ACM Transactions on Privacy and Security最新文献_第10页

Privacy-preserving Decentralized Federated Learning over Time-varying Communication Graph 时变通信图上保护隐私的分散联邦学习

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-10-01 DOI: 10.1145/3591354

Yang Lu, Zhengxin Yu, N. Suri

引用次数: 4

A Solicitous Approach to Smart Contract Verification 智能合约验证的贴心方法

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-28 DOI: https://dl.acm.org/doi/10.1145/3564699

Rodrigo Otoni, Matteo Marescotti, Leonardo Alt, Patrick Eugster, Antti E. J. Hyvärinen, Natasha Sharygina

{"title":"A Solicitous Approach to Smart Contract Verification","authors":"Rodrigo Otoni, Matteo Marescotti, Leonardo Alt, Patrick Eugster, Antti E. J. Hyvärinen, Natasha Sharygina","doi":"https://dl.acm.org/doi/10.1145/3564699","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3564699","url":null,"abstract":"Smart contracts are tempting targets of attacks, since they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of US Dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general programming languages. A common feature of existing works in this area is the attempt to reuse off-the-shelf verification tools designed for general programming languages. This reuse can lead to inefficiency and potentially unsound results, since domain translation is required. In this paper we describe a carefully crafted approach that directly models the central aspects of smart contracts natively, going from the contract to its logical representation without intermediary steps. We use the expressive and highly automatable logic of constrained Horn clauses for modeling and we instantiate our approach to the Solidity language. A tool implementing our approach, called Solicitous, was developed and integrated into the SMTChecker module of the Solidity compiler solc. We evaluated our approach on an extensive benchmark set containing 22446 real-world smart contracts deployed on the Ethereum blockchain over a 27 months period. The results show that our approach is able to establish safety of significantly more contracts than comparable, publicly available verification tools, with an order of magnitude increase in the percentage of formally verified contracts.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"11 1","pages":""},"PeriodicalIF":2.3,"publicationDate":"2022-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138540617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Solicitous Approach to Smart Contract Verification 智能合约验证的一种吸引人的方法

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-28 DOI: 10.1145/3564699

Rodrigo Otoni, Matteo Marescotti, Leonardo S. Alt, P. Eugster, A. Hyvärinen, N. Sharygina

{"title":"A Solicitous Approach to Smart Contract Verification","authors":"Rodrigo Otoni, Matteo Marescotti, Leonardo S. Alt, P. Eugster, A. Hyvärinen, N. Sharygina","doi":"10.1145/3564699","DOIUrl":"https://doi.org/10.1145/3564699","url":null,"abstract":"Smart contracts are tempting targets of attacks, as they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general programming languages. A common feature of existing works in this area is the attempt to reuse off-the-shelf verification tools designed for general programming languages. This reuse can lead to inefficiency and potentially unsound results, as domain translation is required. In this article, we describe a carefully crafted approach that directly models the central aspects of smart contracts natively, going from the contract to its logical representation without intermediary steps. We use the expressive and highly automatable logic of constrained Horn clauses for modeling and instantiate our approach to the Solidity language. A tool implementing our approach, called Solicitous, was developed and integrated into the SMTChecker module of the Solidity compiler solc. We evaluated our approach on an extensive benchmark set containing 22,446 real-world smart contracts deployed on the Ethereum blockchain over a 27-month period. The results show that our approach is able to establish safety of significantly more contracts than comparable, publicly available verification tools, with an order of magnitude increase in the percentage of formally verified contracts.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":" ","pages":"1 - 28"},"PeriodicalIF":2.3,"publicationDate":"2022-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42255692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Time-Aware Anonymization of Knowledge Graphs 知识图谱的时间感知匿名化

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-23 DOI: https://dl.acm.org/doi/10.1145/3563694

Anh-Tu Hoang, Barbara Carminati, Elena Ferrari

{"title":"Time-Aware Anonymization of Knowledge Graphs","authors":"Anh-Tu Hoang, Barbara Carminati, Elena Ferrari","doi":"https://dl.acm.org/doi/10.1145/3563694","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3563694","url":null,"abstract":"Knowledge graphs (KGs) play an essential role in data sharing because they can model both users’ attributes and their relationships. KGs can tailor many data analyses, such as classification where a sensitive attribute is selected and the analyst analyzes the associations between users and the sensitive attribute’s values (aka sensitive values). Data providers anonymize their KGs and share the anonymized versions to protect users’ privacy. Unfortunately, an adversary can exploit these attributes and relationships to infer sensitive information by monitoring either one or many snapshots of a KG. To cope with this issue, in this paper, we introduce (k, l)-Sequential Attribute Degree ((k, l)-sad), an extension of the kw-tad principle[10], to ensure that sensitive values of re-identified users are diverse enough to prevent them from being inferred with a confidence higher than (frac{1}{l} ) even though adversaries monitor all published KGs. In addition, we develop the Time-Aware Knowledge Graph Anonymization Algorithm to anonymize KGs such that all published anonymized versions of a KG satisfy the (k, l)-sad principle, by, at the same time, preserving the utility of the anonymized data. We conduct experiments on four real-life datasets to show the effectiveness of our proposal and compare it with kw-tad.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"14 1","pages":""},"PeriodicalIF":2.3,"publicationDate":"2022-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138540620","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Time-Aware Anonymization of Knowledge Graphs 知识图谱的时间感知匿名化

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-23 DOI: 10.1145/3563694

A. Hoang, B. Carminati, E. Ferrari

{"title":"Time-Aware Anonymization of Knowledge Graphs","authors":"A. Hoang, B. Carminati, E. Ferrari","doi":"10.1145/3563694","DOIUrl":"https://doi.org/10.1145/3563694","url":null,"abstract":"Knowledge graphs (KGs) play an essential role in data sharing because they can model both users’ attributes and their relationships. KGs can tailor many data analyses, such as classification where a sensitive attribute is selected and the analyst analyzes the associations between users and the sensitive attribute’s values (aka sensitive values). Data providers anonymize their KGs and share the anonymized versions to protect users’ privacy. Unfortunately, an adversary can exploit these attributes and relationships to infer sensitive information by monitoring either one or many snapshots of a KG. To cope with this issue, in this paper, we introduce (k, l)-Sequential Attribute Degree ((k, l)-sad), an extension of the kw-tad principle[10], to ensure that sensitive values of re-identified users are diverse enough to prevent them from being inferred with a confidence higher than (frac{1}{l} ) even though adversaries monitor all published KGs. In addition, we develop the Time-Aware Knowledge Graph Anonymization Algorithm to anonymize KGs such that all published anonymized versions of a KG satisfy the (k, l)-sad principle, by, at the same time, preserving the utility of the anonymized data. We conduct experiments on four real-life datasets to show the effectiveness of our proposal and compare it with kw-tad.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"1 1","pages":""},"PeriodicalIF":2.3,"publicationDate":"2022-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47354739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

Security Best Practices: A Critical Analysis Using IoT as a Case Study 安全最佳实践:使用物联网作为案例研究的关键分析

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-15 DOI: https://dl.acm.org/doi/10.1145/3563392

David Barrera, Christopher Bellman, Paul C. van Oorschot

{"title":"Security Best Practices: A Critical Analysis Using IoT as a Case Study","authors":"David Barrera, Christopher Bellman, Paul C. van Oorschot","doi":"https://dl.acm.org/doi/10.1145/3563392","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3563392","url":null,"abstract":"Academic research has highlighted the failure of many Internet of Things (IoT) product manufacturers to follow accepted practices, while IoT security best practices have recently attracted considerable attention worldwide from industry and governments. Given current examples of security advice, confusion is evident from guidelines that conflate desired outcomes with security practices to achieve those outcomes. We explore a surprising lack of clarity, and void in the literature, on what (generically) best practice means, independent of identifying specific individual practices or highlighting failure to follow best practices. We consider categories of security advice, and analyze how they apply over the lifecycle of IoT devices. For concreteness in discussion, we use iterative inductive coding to code and systematically analyze a set of 1013 IoT security best practices, recommendations, and guidelines collated from industrial, government, and academic sources. Among our findings, of all analyzed items, 68% fail to meet our definition of an (actionable) practice, and 73% of all actionable advice relates to the software development lifecycle phase, highlighting the critical position of manufacturers and developers. We hope that our work provides a basis for the community to better understand best practices, identify and reach consensus on specific practices, and find ways to motivate relevant stakeholders to follow them.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"21 1","pages":""},"PeriodicalIF":2.3,"publicationDate":"2022-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138540615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ThermoSecure: Investigating the Effectiveness of AI-Driven Thermal Attacks on Commonly Used Computer Keyboards ThermoSecure：研究人工智能驱动的热攻击对常用计算机键盘的有效性

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-15 DOI: 10.1145/3563693

N. Alotaibi, John Williamson, M. Khamis

{"title":"ThermoSecure: Investigating the Effectiveness of AI-Driven Thermal Attacks on Commonly Used Computer Keyboards","authors":"N. Alotaibi, John Williamson, M. Khamis","doi":"10.1145/3563693","DOIUrl":"https://doi.org/10.1145/3563693","url":null,"abstract":"Thermal cameras can reveal heat traces on user interfaces, such as keyboards. This can be exploited maliciously to infer sensitive input, such as passwords. While previous work considered thermal attacks that rely on visual inspection of simple image processing techniques, we show that attackers can perform more effective artificial intelligence (AI)–driven attacks. We demonstrate this by presenting the development of ThermoSecure and its evaluation in two user studies (N = 21, N = 16), which reveal novel insights about thermal attacks. We detail the implementation of ThermoSecure and make a dataset of 1,500 thermal images of keyboards with heat traces resulting from input publicly available. Our first study shows that ThermoSecure successfully attacks 6-symbol, 8-symbol, 12-symbol, and 16-symbol passwords with an average accuracy of 92%, 80%, 71%, and 55% respectively, and even higher accuracy when thermal images are taken within 30 seconds. We found that typing behavior significantly impacts vulnerability to thermal attacks: hunt-and-peck typists are more vulnerable than fast typists (92% vs. 83% thermal attack success. respectively, if performed within 30 seconds). The second study showed that keycap material has a statistically significant effect on the effectiveness of thermal attacks: ABS keycaps retain the thermal trace of user presses for a longer period of time, making them more vulnerable to thermal attacks, with a 52% average attack accuracy compared with 14% for keyboards with PBT keycaps. Finally, we discuss how systems can leverage our results to protect from thermal attacks and present 7 mitigation approaches that are based on our results and previous work.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"149 ","pages":"1 - 24"},"PeriodicalIF":2.3,"publicationDate":"2022-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41310189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Assessment Framework for the Identification and Evaluation of Main Features for Distributed Usage Control Solutions 用于识别和评估分布式使用控制解决方案的主要特征的评估框架

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-09 DOI: 10.1145/3561511

Gonzalo Gil, A. Arnaiz, M. Higuero, F. J. Díez

{"title":"Assessment Framework for the Identification and Evaluation of Main Features for Distributed Usage Control Solutions","authors":"Gonzalo Gil, A. Arnaiz, M. Higuero, F. J. Díez","doi":"10.1145/3561511","DOIUrl":"https://doi.org/10.1145/3561511","url":null,"abstract":"Data exchange between organizations is becoming an increasingly significant issue due to the great opportunities it presents. However, there is great reluctance to share if data sovereignty is not provided. Providing it calls for not only access control but also usage control implemented in distributed systems. Access control is a research field where there has been a great deal of work, but usage control, especially implemented in distributed systems as Distributed Usage Control (DUC), is a very new field of research that presents great challenges. Moreover, little is known about what challenges must really be faced and how they must be addressed. This is evidenced by the fact that existing research has focused non-specifically on different features of DUC, which are not formalized. Therefore, the path for the development of DUC solutions is unclear and it is difficult to analyze the scope of data sovereignty attained by the wide range of DUC solutions. In this context, this article is based on an initial in-depth analysis of DUC related work. In it, the challenges posed by DUC in terms of data sovereignty and the features that must be provided to address them are identified and analyzed for the first time. Based on these features, an initial DUC framework is proposed to assess in a practical and unified way the extent to which DUC solutions provide data sovereignty. Finally, the assessment framework is applied to compare the scopes of the most widespread DUC solutions and identify their limitations.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"26 1","pages":"1 - 28"},"PeriodicalIF":2.3,"publicationDate":"2022-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41584871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Security Best Practices: A Critical Analysis Using IoT as a Case Study 安全最佳实践:使用物联网作为案例研究的关键分析

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-02 DOI: 10.1145/3563392

David Barrera, Christopher Bellman, P. V. van Oorschot

{"title":"Security Best Practices: A Critical Analysis Using IoT as a Case Study","authors":"David Barrera, Christopher Bellman, P. V. van Oorschot","doi":"10.1145/3563392","DOIUrl":"https://doi.org/10.1145/3563392","url":null,"abstract":"Academic research has highlighted the failure of many Internet of Things (IoT) product manufacturers to follow accepted practices, while IoT security best practices have recently attracted considerable attention worldwide from industry and governments. Given current examples of security advice, confusion is evident from guidelines that conflate desired outcomes with security practices to achieve those outcomes. We explore a surprising lack of clarity, and void in the literature, on what (generically) best practice means, independent of identifying specific individual practices or highlighting failure to follow best practices. We consider categories of security advice, and analyze how they apply over the lifecycle of IoT devices. For concreteness in discussion, we use iterative inductive coding to code and systematically analyze a set of 1,013 IoT security best practices, recommendations, and guidelines collated from industrial, government, and academic sources. Among our findings, of all analyzed items, 68% fail to meet our definition of an (actionable) practice, and 73% of all actionable advice relates to the software development lifecycle phase, highlighting the critical position of manufacturers and developers. We hope that our work provides a basis for the community to better understand best practices, identify and reach consensus on specific practices, and find ways to motivate relevant stakeholders to follow them.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"26 1","pages":"1 - 30"},"PeriodicalIF":2.3,"publicationDate":"2022-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41578596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Binsec/Rel: Symbolic Binary Analyzer for Security with Applications to Constant-Time and Secret-Erasure Binsec/Rel:用于安全的符号二进制分析器，用于恒定时间和秘密擦除

IF 2.3 4区计算机科学

ACM Transactions on Privacy and Security Pub Date : 2022-09-02 DOI: 10.1145/3563037

Lesly-Ann Daniel, Sébastien Bardin, Tamara Rezk

{"title":"Binsec/Rel: Symbolic Binary Analyzer for Security with Applications to Constant-Time and Secret-Erasure","authors":"Lesly-Ann Daniel, Sébastien Bardin, Tamara Rezk","doi":"10.1145/3563037","DOIUrl":"https://doi.org/10.1145/3563037","url":null,"abstract":"This article tackles the problem of designing efficient binary-level verification for a subset of information flow properties encompassing constant-time and secret-erasure. These properties are crucial for cryptographic implementations but are generally not preserved by compilers. Our proposal builds on relational symbolic execution enhanced with new optimizations dedicated to information flow and binary-level analysis, yielding a dramatic improvement over prior work based on symbolic execution. We implement a prototype, Binsec/Rel, for bug-finding and bounded-verification of constant-time and secret-erasure and perform extensive experiments on a set of 338 cryptographic implementations, demonstrating the benefits of our approach. Using Binsec/Rel, we also automate two prior manual studies on preservation of constant-time and secret-erasure by compilers for a total of 4,148 and 1,156 binaries, respectively. Interestingly, our analysis highlights incorrect usages of volatile data pointer for secret-erasure and shows that scrubbing mechanisms based on volatile function pointers can introduce additional register spilling that might break secret-erasure. We also discovered that gcc -O0 and backend passes of clang introduce violations of constant-time in implementations that were previously deemed secure by a state-of-the-art constant-time verification tool operating at LLVM level, showing the importance of reasoning at binary level.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"26 1","pages":"1 - 42"},"PeriodicalIF":2.3,"publicationDate":"2022-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42035739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5