发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security最新文献

筛选
英文 中文
POSTER: An Educational Network Protocol for Covert Channel Analysis Using Patterns 使用模式进行隐蔽信道分析的教育网络协议
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2989037
S. Wendzel, W. Mazurczyk
{"title":"POSTER: An Educational Network Protocol for Covert Channel Analysis Using Patterns","authors":"S. Wendzel, W. Mazurczyk","doi":"10.1145/2976749.2989037","DOIUrl":"https://doi.org/10.1145/2976749.2989037","url":null,"abstract":"The utilization of information hiding is on the rise among cybercriminals, e.g. to cloak the communication of malicious software as well as by ordinary users for privacy-enhancing purposes. A recent trend is to use network traffic in form of covert channels to convey secrets. In result, security expert training is incomplete if these aspects are not covered. This paper fills this gap by providing a method for teaching covert channel analysis of network protocols. We define a sample protocol called Covert Channel Educational Analysis Protocol (CCEAP) that can be used in didactic environments. Compared to previous works we lower the barrier for understanding network covert channels by eliminating the requirement for students to understand several network protocols in advance and by focusing on so-called hiding patterns.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124475397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles SandScout:自动检测iOS沙盒配置文件中的缺陷
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978336
Luke Deshotels, Răzvan Deaconescu, Mihai Chiroiu, Lucas Davi, W. Enck, A. Sadeghi
{"title":"SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles","authors":"Luke Deshotels, Răzvan Deaconescu, Mihai Chiroiu, Lucas Davi, W. Enck, A. Sadeghi","doi":"10.1145/2976749.2978336","DOIUrl":"https://doi.org/10.1145/2976749.2978336","url":null,"abstract":"Recent literature on iOS security has focused on the malicious potential of third-party applications, demonstrating how developers can bypass application vetting and code-level protections. In addition to these protections, iOS uses a generic sandbox profile called \"container\" to confine malicious or exploited third-party applications. In this paper, we present the first systematic analysis of the iOS container sandbox profile. We propose the SandScout framework to extract, decompile, formally model, and analyze iOS sandbox profiles as logic-based programs. We use our Prolog-based queries to evaluate file-based security properties of the container sandbox profile for iOS 9.0.2 and discover seven classes of exploitable vulnerabilities. These attacks affect non-jailbroken devices running later versions of iOS. We are working with Apple to resolve these attacks, and we expect that SandScout will play a significant role in the development of sandbox profiles for future versions of iOS.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131706911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption 影子复仇者:对有效部署,有效搜索加密的推理攻击
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978401
D. Pouliot, C. V. Wright
{"title":"The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption","authors":"D. Pouliot, C. V. Wright","doi":"10.1145/2976749.2978401","DOIUrl":"https://doi.org/10.1145/2976749.2978401","url":null,"abstract":"Encrypting Internet communications has been the subject of renewed focus in recent years. In order to add end-to-end encryption to legacy applications without losing the convenience of full-text search, ShadowCrypt and Mimesis Aegis use a new cryptographic technique called \"efficiently deployable efficiently searchable encryption\" (EDESE) that allows a standard full-text search system to perform searches on encrypted data. Compared to other recent techniques for searching on encrypted data, EDESE schemes leak a great deal of statistical information about the encrypted messages and the keywords they contain. Until now, the practical impact of this leakage has been difficult to quantify. In this paper, we show that the adversary's task of matching plaintext keywords to the opaque cryptographic identifiers used in EDESE can be reduced to the well-known combinatorial optimization problem of weighted graph matching (WGM). Using real email and chat data, we show how off-the-shelf WGM solvers can be used to accurately and efficiently recover hundreds of the most common plaintext keywords from a set of EDESE-encrypted messages. We show how to recover the tags from Bloom filters so that the WGM solver can be used with the set of encrypted messages that utilizes a Bloom filter to encode its search tags. We also show that the attack can be mitigated by carefully configuring Bloom filter parameters.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132600334","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 92
TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime 一个实用的Android运行时多层次信息流跟踪系统
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978343
Mingshen Sun, Tao Wei, John C.S. Lui
{"title":"TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime","authors":"Mingshen Sun, Tao Wei, John C.S. Lui","doi":"10.1145/2976749.2978343","DOIUrl":"https://doi.org/10.1145/2976749.2978343","url":null,"abstract":"Mobile operating systems like Android failed to provide sufficient protection on personal data, and privacy leakage becomes a major concern. To understand the security risks and privacy leakage, analysts have to carry out data-flow analysis. In 2014, Android upgraded with a fundamentally new design known as Android RunTime (ART) environment in Android 5.0. ART adopts ahead-of-time compilation strategy and replaces previous virtual-machine-based Dalvik. Unfortunately, many data-flow analysis systems like TaintDroid were designed for the legacy Dalvik environment. This makes data-flow analysis of new apps and malware infeasible. We design a multi-level information-flow tracking system for the new Android system called TaintART. TaintART employs a multi-level taint analysis technique to minimize the taint tag storage. Therefore, taint tags can be stored in processor registers to provide efficient taint propagation operations. We also customize the ART compiler to maximize performance gains of the ahead-of-time compilation optimizations. Based on the general design of TaintART, we also implement a multi-level privacy enforcement to prevent sensitive data leakage. We demonstrate that TaintART only incurs less than 15% overheads on a CPU-bound microbenchmark and negligible overhead on built-in or third-party applications. Compared to legacy Dalvik environment in Android 4.4, TaintART achieves about 99.7% faster performance for Java runtime benchmark.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"4 22","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132938855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 164
POSTER: DataLair: A Storage Block Device with Plausible Deniability 海报:DataLair:一个可否认的存储块设备
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2989061
Anrin Chakraborti, Cheng Chen, R. Sion
{"title":"POSTER: DataLair: A Storage Block Device with Plausible Deniability","authors":"Anrin Chakraborti, Cheng Chen, R. Sion","doi":"10.1145/2976749.2989061","DOIUrl":"https://doi.org/10.1145/2976749.2989061","url":null,"abstract":"Sensitive information is present on our phones, disks, watches and computers. Its protection is essential. Plausible deniability of stored data allows individuals to deny that their device contains a piece of sensitive information. This constitutes a key tool in the fight against oppressive governments and censorship. Unfortunately, existing solutions, such as the now defunct TrueCrypt [2], can defend only against an adversary that can access a user's device at most once (\"single-snapshot adversary\"). Recent solutions have traded significant performance overheads for the ability to handle more powerful adversaries able to access the device at multiple points in time (\"multi-snapshot adversary\"). In this paper we show that this sacrifice is not necessary. We introduce and build DataLair, a practical plausible deniability mechanism. When compared with existing approaches, DataLair is two orders of magnitude faster (and as efficient as the underlying raw storage) for public data accesses, and 3-5 times faster for hidden data accesses. An important component in DataLair is a new, efficient write-only ORAM construction, which provides an improved access complexity when compared to the state-of-the-art.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116219329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations 通过随机数生成器的隐蔽信道:机制、容量估计和缓解
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978374
Dmitry Evtyushkin, D. Ponomarev
{"title":"Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations","authors":"Dmitry Evtyushkin, D. Ponomarev","doi":"10.1145/2976749.2978374","DOIUrl":"https://doi.org/10.1145/2976749.2978374","url":null,"abstract":"Covert channels present serious security threat because they allow secret communication between two malicious processes even if the system inhibits direct communication. We describe, implement and quantify a new covert channel through shared hardware random number generation (RNG) module that is available on modern processors. We demonstrate that a reliable, high-capacity and low-error covert channel can be created through the RNG module that works across CPU cores and across virtual machines. We quantify the capacity of the RNG channel under different settings and show that transmission rates in the range of 7-200 kbit/s can be achieved depending on a particular system used for transmission, assumptions, and the load level. Finally, we describe challenges in mitigating the RNG channel, and propose several mitigation approaches both in software and hardware.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122075843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
Mix&Slice: Efficient Access Revocation in the Cloud Mix&Slice:云中的高效访问撤销
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978377
Enrico Bacis, S. Vimercati, S. Foresti, S. Paraboschi, Marco Rosa, P. Samarati
{"title":"Mix&Slice: Efficient Access Revocation in the Cloud","authors":"Enrico Bacis, S. Vimercati, S. Foresti, S. Paraboschi, Marco Rosa, P. Samarati","doi":"10.1145/2976749.2978377","DOIUrl":"https://doi.org/10.1145/2976749.2978377","url":null,"abstract":"We present an approach to enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. The extensive experimental evaluation on a variety of configurations confirmed the effectiveness and efficiency of our solution, which showed excellent performance and compatibility with several implementation strategies.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123503805","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
POSTER: RIA: an Audition-based Method to Protect the Runtime Integrity of MapReduce Applications 海报:RIA:一个基于审核的方法来保护MapReduce应用程序的运行时完整性
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2989042
Yongzhi Wang, Yulong Shen
{"title":"POSTER: RIA: an Audition-based Method to Protect the Runtime Integrity of MapReduce Applications","authors":"Yongzhi Wang, Yulong Shen","doi":"10.1145/2976749.2989042","DOIUrl":"https://doi.org/10.1145/2976749.2989042","url":null,"abstract":"Public cloud vendors have been offering varies big data computing services. However, runtime integrity is one of the major concerns that hinders the adoption of those services. In this paper, we focus on MapReduce, a popular big data computing framework, propose the runtime integrity audition (RIA), a solution to verify the runtime integrity of MapReduce applications. Based on the idea of RIA, we developed a prototype system, called MR Auditor, and tested its applicability and the performance with multiple Hadoop applications. Our experimental results showed that MR Auditor is an efficient tool to detect runtime integrity violation and incurs a moderate performance overhead.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125420140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Content Security Problems?: Evaluating the Effectiveness of Content Security Policy in the Wild 内容安全问题?:评估野外内容安全策略的有效性
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978338
Stefano Calzavara, Alvise Rabitti, M. Bugliesi
{"title":"Content Security Problems?: Evaluating the Effectiveness of Content Security Policy in the Wild","authors":"Stefano Calzavara, Alvise Rabitti, M. Bugliesi","doi":"10.1145/2976749.2978338","DOIUrl":"https://doi.org/10.1145/2976749.2978338","url":null,"abstract":"Content Security Policy (CSP) is an emerging W3C standard introduced to mitigate the impact of content injection vulnerabilities on websites. We perform a systematic, large-scale analysis of four key aspects that impact on the effectiveness of CSP: browser support, website adoption, correct configuration and constant maintenance. While browser support is largely satisfactory, with the exception of few notable issues, our analysis unveils several shortcomings relative to the other three aspects. CSP appears to have a rather limited deployment as yet and, more crucially, existing policies exhibit a number of weaknesses and misconfiguration errors. Moreover, content security policies are not regularly updated to ban insecure practices and remove unintended security violations. We argue that many of these problems can be fixed by better exploiting the monitoring facilities of CSP, while other issues deserve additional research, being more rooted into the CSP design.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129987142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 56
Strong Non-Interference and Type-Directed Higher-Order Masking 强无干扰和有型高阶掩模
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI: 10.1145/2976749.2978427
G. Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, B. Grégoire, Pierre-Yves Strub, Rébecca Zucchini
{"title":"Strong Non-Interference and Type-Directed Higher-Order Masking","authors":"G. Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, B. Grégoire, Pierre-Yves Strub, Rébecca Zucchini","doi":"10.1145/2976749.2978427","DOIUrl":"https://doi.org/10.1145/2976749.2978427","url":null,"abstract":"Differential power analysis (DPA) is a side-channel attack in which an adversary retrieves cryptographic material by measuring and analyzing the power consumption of the device on which the cryptographic algorithm under attack executes. An effective countermeasure against DPA is to mask secrets by probabilistically encoding them over a set of shares, and to run masked algorithms that compute on these encodings. Masked algorithms are often expected to provide, at least, a certain level of probing security. Leveraging the deep connections between probabilistic information flow and probing security, we develop a precise, scalable, and fully automated methodology to verify the probing security of masked algorithms, and generate them from unprotected descriptions of the algorithm. Our methodology relies on several contributions of independent interest, including a stronger notion of probing security that supports compositional reasoning, and a type system for enforcing an expressive class of probing policies. Finally, we validate our methodology on examples that go significantly beyond the state-of-the-art.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123089225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 211
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信