We gratefully acknowledge support from
the Simons Foundation and member institutions.

Cryptography and Security

New submissions

[ total of 21 entries: 1-21 ]
[ showing up to 2000 entries per page: fewer | more ]

New submissions for Fri, 21 Jan 22

[1]  arXiv:2201.07793 [pdf]
Title: On Using Blockchains for Beyond Visual Line of Sight (BVLOS) Drones Operation: An Architectural Study
Comments: 10 pages, 4 figures, HiPEAC'22
Subjects: Cryptography and Security (cs.CR); Distributed, Parallel, and Cluster Computing (cs.DC); Software Engineering (cs.SE)

Beyond Visual Line of Sight operation enables drones to surpass the limits imposed by the reach and constraints of their operator's eyes. It extends their range and, as such, productivity, and profitability. Drones operating BVLOS include a variety of highly sensitive assets and information that could be subject to unintentional or intentional security vulnerabilities. As a solution, blockchain-based services could enable secure and trustworthy exchange and storage of related data. They also allow for traceability of exchanges and perform synchronization with other nodes in the network. However, most of the blockchain-based approaches focus on the network and the protocol aspects of drone systems. Few studies focus on the architectural level of on-chip compute platforms of drones. Based on this observation, the contribution of this paper is twofold: (1) a generic blockchain-based service architecture for on-chip compute platforms of drones, and (2) a concrete example realization of the proposed generic architecture.

[2]  arXiv:2201.07920 [pdf, other]
Title: Shades of Finality and Layer 2 Scaling
Authors: Bennet Yee (1), Dawn Song (1), Patrick McCorry (2), Chris Buckland (2) ((1) Oasis Labs, (2) Infura)
Comments: 14 pages
Subjects: Cryptography and Security (cs.CR)

Blockchains combine a distributed append-only log with a virtual machine that defines how log entries are interpreted. By viewing transactions as state transformation functions for the virtual machine, we separate the naming of a state from the computation of its value and reaching consensus on that value. This distinction allows us to separate the notion of transaction order finality from state value finality. Further consideration of how blockchain governance handles catastrophic failures such as zero day exploits leads us to the notion of checkpoint finality.
Consensus on the transaction order determines the ground truth. Everything else -- computing the value of a state or handling catastrophic failures such as bugs / zero-day based attacks -- are just optimizations.

[3]  arXiv:2201.07946 [pdf, other]
Title: Babylon: Reusing Bitcoin Mining to Enhance Proof-of-Stake Security
Comments: 26 pages, 10 figures
Subjects: Cryptography and Security (cs.CR)

Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners, but consumes huge amount of energy. Proof-of-Stake chains are energy-efficient, have fast finality and accountability, but face several fundamental security issues: susceptibility to non-slashable long-range safety attacks, non-slashable transaction censorship and stalling attacks and difficulty to bootstrap new PoS chains from low token valuation. We propose Babylon, a blockchain platform which combines the best of both worlds by reusing the immense Bitcoin hash power to enhance the security of PoS chains. Babylon provides a data-available timestamping service, securing PoS chains by allowing them to timestamp data-available block checkpoints, fraud proofs and censored transactions on Babylon. Babylon miners merge mine with Bitcoin and thus the platform has zero additional energy cost. The security of a Babylon-enhanced PoS protocol is formalized by a cryptoeconomic security theorem which shows slashable safety and liveness guarantees.

[4]  arXiv:2201.07954 [pdf, other]
Title: Effective Anomaly Detection in Smart Home by Integrating Event Time Intervals
Subjects: Cryptography and Security (cs.CR); Networking and Internet Architecture (cs.NI)

Smart home IoT systems and devices are susceptible to attacks and malfunctions. As a result, users' concerns about their security and safety issues arise along with the prevalence of smart home deployments. In a smart home, various anomalies (such as fire or flooding) could happen, due to cyber attacks, device malfunctions, or human mistakes. These concerns motivate researchers to propose various anomaly detection approaches. Existing works on smart home anomaly detection focus on checking the sequence of IoT devices' events but leave out the temporal information of events. This limitation prevents them to detect anomalies that cause delay rather than missing/injecting events. To fill this gap, in this paper, we propose a novel anomaly detection method that takes the inter-event intervals into consideration. We propose an innovative metric to quantify the temporal similarity between two event sequences. We design a mechanism to learn the temporal patterns of event sequences of common daily activities. Delay-caused anomalies are detected by comparing the sequence with the learned patterns. We collect device events from a real-world testbed for training and testing. The experiment results show that our proposed method achieves accuracies of 93%, 88%, 89% for three daily activities.

[5]  arXiv:2201.07959 [pdf, other]
Title: APIRO: A Framework for Automated Security Tools API Recommendation
Subjects: Cryptography and Security (cs.CR); Software Engineering (cs.SE)

Security Orchestration, Automation, and Response (SOAR) platforms integrate and orchestrate a wide variety of security tools to accelerate the operational activities of Security Operation Center (SOC). Integration of security tools in a SOAR platform is mostly done manually using APIs, plugins, and scripts. SOC teams need to navigate through API calls of different security tools to find a suitable API to define or update an incident response action. Analyzing various types of API documentation with diverse API format and presentation structure involves significant challenges such as data availability, data heterogeneity, and semantic variation for automatic identification of security tool APIs specific to a particular task. Given these challenges can have negative impact on SOC team's ability to handle security incident effectively and efficiently, we consider it important to devise suitable automated support solutions to address these challenges. We propose a novel learning-based framework for automated security tool API Recommendation for security Orchestration, automation, and response, APIRO. To mitigate data availability constraint, APIRO enriches security tool API description by applying a wide variety of data augmentation techniques. To learn data heterogeneity of the security tools and semantic variation in API descriptions, APIRO consists of an API-specific word embedding model and a Convolutional Neural Network (CNN) model that are used for prediction of top 3 relevant APIs for a task. We experimentally demonstrate the effectiveness of APIRO in recommending APIs for different tasks using 3 security tools and 36 augmentation techniques. Our experimental results demonstrate the feasibility of APIRO for achieving 91.9% Top-1 Accuracy.

[6]  arXiv:2201.07964 [pdf]
Title: A Systematic Literature Review of Blockchain Technology Adoption in Bangladesh
Journal-ref: Annals of Emerging Technologies in Computing (AETiC), Print ISSN: 2516-0281, Online ISSN: 2516-029X, pp. 1-30, Vol. 6, No. 1, 1st January 2022, Published by International Association of Educators and Researchers (IAER)
Subjects: Cryptography and Security (cs.CR); Computers and Society (cs.CY)

The spirit of "blockchain technology" is a distributed database in which saved data is transparent, accountable, public, immutable, and traceable. This base-level disruptive technology can boost the security and privacy-related efficiency of various domains. As Bangladesh is currently aiming for sustainable development, blockchain technology adoption by local researchers is growing robustly. However, in Bangladesh, the blockchain Technology Acceptance Model (TAM) is not yet well structured which is also limiting the perspective of local developers and researchers. Therefore, sectors like governance, healthcare, security, privacy, farming, information authentication, cryptocurrencies, internet architecture, data, and so on are unable to utilize the full potential of this technology. In this research, the authors conduct an in-depth review of such types of blockchain technology-related research articles that have been published recently and are also solely focused on Bangladesh. From 5 publishers (IEEE Xplore, ACM, ScienceDirect, Taylor & Francis, and SpringerLink) this study analyses 70 articles published during the year 2016-2020. The study results find the top 13 sectors where Bangladeshi researchers are currently focusing on. Those studies identify that the rigid policy by the government, scarcity of expert researchers, and lack of resources are the main reasons why Bangladesh is still struggling to accommodate blockchain extensively. In addition, published papers are mostly based on theoretical concepts without an appropriate implementation. Finally, this study will be a great resource to the developers, entrepreneurs, and technology enthusiasts to determine the strategic plan for adopting blockchain technology in Bangladesh or even in any other developing country.

[7]  arXiv:2201.08052 [pdf, other]
Title: Adversarial Jamming for a More Effective Constellation Attack
Comments: 3 pages, 2 figures, published in The 13th International Symposium on Antennas, Propagation and EM Theory (ISAPE 2021)
Subjects: Cryptography and Security (cs.CR); Signal Processing (eess.SP)

The common jamming mode in wireless communication is band barrage jamming, which is controllable and difficult to resist. Although this method is simple to implement, it is obviously not the best jamming waveform. Therefore, based on the idea of adversarial examples, we propose the adversarial jamming waveform, which can independently optimize and find the best jamming waveform. We attack QAM with adversarial jamming and find that the optimal jamming waveform is equivalent to the amplitude and phase between the nearest constellation points. Furthermore, by verifying the jamming performance on a hardware platform, it is shown that our method significantly improves the bit error rate compared to other methods.

[8]  arXiv:2201.08120 [pdf, other]
Title: Survey on Privacy-Preserving Techniques for Data Publishing
Comments: 35 pages, 3 figures, 5 tables
Subjects: Cryptography and Security (cs.CR)

The exponential growth of collected, processed, and shared microdata has given rise to concerns about individuals' privacy. As a result, laws and regulations have emerged to control what organisations do with microdata and how they protect it. Statistical Disclosure Control seeks to reduce the risk of confidential information disclosure by de-identifying them. Such de-identification is guaranteed through privacy-preserving techniques. However, de-identified data usually results in loss of information, with a possible impact on data analysis precision and model predictive performance. The main goal is to protect the individuals' privacy while maintaining the interpretability of the data, i.e. its usefulness. Statistical Disclosure Control is an area that is expanding and needs to be explored since there is still no solution that guarantees optimal privacy and utility. This survey focuses on all steps of the de-identification process. We present existing privacy-preserving techniques used in microdata de-identification, privacy measures suitable for several disclosure types and, information loss and predictive performance measures. In this survey, we discuss the main challenges raised by privacy constraints, describe the main approaches to handle these obstacles, review taxonomies of privacy-preserving techniques, provide a theoretical analysis of existing comparative studies, and raise multiple open issues.

[9]  arXiv:2201.08126 [pdf]
Title: Reversible Data Hiding in Encrypted Images by Lossless Pixel Conversion
Comments: Submitted to IEEE TDSC
Subjects: Cryptography and Security (cs.CR)

Reversible data hiding in encrypted image (RDHEI) becomes a hot topic, and a lot of algorithms have been proposed to optimize this technology. However, these algorithms cannot achieve strong embedding capacity. Thus, in this paper, we propose an advanced RDHEI scheme based on lossless pixel conversion (LPC). Different from the previous RDHEI algorithms, LPC is inspired by the planar map coloring question, and it performs a dynamic image division process to divide the original image into irregular regions instead of regular blocks as in the previous RDHEI algorithms. In the process of LPC, pixel conversion is performed by region; that is, pixels in the same regions are converted to the same conversion values, which will occupy a smaller size, and then the available room can be reserved to accommodate additional data. LPC is a reversible process, so the original image can be losslessly recovered on the receiver side. Experimental results show that the embedding capacity of the proposed scheme outperforms the existing RDHEI algorithms.

[10]  arXiv:2201.08133 [pdf, ps, other]
Title: CoAvoid: Secure, Privacy-Preserved Tracing of Contacts for Infectious Diseases
Subjects: Cryptography and Security (cs.CR); Computers and Society (cs.CY)

To fight against infectious diseases (e.g., SARS, COVID-19, Ebola, etc.), government agencies, technology companies and health institutes have launched various contact tracing approaches to identify and notify the people exposed to infection sources. However, existing tracing approaches can lead to severe privacy and security concerns, thereby preventing their secure and widespread use among communities. To tackle these problems, this paper proposes CoAvoid, a decentralized, privacy-preserved contact tracing system that features good dependability and usability. CoAvoid leverages the Google/Apple Exposure Notification (GAEN) API to achieve decent device compatibility and operating efficiency. It utilizes GPS along with Bluetooth Low Energy (BLE) to dependably verify user information. In addition, to enhance privacy protection, CoAvoid applies fuzzification and obfuscation measures to shelter sensitive data, making both servers and users agnostic to information of both low and high-risk populations. The evaluation demonstrates good efficacy and security of CoAvoid. Compared with four state-of-art contact tracing applications, CoAvoid can reduce upload data by at least 90% and simultaneously resist wormhole and replay attacks in various scenarios.

[11]  arXiv:2201.08135 [pdf, other]
Title: Survey on Federated Learning Threats: concepts, taxonomy on attacks and defences, experimental study and challenges
Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI); Machine Learning (cs.LG)

Federated learning is a machine learning paradigm that emerges as a solution to the privacy-preservation demands in artificial intelligence. As machine learning, federated learning is threatened by adversarial attacks against the integrity of the learning model and the privacy of data via a distributed approach to tackle local and global learning. This weak point is exacerbated by the inaccessibility of data in federated learning, which makes harder the protection against adversarial attacks and evidences the need to furtherance the research on defence methods to make federated learning a real solution for safeguarding data privacy. In this paper, we present an extensive review of the threats of federated learning, as well as as their corresponding countermeasures, attacks versus defences. This survey provides a taxonomy of adversarial attacks and a taxonomy of defence methods that depict a general picture of this vulnerability of federated learning and how to overcome it. Likewise, we expound guidelines for selecting the most adequate defence method according to the category of the adversarial attack. Besides, we carry out an extensive experimental study from which we draw further conclusions about the behaviour of attacks and defences and the guidelines for selecting the most adequate defence method according to the category of the adversarial attack. This study is finished leading to meditated learned lessons and challenges.

[12]  arXiv:2201.08154 [pdf, other]
Title: NapierOne: A modern mixed file data set alternative to Govdocs1
Journal-ref: Forensic Science International: Digital Investigation, Volume 40, 2022, 301330, ISSN 2666-2817
Subjects: Cryptography and Security (cs.CR)

It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. A modern cybersecurity mixed file data set called NapierOne is presented, primarily aimed at, but not limited to, ransomware detection and forensic analysis research. NapierOne was designed to address this deficiency in reproducibility and improve consistency by facilitating research replication and repeatability. The methodology used in the creation of this data set is also described in detail. The data set was inspired by the Govdocs1 data set and it is intended that NapierOne be used as a complement to this original data set.
An investigation was performed with the goal of determining the common files types currently in use. No specific research was found that explicitly provided this information, so an alternative consensus approach was employed. This involved combining the findings from multiple sources of file type usage into an overall ranked list. After which 5000 real-world example files were gathered, and a specific data subset created, for each of the common file types identified. In some circumstances, multiple data subsets were created for a specific file type, each subset representing a specific characteristic for that file type. For example, there are multiple data subsets for the ZIP file type with each subset containing examples of a specific compression method. Ransomware execution tends to produce files that have high entropy, so examples of file types that naturally have this attribute are also present.

Cross-lists for Fri, 21 Jan 22

[13]  arXiv:2201.07936 (cross-list from cs.CY) [pdf, other]
Title: How Do Socio-Demographic Patterns Define Digital Privacy Divide?
Comments: 11 pages
Journal-ref: IEEE Access, 2022
Subjects: Computers and Society (cs.CY); Cryptography and Security (cs.CR)

Digital privacy has become an essential component of information and communications technology (ICT) systems. There are many existing methods for digital privacy protection, including network security, cryptography, and access control. However, there is still a gap in the digital privacy protection levels available for users. This paper studies the digital privacy divide (DPD) problem in ICT systems. First, we introduce an online DPD study for understanding the DPD problem by collecting responses from 776 ICT users using crowdsourcing task assignments. Second, we propose a factor analysis-based statistical method for generating the DPD index from a set of observable DPD question variables. In particular, the DPD index provides one scaled measure for the DPD gap by exploring the dimensionality of the eight questions in the DPD survey. Third, we introduce a DPD proportional odds model for analyzing the relationship between the DPD status and the socio-demographic patterns of the users. Our results show that the DPD survey meets the internal consistency reliability with rigorous statistical measures, e.g., Cronbach's $\alpha=0.92$. Furthermore, the DPD index is shown to capture the underlying communality of all DPD variables. Finally, the DPD proportional odds model indicates a strong statistical correlation between the DPD status and the age groups of the ICT users. For example, we find that young users (15-32 years) are generally more concerned about their digital privacy than senior ones (33 years and over).

[14]  arXiv:2201.08261 (cross-list from cs.IT) [pdf, ps, other]
Title: Optimization of a Reed-Solomon code-based protocol against blockchain data availability attacks
Subjects: Information Theory (cs.IT); Cryptography and Security (cs.CR)

ASBK (named after the authors' initials) is a recent blockchain protocol tackling data availability attacks against light nodes, employing two-dimensional Reed-Solomon codes to encode the list of transactions and a random sampling phase where adversaries are forced to reveal information. In its original formulation, only codes with rate $1/4$ are considered, and a theoretical analysis requiring computationally demanding formulas is provided. This makes ASBK difficult to optimize in situations of practical interest. In this paper, we introduce a much simpler model for such a protocol, which additionally supports the use of codes with arbitrary rate. This makes blockchains implementing ASBK much easier to design and optimize. Furthermore, disposing of a clearer view of the protocol, some general features and considerations can be derived (e.g., nodes behaviour in largely participated networks). As a concrete application of our analysis, we consider relevant blockchain parameters and find network settings that minimize the amount of data downloaded by light nodes. Our results show that the protocol benefits from the use of codes defined over large finite fields, with code rates that may be even significantly different from the originally proposed ones.

[15]  arXiv:2201.08378 (cross-list from cs.OS) [pdf, other]
Title: Adelie: Continuous Address Space Layout Re-randomization for Linux Drivers
Comments: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '22), February 28 - March 4, 2022, Lausanne, Switzerland
Subjects: Operating Systems (cs.OS); Cryptography and Security (cs.CR)

While address space layout randomization (ASLR) has been extensively studied for user-space programs, the corresponding OS kernel's KASLR support remains very limited, making the kernel vulnerable to just-in-time (JIT) return-oriented programming (ROP) attacks. Furthermore, commodity OSs such as Linux restrict their KASLR range to 32 bits due to architectural constraints (e.g., x86-64 only supports 32-bit immediate operands for most instructions), which makes them vulnerable to even unsophisticated brute-force ROP attacks due to low entropy. Most in-kernel pointers remain static, exacerbating the problem when pointers are leaked.
Adelie, our kernel defense mechanism, overcomes KASLR limitations, increases KASLR entropy, and makes successful ROP attacks on the Linux kernel much harder to achieve. First, Adelie enables the position-independent code (PIC) model so that the kernel and its modules can be placed anywhere in the 64-bit virtual address space, at any distance apart from each other. Second, Adelie implements stack re-randomization and address encryption on modules. Finally, Adelie enables efficient continuous KASLR for modules by using the PIC model to make it (almost) impossible to inject ROP gadgets through these modules regardless of gadget's origin.
Since device drivers (typically compiled as modules) are often developed by third parties and are typically less tested than core OS parts, they are also often more vulnerable. By fully re-randomizing device drivers, the last two contributions together prevent most JIT ROP attacks since vulnerable modules are very likely to be a starting point of an attack. Furthermore, some OS instances in virtualized environments are specifically designated to run device drivers, where drivers are the primary target of JIT ROP attacks. Our evaluation shows high efficiency of Adelie's approach.
[full abstract is in the paper]

Replacements for Fri, 21 Jan 22

[16]  arXiv:2107.12612 (replaced) [pdf, other]
Title: Poisoning Online Learning Filters: DDoS Attacks and Countermeasures
Subjects: Cryptography and Security (cs.CR)
[17]  arXiv:2201.04569 (replaced) [pdf, other]
Title: Get your Foes Fooled: Proximal Gradient Split Learning for Defense against Model Inversion Attacks on IoMT data
Comments: 9 pages, 5 figures, 2 tables
Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI); Computer Vision and Pattern Recognition (cs.CV)
[18]  arXiv:2201.07462 (replaced) [pdf, other]
Title: Leaving Your Things Unattended is No Joke! Memory Bus Snooping and Open Debug Interface Exploits
Comments: Accepted in IEEE PerCom Workshops 2022
Subjects: Cryptography and Security (cs.CR)
[19]  arXiv:2201.07537 (replaced) [pdf, other]
Title: Graph Neural Network-based Android Malware Classification with Jumping Knowledge
Comments: 9 pages, 5 figures
Subjects: Cryptography and Security (cs.CR); Machine Learning (cs.LG)
[20]  arXiv:2007.08911 (replaced) [pdf, other]
Title: Technologies for Trustworthy Machine Learning: A Survey in a Socio-Technical Context
Comments: We are updating some sections to include more recent advances
Subjects: Machine Learning (cs.LG); Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR); Computers and Society (cs.CY); Machine Learning (stat.ML)
[21]  arXiv:2103.08975 (replaced) [pdf, ps, other]
Title: Tight Bounds for Inverting Permutations via Compressed Oracle Arguments
Authors: Ansis Rosmanis
Comments: 39 pages, more details on the connection with the previous work
Subjects: Quantum Physics (quant-ph); Cryptography and Security (cs.CR)
[ total of 21 entries: 1-21 ]
[ showing up to 2000 entries per page: fewer | more ]

Disable MathJax (What is MathJax?)

Links to: arXiv, form interface, find, cs, recent, 2201, contact, help  (Access key information)