ACM Transactions on Privacy and Security最新文献

Flexichain: Flexible Payment Channel Network to Defend Against Channel Exhaustion Attack Flexichain：防御渠道枯竭攻击的灵活支付渠道网络

IF 3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-08-08 DOI: 10.1145/3687476

Susil Kumar Mohanty, Somanath Tripathy

{"title":"Flexichain: Flexible Payment Channel Network to Defend Against Channel Exhaustion Attack","authors":"Susil Kumar Mohanty, Somanath Tripathy","doi":"10.1145/3687476","DOIUrl":"https://doi.org/10.1145/3687476","url":null,"abstract":"Payment Channel Network (PCN) is an effective off-chain scaling solution widely recognized for reducing operational costs on permissionless blockchains. However, it still faces challenges such as lack of flexibility, channel exhaustion, and poor sustainability. Currently, a separate deposit is required for each payment channel, which locks a significant amount of coins for a longer period. This restricts the ability to move locked coins across their channels off-chain. Additionally, unbalanced (unidirectional) transfers can lead to channel exhaustion, rendering the channel unsustainable. To address these issues, we propose a novel off-chain protocol called Flexible Payment Channel Networks (Flexichain). Unlike existing approaches, Flexichain allows users to deposit coins per user rather than per channel. This provides flexibility to move coins freely between channels without relying on the blockchain or disrupting the off-chain cycle. Flexichain is proven to be secure under the Universal Composability framework and resistant against channel exhaustion attacks. To assess the performance of Flexichain, we conduct experiments on both on-chain and off-chain operations using snapshots of the Lightning Network (LN). We evaluated the on-chain gas costs, success ratio and success amount of off-chain payments under uniform and skewed payment demands, as well as the computational and communication overheads of the off-chain contracts.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":3.0,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141926397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SPArch: A Hardware-oriented Sketch-based Architecture for High-speed Network Flow Measurements SPArch：面向硬件的基于草图的高速网络流量测量架构

IF 3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-08-08 DOI: 10.1145/3687477

Arish Sateesan, J. Vliegen, Simon Scherrer, H. Hsiao, A. Perrig, N. Mentens

{"title":"SPArch: A Hardware-oriented Sketch-based Architecture for High-speed Network Flow Measurements","authors":"Arish Sateesan, J. Vliegen, Simon Scherrer, H. Hsiao, A. Perrig, N. Mentens","doi":"10.1145/3687477","DOIUrl":"https://doi.org/10.1145/3687477","url":null,"abstract":"Network flow measurement is an integral part of modern high-speed applications for network security and data-stream processing. However, processing at line rate while maintaining the required data structure within the on-chip memory of the hardware platform is a challenging task for measurement algorithms, especially when accuracy is of primary importance, such as in network security applications. Most of the existing measurement algorithms are no exception to such issues when deployed in high-speed networking environments and are also not tailored for efficient hardware implementation. Sketch-based measurement algorithms minimize the memory requirement and are suitable for high-speed networks but possess a low memory-accuracy trade-off and lack the versatility of individual flow mapping. To address these challenges, we present a hardware-friendly data structure named Sketch-based Pseudo-associative array Architecture (SPArch). SPArch is highly accurate and extremely memory-efficient, making it suitable for network flow measurement and security applications. The parallelism in SPArch ensures minimal and constant memory access cycles. Unlike other sketch architectures, SPArch provides the functionality of individual flow mapping similar to associative arrays, and the optimized version of SPArch allows the organization of counters in multiple buckets based on the flow sizes. An in-depth analysis of SPArch is carried out in this paper and implemented SPArch on the Alveo data center accelerator card, demonstrating its suitability for high-speed networks.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":3.0,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141927229","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

VeriBin: A Malware Authorship Verification Approach for APT Tracking through Explainable and Functionality-Debiasing Adversarial Representation Learning VeriBin：通过可解释和功能性去伪存真的对抗性表征学习来追踪 APT 的恶意软件作者身份验证方法

IF 3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-07-20 DOI: 10.1145/3669901

Weihan Ou, Steven H. H. Ding, Mohammad Zulkernine, Li Tao Li, Sarah Labrosse

{"title":"VeriBin: A Malware Authorship Verification Approach for APT Tracking through Explainable and Functionality-Debiasing Adversarial Representation Learning","authors":"Weihan Ou, Steven H. H. Ding, Mohammad Zulkernine, Li Tao Li, Sarah Labrosse","doi":"10.1145/3669901","DOIUrl":"https://doi.org/10.1145/3669901","url":null,"abstract":"Malware attacks are posing a significant threat to national security, cooperate network and public endpoint security. Identifying the Advanced Persistent Threat (APT) groups behind the attacks and grouping their activities into attack campaigns help security investigators trace their activities thus providing better security protections against future attacks. Existing Cyber Threat Intelligent (CTI) components mainly focus on malware family identification and behaviour characterization, which cannot solve the APT tracking problem: while APT tracking needs one to link malware binaries of multiple families to a single threat actor, these behavior or function-based techniques are tightened up to a specific attack technique and would fail on connecting different families. Binary Authorship Attribution (AA) solutions could discriminate against threat actors based on their stylometric traits. However, AA solutions assume that the author of a binary is within a fixed candidate author set. However, real-world malware binaries may be created by a new unknown threat actor.\u0000 To address this research gap, we propose VeriBin for the Binary Authorship Verification (BAV) problem. VeriBin is a novel adversarial neural network that extracts functionality-agnostic style representations from assembly code for the AV task. The extracted style representations can be visualized and are explainable with VeriBin’s multi-head attention mechanism. We benchmark VeriBin with state-of-the-art coding style representations on a standard dataset and a recent malware-APT dataset. Given two anonymous binaries of out-of-sample authors, VeriBin can accurately determine whether they belong to the same author or not. VeriBin is resilient to compiler optimizations and robust against malware family variants.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":3.0,"publicationDate":"2024-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141820212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

CBAs: Character-level Backdoor Attacks against Chinese Pre-trained Language Models CBAs：针对中文预训练语言模型的字符级后门攻击

IF 3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-07-12 DOI: 10.1145/3678007

Xinyu He, Fengrui Hao, Tianlong Gu, Liang Chang

{"title":"CBAs: Character-level Backdoor Attacks against Chinese Pre-trained Language Models","authors":"Xinyu He, Fengrui Hao, Tianlong Gu, Liang Chang","doi":"10.1145/3678007","DOIUrl":"https://doi.org/10.1145/3678007","url":null,"abstract":"The pre-trained language models (PLMs) aim to assist computers in various domains to provide natural and efficient language interaction and text processing capabilities. However, recent studies have shown that PLMs are highly vulnerable to malicious backdoor attacks, where triggers could be injected into the models to guide them to exhibit the expected behavior of the attackers. Unfortunately, existing researches on backdoor attacks have mainly focused on English PLMs, but paid less attention to the Chinese PLMs. Moreover, these extant backdoor attacks don’t work well against Chinese PLMs. In this paper, we disclose the limitations of English backdoor attacks against Chinese PLMs, and propose the character-level backdoor attacks (CBAs) against the Chinese PLMs. Specifically, we first design three Chinese trigger generation strategies to ensure the backdoor being effectively triggered while improving the effectiveness of the backdoor attacks. Then, based on the attacker’s capabilities of accessing the training dataset, we develop trigger injection mechanisms with either the target label similarity or the masked language model, which select the most influential position and insert the trigger to maximize the stealth of backdoor attacks. Extensive experiments on three major natural language processing tasks in various Chinese PLMs and English PLMs demonstrate the effectiveness and stealthiness of our method. Besides, CBAs also have very strong resistance against three state-of-the-art backdoor defense methods.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":3.0,"publicationDate":"2024-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141654574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

PEBASI: A Privacy preserving, Efficient Biometric Authentication Scheme based on Irises PEBASI：基于虹膜的隐私保护、高效生物识别身份验证方案

IF 3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-07-11 DOI: 10.1145/3677017

Hasini Gunasinghe, Mikhail Atallah, Elisa Bertino

引用次数: 0

ZPredict: ML-Based IPID Side-channel Measurements ZPredict：基于 ML 的 IPID 侧信道测量

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-06-20 DOI: 10.1145/3672560

Haya Schulmann, Shujie Zhao

{"title":"ZPredict: ML-Based IPID Side-channel Measurements","authors":"Haya Schulmann, Shujie Zhao","doi":"10.1145/3672560","DOIUrl":"https://doi.org/10.1145/3672560","url":null,"abstract":"Network reconnaissance and measurements play a central role in improving Internet security and are important for understanding the current deployments and trends. Such measurements often require coordination with the measured target. This limits the scalability and the coverage of the existing proposals. IP Identification (IPID) provides a side channel for remote measurements without requiring the targets to install agents or visit the measurement infrastructure. However, current IPID-based techniques have technical limitations due to their reliance on the idealistic assumption of stable IPID changes or prior knowledge, making them challenging to adopt for practical measurements. In this work, we aim to tackle the limitations of existing techniques by introducing a novel approach: predictive analysis of IPID counter behavior. This involves utilizing a machine learning (ML) model to understand the historical patterns of IPID counter changes and predict future IPID values. To validate our approach, we implement six ML models and evaluate them on realistic IPID data collected from 4,698 Internet sources. Our evaluations demonstrate that among the six models, the GP (Gaussian Process) model has superior accuracy in tracking and predicting IPID values. Using the GP-based predictive analysis, we implement a tool, called ZPredict, to infer various favorable information about target networks or servers. Our evaluation on a large dataset of public servers demonstrates its effectiveness in idle port scanning, measuring Russian censorship, and inferring Source Address Validation (SAV). Our study methodology is ethical and was developed to mitigate any potential harm, taking into account the concerns associated with measurements.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2024-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ZTA-IoT: A Novel Architecture for Zero-Trust in IoT Systems and an Ensuing Usage Control Model ZTA-IoT：物联网系统零信任的新型架构及随之而来的使用控制模型

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-06-17 DOI: 10.1145/3671147

Safwa Ameer, Lopamudra Praharaj, Ravi Sandhu, Smriti Bhatt, Maanak Gupta

{"title":"ZTA-IoT: A Novel Architecture for Zero-Trust in IoT Systems and an Ensuing Usage Control Model","authors":"Safwa Ameer, Lopamudra Praharaj, Ravi Sandhu, Smriti Bhatt, Maanak Gupta","doi":"10.1145/3671147","DOIUrl":"https://doi.org/10.1145/3671147","url":null,"abstract":"Recently, several researchers motivated the need to integrate Zero Trust (ZT) principles when designing and implementing authentication and authorization systems for IoT. An integrated Zero Trust IoT system comprises the network infrastructure (physical and virtual) and operational policies in place for IoT as a product of a ZT architecture plan. This paper proposes a novel Zero Trust architecture for IoT systems called ZTA-IoT. Additionally, based on different types of interactions between various layers and components in this architecture, we present ZTA-IoT-ACF, an access control framework that recognizes different interactions that need to be controlled in IoT systems. Within this framework, the paper then refines its focus to object-level interactions, i.e., interactions where the target resource is a device (equivalently a thing) or an information file generated or stored by a device. Building on the recently proposed Zero Trust score-based authorization framework (ZT-SAF) we develop the object-level Zero Trust score-based authorization framework for IoT systems, denoted as ZTA-IoT-OL-SAF, to govern access requests in this context. With this machinery in place, we finally develop a novel usage control model for users-to-objects and devices-to-objects interactions, denoted as UCONIoT. We give formal definitions, illustrative use cases, and a proof-of-concept implementation of UCONIoT. This paper is a first step toward establishing a rigorous formally-defined score-based access control framework for Zero Trust IoT systems.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2024-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141529973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Security Analysis of the Consumer Remote SIM Provisioning Protocol 消费者远程 SIM 卡供应协议的安全分析

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-05-06 DOI: 10.1145/3663761

Abu Shohel Ahmed, Aleksi Peltonen, Mohit Sethi, Tuomas Aura

{"title":"Security Analysis of the Consumer Remote SIM Provisioning Protocol","authors":"Abu Shohel Ahmed, Aleksi Peltonen, Mohit Sethi, Tuomas Aura","doi":"10.1145/3663761","DOIUrl":"https://doi.org/10.1145/3663761","url":null,"abstract":"Remote SIM provisioning (RSP) for consumer devices is the protocol specified by the GSM Association for downloading SIM profiles into a secure element in a mobile device. The process is commonly known as eSIM, and it is expected to replace removable SIM cards. The security of the protocol is critical because the profile includes the credentials with which the mobile device will authenticate to the mobile network. In this paper, we present a formal security analysis of the consumer RSP protocol. We model the multi-party protocol in applied pi calculus, define formal security goals, and verify them in ProVerif. The analysis shows that the consumer RSP protocol protects against a network adversary when all the intended participants are honest. However, we also model the protocol in realistic partial compromise scenarios where the adversary controls a legitimate participant or communication channel. The security failures in the partial compromise scenarios reveal weaknesses in the protocol design. The most important observation is that the security of RSP depends unnecessarily on it being encapsulated in a TLS tunnel. Also, the lack of pre-established identifiers means that a compromised download server anywhere in the world or a compromised secure element can be used for attacks against RSP between honest participants. Additionally, the lack of reliable methods for verifying user intent can lead to serious security failures. Based on the findings, we recommend practical improvements to RSP implementations, future versions of the specification, and mobile operator processes to increase the robustness of eSIM security.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2024-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140884538","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

X-squatter: AI Multilingual Generation of Cross-Language Sound-squatting X-squatter：人工智能多语种生成跨语言 "呷呷 "声

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-05-06 DOI: 10.1145/3663569

Rodolfo Vieira Valentim, Idilio Drago, Marco Mellia, Federico Cerutti

{"title":"X-squatter: AI Multilingual Generation of Cross-Language Sound-squatting","authors":"Rodolfo Vieira Valentim, Idilio Drago, Marco Mellia, Federico Cerutti","doi":"10.1145/3663569","DOIUrl":"https://doi.org/10.1145/3663569","url":null,"abstract":"Sound-squatting is a squatting technique that exploits similarities in word pronunciation to trick users into accessing malicious resources. It is an understudied threat that has gained traction with the popularity of smart speakers and audio-only content, such as podcasts. The picture gets even more complex when multiple languages are involved. We here introduce X-squatter, a multi- and cross-language AI-based system that relies on a Transformer Neural Network for generating high-quality sound-squatting candidates. We illustrate the use of X-squatter by searching for domain name squatting abuse across hundreds of millions of issued TLS certificates, alongside other squatting types. Key findings unveil that approximately 15% of generated sound-squatting candidates have associated TLS certificates, well above the prevalence of other squatting types (7%). Furthermore, we employ X-squatter to assess the potential for abuse in PyPI packages, revealing the existence of hundreds of candidates within a three-year package history. Notably, our results suggest that the current platform checks cannot handle sound-squatting attacks, calling for better countermeasures. We believe X-squatter uncovers the usage of multilingual sound-squatting phenomenon on the Internet and it is a crucial asset for proactive protection against the threat.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2024-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140884684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Toward Robust ASR System against Audio Adversarial Examples using Agitated Logit 利用激动 Logit 实现针对音频对抗性示例的鲁棒 ASR 系统

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2024-04-26 DOI: 10.1145/3661822

Namgyu Park, Jong Kim

{"title":"Toward Robust ASR System against Audio Adversarial Examples using Agitated Logit","authors":"Namgyu Park, Jong Kim","doi":"10.1145/3661822","DOIUrl":"https://doi.org/10.1145/3661822","url":null,"abstract":"Automatic speech recognition (ASR) systems are vulnerable to audio adversarial examples, which aim to deceive ASR systems by adding perturbations to benign speech signals. These audio adversarial examples appear indistinguishable from benign audio waves, but the ASR system decodes them as intentional malicious commands. Previous studies have demonstrated the feasibility of such attacks in simulated environments (over-line) and have further showcased the creation of robust physical audio adversarial examples (over-air). Various defense techniques have been proposed to counter these attacks. However, most of them have either failed to handle various types of attacks effectively or have resulted in significant time overhead. In this paper, we propose a novel method for detecting audio adversarial examples. Our approach involves feeding both smoothed audio and original audio inputs into the ASR system. Subsequently, we introduce noise to the logits before providing them to the decoder of the ASR. We demonstrate that carefully selected noise can considerably influence the transcription results of audio adversarial examples while having minimal impact on the transcription of benign audio waves. Leveraging this characteristic, we detect audio adversarial examples by comparing the altered transcription, resulting from logit noising, with the original transcription. The proposed method can be easily applied to ASR systems without requiring any structural modifications or additional training. Experimental results indicate that the proposed method exhibits robustness against both over-line and over-air audio adversarial examples, outperforming state-of-the-art detection methods.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2024-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140800483","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0