{"title":"RIPEMB: A framework for assessing hardware-assisted software security schemes in embedded systems","authors":"Stefan Tauner","doi":"10.1145/3538969.3539013","DOIUrl":"https://doi.org/10.1145/3538969.3539013","url":null,"abstract":"Memory corruption bugs remain one of the biggest threats to software security. The increasing complexity of SoCs and prevalence of connected embedded devices require larger software support packages that inevitably contain more bugs. Unfortunately, as of now, hardware-assisted security measures are not widely available in smaller embedded devices based on MCUs. Even if they are, vendors might configure them inadequately and validating the correct behavior of such important features is advisable. In this paper, we present RIPEMB, an open-source software package for validating hardware-assisted protection mechanisms such as memory protection units (MPUs), control flow integrity (CFI) enforcement, code pointer integrity (CPI), data flow tracking etc. It works as a self-contained embedded application performing up to almost 3000 different attacks based on memory corruption. While it contains some target-specific components, it is easy to port to new environments and can be used during development of new security schemes and in validation alike. We evaluate the applicability on two instruction set architectures (ISAs) (ARM and RISC-V), four hardware platforms, two C runtime environments, and a total of 8 different hardware defenses.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130354979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Luca Mecenero, Ranindya Paramitha, Ivan Pashchenko, F. Massacci
{"title":"Lightweight Parsing and Slicing for Bug Identification in C","authors":"Luca Mecenero, Ranindya Paramitha, Ivan Pashchenko, F. Massacci","doi":"10.1145/3538969.3543828","DOIUrl":"https://doi.org/10.1145/3538969.3543828","url":null,"abstract":"Program slicing has been used to semi- or fully-automatically help developers find errors and vulnerabilities in their programs. For example, Dashevskyi et al. (IEEE TSE 2018) introduced a lightweight slicer for Java that can be used for vulnerability analysis. However, a similar lightweight slicer for C/C++ is still missing. In this work we propose a comparison method for parsers, evaluate it on two commonly-used parsers, and develop a lightweight slicer for C/C++ using the “better” parser from our comparison. From our evaluation, the Joern parsing method (island grammar) could parse non-standard C/C++ code but its resulting structure may contain semantic errors that can affect subsequent analysis. ANTLR4 is faster in returning a result, and when manually cleared of non-standard C/C++ codes, it is more accurate than Joern. We then built our C/C++ thin slicer extension using ANTLR4, and we observed that it is promising from both precision and performance perspectives. As a future work, we plan to improve the logic behind processing pointers. In particular, we consider doing deeper pointer analysis.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130400685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Antonios Karteris, Georgios Tzanos, Lazaros Papadopoulos, K. Demestichas, D. Soudris, Juliette Pauline Philibert, Carlos López Gómez
{"title":"A Methodology for enhancing Emergency Situational Awareness through Social Media","authors":"Antonios Karteris, Georgios Tzanos, Lazaros Papadopoulos, K. Demestichas, D. Soudris, Juliette Pauline Philibert, Carlos López Gómez","doi":"10.1145/3538969.3544418","DOIUrl":"https://doi.org/10.1145/3538969.3544418","url":null,"abstract":"Social media are a valuable source of information during emergency situations. First responders and rescue teams can further improve their situation awareness and be able to act more effectively, when using information available in the form of social media posts made from the public. This work proposes a methodology supported by a toolflow, which combines machine learning techniques for identifying informative Twitter posts about ongoing incidents of various types, with a semi-automated way of dispatching information to first responders. Evaluation results show that the accuracy of detecting informative text and images posted on Twitter about ongoing emergency situations, exceeds 80%, while analysis performance is near real-time.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123620153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Salatiel Ezennaya-Gomez, Edgar Blumenthal, Marten Eckardt, Justus Krebs, Christopher Kuo, Julius Porbeck, Emirkan Toplu, Stefan Kiltz, J. Dittmann
{"title":"Revisiting Online Privacy and Security Mechanisms Applied in the In-App Payment Realm from the Consumers’ Perspective","authors":"Salatiel Ezennaya-Gomez, Edgar Blumenthal, Marten Eckardt, Justus Krebs, Christopher Kuo, Julius Porbeck, Emirkan Toplu, Stefan Kiltz, J. Dittmann","doi":"10.1145/3538969.3543786","DOIUrl":"https://doi.org/10.1145/3538969.3543786","url":null,"abstract":"This paper presents an in-depth network data stream analysis on data gathering to evaluate the current data protection situation of online payment in smartphone applications. To this end, we applied a digital forensic methodology from previous work in the field, analyzing network traffic generated by applications during a purchase process. We revisit previous work’s results on browser-based payments and compare them to the current security and privacy situation of in-app payments in 2022. We study an exemplary selection of ten mobile apps and four payment systems often used by young consumers (i.e., between 20 and 25 years old): Paypal, Google Pay, Klarna, and Visa/Mastercard credit cards. Furthermore, we examine the apps concerning their trackers and applications’ privacy policies. For this purpose, we use OSINT sources to perform a static tracker analysis and their purposes based on privacy policy descriptions. Subsequently, we perform a dynamic analysis applying a man-in-the middle attack vector, which allows us to bypass the TLS encryption of the smartphone’s HTTPS traffic, and analyze the data stream payload. We repeatedly identify significant security vulnerabilities and how applications handling sensitive data do not follow standard recommendations in security and data protection regulations during the result analysis. Moreover, some data sharing is noticed, with sensitive data passed on to third parties. The data obtained can also be used in application fields, such as by a forensic expert in a financial crime case in steps of a forensic investigation.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123644541","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
D. Skias, S. Tsekeridou, T. Zahariadis, Artemis C. Voulkidis, T. Velivassaki
{"title":"Demonstration of alignment of the Pan-European Cybersecurity Incidents Information Sharing Platform to Cybersecurity policy, regulatory and legislative advancements","authors":"D. Skias, S. Tsekeridou, T. Zahariadis, Artemis C. Voulkidis, T. Velivassaki","doi":"10.1145/3538969.3544477","DOIUrl":"https://doi.org/10.1145/3538969.3544477","url":null,"abstract":"The path to the Digital Decade in Europe is realized by various governance and regulatory frameworks that aim to materialize this core European strategy. The EU cybersecurity strategy projects to safeguard this path and enable a swift but smooth transition. Arguably, EU is constantly taking actions to address cybersecurity challenges and promote cyber resilience, focusing primarily in critical sectors such as energy. This imposes significant challenges for the cybersecurity technology providers and requires a flexible, adaptive and agile design and development approach. The presented work is an evolution of the ARES2021 paper “Pan-European Cybersecurity Incidents Information Sharing Platform to support NIS Directive” that further aligns with advancements in the European Cybersecurity policy and regulations landscape. This is feasible since the development of the Incidents Information Sharing Platform (I2SP) is agile, adaptive and has continuously been driven by the advancements observed and imposed by the European cybersecurity regulatory framework. The current work showcases the I2SP design enhancements to address the latest EU cybersecurity regulatory framework updates relating to the Network Code on Cybersecurity (NCCS), NIS2 and the Cyber Resilience Act, highlighting the stringent alignment between I2SP and the EU cybersecurity strategy.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121163601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Android Permission Manager, Visual Cues, and their Effect on Privacy Awareness and Privacy Literacy","authors":"Vera Schmitt, Maija Poikela, Sebastian Möller","doi":"10.1145/3538969.3543790","DOIUrl":"https://doi.org/10.1145/3538969.3543790","url":null,"abstract":"Android applications request specific permissions from users during the installations to perform required functionalities by accessing system resources and personal information. Usually, users must approve the permissions requested by applications (apps) during the installation process and before the apps can collect privacy- or security-relevant information. However, recent studies have shown that users are overwhelmed with the information provided in privacy policies and do not understand permission requests and which functionalities are necessary for certain applications. Hereby, the collection of personal information remains mostly hidden, as the task of verifying to which information different apps have access to can be very complicated. Therefore, it is necessary to develop frameworks and apps that enable the user to perform informed decisions about apps’ run-time permission access to facilitate the control over sensitive information collected by various apps on smartphones. In this work, we conducted an online study with 70 participants who interacted with a mockup app that enables advanced control over permission requests. The selected permissions are based on the apps’ run-time permission access patterns and explanations, and commonly known visual cues are used to facilitate the user’s understanding and privacy-conscious decision making. Furthermore, the effects of perceived control over information sharing and privacy awareness are examined in combination with the permission manager mockup app to investigate if increased control over information sharing increases general privacy awareness. Our results show an interplay between increased control and privacy awareness when explanations and common visual cues are presented to the user. However, the direction of the interplay between increased control and privacy awareness was surprising. Privacy awareness dropped for the experimental group, which received advanced explanations and visual nudges for privacy-conscious decision making. Interestingly privacy awareness significantly increased for the control group, which only received a plain privacy nudge. Therefore, we suggest that increased control over information sharing does not necessarily lead to improved privacy-decision making, and privacy by default might be a more effective design choice.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114423082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Axel Charpentier, N. Cuppens-Boulahia, F. Cuppens, Reda Yaich
{"title":"Deep Reinforcement Learning-Based Defense Strategy Selection","authors":"Axel Charpentier, N. Cuppens-Boulahia, F. Cuppens, Reda Yaich","doi":"10.1145/3538969.3543789","DOIUrl":"https://doi.org/10.1145/3538969.3543789","url":null,"abstract":"Deception and Moving Target Defense techniques are two types of approaches that aim to increase the cost of the attacks by providing false information or uncertainty to the attacker’s perception. Given the growing number of these strategies and the fact that they are not all effective against the same types of attacks, it is essential to know how to select the best one to use depending on the environment and the attacker. We therefore propose a model of attacker/defender confrontation in a computer system that takes into account the asymmetry of the players’ perceptions. To simulate attacks on our model, a basic attacker scenario based on the main phases of the Cyber Kill Chain is proposed. Analytically determining an optimal solution is difficult due to the model’s complexity. Moreover, because of the large number of possible states in the model, Deep Q-Learning algorithm is used to train a defensive agent to choose the best defensive strategy according to the observed attacker’s actions.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116268429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Using Telegram as a carrier for image steganography: Analysing Telegrams API limits","authors":"Niklas Bunzel, Tobias Chen, M. Steinebach","doi":"10.1145/3538969.3544440","DOIUrl":"https://doi.org/10.1145/3538969.3544440","url":null,"abstract":"Telegram is a messaging platform with millions of users per month. For this reason, it is a possible vector for steganographic messages. We investigate the feasibility of using Telegram as a messenger service for images with steganographic content, specifically we use F5 as a proof of concept. We evaluate the optimal resolution and quality settings to achieve the highest possible payload size. In order to support longer message transfers over Telegram, we design a cover channel with a regular schedule of images to have a high bandwidth. We found that the optimal resolution for message transfers is 2560x2560 at JPEG quality settings of 82. And that this configuration allows us to send an average of 81 kilobytes of data per image.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127946892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"ZEKRO: Zero-Knowledge Proof of Integrity Conformance","authors":"Heini Bergsson Debes, Thanassis Giannetsos","doi":"10.1145/3538969.3539004","DOIUrl":"https://doi.org/10.1145/3538969.3539004","url":null,"abstract":"In the race toward next-generation systems of systems, the adoption of edge and cloud computing is escalating to deliver the underpinning end-to-end services. To safeguard the increasing attack landscape, remote attestation lets a verifier reason about the state of an untrusted remote prover. However, for most schemes, verifiability is only established under the omniscient and trusted verifier assumption, where a verifier knows the prover’s trusted states, and the prover must reveal evidence about its current state. This assumption severely challenges upscaling, inherently limits eligible verifiers, and naturally prohibits adoption in public-facing security-critical networks. To meet current zero trust paradigms, we propose a general ZEro-Knowledge pRoof of cOnformance (ZEKRO) scheme, which considers mutually distrusting participants and enables a prover to convince an untrusted verifier about its state’s correctness in zero-knowledge, i.e., without revealing anything about its state.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115775076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
P. Jedlicka, L. Malina, Tomas Gerlich, Zdenek Martinasek, J. Hajny, Petr Socha
{"title":"On Secure and Side-Channel Resistant Hardware Implementations of Post-Quantum Cryptography","authors":"P. Jedlicka, L. Malina, Tomas Gerlich, Zdenek Martinasek, J. Hajny, Petr Socha","doi":"10.1145/3538969.3544423","DOIUrl":"https://doi.org/10.1145/3538969.3544423","url":null,"abstract":"Currently, many post-quantum cryptography schemes have been implemented on various hardware platforms in order to provide efficient solutions in cybersecurity services. As researchers and hardware developers focus primarily on designs providing small latency and requiring fewer hardware resources, their implementations could seldom omit protection techniques against various physical attacks. This paper studies potential attacks on the cryptography implementations that run on Field-Programmable Gate Array (FPGA) platforms. We mainly analyze how Post-Quantum Cryptography (PQC) implementations could be vulnerable on various platforms. Further, we aim at the FPGA-based implementations of National Institute of Standards and Technology (NIST)’s PQC competition finalists. Our study should present to developers the current overview of attacks and countermeasures that can be implemented on specific PQC schemes on FPGA platforms. Moreover, we present novel implementation of one universal countermeasure component and reveal additional resources that are needed.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130038637","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}