Proceedings 2023 Network and Distributed System Security Symposium最新文献

{"title":"Fusion: Efficient and Secure Inference Resilient to Malicious Servers","authors":"Caiqin Dong, Jian Weng, Jia-Nan Liu, Yue Zhang, Yao Tong, Anjia Yang, Yudan Cheng, Shun Hu","doi":"10.14722/ndss.2023.23199","DOIUrl":"https://doi.org/10.14722/ndss.2023.23199","url":null,"abstract":"In secure machine learning inference, most of the schemes assume that the server is semi-honest (honestly following the protocol but attempting to infer additional information). However, the server may be malicious (e.g., using a low-quality model or deviating from the protocol) in the real world. Although a few studies have considered a malicious server that deviates from the protocol, they ignore the verification of model accuracy (where the malicious server uses a low-quality model) meanwhile preserving the privacy of both the server's model and the client's inputs. To address these issues, we propose textit{Fusion}, where the client mixes the public samples (which have known query results) with their own samples to be queried as the inputs of multi-party computation to jointly perform the secure inference. Since a server that uses a low-quality model or deviates from the protocol can only produce results that can be easily identified by the client, textit{Fusion} forces the server to behave honestly, thereby addressing all those aforementioned issues without leveraging expensive cryptographic techniques. Our evaluation indicates that textit{Fusion} is 48.06$times$ faster and uses 30.90$times$ less communication than the existing maliciously secure inference protocol (which currently does not support the verification of the model accuracy). In addition, to show the scalability, we conduct ImageNet-scale inference on the practical ResNet50 model and it costs 8.678 minutes and 10.117 GiB of communication in a WAN setting, which is 1.18$times$ faster and has 2.64$times$ less communication than those of the semi-honest protocol.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128664613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RoVISQ: Reduction of Video Service Quality via Adversarial Attacks on Deep Learning-based Video Compression","authors":"Jung-Woo Chang, Mojan Javaheripi, Seira Hidano, F. Koushanfar","doi":"10.14722/ndss.2023.23165","DOIUrl":"https://doi.org/10.14722/ndss.2023.23165","url":null,"abstract":"Video compression plays a crucial role in video streaming and classification systems by maximizing the end-user quality of experience (QoE) at a given bandwidth budget. In this paper, we conduct the first systematic study for adversarial attacks on deep learning-based video compression and downstream classification systems. Our attack framework, dubbed RoVISQ, manipulates the Rate-Distortion ($textit{R}$-$textit{D}$) relationship of a video compression model to achieve one or both of the following goals: (1) increasing the network bandwidth, (2) degrading the video quality for end-users. We further devise new objectives for targeted and untargeted attacks to a downstream video classification service. Finally, we design an input-invariant perturbation that universally disrupts video compression and classification systems in real time. Unlike previously proposed attacks on video classification, our adversarial perturbations are the first to withstand compression. We empirically show the resilience of RoVISQ attacks against various defenses, i.e., adversarial training, video denoising, and JPEG compression. Our extensive experimental results on various video datasets show RoVISQ attacks deteriorate peak signal-to-noise ratio by up to 5.6dB and the bit-rate by up to $sim$ 2.4$times$ while achieving over 90$%$ attack success rate on a downstream classifier. Our user study further demonstrates the effect of RoVISQ attacks on users' QoE.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"25 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114041026","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning","authors":"Christoph Sendner, Huili Chen, H. Fereidooni, Lukas Petzi, Jan König, Jasper Stang, A. Dmitrienko, A. Sadeghi, F. Koushanfar","doi":"10.14722/ndss.2023.23263","DOIUrl":"https://doi.org/10.14722/ndss.2023.23263","url":null,"abstract":"—Ethereum smart contracts are automated decen- tralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts have been already exploited to lead to enormous financial loss. Hence, it is crucial to detect various vulnerability types in contracts effectively and efficiently. Existing vulnerability detection methods are limited in scope as they typically focus on one or a very limited set of vulnerabilities. Also, extending them to new vulnerability types requires costly re-design. In this work, we develop ESCORT, a deep learning-based vulnerability detection method that uses a common feature extractor to learn generic bytecode semantics of smart contracts and separate branches to learn the features of each vulnerability type. As a multi-label classifier, ESCORT can detect multiple vulnerabilities of the contract at once. Compared to prior detection methods, ESCORT can be easily extended to new vulnerability types with limited data via transfer learning. When a new vulnerability type emerges, ESCORT adds a new branch to the trained feature extractor and trains it with limited data. We evaluated ESCORT on a dataset of 3.61 million smart contracts and demonstrate that it achieves an average F1 score of 98 % on six vulnerability types in initial training and yields an average F1 score of 96 % in transfer learning phase on five additional vulnerability types. To the best of our knowledge, ESCORT is the first deep learning-based framework that utilizes transfer learning on new vulnerability types with minimal model modification and re-training overhead. Compared with existing non-ML tools, ESCORT can be applied to contracts of arbitrary complexity and ensures 100% contract coverage. In addition, we enable concurrent detection of multiple vulnerability types using a single unified framework, thus avoiding the efforts of setting up","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127132059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Paralyzing Drones via EMI Signal Injection on Sensory Communication Channels","authors":"Joonha Jang, Mangi Cho, Jaehoon Kim, Dongkwan Kim, Yongdae Kim","doi":"10.14722/ndss.2023.24616","DOIUrl":"https://doi.org/10.14722/ndss.2023.24616","url":null,"abstract":"—An inertial measurement unit (IMU) takes the key responsibility for the attitude control of drones. It comprises various sensors and transfers sensor data to the drone’s control unit. If it reports incorrect data, the drones cannot maintain their attitude and will consequently crash down to the ground. Therefore, several anti-drone studies have focused on causing the significant fluctuations in the IMU sensor data by resonating the mechanical structure of the internal sensors using a crafted acoustic wave. However, this approach is limited in terms of efficacy for several reasons. As the structural details of each sensor in an IMU significantly differ by type, model, and manufacturer, the attack needs to be conducted independently for each sensor. Furthermore, it can be easily mitigated by using other supplementary sensors that are not corrupted by the attack or inexpensive plastic shielding. In this paper, we propose a novel anti-drone technique that effectively corrupts any IMU sensor data regardless of the sensor’s type, model, and manufacturer. Our key idea is to distort the communication channel between the IMU and control unit of the drone by using an electromagnetic interference (EMI) signal injection. Experimentally, for a given control unit board, regardless of the sensor used, we discovered a distinct susceptible frequency at which an EMI signal greatly distorted the sensor data. Compared to a general EM pulse (EMP) attack, our work requires considerably less power since it targets the specific susceptible frequency. It can also reduce collateral damage from the EMP attack ( e . g ., permanent damage to the electric circuits of any nearby devices). For practical evaluations, we demonstrated the feasibility of the attack using real drones, wherein it instantly paralyzed the drones. Lastly, we conclude by presenting practical challenges for its mitigation.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126442538","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Real Threshold ECDSA","authors":"Harry W. H. Wong, Jack P. K. Ma, Hoover H. F. Yin, Sherman S. M. Chow","doi":"10.14722/ndss.2023.24817","DOIUrl":"https://doi.org/10.14722/ndss.2023.24817","url":null,"abstract":"—Threshold ECDSA recently regained popularity due to decentralized applications such as DNSSEC and cryptocurrency asset custody. Latest (communication-optimizing) schemes often assume all n or at least n ′ ≥ t participating users remain honest throughout the pre-signing phase, essentially degenerating to n ′ -out-of- n ′ multiparty signing instead of t -out-of- n threshold signing. When anyone misbehaves, all signers must restart from scratch, rendering prior computation and communication in vain. This hampers the adoption of threshold ECDSA in time-critical situations and confines its use to a small signing committee. To mitigate such denial-of-service vulnerabilities prevalent in state-of-the-art, we propose a robust threshold ECDSA scheme that achieves the t -out-of- n threshold flexibility “for real” throughout the whole pre-signing and signing phases without assuming an honest majority. Our scheme is desirable when computational resources are scarce and in a decentralized setting where faults are easier to be induced. Our design features 4 - round pre-signing, O ( n ) cheating identification, and self-healing machinery over distributive shares. Prior arts mandate abort after an O ( n 2 ) -cost identification, albeit with 3 -round pre-signing (Canetti et al., CCS ’20), or O ( n ) using 6 rounds (Castagnos et al., TCS ’23). Empirically, our scheme saves up to ∼ 30% of the communication cost, depending on at which stage the fault occurred.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130146739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SoundLock: A Novel User Authentication Scheme for VR Devices Using Auditory-Pupillary Response","authors":"Huadi Zhu, Mingyan Xiao, Demoria Sherman, Ming Li","doi":"10.14722/ndss.2023.24298","DOIUrl":"https://doi.org/10.14722/ndss.2023.24298","url":null,"abstract":"—Virtual Reality (VR) has shown promising potential in many applications, such as e-business, healthcare, and social networking. Rich information regarding users’ activities and online accounts is stored in VR devices. If they are care-lessly unattended, adversarial access will cause data breaches and other critical consequences. Practical user authentication schemes for VR devices are in dire need. Current solutions, including passwords, digital PINs, and pattern locks, mostly follow conventional approaches for general personal devices. They have been criticized for deficits in both security and usability. In this work, we propose SoundLock, a novel user authentication scheme for VR devices using auditory-pupillary response as biometrics. During authentication, auditory stimuli are presented to the user via the VR headset. The corresponding pupillary response is captured by the integrated eye tracker. User’s legitimacy is then determined by comparing the response with the template generated during the enrollment stage. To strike a balance between security and usability in the scheme design, an optimization problem is formulated. Due to its non- linearity, a two-stage heuristic algorithm is proposed to solve it efficiently. The solution provides necessary guidance for selecting effective auditory stimuli and determining their corresponding lengths. We demonstrate through extensive in-field experiments that SoundLock outperforms state-of-the-art biometric solutions with FAR (FRR) as low as 0.76% (0.91%) and is well received among participants in the user study.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132161851","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"VulHawk: Cross-architecture Vulnerability Detection with Entropy-based Binary Code Search","authors":"Zhenhao Luo, Pengfei Wang, Baosheng Wang, Yong Tang, Wei Xie, Xu Zhou, Danjun Liu, Kai Lu","doi":"10.14722/ndss.2023.24415","DOIUrl":"https://doi.org/10.14722/ndss.2023.24415","url":null,"abstract":"Code reuse is widespread in software development. It brings a heavy spread of vulnerabilities, threatening software security. Unfortunately, with the development and deployment of the Internet of Things (IoT), the harms of code reuse are magnified. Binary code search is a viable way to find these hidden vulnerabilities. Facing IoT firmware images compiled by different compilers with different optimization levels from different architectures, the existing methods are hard to fit these complex scenarios. In this paper, we propose a novel intermediate representation function model, which is an architecture-agnostic model for cross-architecture binary code search. It lifts binary code into microcode and preserves the main semantics of binary functions via complementing implicit operands and pruning redundant instructions. Then, we use natural language processing techniques and graph convolutional networks to generate function embeddings. We call the combination of a compiler, architecture, and optimization level as a file environment, and take a divideand-conquer strategy to divide a similarity calculation problem of C N cross-file-environment scenarios into N − 1 embedding transferring sub-problems. We propose an entropy-based adapter to transfer function embeddings from different file environments into the same file environment to alleviate the differences caused by various file environments. To precisely identify vulnerable functions, we propose a progressive search strategy to supplement function embeddings with fine-grained features to reduce false positives caused by patched functions. We implement a prototype named VulHawk and conduct experiments under seven different tasks to evaluate its performance and robustness. The experiments show VulHawk outperforms Asm2Vec, Asteria, BinDiff, GMN, PalmTree, SAFE, and Trex.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127849721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption","authors":"Tianyang Chen, Peng Xu, S. Picek, B. Luo, W. Susilo, Hai Jin, K. Liang","doi":"10.14722/ndss.2023.24725","DOIUrl":"https://doi.org/10.14722/ndss.2023.24725","url":null,"abstract":"—Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated encrypted databases to an honest-but-curious server without losing keyword privacy. This paper studies a new and practical security risk to DSSE, namely, secret key compromise (e.g","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117322193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fine-Grained Trackability in Protocol Executions","authors":"Ksenia Budykho, Ioana Boureanu, Steve Wesemeyer, D. Romero, M. Lewis, Yogaratnam Rahulan, Fortunat Rajaona, Steve Schneider","doi":"10.14722/ndss.2023.24289","DOIUrl":"https://doi.org/10.14722/ndss.2023.24289","url":null,"abstract":"i.e","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124061807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities","authors":"Samuel Groß, Simon Koch, Lukas Bernhard, Thorsten Holz, Martin Johns","doi":"10.14722/ndss.2023.24290","DOIUrl":"https://doi.org/10.14722/ndss.2023.24290","url":null,"abstract":"—JavaScript has become an essential part of the Internet infrastructure, and today’s interactive web applications would be inconceivable without this programming language. On the downside, this interactivity implies that web applications rely on an ever-increasing amount of computationally intensive JavaScript code, which burdens the JavaScript engine responsible for efficiently executing the code. To meet these rising performance demands, modern JavaScript engines ship with sophisticated just-in-time (JIT) compilers. However, JIT compilers are a complex technology and, consequently, provide a broad attack surface for potential faults that might even be security-critical. Previous work on discovering software faults in JavaScript engines found many vulnerabilities, often using fuzz testing. Unfortunately, these fuzzing approaches are not designed to generate source code that actually triggers JIT semantics. Consequently, JIT vulnerabilities are unlikely to be discovered by existing methods. In this paper, we close this gap and present the first fuzzer that focuses on JIT vulnerabilities. More specifically, we present the design and implementation of an intermediate representation (IR) that focuses on discovering JIT compiler vulnerabilities. We implemented a complete prototype of the proposed approach and evaluated our fuzzer over a period of six months. In total, we discovered 17 confirmed security vulnerabilities. Our results show that targeted JIT fuzzing is possible and a dangerously neglected gap in fuzzing coverage for JavaScript engines.","PeriodicalId":199733,"journal":{"name":"Proceedings 2023 Network and Distributed System Security Symposium","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123130826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}