Proceedings of the 7th Symposium on Hot Topics in the Science of Security最新文献

{"title":"An uncertain graph-based approach for cyber-security risk assessment","authors":"H. Nguyen","doi":"10.1145/3384217.3384221","DOIUrl":"https://doi.org/10.1145/3384217.3384221","url":null,"abstract":"We proposed a novel risk assessment approach for quantifying the security risk of lateral movement attacks, in which the attack propagation is modeled as an uncertain graph and the attack impact is a function of the set of compromised devices. We discussed several risk-based security metrics, including the expected loss, survival function, and conditional expectation - the last two measure the low-probability but high-impact events in the right tail of the loss distribution. The model is illustrated with a simple example and several directions for further research are discussed.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"109 28","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131942409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"WOLF","authors":"Sohaib Kiani, S. Awan, Jun Huan, Fengjun Li, Bo Luo","doi":"10.1145/3384217.3385625","DOIUrl":"https://doi.org/10.1145/3384217.3385625","url":null,"abstract":"Applying machine learning techniques to solve real-world problems is a highly iterative process. The process from idea to code and then to experiment may require up to thousands of iterations to find the optimum set of hyper-parameters. Also, it is hard to find best machine learning techniques for a given dataset. The WOLF framework has been designed to simultaneously automate the process of selecting the best algorithm and searching for the optimum hyper-parameters. It can be useful to both who are novice in machine learning and just want to find best algorithm for their dataset, and also to those who are experts in the field and want to compare their new features or algorithm with state of the art techniques. By incorporating the WOLF framework in their designs, it is easier for novices to apply machine learning techniques on their dataset. With a wide range of evaluation metrics provided, WOLF also helps data scientists to develop better intuition towards machine learning techniques and speed up the process of algorithm development. Another main feature of the WOLF framework is that user can easily integrate new algorithms at any stage of the machine learning pipeline. In this paper, we present the WOLF architecture, and demonstrate how it could be used for standard machine learning datasets and for Android malware detection tasks. Experimental results show the flexibility and performance of WOLF.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122438836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"How to swap instructions midstream: an embedding algorithm for program steganography","authors":"Ryan Gabrys, Luis Martinez, Sunny Fugate","doi":"10.1145/3384217.3384224","DOIUrl":"https://doi.org/10.1145/3384217.3384224","url":null,"abstract":"In this work, we propose an encoding/decoding algorithm for program executable steganography. Some salient features of our approach is that unlike previous work it does not require the introduction of new instructions, which may be detectable. Furthermore, our scheme does not require storing the locations of where changes in the program executable are made.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114469283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An seL4-based architecture for layered attestation","authors":"Grant Jurgensen, Michael Neises, P. Alexander","doi":"10.1145/3384217.3386398","DOIUrl":"https://doi.org/10.1145/3384217.3386398","url":null,"abstract":"When computer systems communicate sensitive information, it is often desirable, if not imperative, that one party know certain properties about the other. This may be as simple as confirming the external party's identity, e.g. by checking a signature against a known public key, as is ubiquitous among internet protocols. Alternatively, one party may demand stronger guarantees before engaging in sensitive communication. For example, it may wish to know that the target system is reasonably secure. The target could respond to such a request with evidence that it is running trusted anti-malware software and routinely scanning for threats. Perhaps this evidence is sufficient in the current context, or perhaps the other party demands deeper evidence, such as a glimpse into a portion of the current kernel memory, as in to detect an evasive rootkit. All of these activities may be generalized into the broader notion of remote attestation, which is defined as the process in which a computer system constructs evidence reflecting its state and/or identity, with the purpose of convincing an external system of its trustworthiness. For systems which communicate sensitive information, remote attestation is an essential tool for identifying malicious or compromised actors. However, attestation evidence can only be considered as trustworthy as the architecture it was collected on. Trusted attestation demands strong memory separation properties to guarantee the integrity of its measurements and the confidentiality of it private keys. If an application on the system is able to distort this sensitive attestation data without detection, then the attestation evidence can no longer be considered trustworthy. Thus, popular general-purpose operating systems such as Windows or Unix derivatives form an insufficient architectural foundation as a result of their loose and dynamic memory semantics. Ideally, systems in need of rigorous attestation capabilities would be built atop a separation kernel which could statically isolate sensitive attestation data from the rest of the system. Existing systems could be ported to such a kernel, but in practice, doing so would be prohibitively time-consuming. Instead, we offer a generic solution which accommodates a multitude of existing systems by embedding a general-purpose operating system into a separation kernel, and providing attestation capabilities to both layers. Specifically, we use seL4 as our separation kernel, and a sandboxed Linux virtual machine running under seL4 as our general-purpose operating system. Not only is the seL4 microkernel formally verified with respect to its specification, it has also been proven to enforce memory isolation under proper configuration [1], the defining property of a separation kernel. Existing Linux systems are effortlessly incorporated into our attestation architecture by dropping them into the Linux virtual machine layer. Also present in the Linux layer is an attestation component which is a","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127976290","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Tokens of interaction: psycho-physiological signals, a potential source of evidence of digital incidents","authors":"Nancy Mogire","doi":"10.1145/3384217.3384226","DOIUrl":"https://doi.org/10.1145/3384217.3384226","url":null,"abstract":"As part of a computing network, the human factor is a key component with high cognitive responsiveness to their environment. Cognitive responsiveness manifests as psycho-physiological signal change. With the proliferation of devices that measure and record psycho-physiological signal devices in user space, an opportunity arises to harness human cognitive functioning for potential cybersecurity applications. This research investigates how the electrical signals generated from the functioning of the body, respond to human interaction with digital Incidents. If we can find that response-related signal changes are consistently notable, and we can locate these response-related changes within recorded signal with an accuracy that is greater than chance, then we can claim that psycho-physiological signals contain markers of digital incidents. Applications of these markers include: triangulation of other evidence in digital investigation, input to cybersafety management tools for regulating immersive digital experiences for locked-in individuals.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128243126","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RUCKUS","authors":"Bradley Potteiger, Jacob Mills, D. Cohen, P. Velez","doi":"10.1145/3384217.3385622","DOIUrl":"https://doi.org/10.1145/3384217.3385622","url":null,"abstract":"In 2016, the Cyber Grand Challenge (CGC) provided key foundations and motivations for navigating towards an autonomous cybersecurity approach. Since that time, novel strides have been made in the areas of static analysis, vulnerability discovery, patching, and exploit generation. However, a majority of these efforts have been focused on enterprise systems, leaving a gap in the Cyber-Physical System (CPS) domain. With the rise of connected infrastructure and the introduction of 5G communications, CPS are becoming more ingrained within present-day society. Due to a large amount of legacy software, and control of safety-critical actuation, CPS are and will continue to be a huge attack vector for our adversaries to remotely deploy devastating attacks against our country with low economic cost and at scale. To combat this threat, we propose the need to apply the most beneficial concepts from the CGC to create more secure and resilient CPS. In this paper, we introduce a CPS security assessment architecture RUCKUS for autonomously identifying and analyzing CPS firmware, identifying vulnerabilities, and developing exploits. Further, our approach considers how to integrate graph analytics to extrapolate findings to firmware at scale, allowing for measuring the potential widespread impact of attacks. Our architecture is demonstrated using an automotive case study, leveraging firmware from the most popular automotive and router manufacturers to assess the real-world potential impact of CPS attacks.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123439425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automated influence and the challenge of cognitive security","authors":"S. Rajtmajer, Daniel Susser","doi":"10.1145/3384217.3385615","DOIUrl":"https://doi.org/10.1145/3384217.3385615","url":null,"abstract":"Advances in AI are powering increasingly precise and widespread computational propaganda, posing serious threats to national security. The military and intelligence communities are starting to discuss ways to engage in this space, but the path forward is still unclear. These developments raise pressing ethical questions, about which existing ethics frameworks are silent. Understanding these challenges through the lens of \"cognitive security,\" we argue, offers a promising approach.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116263117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An infrastructure for faithful execution of remote attestation protocols","authors":"Adam Petz","doi":"10.1145/3384217.3386393","DOIUrl":"https://doi.org/10.1145/3384217.3386393","url":null,"abstract":"Experience shows that even with a well-intentioned user at the keyboard, a motivated attacker can compromise a computer system at a layer below or adjacent to the shallow forms of authentication that are now accepted as commonplace[3]. Therefore, rather than asking \"Can we trust the person behind the keyboard\", a still better question might be: \"Can we trust the computer system underneath?\". An emerging technology for gaining trust in a remote computing system is remote attestation. Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network[2]. Although many existing approaches to remote attestation wisely adopt a layered architecture-where the bottom layers measure layers above-the dependencies between components remain static and measurement orderings fixed. For modern computing environments with diverse topologies, we can no longer fix a target architecture any more than we can fix a protocol to measure that architecture. Copland [1] is a domain-specific language and formal framework that provides a vocabulary for specifying the goals of layered attestation protocols. It also provides a reference semantics that characterizes system measurement events and evidence handling; a foundation for comparing protocol alternatives. The aim of this work is to refine the Copland semantics to a more fine-grained notion of attestation manager execution-a high-privilege thread of control responsible for invoking attestation services and bundling evidence results. This refinement consists of two cooperating components called the Copland Compiler and the Attestation Virtual Machine (AVM). The Copland Compiler translates a Copland protocol description into a sequence of primitive attestation instructions to be executed in the AVM. When considered in combination with advances in virtualization, trusted hardware, and high-assurance system software components-like compilers, file-systems, and OS kernels-a formally verified remote attestation infrastructure creates exciting opportunities for building system-level security arguments.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116357812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A raspberry Pi sensor network for wildlife conservation","authors":"Andrew Arnold, Paul Corapi, Michael Nasta, Kevin Wolgast, Thomas A. Babbitt","doi":"10.1145/3384217.3384220","DOIUrl":"https://doi.org/10.1145/3384217.3384220","url":null,"abstract":"Scientists and the military require inconspicuous means to monitor wildlife. In this poster, we progress the ability for a Raspberry Pi sensor network to be used for wildlife detection and monitoring. Eliminating the need for expensive commercial camera traps, the sensor network will, with little to no human interaction, detect and collect vital information about the presence of endangered wildlife. Raspberry Pi sensor nodes collect and store data and transfer it over a mesh network to an android app interface. In order to reduce the node size and maintain battery efficiency, we are implementing parallel battery usage and standard lithium batteries. We will also increase the range, durability, and adaptability of the network by integrating a self-healing mesh network that does not require a master node for communication to and from individual sensors.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114219760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Simulation testbed for railway infrastructure security and resilience evaluation","authors":"H. Neema, X. Koutsoukos, Bradley Potteiger, Cheeyee Tang, K. Stouffer","doi":"10.1145/3384217.3385623","DOIUrl":"https://doi.org/10.1145/3384217.3385623","url":null,"abstract":"The last decade has seen an influx of digital connectivity, operation automation, and remote sensing and control mechanisms in the railway domain. The management of the railway operations through the use of distributed sensors and controllers and with programmable and remotely controllable railway signals and switches has led to gains in system efficiency as well as operational flexibility. However, the network connectivity has opened up the railway cyber communication networks to cyber-attacks. These are a class of cyber-physical systems (CPS) with interconnected physical, computational, and communication components. The cyber-attacks on these systems could potentially cascade through these inter-connection and result into significant damage. These systems are safety-critical owing to their large-scale monetary and, more importantly, human life safety concerns. Therefore, it is better to incorporate security and resilience requirements right from the design time. In this paper, we describe a domain-specific framework for simulations in the railway domain. The framework allows analyzing the resilience of railway operations in the presence of cyber-attacks. In particular, our simulation framework allows modeling the railway network as well as the railway transportation. It provides an online graphical modeling environment that allows multiple users to collaborate, through a web-based interface, over the same model for the railway infrastructure as well as network attacks. The framework also allows the user to configure and run experiments through the web-interface and also to visualize the key operational metrics from the railway domain as the experiment is running. The framework also supports executing large simulations in the cloud. In addition, it supports hardware-in-the-loop (HIL) simulation for incorporating physical effects and network attacks that can only be realized realistically in the hardware. A detailed case study is provided to demonstrate the framework's capabilities.","PeriodicalId":205173,"journal":{"name":"Proceedings of the 7th Symposium on Hot Topics in the Science of Security","volume":"43 12","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114059740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}