work we propose an approach for deployment of new ciphers using a single-sided cipher-suite negotiation. Our mechanism uses machine learning for inferring the set of ciphers potentially supported by the client and then selecting the best cipher from that list. Our evaluations demonstrate that our single-sided cipher-suite negotiation not only allows the domains to unilaterally improve security without waiting for clients to integrate support for new secure ciphers, but it also improves DNS performance by reducing failures. Our results show that a single sided solution can, not only push adoption of new ciphers forward, but it also will resolve the existing interoperability problems with DNSSEC. Our design and preliminary analysis on the feasibility of applying machine learning to this context results in more secure and available DNSSEC. We outline our methodology for machine learning assisted cipher-suite negotiation and provide steps and challenges for future research.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129098325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Learning to Explore Paths for Symbolic Execution","authors":"Jingxuan He, Gishor Sivanrupan, Petar Tsankov, Martin T. Vechev","doi":"10.1145/3460120.3484813","DOIUrl":"https://doi.org/10.1145/3460120.3484813","url":null,"abstract":"Symbolic execution is a powerful technique that can generate tests steering program execution into desired paths. However, the scalability of symbolic execution is often limited by path explosion, i.e., the number of symbolic states representing the paths under exploration quickly explodes as execution goes on. Therefore, the effectiveness of symbolic execution engines hinges on the ability to select and explore the right symbolic states. In this work, we propose a novel learning-based strategy, called Learch, able to effectively select promising states for symbolic execution to tackle the path explosion problem. Learch directly estimates the contribution of each state towards the goal of maximizing coverage within a time budget, as opposed to relying on manually crafted heuristics based on simple statistics as a crude proxy for the objective. Moreover, Learch leverages existing heuristics in training data generation and feature extraction, and can thus benefit from any new expert-designed heuristics. We instantiated Learch in KLEE, a widely adopted symbolic execution engine. We evaluated Learch on a diverse set of programs, showing that Learch is practically effective: it covers more code and detects more security violations than existing manual heuristics, as well as combinations of those heuristics. We also show that using tests generated by Learch as initial fuzzing seeds enables the popular fuzzer AFL to find more paths and security violations.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130809310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Invisible Shadow: How Security Cameras Leak Private Activities","authors":"Jian Gong, Xinyu Zhang, Ju Ren, Yaoxue Zhang","doi":"10.1145/3460120.3484741","DOIUrl":"https://doi.org/10.1145/3460120.3484741","url":null,"abstract":"This paper presents a new privacy threat, the Invisible Infrared Shadow Attack (IRSA), which leverages the inconspicuous infrared (IR) light emitted by indoor security cameras, to reveal in-home human activities behind opaque curtains. The key observation is that the in-home IR light source can project invisible shadows on the window curtains, which can be captured by an attacker outside using an IR-capable camera. The major challenge for IRSA lies in the shadow deformation caused by a variety of environmental factors involving the IR source position and curtain shape, which distorts the body contour. A two-stage attack scheme is proposed to circumvent the challenge. Specifically, a DeShaNet model performs accurate shadow keypoint detection through multi-dimension feature fusion. Then a scene constructor maps the 2D shadow keypoints to 3D human skeletons by iteratively reproducing the on-site shadow projection process in a virtual Unity 3D environment. Through comprehensive evaluation, we show that the proposed attack scheme can be successfully launched to recover 3D skeleton of the victims, even under severe shadow deformation. Finally, we propose potential defense mechanisms against the IRSA.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131015737","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Reverse Attack: Black-box Attacks on Collaborative Recommendation","authors":"Yihe Zhang, Xu Yuan, Jin Li, Jiadong Lou, Li Chen, N. Tzeng","doi":"10.1145/3460120.3484805","DOIUrl":"https://doi.org/10.1145/3460120.3484805","url":null,"abstract":"Collaborative filtering (CF) recommender systems have been extensively developed and widely deployed in various social websites, promoting products or services to the users of interest. Meanwhile, work has been attempted at poisoning attacks to CF recommender systems for distorting the recommend results to reap commercial or personal gains stealthily. While existing poisoning attacks have demonstrated their effectiveness with the offline social datasets, they are impractical when applied to the real setting on online social websites. This paper develops a novel and practical poisoning attack solution toward the CF recommender systems without knowing involved specific algorithms nor historical social data information a priori. Instead of directly attacking the unknown recommender systems, our solution performs certain operations on the social websites to collect a set of sampling data for use in constructing a surrogate model for deeply learning the inherent recommendation patterns. This surrogate model can estimate the item proximities, learned by the recommender systems. By attacking the surrogate model, the corresponding solutions (for availability and target attacks) can be directly migrated to attack the original recommender systems. Extensive experiments validate the generated surrogate model's reproductive capability and demonstrate the effectiveness of our attack upon various CF recommender algorithms.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"141 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131557500","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}