Proceedings of the 31st Annual Computer Security Applications Conference最新文献

筛选
英文 中文
Proactive Security Analysis of Changes in Virtualized Infrastructures 虚拟化基础设施变化的主动安全分析
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818034
Sören Bleikertz, Carsten Vogel, Thomas Gross, S. Mödersheim
{"title":"Proactive Security Analysis of Changes in Virtualized Infrastructures","authors":"Sören Bleikertz, Carsten Vogel, Thomas Gross, S. Mödersheim","doi":"10.1145/2818000.2818034","DOIUrl":"https://doi.org/10.1145/2818000.2818034","url":null,"abstract":"The pervasiveness of cloud computing can be attributed to its scale and elasticity. However, the operational complexity of the underlying cloud infrastructure is high, due to its dynamics, multi-tenancy, and size. Misconfigurations and insider attacks carry significant operational and security risks, such as breaches in tenant isolation put both the infrastructure provider and the consumers at risk. We tackle this challenge by establishing a practical security system, called Weatherman, that proactively analyzes changes induced by management operations with respect to security policies. We achieve this by contributing the first formal model of cloud management operations that captures their impact on the infrastructure in the form of graph transformations. Our approach combines such a model of operations with an information flow analysis suited for isolation as well as a policy verifier for a variety of security and operational policies. Our system provides a run-time enforcement of infrastructure security policies, as well as a what-if analysis for change planning.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134038532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Towards Analyzing the Input Validation Vulnerabilities associated with Android System Services Android系统服务相关输入验证漏洞分析
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818033
Chen Cao, Neng Gao, Peng Liu, Ji Xiang
{"title":"Towards Analyzing the Input Validation Vulnerabilities associated with Android System Services","authors":"Chen Cao, Neng Gao, Peng Liu, Ji Xiang","doi":"10.1145/2818000.2818033","DOIUrl":"https://doi.org/10.1145/2818000.2818033","url":null,"abstract":"Although the input validation vulnerabilities play a critical role in web application security, such vulnerabilities are so far largely neglected in the Android security research community. We found that due to the unique Framework Code layer, Android devices do need specific input validation vulnerability analysis in system services. In this work, we take the first steps to analyze Android specific input validation vulnerabilities. In particular, a) we take the first steps towards measuring the corresponding attack surface and reporting the current input validation status of Android system services. b) We developed a new input validation vulnerability scanner for Android devices. This tool fuzzes all the Android system services by sending requests with malformed arguments to them. Through comprehensive evaluation of Android system with over 90 system services and over 1,900 system service methods, we identified 16 vulnerabilities in Android system services. We have reported all the issues to Google and Google has confirmed them.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127547979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Decentralized Authorization and Privacy-Enhanced Routing for Information-Centric Networks 信息中心网络的去中心化授权和增强隐私的路由
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818001
Mariana Raykova, Hasnain Lakhani, H. Kazmi, Ashish Gehani
{"title":"Decentralized Authorization and Privacy-Enhanced Routing for Information-Centric Networks","authors":"Mariana Raykova, Hasnain Lakhani, H. Kazmi, Ashish Gehani","doi":"10.1145/2818000.2818001","DOIUrl":"https://doi.org/10.1145/2818000.2818001","url":null,"abstract":"As information-centric networks are deployed in increasingly diverse settings, there is a growing need to protect the privacy of participants. We describe the design, implementation, and evaluation of a security framework that achieves this. It ensures the integrity and confidentiality of published content, the associated descriptive metadata, and the interests of subscribers. Publishers can scope access to the content, as well as which nodes in the network can broker access to it. Subscribers can limit which nodes can see their interests. Scopes are defined as policies over attributes of the individual nodes. The system transparently realizes the policies with suitable cryptographic primitives. It supports deployment in heterogeneous mobile ad hoc environments where trust may derive from multiple independent sources. Further, no external public key infrastructure is assumed. We also report on the overhead that the security adds in actual deployments on Android devices.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123835431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Combining Differential Privacy and Secure Multiparty Computation 结合差分隐私和安全多方计算
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818027
Martin Pettai, Peeter Laud
{"title":"Combining Differential Privacy and Secure Multiparty Computation","authors":"Martin Pettai, Peeter Laud","doi":"10.1145/2818000.2818027","DOIUrl":"https://doi.org/10.1145/2818000.2818027","url":null,"abstract":"We consider how to perform privacy-preserving analyses on private data from different data providers and containing personal information of many different individuals. We combine differential privacy and secret sharing based secure multiparty computation in the same system to protect the privacy of both the data providers and the individuals. We have implemented a prototype of this combination and have found that the overhead of adding differential privacy to secure multiparty computation is small enough to be usable in practice.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131299834","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 77
Control Flow and Code Integrity for COTS binaries: An Effective Defense Against Real-World ROP Attacks COTS二进制文件的控制流和代码完整性:对真实世界ROP攻击的有效防御
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818016
Mingwei Zhang, R. Sekar
{"title":"Control Flow and Code Integrity for COTS binaries: An Effective Defense Against Real-World ROP Attacks","authors":"Mingwei Zhang, R. Sekar","doi":"10.1145/2818000.2818016","DOIUrl":"https://doi.org/10.1145/2818000.2818016","url":null,"abstract":"Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they provide ultimate control --- the ability to execute arbitrary low-level code. Attackers have shown time and again their ability to overcome widely deployed countermeasures such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) by crafting Return Oriented Programming (ROP) attacks. Although Turing-complete ROP attacks have been demonstrated in research papers, real-world ROP payloads have had a more limited objective: that of disabling DEP so that injected native code attacks can be carried out. In this paper, we provide a systematic defense, called Control Flow and Code Integrity (CFCI), that makes injected native code attacks impossible. CFCI achieves this without sacrificing compatibility with existing software, the need to replace system programs such as the dynamic loader, and without significant performance penalty. We will release CFCI as open-source software by the time of this conference.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131745302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Privacy-preserving Virtual Machine 保护隐私的虚拟机
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818044
Tianlin Li, Yaohui Hu, Ping Yang, Kartik Gopalan
{"title":"Privacy-preserving Virtual Machine","authors":"Tianlin Li, Yaohui Hu, Ping Yang, Kartik Gopalan","doi":"10.1145/2818000.2818044","DOIUrl":"https://doi.org/10.1145/2818000.2818044","url":null,"abstract":"Cloud computing systems routinely process users' confidential data, but the underlying virtualization software in use today is not constructed to minimize the exposure of such data. For instance, virtual machine (VM) checkpointing can drastically prolong the lifetime and vulnerability of confidential data without users' knowledge by storing such data as part of a persistent snapshot. A key requirement for minimizing the exposure of any data is the ability to cleanly isolate such data for either exclusion or processing. Traditional mechanisms for memory taint tracking are expensive whereas those for isolating application footprint in VM-based sandboxes are not transparent. In this paper, we propose a transparent and lightweight mechanism for isolating a confidential application's memory footprint in a VM. The key idea is for a parent VM to spawn a child VM, called a Privacy-preserving Virtual Machine (PPVM) within which the confidential application executes. Hypervisor features, such as VM checkpointing, that need to exclude the memory of a confidential application can safely ignore the child VM's memory footprint. Alternatively, features such as checkpoint encryption or malware tracking can operate only on the child VM's memory. We implement memory isolation for PPVM through a lightweight VM fork operation that uses copy-on-write to reduce the memory and filesystem overhead of the PPVM. Transparency is achieved through a confidential shell that allows the parent VM to spawn the confidential application in the PPVM and exercise control over it during runtime. We demonstrate the effectiveness of PPVM through its use with VM checkpointing, which can safely checkpoint the parent VM while excluding or encrypting the associated PPVM. We show that our PPVM implementation achieves effective memory isolation with low overheads on memory, CPU, and network performance.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130418722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Proximity Verification for Contactless Access Control and Authentication Systems 非接触式访问控制与认证系统的近距离验证
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818004
Aanjhan Ranganathan, Boris Danev, Srdjan Capkun
{"title":"Proximity Verification for Contactless Access Control and Authentication Systems","authors":"Aanjhan Ranganathan, Boris Danev, Srdjan Capkun","doi":"10.1145/2818000.2818004","DOIUrl":"https://doi.org/10.1145/2818000.2818004","url":null,"abstract":"Today, contactless smart cards are used to provide physical access control and authentication in a wide variety of applications. Prior research have demonstrated the vulnerability of contactless smart cards to relay attacks. For example, an attacker can relay the communication between the card reader and the smart card to steal a car or pay for goods in a supermarket. To solve this problem, smart cards need to be enhanced with secure proximity verification, i.e., distance bounding, which enables the card reader and the card to verify their mutual distance. However, existing technologies do not support the deployment of distance bounding in such systems: NFC cannot provide sufficient distance resolution, and hardware complexity of the proposed (e.g., UWB-based) distance bounding radios prevents their use in contactless smart cards. In this work, we propose a novel distance bounding system specifically designed for short-range contactless access control and authentication applications. Our system combines frequency modulated continuous wave (FMCW) and backscatter communication. The use of backscatter communication enables low-complexity, power-efficient design of the prover which is critical for contactless smart cards. In addition, our distance bounding system enables the implementation of a majority of distance bounding protocols developed in prior art. We analyze our system against various attack scenarios and show that it offers strong security guarantees. Additionally, we evaluate our system's communication and distance measurement characteristics using a prototype implementation.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130087823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Defeating ROP Through Denial of Stack Pivot 通过拒绝Stack Pivot击败ROP
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818023
Aravind Prakash, Heng Yin
{"title":"Defeating ROP Through Denial of Stack Pivot","authors":"Aravind Prakash, Heng Yin","doi":"10.1145/2818000.2818023","DOIUrl":"https://doi.org/10.1145/2818000.2818023","url":null,"abstract":"Return-Oriented Programming (ROP) is a popular and prevalent infiltration technique. While current solutions based on code randomization, artificial diversification and Control-Flow Integrity (CFI) have rendered ROP attacks harder to accomplish, they have been unsuccessful in completely eliminating them. Particularly, CFI-based approaches lack incremental deployability and impose high performance overhead -- two key requirements for practical application. In this paper, we present a novel compiler-level defense against ROP attacks. We observe that stack pivoting -- a key step in executing ROP attacks -- often moves the stack pointer from the stack region to a non-stack (often heap) region, thereby violating the integrity of the stack pointer. Unlike CFI-based defenses, our defense does not rely on the control-flow of the program. Instead, we assert the sanity of stack pointer at predetermined execution points in order to detect stack pivoting and thereby defeat ROP. The key advantage of our approach is that it allows for incremental deployability, an Achilles heel for CFI. That is, we can selectively protect some modules that can coexist with other unprotected modules. Other advantages include: (1) We do not depend on ASLR -- which is particularly vulnerable to information disclosure attacks, and (2) We do not make any assumptions regarding the so called \"gadget\". We implemented our defense in a proof-of-concept LLVM-based system called PBlocker. We evaluated PBlocker on SPEC 2006 benchmark and show an average runtime overhead of 1.04%.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"266 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116046885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Accurate, Low Cost and Instrumentation-Free Security Audit Logging for Windows 准确,低成本和仪器免费的安全审计日志为Windows
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818039
Shiqing Ma, K. H. Lee, C. Kim, J. Rhee, X. Zhang, Dongyan Xu
{"title":"Accurate, Low Cost and Instrumentation-Free Security Audit Logging for Windows","authors":"Shiqing Ma, K. H. Lee, C. Kim, J. Rhee, X. Zhang, Dongyan Xu","doi":"10.1145/2818000.2818039","DOIUrl":"https://doi.org/10.1145/2818000.2818039","url":null,"abstract":"Audit logging is an important approach to cyber attack investigation. However, traditional audit logging either lacks accuracy or requires expensive and complex binary instrumentation. In this paper, we propose a Windows based audit logging technique that features accuracy and low cost. More importantly, it does not require instrumenting the applications, which is critical for commercial software with IP protection. The technique is build on Event Tracing for Windows (ETW). By analyzing ETW log and critical parts of application executables, a model can be constructed to parse ETW log to units representing independent sub-executions in a process. Causality inferred at the unit level renders much higher accuracy, allowing us to perform accurate attack investigation and highly effective log reduction.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134292598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 73
Secure and Efficient Key Derivation in Portfolio Authentication Schemes Using Blakley Secret Sharing 基于Blakley秘密共享的组合认证方案安全高效密钥派生
Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI: 10.1145/2818000.2818043
Peter Mayer, M. Volkamer
{"title":"Secure and Efficient Key Derivation in Portfolio Authentication Schemes Using Blakley Secret Sharing","authors":"Peter Mayer, M. Volkamer","doi":"10.1145/2818000.2818043","DOIUrl":"https://doi.org/10.1145/2818000.2818043","url":null,"abstract":"The ubiquitous usage of mobile devices in public spaces increases the risk of falling victim to shoulder surfing attacks, i.e. being observed by others during authentication. A promising approach to mitigating such shoulder surfing risks is portfolio authentication. It requires only an authorized subset of the password as input during each authentication attempt. One open challenge regarding portfolio authentication is how to securely and efficiently verify that a user input is actually an authorized subset of the password. In this paper we propose the (t, n)-threshold verification scheme, a novel scheme using Blakley secret sharing to provide secure verification of all authorized subsets of the password. Due to the lack of a viable alternative, we evaluate the efficiency of the (t, n)-threshold verification scheme in comparison to a naive approach. In terms of storage, the (t, n)-threshold verification scheme outperforms the naive approach in all settings and it offers lower computation times in most settings.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121712700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信