发布求助
文献互助 智能选刊 最新文献

Proceedings of the 32nd Annual Conference on Computer Security Applications最新文献

筛选
英文 中文
Inferring browser activity and status through remote monitoring of storage usage 通过远程监控存储使用情况推断浏览器活动和状态
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991080
Hyungsub Kim, Sangho Lee, Jong Kim
{"title":"Inferring browser activity and status through remote monitoring of storage usage","authors":"Hyungsub Kim, Sangho Lee, Jong Kim","doi":"10.1145/2991079.2991080","DOIUrl":"https://doi.org/10.1145/2991079.2991080","url":null,"abstract":"Web applications use the local storage of a web browser to temporarily store static resources for caching and persistently store personalized data for stateful services. Since different web applications use the local storage differently in terms of size and time, attackers can infer a user's browser activity and status if they can monitor storage usage: for example, which web site a user is viewing and whether a user has logged in to a certain web site. In this paper, we explore passive and active web attacks that exploit the Quota Management API to extract such information from a web browser, as the API allows us to continuously monitor the size of available storage space. We develop two web attacks: a cross-tab activity inference attack to passively monitor which web site a user is currently visiting and a browser status inference attack to actively identify the browser status such as browser history and login information. Our attacks are successful at stealing private information from Chrome running on various platforms with ∼90% accuracy. We further propose an effective solution against the attacks.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128857268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
VulPecker: an automated vulnerability detection system based on code similarity analysis VulPecker:基于代码相似度分析的漏洞自动检测系统
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991102
Z. Li, Deqing Zou, Shouhuai Xu, Hai Jin, H. Qi, Jie Hu
{"title":"VulPecker: an automated vulnerability detection system based on code similarity analysis","authors":"Z. Li, Deqing Zou, Shouhuai Xu, Hai Jin, H. Qi, Jie Hu","doi":"10.1145/2991079.2991102","DOIUrl":"https://doi.org/10.1145/2991079.2991102","url":null,"abstract":"Software vulnerabilities are the fundamental cause of many attacks. Even with rapid vulnerability patching, the problem is more complicated than it looks. One reason is that instances of the same vulnerability may exist in multiple software copies that are difficult to track in real life (e.g., different versions of libraries and applications). This calls for tools that can automatically search for vulnerable software with respect to a given vulnerability. In this paper, we move a step forward in this direction by presenting Vulnerability Pecker (VulPecker), a system for automatically detecting whether a piece of software source code contains a given vulnerability or not. The key insight underlying VulPecker is to leverage (i) a set of features that we define to characterize patches, and (ii) code-similarity algorithms that have been proposed for various purposes, while noting that no single code-similarity algorithm is effective for all kinds of vulnerabilities. Experiments show that VulPecker detects 40 vulnerabilities that are not published in the National Vulnerability Database (NVD). Among these vulnerabilities, 18 are not known for their existence and have yet to be confirmed by vendors at the time of writing (these vulnerabilities are \"anonymized\" in the present paper for ethical reasons), and the other 22 vulnerabilities have been \"silently\" patched by the vendors in the later releases of the vulnerable products.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129412852","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 188
Multi-receiver GPS spoofing detection: error models and realization 多接收机GPS欺骗检测:误差模型与实现
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991092
K. Jansen, Nils Ole Tippenhauer, C. Pöpper
{"title":"Multi-receiver GPS spoofing detection: error models and realization","authors":"K. Jansen, Nils Ole Tippenhauer, C. Pöpper","doi":"10.1145/2991079.2991092","DOIUrl":"https://doi.org/10.1145/2991079.2991092","url":null,"abstract":"Spoofing is a serious threat to the widespread use of Global Navigation Satellite Systems (GNSSs) such as GPS and can be expected to play an important role in the security of many future IoT systems that rely on time, location, or navigation information. In this paper, we focus on the technique of multi-receiver GPS spoofing detection, so far only proposed theoretically. This technique promises to detect malicious spoofing signals by making use of the reported positions of several GPS receivers deployed in a fixed constellation. We scrutinize the assumptions of prior work, in particular the error models, and investigate how these models and their results can be improved due to the correlation of errors at co-located receiver positions. We show that by leveraging spatial noise correlations, the false acceptance rate of the countermeasure can be improved while preserving the sensitivity to attacks. As a result, receivers can be placed significantly closer together than previously expected, which broadens the applicability of the countermeasure. Based on theoretical and practical investigations, we build the first realization of a multi-receiver countermeasure and experimentally evaluate its performance both in authentic and in spoofing scenarios.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"2014 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127505700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
CoKey: fast token-based cooperative cryptography CoKey:快速的基于令牌的协作加密
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991117
Julian Horsch, Sascha Wessel, C. Eckert
{"title":"CoKey: fast token-based cooperative cryptography","authors":"Julian Horsch, Sascha Wessel, C. Eckert","doi":"10.1145/2991079.2991117","DOIUrl":"https://doi.org/10.1145/2991079.2991117","url":null,"abstract":"Keys for symmetric cryptography are usually stored in RAM and therefore susceptible to various attacks, ranging from simple buffer overflows to leaks via cold boot, DMA or side channels. A common approach to mitigate such attacks is to move the keys to an external cryptographic token. For low-throughput applications like asymmetric signature generation, the performance of these tokens is sufficient. For symmetric, data-intensive use cases, like disk encryption on behalf of the host, the connecting interface to the token often is a serious bottleneck. In order to overcome this problem, we present CoKey, a novel concept for partially moving symmetric cryptography out of the host into a trusted detachable token. CoKey combines keys from both entities and securely encrypts initialization vectors on the token which are then used in the cryptographic operations on the host. This forces host and token to cooperate during the whole encryption and decryption process. Our concept strongly and efficiently binds encrypted data on the host to the specific token used for their encryption, while still allowing for fast operation. We implemented the concept using Linux hosts and the USB armory, a USB thumb drive sized ARM computer, as detachable crypto token. Our detailed performance evaluation shows that our prototype is easily fast enough even for data-intensive and performance-critical use cases like full disk encryption, thus effectively improving security for symmetric cryptography in a usable way.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115428558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Proceedings of the 32nd Annual Conference on Computer Security Applications 第32届计算机安全应用年会论文集
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079
S. Schwab, Wil Robertson, D. Balzarotti
{"title":"Proceedings of the 32nd Annual Conference on Computer Security Applications","authors":"S. Schwab, Wil Robertson, D. Balzarotti","doi":"10.1145/2991079","DOIUrl":"https://doi.org/10.1145/2991079","url":null,"abstract":"Research in computer security has proved enlightening and rewarding. Over the years, the breadth of topics covered by ACSAC has continued to expand as security issues grow in importance. This year's hard topic theme again addresses the area of Security and Privacy in the Internet of Things.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116562494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
The cross domain desktop compositor: using hardware-based video compositing for a multi-level secure user interface 跨域桌面合成器:使用基于硬件的视频合成用于多级安全用户界面
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991087
Mark R. Beaumont, J. McCarthy, Toby C. Murray
{"title":"The cross domain desktop compositor: using hardware-based video compositing for a multi-level secure user interface","authors":"Mark R. Beaumont, J. McCarthy, Toby C. Murray","doi":"10.1145/2991079.2991087","DOIUrl":"https://doi.org/10.1145/2991079.2991087","url":null,"abstract":"We have developed the Cross Domain Desktop Compositor, a hardware-based multi-level secure user interface, suitable for deployment in high-assurance environments. Through composition of digital display data from multiple physically-isolated single-level secure domains, and judicious switching of keyboard and mouse input, we provide an integrated multi-domain desktop solution. The system developed enforces a strict information flow policy and requires no trusted software. To fulfil high-assurance requirements and achieve a low cost of accreditation, the architecture favours simplicity, using mainly commercial-off-the-shelf components complemented by small trustworthy hardware elements. The resulting user interface is intuitive and responsive and we show how it can be further leveraged to create integrated multi-level applications and support managed information flows for secure cross domain solutions. This is a new approach to the construction of multi-level secure user interfaces and multi-level applications which minimises the required trusted computing base, whilst maintaining much of the desired functionality.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128851137","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
ELAR: extremely lightweight auditing and repairing for cloud security ELAR:非常轻量级的审计和修复云安全
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991082
Tran Thao Phuong, Kazumasa Omote
{"title":"ELAR: extremely lightweight auditing and repairing for cloud security","authors":"Tran Thao Phuong, Kazumasa Omote","doi":"10.1145/2991079.2991082","DOIUrl":"https://doi.org/10.1145/2991079.2991082","url":null,"abstract":"Cloud storage has been gaining in popularity as an on-line service for archiving, backup, and even primary storage of files. However, due to the data outsourcing, cloud storage also introduces new security challenges, which require a data audit and data repair service to ensure data availability and data integrity in the cloud. In this paper, we present the design and implementation of a network-coding-based Proof Of Retrievability scheme called ELAR, which achieves a lightweight data auditing and data repairing. In particular, we support direct repair mechanism in which the client can be free from the data repair process. Simultaneously, we also support the task of allowing a third party auditor (TPA), on behalf of the client, to verify the availability and integrity of the data stored in the cloud servers without the need of an asymmetric-key setting. The client is thus also free from the data audit process. TPA uses spot-checking which is a very efficient probabilistic method for checking a large amount of data. Extensive security and performance analysis show that the proposed scheme is highly efficient and provably secure.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132492430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Pileus: protecting user resources from vulnerable cloud services Pileus:保护用户资源不受云服务攻击
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991109
Yuqiong Sun, Giuseppe Petracca, Xinyang Ge, T. Jaeger
{"title":"Pileus: protecting user resources from vulnerable cloud services","authors":"Yuqiong Sun, Giuseppe Petracca, Xinyang Ge, T. Jaeger","doi":"10.1145/2991079.2991109","DOIUrl":"https://doi.org/10.1145/2991079.2991109","url":null,"abstract":"Cloud computing platforms are now constructed as distributed, modular systems of cloud services, which enable cloud users to manage their cloud resources. However, in current cloud platforms, cloud services fully trust each other, so a malicious user may exploit a vulnerability in a cloud service to obtain unauthorized access to another user's data. To date, over 150 vulnerabilities have been reported in cloud services in the OpenStack cloud. Research efforts in cloud security have focused primarily on attacks originating from user VMs or compromised operating systems rather than threats caused by the compromise of distributed cloud services, leaving cloud users open to attacks from these vulnerable cloud services. In this paper, we propose the Pileus cloud service architecture, which isolates each user's cloud operations to prevent vulnerabilities in cloud services from enabling malicious users to gain unauthorized access. Pileus deploys stateless cloud services \"on demand\" to service each user's cloud operations, limiting cloud services to the permissions of individual users. Pileus leverages the decentralized information flow control (DIFC) model for permission management, but the Pileus design addresses special challenges in the cloud environment to: (1) restrict how cloud services may be allowed to make security decisions; (2) select trustworthy nodes for access enforcement in a dynamic, distributed environment; and (3) limit the set of nodes a user must trust to service each operation. We have ported the OpenStack cloud platform to Pileus, finding that we can systematically prevent compromised cloud services from attacking other users' cloud operations with less than 3% additional latency for the operation. Application of the Pileus architecture to Open-Stack shows that confined cloud services can service users' cloud operations effectively for a modest overhead.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124746704","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Reliably determining data leakage in the presence of strong attackers 在强大攻击者存在的情况下可靠地确定数据泄漏
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991095
Riccardo Bortolameotti, Andreas Peter, M. Everts, W. Jonker, P. Hartel
{"title":"Reliably determining data leakage in the presence of strong attackers","authors":"Riccardo Bortolameotti, Andreas Peter, M. Everts, W. Jonker, P. Hartel","doi":"10.1145/2991079.2991095","DOIUrl":"https://doi.org/10.1145/2991079.2991095","url":null,"abstract":"We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent developments of data breach notification laws. Existing work in this domain has discussed methods to create digital evidence that could be used to determine data leakage, however most of them fail to secure the evidence against malicious adversaries or use strong assumptions such as trusted hardware. In some limited cases, data can be processed in the encrypted domain which, although being computationally expensive, can ensure that nothing leaks to an attacker, thereby making the leakage determination trivial. Otherwise, victims are left with the only option of considering all data to be leaked. In contrast, our work presents an approach capable of determining the data leakage using a distributed log that securely records all accesses to the data without relying on trusted hardware, and which is not all-or-nothing. We demonstrate our approach to guarantee secure and reliable evidence against even strongest adversaries capable of taking complete control over a machine. For the concrete application of client-server authentication, we show the preciseness of our approach, that it is feasible in practice, and that it can be integrated with existing services.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116932238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The cloudier side of cryptographic end-to-end verifiable voting: a security analysis of Helios 加密端到端可验证投票的阴暗面:Helios的安全分析
Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991106
Nicholas Chang-Fong, A. Essex
{"title":"The cloudier side of cryptographic end-to-end verifiable voting: a security analysis of Helios","authors":"Nicholas Chang-Fong, A. Essex","doi":"10.1145/2991079.2991106","DOIUrl":"https://doi.org/10.1145/2991079.2991106","url":null,"abstract":"Helios is an open-audit internet voting system providing cryptographic protections to voter privacy, and election integrity. As part of these protections, Helios produces a cryptographic audit trail that can be used to verify ballots were correctly counted. Cryptographic end-to-end (E2E) election verification schemes of this kind are a promising step toward developing trustworthy electronic voting systems. In this paper we approach the discussion from the flip-side by exploring the practical potential for threats to be introduced by the presence of a cryptographic audit trail. We conducted a security analysis of the Helios implementation and discovered a range of vulnerabilities and implemented exploits that would: allow a malicious election official to produce arbitrary election results with accepting proofs of correctness; allow a malicious voter to cast a malformed ballot to prevent the tally from being computed; and, allow an attacker to surreptitiously cast a ballot on a voter's behalf. We also examine privacy issues including a random-number generation bias affecting the indistinguishably of encrypted ballots. We reported the issues and worked with the Helios designers to fix them.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121734408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信