Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks最新文献

{"title":"ColoT","authors":"Mathieu Cunche, D. L. Métayer, Victor Morel","doi":"10.1145/3395351.3401797","DOIUrl":"https://doi.org/10.1145/3395351.3401797","url":null,"abstract":"The Internet of Things (IoT) raises specific issues in terms of information and consent, which makes the implementation of the General Data Protection Regulation (GDPR) challenging in this context. In this demo paper, we propose a prototype implementation of a consent and information assistant for the IoT coined CoIoT. This assistant is presented as an Android application called a Personal Data Custodian (PDC), working with devices called BLE Privacy Beacons. CoIoT enables the automatic communication of information about personal data collection, as well as a seamless management of consent to personal data collection.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121607910","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Venom","authors":"Guillaume Celosia, Mathieu Cunche","doi":"10.1145/3395351.3401696","DOIUrl":"https://doi.org/10.1145/3395351.3401696","url":null,"abstract":"The Bluetooth Low Energy (BLE) protocol is being included in mobile devices such as smartphones, headphones and smartwatches. As part of the BLE service discovery mechanism, devices announce their presences by broadcasting radio signals called advertisement packets that can be collected with off-the-shelf hardware and software. To avoid the risk of tracking based on those messages, BLE features an address randomization mechanism substituting the device MAC address with random temporary pseudonyms. However, the payload of advertisement packets still contains fields that can negate the randomization mechanism by exposing static identifiers. In this paper, we present Venom (Visual and ExperimeNtal Bluetooth Low Energy tracking systeM), an experimental tracking platform aiming to raise public awareness about physical tracking technologies and experiment privacy-preserving mechanisms. Venom tracks users by collecting advertisement packets broadcasted by their BLE-enabled devices, and displays related information.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"137 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121950797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Truncate after preamble: PHY-based starvation attacks on IoT networks","authors":"Stefan Gvozdenovic, Johannes K. Becker, John Mikulskis, D. Starobinski","doi":"10.1145/3395351.3399356","DOIUrl":"https://doi.org/10.1145/3395351.3399356","url":null,"abstract":"We present and evaluate Truncate-after-Preamble (TaP) attacks, whereby a receiver cannot decode an incoming signal despite good channel conditions. In a TaP attack, the attacker announces a large payload length using a standard preamble and packet length field, but omits to transmit the payload. We implement the TaP attack on a SDR platform, and evaluate the effectiveness of the attack on five Zigbee and seven Wi-Fi devices sold by different manufacturers. We show that all of the Zigbee devices are vulnerable to the attack, while the Wi-Fi devices are vulnerable to the attack to varying degrees. Chiefly, we show that an attacker can cause over 90% packet loss on a Zigbee or Wi-Fi channel, using respectively six or five orders of magnitude less energy than a constant jammer would. Finally, we present several methods, with different degrees of sophistication, for detecting the attacks.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114456695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ivPair","authors":"Kyuin Lee, Neil Klingensmith, D. He, Suman Banerjee, Younghyun Kim","doi":"10.1145/3395351.3399436","DOIUrl":"https://doi.org/10.1145/3395351.3399436","url":null,"abstract":"The emergence of advanced in-vehicle infotainment (IVI) systems, such as Apple CarPlay and Android Auto, calls for fast and intuitive device pairing mechanisms to discover newly introduced devices and make or break a secure, high-bandwidth wireless connection. Current pairing schemes are tedious and lengthy as they typically require users to go through pairing and verification procedures by manually entering a predetermined or randomly generated pin on both devices. This inconvenience usually results in prolonged usage of old pins, significantly degrading the security of network connections. To address this challenge, we propose ivPair, a secure and usable device pairing protocol that extracts an identical pairing pin or fingerprint from vehicle's vibration response caused by various factors such as driver's driving pattern, vehicle type, and road conditions. Using ivPair, users can pair a mobile device equipped with an accelerometer with the vehicle's IVI system or other mobile devices by simply holding it against the vehicle's interior frame. Under realistic driving experiments with various types of vehicles and road conditions, we demonstrate that all passenger-owned devices can expect a high pairing success rate with a short pairing time, while effectively rejecting proximate adversaries attempting to pair with the target vehicle.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121914884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An empirical study of potentially malicious third-party libraries in Android apps","authors":"Zicheng Zhang, Wenrui Diao, Chengyu Hu, Shanqing Guo, Chaoshun Zuo, Li Li","doi":"10.1145/3395351.3399346","DOIUrl":"https://doi.org/10.1145/3395351.3399346","url":null,"abstract":"The rapid development of Android apps primarily benefits from third-party libraries that provide well-encapsulated functionalities. On the other hand, more and more malicious libraries are discovered in the wild, which brings new security challenges. Despite some previous studies focusing on the malicious libraries, however, most of them only study specific types of libraries or individual cases. The security community still lacks a comprehensive understanding of potentially malicious libraries (PMLs) in the wild. In this paper, we systematically study the PMLs based on a large-scale APK dataset (over 500K samples), including extraction, identification, and comprehensive analysis. On the high-level, we conducted a two-stage study. In the first stage, to collect enough analyzing samples, we designed an automatic tool to extract libraries and identify PMLs. In the second stage, we conducted a comprehensive study of the obtained PMLs. Notably, we analyzed four representative aspects of PMLs: library repackaging, exposed behaviors, permissions, and developer connections. Several interesting facts were discovered. We believe our study will provide new knowledge of malicious libraries and help design targets defense solutions to mitigate the corresponding security risks.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127621249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Protecting location privacy from untrusted wireless service providers","authors":"Keen Sung, B. Levine, M. Zheleva","doi":"10.1145/3395351.3399369","DOIUrl":"https://doi.org/10.1145/3395351.3399369","url":null,"abstract":"Access to mobile wireless networks has become critical for day-to-day life. However, it also inherently requires that a user's geographic location is continuously tracked by the service provider. It is challenging to maintain location privacy, especially from the provider itself. To do so, a user can switch through a series of identifiers, and even go offline between each one, though it sacrifices utility. This strategy can make it difficult for an adversary to perform location profiling and trajectory linking attacks that match observed behavior to a known user. In this paper, we model and quantify the trade-off between utility and location privacy. We quantify the privacy available to a community of users that are provided wireless service by an untrusted provider. We first formalize two important user traits that derive from their geographic behavior: predictability and mixing, which underpin the attainable privacy and utility against both profiling and trajectory linking attacks. Second, we study the prevalence of these traits in two real-world datasets with user mobility. Finally, we simulate and evaluate the efficacy of a model protocol, which we call Zipphone, in a real-world community of hundreds of users protecting themselves from their ISP. We demonstrate that users can improve their privacy by up to 45% by abstaining minimally (e.g., by sacrificing at most 5% of their uptime). We discuss how a privacy-preserving protocol similar to our model can be deployed in a modern cellular network.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133033710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SVM: secure vehicle motion verification with a single wireless receiver","authors":"Mingshun Sun, Yanmao Man, Ming Li, Ryan M. Gerdes","doi":"10.1145/3395351.3399348","DOIUrl":"https://doi.org/10.1145/3395351.3399348","url":null,"abstract":"Connected vehicles leverage wireless interfaces to broadcast their motion state information for improved traffic safety and efficiency. It is crucial for their motion claims (location and velocity) to be verified at the receivers to detect spoofing attacks. Existing approaches typically require multiple cooperative distributed verifiers, which is not applicable to vehicular networks. In this work, we propose a secure motion verification scheme based on Angle-of-Arrival and Frequency-of-Arrival that only requires a single verifier, by exploiting opportunistic signal reflection paths in the environment to create multiple virtual verifiers. We analyze the security of our scheme both theoretically and under realistic road topology. We also carry out real-world experiments with two vehicles in a campus environment, and results show that our scheme can accurately detect false motion claims in a low relative speed vehicular network.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123250749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Security in terahertz WLANs with Leaky wave antennas","authors":"Chia-Yi Yeh, Yasaman Ghasempour, Yasith Amarasinghe, D. Mittleman, E. Knightly","doi":"10.1145/3395351.3399365","DOIUrl":"https://doi.org/10.1145/3395351.3399365","url":null,"abstract":"This paper presents the first security study of THz networks with Leaky Wave Antennas (LWAs). We employ a mix of analytical models and over-the-air experiments to explore the unique security properties of LWA links. We show via both models and experiments that the LWA's angle-frequency coupling leads to non-uniform secrecy capacity across sub-channels yielding advantages to an eavesdropper at edge frequencies. Yet, because different frequencies emit energy at different angles, the eavesdropper is thwarted from easily intercepting an entire wideband transmission. The experiments diverge from the analytical model in that the model underpredicts the eavesdropper's advantage at angles smaller than the target user and subsequent asymmetric performance across angles. Nonetheless, both the model and measurements show that increasingly wide bandwidth and correspondingly wide beams have only a modest marginal security penalty.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132164727","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"AnaMPhy","authors":"J. Prakash, Rajesh Pachigolla, Aman Goyal, Parthajit Mohapatra, Tony Q. S. Quek","doi":"10.1145/3395351.3401704","DOIUrl":"https://doi.org/10.1145/3395351.3401704","url":null,"abstract":"This work is motivated by the fact that the secret key generation and refreshment of the key at the physical layer, based on randomness from reciprocity in the wireless channel, is challenged by little variations in the channel, particularly in an indoor environment. We propose a new technique, AnaMPhy, which uses multi-fold anonymity to refresh key at a high rate at two participating transceivers. The key generation and agreement in AnaMPhy is functional in challenging environments with very low or no variations in wireless channels. The idea is to hide the identity of the transmitter and the receiver, using medium access control (MAC) and physical layer strategies (randomization in oscillator drift), and use pulse amplitude modulation (PAM) symbols to confuse and adversary. The secret key is the function of the message's source, chosen symbols and the channel's state. In doing so, confusion at the adversary increases manifold and Alice and Bob are able to refresh their secrets whenever needed. The proposed method is also implemented on software-defined radio (SDR). We argue that key refreshment using low complexity secret refreshment of AnaMPhy would be critical for decentralized systems in IoT and cyber physical systems (CPS) networks.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115750978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Hacksaw","authors":"Prakash Shrestha, Nitesh Saxena","doi":"10.1145/3395351.3399366","DOIUrl":"https://doi.org/10.1145/3395351.3399366","url":null,"abstract":"The currently deployed web authentication model, involving only entry-point authentication of users, does not do anything to protect against account takeover attacks. Once the attacker has compromised the entry-point authentication method, such as by learning a user's password or even two-factor authentication credentials via widely exploited mechanisms such as phishing and password database breaches, or has hijacked a login session, he can fully access and abuse the user's account and associated services. To respond to this critical vulnerability, we introduce the notion of non-stop post-entry authentication, to be integrated with any entry-point authentication method, using which the web service can proactively authenticate the user throughout the login session invisibly in the background without explicit user involvement and without the need for storing user-specific templates (like in biometric systems) thereby preserving user privacy. We design a transparent and privacy-preserving non-stop authentication system, called Hacksaw, using a wrist-worn personal wearable device that authenticates the user continually by correlating the input events on the website (e.g., keyboard and mouse activities) with the user's corresponding hand movements captured via the device's motion sensors. Specifically, at its core, Hacksaw's correlation algorithm computes the cosine similarity of the hand gesture with the stored generic (i.e., non user-specific) templates of input gestures. We build an instance of Hacksaw's implementation on an Android smartwatch as the wearable and desktops/laptops as the client terminals, and comprehensively evaluate it under benign and adversarial settings. Our results suggest that Hacksaw can keep the legitimate users logged into their accounts for long durations, while promptly detecting or automatically deauthenticating remote and proximity attackers attempting to take over the users' account following the compromise of the initial login credentials or hijacking of the login session. Given that wrist-worn wearable devices are already increasingly used in many domains of daily lives (including security applications), we believe that Hacksaw can be incorporated to the current web authentication model, especially to sensitive web services such as banking or e-commerce, to significantly improve its security against online fraud, without additional effort from the users and without degrading user privacy.","PeriodicalId":165929,"journal":{"name":"Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124109074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}