2019 IEEE Symposium on Security and Privacy (SP)最新文献

筛选
英文 中文
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks 神经净化:识别和减轻神经网络中的后门攻击
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00031
Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, Ben Y. Zhao
{"title":"Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks","authors":"Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, Ben Y. Zhao","doi":"10.1109/SP.2019.00031","DOIUrl":"https://doi.org/10.1109/SP.2019.00031","url":null,"abstract":"Lack of transparency in deep neural networks (DNNs) make them susceptible to backdoor attacks, where hidden associations or triggers override normal classification to produce unexpected results. For example, a model with a backdoor always identifies a face as Bill Gates if a specific symbol is present in the input. Backdoors can stay hidden indefinitely until activated by an input, and present a serious security risk to many security or safety related applications, e.g. biometric authentication systems or self-driving cars. We present the first robust and generalizable detection and mitigation system for DNN backdoor attacks. Our techniques identify backdoors and reconstruct possible triggers. We identify multiple mitigation techniques via input filters, neuron pruning and unlearning. We demonstrate their efficacy via extensive experiments on a variety of DNNs, against two types of backdoor injection methods identified by prior work. Our techniques also prove robust against a number of variants of the backdoor attack.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128576033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 945
Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone 听力硬盘:用合成麦克风窃听的磁盘
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00008
Andrew Kwong, Wenyuan Xu, Kevin Fu
{"title":"Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone","authors":"Andrew Kwong, Wenyuan Xu, Kevin Fu","doi":"10.1109/SP.2019.00008","DOIUrl":"https://doi.org/10.1109/SP.2019.00008","url":null,"abstract":"Security conscious individuals may take considerable measures to disable sensors in order to protect their privacy. However, they often overlook the cyberphysical attack surface exposed by devices that were never designed to be sensors in the first place. Our research demonstrates that the mechanical components in magnetic hard disk drives behave as microphones with sufficient precision to extract and parse human speech. These unintentional microphones sense speech with high enough fidelity for the Shazam service to recognize a song recorded through the hard drive. This proof of concept attack sheds light on the possibility of invasion of privacy even in absence of traditional sensors. We also present defense mechanisms, such as the use of ultrasonic aliasing, that can mitigate acoustic eavesdropping by synthesized microphones in hard disk drives.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133004320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
Data Recovery on Encrypted Databases with k-Nearest Neighbor Query Leakage 具有k近邻查询泄漏的加密数据库的数据恢复
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00015
Evgenios M. Kornaropoulos, Charalampos Papamanthou, R. Tamassia
{"title":"Data Recovery on Encrypted Databases with k-Nearest Neighbor Query Leakage","authors":"Evgenios M. Kornaropoulos, Charalampos Papamanthou, R. Tamassia","doi":"10.1109/SP.2019.00015","DOIUrl":"https://doi.org/10.1109/SP.2019.00015","url":null,"abstract":"Recent works by Kellaris et al. (CCS’16) and Lacharite et al. (SP’18) demonstrated attacks of data recovery for encrypted databases that support rich queries such as range queries. In this paper, we develop the first data recovery attacks on encrypted databases supporting one-dimensional k-nearest neighbor (k-NN) queries, which are widely used in spatial data management. Our attacks exploit a generic k-NN query leakage profile: the attacker observes the identifiers of matched records. We consider both unordered responses, where the leakage is a set, and ordered responses, where the leakage is a k-tuple ordered by distance from the query point. As a first step, we perform a theoretical feasibility study on exact reconstruction, i.e., recovery of the exact plaintext values of the encrypted database. For ordered responses, we show that exact reconstruction is feasible if the attacker has additional access to some auxiliary information that is normally not available in practice. For unordered responses, we prove that exact reconstruction is impossible due to the infinite number of valid reconstructions. As a next step, we propose practical and more realistic approximate reconstruction attacks so as to recover an approximation of the plaintext values. For ordered responses, we show that after observing enough query responses, the attacker can approximate the client’s encrypted database with considerable accuracy. For unordered responses we characterize the set of valid reconstructions as a convex polytope in a k-dimensional space and present a rigorous attack that reconstructs the plaintext database with bounded approximation error. As multidimensional spatial data can be efficiently processed by mapping it to one dimension via Hilbert curves, we demonstrate our approximate reconstruction attacks on privacy-sensitive geolocation data. Our experiments on real-world datasets show that our attacks reconstruct the plaintext values with relative error ranging from 2.9% to 0.003%.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128876393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 65
Resident Evil: Understanding Residential IP Proxy as a Dark Service 《生化危机:将住宅IP代理理解为黑暗服务
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00011
Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, Xiaofeng Wang, Feng Qian, Zhou Li, Sumayah A. Alrwais, Limin Sun, Y. Liu
{"title":"Resident Evil: Understanding Residential IP Proxy as a Dark Service","authors":"Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, Xiaofeng Wang, Feng Qian, Zhou Li, Sumayah A. Alrwais, Limin Sun, Y. Liu","doi":"10.1109/SP.2019.00011","DOIUrl":"https://doi.org/10.1109/SP.2019.00011","url":null,"abstract":"An emerging Internet business is residential proxy (RESIP) as a service, in which a provider utilizes the hosts within residential networks (in contrast to those running in a datacenter) to relay their customers’ traffic, in an attempt to avoid server- side blocking and detection. With the prominent roles the services could play in the underground business world, little has been done to understand whether they are indeed involved in Cybercrimes and how they operate, due to the challenges in identifying their RESIPs, not to mention any in-depth analysis on them. In this paper, we report the first study on RESIPs, which sheds light on the behaviors and the ecosystem of these elusive gray services. Our research employed an infiltration framework, including our clients for RESIP services and the servers they visited, to detect 6 million RESIP IPs across 230+ countries and 52K+ ISPs. The observed addresses were analyzed and the hosts behind them were further fingerprinted using a new profiling system. Our effort led to several surprising findings about the RESIP services unknown before. Surprisingly, despite the providers’ claim that the proxy hosts are willingly joined, many proxies run on likely compromised hosts including IoT devices. Through cross-matching the hosts we discovered and labeled PUP (potentially unwanted programs) logs provided by a leading IT company, we uncovered various illicit operations RESIP hosts performed, including illegal promotion, Fast fluxing, phishing, malware hosting, and others. We also reverse engi- neered RESIP services’ internal infrastructures, uncovered their potential rebranding and reselling behaviors. Our research takes the first step toward understanding this new Internet service, contributing to the effective control of their security risks.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115181947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 47
Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises 简单的高级密码算术代码-有证明,没有妥协
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00005
Andres Erbsen, Jade Philipoom, Jason Gross, R. Sloan, A. Chlipala
{"title":"Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises","authors":"Andres Erbsen, Jade Philipoom, Jason Gross, R. Sloan, A. Chlipala","doi":"10.1109/SP.2019.00005","DOIUrl":"https://doi.org/10.1109/SP.2019.00005","url":null,"abstract":"We introduce a new approach for implementing cryptographic arithmetic in short high-level code with machine-checked proofs of functional correctness. We further demonstrate that simple partial evaluation is sufficient to transform into the fastest-known C code, breaking the decades-old pattern that the only fast implementations are those whose instruction-level steps were written out by hand. These techniques were used to build an elliptic-curve library that achieves competitive performance for 80 prime fields and multiple CPU architectures, showing that implementation and proof effort scales with the number and complexity of conceptually different algorithms, not their use cases. As one outcome, we present the first verified high-performance implementation of P-256, the most widely used elliptic curve. implementations from our library were included in BoringSSL to replace existing specialized code, for inclusion in several large deployments for Chrome, Android, and CloudFlare.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"121 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122876274","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 94
Beyond Credential Stuffing: Password Similarity Models Using Neural Networks 超越凭证填充:使用神经网络的密码相似度模型
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00056
Bijeeta Pal, Tal Daniel, Rahul Chatterjee, T. Ristenpart
{"title":"Beyond Credential Stuffing: Password Similarity Models Using Neural Networks","authors":"Bijeeta Pal, Tal Daniel, Rahul Chatterjee, T. Ristenpart","doi":"10.1109/SP.2019.00056","DOIUrl":"https://doi.org/10.1109/SP.2019.00056","url":null,"abstract":"Attackers increasingly use passwords leaked from one website to compromise associated accounts on other websites. Such targeted attacks work because users reuse, or pick similar, passwords for different websites. We recast one of the core technical challenges underlying targeted attacks as the task of modeling similarity of human-chosen passwords. We show how to learn good password similarity models using a compilation of 1.4 billion leaked email, password pairs. Using our trained models of password similarity, we exhibit the most damaging targeted attack to date. Simulations indicate that our attack compromises more than 16% of user accounts in less than a thousand guesses, should one of their other passwords be known to the attacker and despite the use of state-of-the art countermeasures. We show via a case study involving a large university authentication service that the attacks are also effective in practice. We go on to propose the first-ever defense against such targeted attacks, by way of personalized password strength meters (PPSMs). These are password strength meters that can warn users when they are picking passwords that are vulnerable to attacks, including targeted ones that take advantage of the user’s previously compromised passwords. We design and build a PPSM that can be compressed to less than 3 MB, making it easy to deploy in order to accurately estimate the strength of a password against all known guessing attacks.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"22 10","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114052673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 57
Dominance as a New Trusted Computing Primitive for the Internet of Things 优势作为一种新的物联网可信计算原语
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00084
Meng Xu, Manuel Huber, Zhichuang Sun, P. England, Marcus Peinado, Sang-Ho Lee, A. Marochko, D. Mattoon, Rob Spiger, S. Thom
{"title":"Dominance as a New Trusted Computing Primitive for the Internet of Things","authors":"Meng Xu, Manuel Huber, Zhichuang Sun, P. England, Marcus Peinado, Sang-Ho Lee, A. Marochko, D. Mattoon, Rob Spiger, S. Thom","doi":"10.1109/SP.2019.00084","DOIUrl":"https://doi.org/10.1109/SP.2019.00084","url":null,"abstract":"The Internet of Things (IoT) is rapidly emerging as one of the dominant computing paradigms of this decade. Applications range from in-home entertainment to large-scale industrial deployments such as controlling assembly lines and monitoring traffic. While IoT devices are in many respects similar to traditional computers, user expectations and deployment scenarios as well as cost and hardware constraints are sufficiently different to create new security challenges as well as new opportunities. This is especially true for large-scale IoT deployments in which a central entity deploys and controls a large number of IoT devices with minimal human interaction. Like traditional computers, IoT devices are subject to attack and compromise. Large IoT deployments consisting of many nearly identical devices are especially attractive targets. At the same time, recovery from root compromise by conventional means becomes costly and slow, even more so if the devices are dispersed over a large geographical area. In the worst case, technicians have to travel to all devices and manually recover them. Data center solutions such as the Intelligent Platform Management Interface (IPMI) which rely on separate service processors and network connections are not only not supported by existing IoT hardware, but are unlikely to be in the foreseeable future due to the cost constraints of mainstream IoT devices. This paper presents Cider, a system that can recover IoT devices within a short amount of time, even if attackers have taken root control of every device in a large deployment. The recovery requires minimal manual intervention. After the administrator has identified the compromise and produced an updated firmware image, he/she can instruct Cider to force the devices to reset and to install the patched firmware on the devices. We demonstrate the universality and practicality of Cider by implementing it on three popular IoT platforms (HummingBoard Edge, Raspberry Pi Compute Module 3 and Nucleo-L476RG) spanning the range from high to low end. Our evaluation shows that the performance overhead of Cider is generally negligible.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128667931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps 为什么你的数据会泄露?从移动应用揭秘云数据泄露
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00009
Chaoshun Zuo, Zhiqiang Lin, Yinqian Zhang
{"title":"Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps","authors":"Chaoshun Zuo, Zhiqiang Lin, Yinqian Zhang","doi":"10.1109/SP.2019.00009","DOIUrl":"https://doi.org/10.1109/SP.2019.00009","url":null,"abstract":"Increasingly, more and more mobile applications (apps for short) are using the cloud as the back-end, in particular the cloud APIs, for data storage, data analytics, message notification, and monitoring. Unfortunately, we have recently witnessed massive data leaks from the cloud, ranging from personally identifiable information to corporate secrets. In this paper, we seek to understand why such significant leaks occur and design tools to automatically identify them. To our surprise, our study reveals that lack of authentication, misuse of various keys (e.g., normal user keys and superuser keys) in authentication, or misconfiguration of user permissions in authorization are the root causes. Then, we design a set of automated program analysis techniques including obfuscation-resilient cloud API identification and string value analysis, and implement them in a tool called LeakScope to identify the potential data leakage vulnerabilities from mobile apps based on how the cloud APIs are used. Our evaluation with over 1.6 million mobile apps from the Google Play Store has uncovered 15, 098 app servers managed by mainstream cloud providers such as Amazon, Google, and Microsoft that are subject to data leakage attacks. We have made responsible disclosure to each of the cloud service providers, and they have all confirmed the vulnerabilities we have identified and are actively working with the mobile app developers to patch their vulnerable services.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115007144","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 73
Differentially Private Model Publishing for Deep Learning 面向深度学习的差异化私有模型发布
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00019
Lei Yu, Ling Liu, C. Pu, M. E. Gursoy, Stacey Truex
{"title":"Differentially Private Model Publishing for Deep Learning","authors":"Lei Yu, Ling Liu, C. Pu, M. E. Gursoy, Stacey Truex","doi":"10.1109/SP.2019.00019","DOIUrl":"https://doi.org/10.1109/SP.2019.00019","url":null,"abstract":"Deep learning techniques based on neural networks have shown significant success in a wide range of AI tasks. Large-scale training datasets are one of the critical factors for their success. However, when the training datasets are crowdsourced from individuals and contain sensitive information, the model parameters may encode private information and bear the risks of privacy leakage. The recent growing trend of the sharing and publishing of pre-trained models further aggravates such privacy risks. To tackle this problem, we propose a differentially private approach for training neural networks. Our approach includes several new techniques for optimizing both privacy loss and model accuracy. We employ a generalization of differential privacy called concentrated differential privacy(CDP), with both a formal and refined privacy loss analysis on two different data batching methods. We implement a dynamic privacy budget allocator over the course of training to improve model accuracy. Extensive experiments demonstrate that our approach effectively improves privacy loss accounting, training efficiency and model quality under a given privacy budget.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128977865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 201
Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security 制定通用指标:评估工作量证明共识协议的安全性
2019 IEEE Symposium on Security and Privacy (SP) Pub Date : 2019-04-01 DOI: 10.1109/SP.2019.00086
Ren Zhang, B. Preneel
{"title":"Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security","authors":"Ren Zhang, B. Preneel","doi":"10.1109/SP.2019.00086","DOIUrl":"https://doi.org/10.1109/SP.2019.00086","url":null,"abstract":"Following Bitcoin's Nakamoto Consensus protocol (NC), hundreds of cryptocurrencies utilize proofs of work (PoW) to maintain their ledgers. However, research shows that NC fails to achieve perfect chain quality, allowing malicious miners to alter the public ledger in order to launch several attacks, i.e., selfish mining, double-spending and feather-forking. Some later designs, represented by Ethereum, Bitcoin-NG, DECOR+, Byzcoin and Publish or Perish, aim to solve the problem by raising the chain quality; other designs, represented by Fruitchains, DECOR+ and Subchains, claim to successfully defend against the attacks in the absence of perfect chain quality. As their effectiveness remains self-claimed, the community is divided on whether a secure PoW protocol is possible. In order to resolve this ambiguity and to lay down the foundation of a common body of knowledge, this paper introduces a multi-metric evaluation framework to quantitatively analyze PoW protocols' chain quality and attack resistance. Subsequently we use this framework to evaluate the security of these improved designs through Markov decision processes. We conclude that to date, no PoW protocol achieves ideal chain quality or is resistant against all three attacks. We attribute existing PoW protocols' imperfect chain quality to their unrealistic security assumptions, and their unsatisfactory attack resistance to a dilemma between \"rewarding the bad\" and \"punishing the good\". Moreover, our analysis reveals various new protocol-specific attack strategies. Based on our analysis, we propose future directions toward more secure PoW protocols and indicate several common pitfalls in PoW security analyses.","PeriodicalId":272713,"journal":{"name":"2019 IEEE Symposium on Security and Privacy (SP)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126286913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 83
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信