{"title":"Rising Star in Dependability Award","authors":"","doi":"10.1109/dsn58367.2023.00011","DOIUrl":"https://doi.org/10.1109/dsn58367.2023.00011","url":null,"abstract":"","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130194356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"SwarmFuzz: Discovering GPS Spoofing Attacks in Drone Swarms","authors":"Yingao Yao, Pritam Dash, K. Pattabiraman","doi":"10.1109/DSN58367.2023.00043","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00043","url":null,"abstract":"Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We highlight how an attacker can exploit the vulnerabilities in swarm control algorithms to disrupt drone swarms. Specifically, we show that the attacker can target a swarm member (target drone) through GPS spoofing attacks, and indirectly cause other swarm members (victim drones) to veer from their course, resulting in a collision with an obstacle. We call these Swarm Propagation Vulnerabilities. In this paper, we introduce SwarmFuzz, a fuzzing framework to capture the attacker's ability, and efficiently find such vulnerabilities in swarm control algorithms. SwarmFuzz uses a combination of graph theory and gradient-guided optimization to find the potential attack parameters. Our evaluation on a popular swarm control algorithm shows that SwarmFuzz achieves an average success rate of 48.8% in finding vulnerabilities, and compared to random fuzzing, has a 10x higher success rate, and 3x lower runtime. We also find that swarms of a larger size are more vulnerable to this attack type, for a given spoofing distance.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130199831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Poisoning Online Learning Filters by Shifting on the Move","authors":"W. Tann, E. Chang","doi":"10.1109/DSN58367.2023.00033","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00033","url":null,"abstract":"The recent advancements in machine learning have led to a wave of interest in adopting online learning approaches for long-standing attack mitigation issues. In particular, DDoS attacks remain a significant threat to network service availability. These attacks have been well investigated under the assumption that malicious traffic originates from a single attack profile. Based on this premise, malicious traffic characteristics are assumed to be considerably different from legitimate traffic. In this paper, we introduce a poisoning attack that takes a contextual generative approach to generate shifting malicious traffic, studying its effects on online deep-learning DDoS filters. We investigate an adverse scenario where the attacker is “crafty”, switching profiles during attacks and generating erratic attack traffic. This elusive attacker manipulates contexts derived using stochastic modeling that capture the distributions of network traffic to poison the filters. To this end, we present a generative model MimicShift, capable of efficiently shifting its attack while retaining the originating traffic's intrinsic properties. Comprehensive experiments show that online learning filters are highly susceptible to poisoning attacks, sometimes faltering to 100% false-negative rates on the evaluation datasets.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134359803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"IDTracker: Discovering Illicit Website Communities via Third-party Service IDs","authors":"Chenxu Wang, Zhao Li, Jiang Yin, Zhenni Liu, Zhongyi Zhang, Qingyun Liu","doi":"10.1109/DSN58367.2023.00050","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00050","url":null,"abstract":"Illicit websites are restricted by governments and application marketplaces due to their detrimental impact on society. Third-party web services play a crucial role in enabling illicit webmasters to establish websites rapidly and evade detection. In this paper, we discover that third-party services usually assign unique credentials to website developers as their identifications (IDs). Websites using the same services with identical IDs are likely to be hosted on shared infrastructures and have textually similar domain names. This observation sparks the idea of building a community of illicit websites by leveraging third-party service IDs. Therefore, we design IDTracker, a novel system for detecting illicit website communities based on domain name semantic and infrastructure relationship features, which empower classification algorithms to achieve a high F1 score of 0.8968. Furthermore, we deploy IDTracker on an Internet Service Provider's (ISP) environment for three months and identify 6,830 illicit communities containing 165,378 illicit websites. Many of these illicit websites can not be identified by the most sophisticated engines, such as Symantec and Baidu, because of the cloaking tactics. In addition, we conduct a large-scale and long-term measurement on the network infrastructures and third-party services of illicit communities, revealing new phenomena. Our findings can help security communities to thwart illicit websites more effectively.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123970082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"DSN 2023 Steering Committee","authors":"","doi":"10.1109/dsn58367.2023.00008","DOIUrl":"https://doi.org/10.1109/dsn58367.2023.00008","url":null,"abstract":"","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126561202","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Merve Gülmez, Thomas Nyman, Christoph Baumann, J. Mühlberg
{"title":"Rewind & Discard: Improving Software Resilience using Isolated Domains","authors":"Merve Gülmez, Thomas Nyman, Christoph Baumann, J. Mühlberg","doi":"10.1109/DSN58367.2023.00046","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00046","url":null,"abstract":"Well-known defenses exist to detect and mitigate common faults and memory safety vulnerabilities in software. Yet, many of these mitigations do not address the challenge of software resilience and availability, i.e., whether a system can continue to carry out its function and remain responsive, while being under attack and subjected to malicious inputs. In this paper we propose secure rewind and discard of isolated domains as an efficient and secure method of improving the resilience of software that is targeted by run-time attacks. In difference to established approaches, we rely on compartmentalization instead of replication and checkpointing. We show the practicability of our methodology by realizing a software library for Secure Domain Rewind and Discard (SDRaD) and demonstrate how SDRaD can be applied to real-world software.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126333349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Speaker Orientation-Aware Privacy Control to Thwart Misactivation of Voice Assistants","authors":"Shaohu Zhang, Aafaq Sabir, Anupam Das","doi":"10.1109/DSN58367.2023.00061","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00061","url":null,"abstract":"Smart home voice assistants (VAs) such as Amazon Echo and Google Home have become popular because of the convenience they provide through voice commands. VAs continuously listen to detect the wake command and send the subsequent audio data to the manufacturer-owned cloud service for processing to identify actionable commands. However, research has shown that VAs are prone to replay attack and accidental activations when the wake words are spoken in the background (either by a human or played through a mechanical speaker). Existing privacy controls are not effective in preventing such misactivations. This raises privacy and security concerns for the users as their conversations can be recorded and relayed to the cloud without their knowledge. Recent studies have shown that the visual gaze plays an important role when interacting with conservation agents such as VAs, and users tend to turn their heads or body toward the VA when invoking it. In this paper, we propose a device-free, non-obtrusive acoustic sensing system called HeadTalk to thwart the misactivation of VAs. The proposed system leverages the user's head direction information and verifies that a human generates the sound to minimize accidental activations. Our extensive evaluation shows that HeadTalk can accurately infer a speaker's head orientation with an average accuracy of 96.14% and distinguish human voice from a mechanical speaker with an equal error rate of 2.58%. We also conduct a user interaction study to assess how users perceive our proposed approach compared to existing privacy controls. Our results suggest that HeadTalk can not only enhance the security and privacy controls for VAs but do so in a usable way without requiring any additional hardware.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"47 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132486177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Devils in Your Apps: Vulnerabilities and User Privacy Exposure in Mobile Notification Systems","authors":"Jiadong Lou, Xiaohan Zhang, Yihe Zhang, Xinghua Li, Xu Yuan, Ning Zhang","doi":"10.1109/DSN58367.2023.00017","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00017","url":null,"abstract":"Witnessing the blooming adoption of push notifications on mobile devices, this new message delivery paradigm has become pervasive in diverse applications. Accompanying with its broad adoption, the potential security risks and privacy exposure issues raise public concerns regarding its great social impacts. This paper conducts the first attempt to exploit the mobile notification ecosystem. By dissecting its structural elements and implementation process, a comprehensive vulnerability analysis is conducted towards the complete flow of mobile notification from platform enrollment to messaging. Meanwhile, for privacy exposure, we first examine the implementation of privacy policy compliance by proposing a three-level inspection approach to guide our analysis. Then, our top-down methods from documentation analysis, application network traffic study, to static analysis expose the illicit data collection behaviors in released applications. In addition, we uncover the potential privacy inference resulted from the notification monitoring. To support our analysis, we conduct empirical studies on 12 most popular notification platforms and perform static analysis over 30,000+ applications. We discover: 1) six platforms either provide ambiguous KEY naming rules or offer vulnerable messaging APIs; 2) privacy policy compliance implementations are either stagnated at the documentation stages (8 of 12 platforms) or never implemented in apps, resulting in billions of users suffering from privacy exposure; and 3) some apps can stealthily monitor notification messages delivering to other apps, potentially incurring user privacy inference risks. Our study raises the urgent demand for better regulations of mobile notification deployment.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134210193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xingchen Chen, Baizhu Wang, Ze Jin, Yun Feng, Xianglong Li, Xincheng Feng, Qixu Liu
{"title":"Tabby: Automated Gadget Chain Detection for Java Deserialization Vulnerabilities","authors":"Xingchen Chen, Baizhu Wang, Ze Jin, Yun Feng, Xianglong Li, Xincheng Feng, Qixu Liu","doi":"10.1109/DSN58367.2023.00028","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00028","url":null,"abstract":"Java is one of the preferred options of modern developers and has become increasingly more prominent with the prevalence of the open-source culture. Thanks to the serialization and deserialization features, Java programs have the flexibility to transmit object data between multiple components or systems, which significantly facilitates development. However, the features may also allow the attackers to construct gadget chains and lead to Java deserialization vulnerabilities. Due to the highly flexible and customizable nature of Java deserialization, finding an exploitable gadget chain is complicated and usually costs researchers a great deal of effort to confirm the vulnerability. To break such a dilemma, in this paper, we introduced Tabby, a highly accurate framework that leverages the Soot framework and Neo4j graph database for finding Java deserialization gadget chains. We leveraged Tabby to analyze 248 Jar files, found 80 practical gadget chains, and received 7 CVE-IDs from Xstream and Apache Dubbo. They both improved the security design to deal with potential security risks.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124449133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"TagClass: A Tool for Extracting Class-Determined Tags from Massive Malware Labels via Incremental Parsing","authors":"Y. Jiang, Gaolei Li, Shenghong Li","doi":"10.1109/DSN58367.2023.00029","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00029","url":null,"abstract":"VirusTotal is widely used for malware annotation by providing malware labels from a large set of anti-malware engines. A long-standing challenge in using these inconsistent labels is extracting class-determined tags. In this paper, we present Tagclass,a tool based on incremental parsing to associate tags with their corresponding family, behavior, and platform classes. Tagclasstreats behavior and platform tags as locators and achieves incremental parsing by introducing and iterating the following two algorithms: 1) location first search, which hits family tags using locators, and 2) co-occurrence first search, which finds new locators by family tags. Experiments across two benchmark datasets indicate Tagclassoutperforms existing methods, improving the parsing accuracy by 21% and 28%, respectively. To the best of our knowledge, Tagclassis the first tag class-determined malware label parsing tool, which would pave the way for research on crowdsourcing malware annotation. Tagclasshas been released to the community 11https://github.com/crowdma/tagclass.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129748312","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}