Search

Your search keyword '"Sadeghi, Ahmad-Reza"' showing total 305 results
Start Over Author "Sadeghi, Ahmad-Reza" Language english
305 results on '"Sadeghi, Ahmad-Reza"'

1. To ChatGPT, or not to ChatGPT: That is the question!

Author

Pegoraro, Alessandro, Kumari, Kavita, Fereidooni, Hossein, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Artificial Intelligence (cs.AI), Computer Science - Computation and Language, Computer Science - Artificial Intelligence, Computation and Language (cs.CL), Machine Learning (cs.LG)
Abstract

ChatGPT has become a global sensation. As ChatGPT and other Large Language Models (LLMs) emerge, concerns of misusing them in various ways increase, such as disseminating fake news, plagiarism, manipulating public opinion, cheating, and fraud. Hence, distinguishing AI-generated from human-generated becomes increasingly essential. Researchers have proposed various detection methodologies, ranging from basic binary classifiers to more complex deep-learning models. Some detection techniques rely on statistical characteristics or syntactic patterns, while others incorporate semantic or contextual information to improve accuracy. The primary objective of this study is to provide a comprehensive and contemporary assessment of the most recent techniques in ChatGPT detection. Additionally, we evaluated other AI-generated text detection tools that do not specifically claim to detect ChatGPT-generated content to assess their performance in detecting ChatGPT-generated content. For our evaluation, we have curated a benchmark dataset consisting of prompts from ChatGPT and humans, including diverse questions from medical, open Q&A, and finance domains and user-generated responses from popular social networking platforms. The dataset serves as a reference to assess the performance of various techniques in detecting ChatGPT-generated content. Our evaluation results demonstrate that none of the existing methods can effectively detect ChatGPT-generated content.

Published
2023

2. Token-Based Cloud Computing : Secure Outsourcing of Data and Arbitrary Computations with Lower Latency

Author

Sadeghi, Ahmad-Reza, Schneider, Thomas, Winandy, Marcel, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Acquisti, Alessandro, editor, Smith, Sean W., editor, and Sadeghi, Ahmad-Reza, editor

Published
2010
Full Text
View/download PDF

4. Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M

Author

Saß, Marvin, Mitev, Richard, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Voltage Fault Injection (VFI), also known as power glitching, has proven to be a severe threat to real-world systems. In VFI attacks, the adversary disturbs the power-supply of the target-device forcing the device to illegitimate behavior. Various countermeasures have been proposed to address different types of fault injection attacks at different abstraction layers, either requiring to modify the underlying hardware or software/firmware at the machine instruction level. Moreover, only recently, individual chip manufacturers have started to respond to this threat by integrating countermeasures in their products. Generally, these countermeasures aim at protecting against single fault injection (SFI) attacks, since Multiple Fault Injection (MFI) is believed to be challenging and sometimes even impractical. In this paper, we present {\mu}-Glitch, the first Voltage Fault Injection (VFI) platform which is capable of injecting multiple, coordinated voltage faults into a target device, requiring only a single trigger signal. We provide a novel flow for Multiple Voltage Fault Injection (MVFI) attacks to significantly reduce the search complexity for fault parameters, as the search space increases exponentially with each additional fault injection. We evaluate and showcase the effectiveness and practicality of our attack platform on four real-world chips, featuring TrustZone-M: The first two have interdependent backchecking mechanisms, while the second two have additionally integrated countermeasures against fault injection. Our evaluation revealed that {\mu}-Glitch can successfully inject four consecutive faults within an average time of one day. Finally, we discuss potential countermeasures to mitigate VFI attacks and additionally propose two novel attack scenarios for MVFI.

Published
2023

5. AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms

Author

Fereidooni, Hossein, König, Jan, Rieger, Phillip, Chilese, Marco, Gökbakan, Bora, Finke, Moritz, Dmitrienko, Alexandra, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Mobile applications are widely used for online services sharing a large amount of personal data online. One-time authentication techniques such as passwords and physiological biometrics (e.g., fingerprint, face, and iris) have their own advantages but also disadvantages since they can be stolen or emulated, and do not prevent access to the underlying device, once it is unlocked. To address these challenges, complementary authentication systems based on behavioural biometrics have emerged. The goal is to continuously profile users based on their interaction with the mobile device. However, existing behavioural authentication schemes are not (i) user-agnostic meaning that they cannot dynamically handle changes in the user-base without model re-training, or (ii) do not scale well to authenticate millions of users. In this paper, we present AuthentiSense, a user-agnostic, scalable, and efficient behavioural biometrics authentication system that enables continuous authentication and utilizes only motion patterns (i.e., accelerometer, gyroscope and magnetometer data) while users interact with mobile apps. Our approach requires neither manually engineered features nor a significant amount of data for model training. We leverage a few-shot learning technique, called Siamese network, to authenticate users at a large scale. We perform a systematic measurement study and report the impact of the parameters such as interaction time needed for authentication and n-shot verification (comparison with enrollment samples) at the recognition stage. Remarkably, AuthentiSense achieves high accuracy of up to 97% in terms of F1-score even when evaluated in a few-shot fashion that requires only a few behaviour samples per user (3 shots). Our approach accurately authenticates users only after 1 second of user interaction. For AuthentiSense, we report a FAR and FRR of 0.023 and 0.057, respectively., 16 pages, 7 figures

Published
2023

6. BayBFed: Bayesian Backdoor Defense for Federated Learning

Author

Kumari, Kavita, Rieger, Phillip, Fereidooni, Hossein, Jadliwala, Murtuza, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Machine Learning (cs.LG)
Abstract

Federated learning (FL) allows participants to jointly train a machine learning model without sharing their private data with others. However, FL is vulnerable to poisoning attacks such as backdoor attacks. Consequently, a variety of defenses have recently been proposed, which have primarily utilized intermediary states of the global model (i.e., logits) or distance of the local models (i.e., L2-norm) from the global model to detect malicious backdoors. However, as these approaches directly operate on client updates, their effectiveness depends on factors such as clients' data distribution or the adversary's attack strategies. In this paper, we introduce a novel and more generic backdoor defense framework, called BayBFed, which proposes to utilize probability distributions over client updates to detect malicious updates in FL: it computes a probabilistic measure over the clients' updates to keep track of any adjustments made in the updates, and uses a novel detection algorithm that can leverage this probabilistic measure to efficiently detect and filter out malicious updates. Thus, it overcomes the shortcomings of previous approaches that arise due to the direct usage of client updates; as our probabilistic measure will include all aspects of the local client training strategies. BayBFed utilizes two Bayesian Non-Parametric extensions: (i) a Hierarchical Beta-Bernoulli process to draw a probabilistic measure given the clients' updates, and (ii) an adaptation of the Chinese Restaurant Process (CRP), referred by us as CRP-Jensen, which leverages this probabilistic measure to detect and filter out malicious updates. We extensively evaluate our defense approach on five benchmark datasets: CIFAR10, Reddit, IoT intrusion detection, MNIST, and FMNIST, and show that it can effectively detect and eliminate malicious updates in FL without deteriorating the benign performance of the global model.

Published
2023

7. Intelligent Security: Is 'AI for Cybersecurity' a Blessing or a Curse (Dagstuhl Seminar 22412)

Author

Mentens, Nele, Picek, Stjepan, and Sadeghi, Ahmad-Reza

Subjects
Machine Learning, Security and privacy → Cryptography, Cybersecurity, Computing methodologies → Artificial intelligence, Artificial Intelligence, Computer systems organization → Real-time systems, Security and privacy → Intrusion/anomaly detection and malware mitigation, Computing methodologies → Machine learning, Security and privacy → Systems security, Hardware Security, Explainability, Security and privacy → Security in hardware
Abstract

This report documents the outcomes of Dagstuhl Seminar 22412 "Intelligent Security: Is "AI for Cybersecurity" a Blessing or a Curse". The seminar brought together 25 attendees from 10 countries (Canada, Croatia, Czech Republic, France, Germany, Netherlands, Singapore, Sweden, Switzerland, and the USA). There were 17 male and 8 female participants. Three participants were from the industry, and the rest were from academia. The gathered researchers are actively working in the domains of artificial intelligence and cybersecurity, emphasizing hardware security, fuzzing, physical security, and network security. The seminar aims to foster sharing experiences and best practices between various cybersecurity applications and understand how and when certain approaches are transferable. The first two days were devoted to 20-minute self-introductions by participants to achieve these goals. At the end of the second day, we made a list of topics that were decided to be the focus of the seminar and that will be discussed in the groups in the next few days. On the third and fourth days, the work was conducted in four discussion groups where at the end of each day, all participants gathered to report the results from the discussion groups and to align the goals. On the last day, we again worked in one group to summarize the findings and foster networking among participants. A hike was organized in the afternoon of the third day. The seminar was a success. The participants actively participated in the working groups and the discussions and went home with new ideas and collaborators. This report gathers the abstracts of the presented talks and the conclusions from the discussion groups, which we consider relevant contributions toward better interdisciplinary research on artificial intelligence and cybersecurity., DagRep, Volume 12, Issue 10, pages 106-128

Published
2023
Full Text
View/download PDF

8. Softer Smartcards : Usable Cryptographic Tokens with Secure Execution

Author

Brasser, Franz Ferdinand, Bugiel, Sven, Filyanov, Atanas, Sadeghi, Ahmad-Reza, Schulz, Steffen, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Keromytis, Angelos D., editor

Published
2012
Full Text
View/download PDF

9. Twin Clouds: Secure Cloud Computing with Low Latency : (Full Version)

Author

Bugiel, Sven, Nürnberger, Stefan, Sadeghi, Ahmad-Reza, Schneider, Thomas, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, De Decker, Bart, editor, Lapon, Jorn, editor, Naessens, Vincent, editor, and Uhl, Andreas, editor

Published
2011
Full Text
View/download PDF

10. Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis

Author

Rieger, Phillip, Krauß, Torsten, Miettinen, Markus, Dmitrienko, Alexandra, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), Machine Learning (cs.LG)
Abstract

Federated Learning (FL) is a scheme for collaboratively training Deep Neural Networks (DNNs) with multiple data sources from different clients. Instead of sharing the data, each client trains the model locally, resulting in improved privacy. However, recently so-called targeted poisoning attacks have been proposed that allow individual clients to inject a backdoor into the trained model. Existing defenses against these backdoor attacks either rely on techniques like Differential Privacy to mitigate the backdoor, or analyze the weights of the individual models and apply outlier detection methods that restricts these defenses to certain data distributions. However, adding noise to the models' parameters or excluding benign outliers might also reduce the accuracy of the collaboratively trained model. Additionally, allowing the server to inspect the clients' models creates a privacy risk due to existing knowledge extraction methods. We propose CrowdGuard, a model filtering defense, that mitigates backdoor attacks by leveraging the clients' data to analyze the individual models before the aggregation. To prevent data leaks, the server sends the individual models to secure enclaves, running in client-located Trusted Execution Environments. To effectively distinguish benign and poisoned models, even if the data of different clients are not independently and identically distributed (non-IID), we introduce a novel metric called HLBIM to analyze the outputs of the DNN's hidden layers. We show that the applied significance-based detection algorithm combined can effectively detect poisoned models, even in non-IID scenarios. We show in our extensive evaluation that CrowdGuard can effectively mitigate targeted poisoning attacks and achieve in various scenarios a True-Positive-Rate of 100% and a True-Negative-Rate of 100%., Phillip Rieger and Torsten Krau{\ss} contributed equally to this contribution. 20 pages, 7 figures, 5 tables, 4 algorithms, 4 equations

Published
2022

11. POSE: Practical Off-chain Smart Contract Execution

Author

Frassetto, Tommaso, Jauernig, Patrick, Koisser, David, Kretzler, David, Schlosser, Benjamin, Faust, Sebastian, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Smart contracts enable users to execute payments depending on complex program logic. Ethereum is the most notable example of a blockchain that supports smart contracts leveraged for countless applications including games, auctions and financial products. Unfortunately, the traditional method of running contract code on-chain is very expensive, for instance, on the Ethereum platform, fees have dramatically increased, rendering the system unsuitable for complex applications. A prominent solution to address this problem is to execute code off-chain and only use the blockchain as a trust anchor. While there has been significant progress in developing off-chain systems over the last years, current off-chain solutions suffer from various drawbacks including costly blockchain interactions, lack of data privacy, huge capital costs from locked collateral, or supporting only a restricted set of applications. In this paper, we present POSE -- a practical off-chain protocol for smart contracts that addresses the aforementioned shortcomings of existing solutions. POSE leverages a pool of Trusted Execution Environments (TEEs) to execute the computation efficiently and to swiftly recover from accidental or malicious failures. We show that POSE provides strong security guarantees even if a large subset of parties is corrupted. We evaluate our proof-of-concept implementation with respect to its efficiency and effectiveness.

Published
2022

12. Garbled Circuits for Leakage-Resilience: Hardware Implementation and Evaluation of One-Time Programs : (Full Version)

Author

Järvinen, Kimmo, Kolesnikov, Vladimir, Sadeghi, Ahmad-Reza, Schneider, Thomas, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Mangard, Stefan, editor, and Standaert, François-Xavier, editor

Published
2010
Full Text
View/download PDF

14. Trusted Container Extensions for Container-based Confidential Computing

Author

Brasser, Ferdinand, Jauernig, Patrick, Pustelnik, Frederik, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Cloud computing has emerged as a corner stone of today's computing landscape. More and more customers who outsource their infrastructure benefit from the manageability, scalability and cost saving that come with cloud computing. Those benefits get amplified by the trend towards microservices. Instead of renting and maintaining full VMs, customers increasingly leverage container technologies, which come with a much more lightweight resource footprint while also removing the need to emulate complete systems and their devices. However, privacy concerns hamper many customers from moving to the cloud and leveraging its benefits. Furthermore, regulatory requirements prevent the adaption of cloud computing in many industries, such as health care or finance. Standard software isolation mechanisms have been proven to be insufficient if the host system is not fully trusted, e.g., when the cloud infrastructure gets compromised by malicious third-party actors. Consequently, confidential computing is gaining increasing relevance in the cloud computing field. We present Trusted Container Extensions (TCX), a novel container security architecture, which combines the manageability and agility of standard containers with the strong protection guarantees of hardware-enforced Trusted Execution Environments (TEEs) to enable confidential computing for container workloads. TCX provides significant performance advantages compared to existing approaches while protecting container workloads and the data processed by them. Our implementation, based on AMD Secure Encrypted Virtualization (SEV), ensures integrity and confidentiality of data and services during deployment, and allows secure interaction between protected containers as well as to external entities. Our evaluation shows that our implementation induces a low performance overhead of 5.77% on the standard SPEC2017 benchmark suite.

Published
2022

15. ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning

Author

Lutz, Oliver, Chen, Huili, Fereidooni, Hossein, Sendner, Christoph, Dmitrienko, Alexandra, Sadeghi, Ahmad Reza, and Koushanfar, Farinaz

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR), Machine Learning (cs.LG)
Abstract

Ethereum smart contracts are automated decentralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts can be and have already been exploited to gain enormous financial profits. It is thus an emerging yet crucial issue to detect vulnerabilities of different classes in contracts in an efficient manner. Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable, or train individual classifiers for each specific vulnerability, or demonstrate multi-class vulnerability detection without extensibility consideration. To overcome the scalability and generalization limitations of existing works, we propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for Ethereum smart contracts that support lightweight transfer learning on unseen security vulnerabilities, thus is extensible and generalizable. ESCORT leverages a multi-output NN architecture that consists of two parts: (i) A common feature extractor that learns the semantics of the input contract; (ii) Multiple branch structures where each branch learns a specific vulnerability type based on features obtained from the feature extractor. Experimental results show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract. When extended to new vulnerability types, ESCORT yields an average F1-score of 93%. To the best of our knowledge, ESCORT is the first framework that enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead., 17 pages, 10 figures, 5 tables, 5 equations, 2 listings

Published
2021

16. Contact Tracing by Giant Data Collectors: Opening Pandora's Box of Threats to Privacy, Sovereignty and National Security

Author

Boutet, Antoine, Castelluccia, Claude, Cunche, Mathieu, Dmitrienko, Alexandra, Iovino, Vincenzo, Miettinen, Markus, Nguyen, Thien, Roca, Vincent, Sadeghi, Ahmad-Reza, Vaudenay, Serge, Visconti, Ivan, Vuagnoux, Martin, Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Julius-Maximilians-Universität Würzburg [Wurtzbourg, Allemagne] (JMU), Università degli Studi di Salerno (UNISA), Technical University Darmstadt (TU), Ecole Polytechnique Fédérale de Lausanne (EPFL), base23, EPFL, Switzerland, Inria, France, JMU Würzburg, Germany, University of Salerno, Italy, base23, Geneva, Switzerland, Technical University of Darmstadt, Germany, Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Julius-Maximilians-Universität Würzburg (JMU), Università degli Studi di Salerno = University of Salerno (UNISA), and Technische Universität Darmstadt - Technical University of Darmstadt (TU Darmstadt)

Subjects
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Abstract

Many countries have introduced digital contact tracing apps to fight the COVID-19 pandemic. Such apps help to identify contacts between potentially infectious persons automatically and thus bear the promise of reducing the burden on manual contact tracers and increase tracing accuracy in situations in which people have difficulties identifying with whom they have been in contact. A number of different proposals for digital contact tracing systems have been made or deployed, ranging from heavily centralized to completely decentralized approaches, each with its own advantages and disadvantages in terms of tracing effectiveness and impact on user privacy. During the phase of highly dynamic evolution of these approaches, surprisingly, Google and Apple established an unprecedented friendship and agreed on a very special scheme for contact tracing, realizing this in the form of an API called GAEN that they quickly integrated into their mobile operating systems. A multitude of nationally rolled out tracing apps are now based on the GAEN approach. In this paper, we revisit such apps and the GAEN API on which they are built. In particular, we point out a number of very problematic aspects and threats that the GAEN approach creates through its security and privacy weaknesses but also through the threats that it poses on technological sovereignty and the public health system.

Published
2020

19. Privacy-preserving speech processing via STPC and TEEs

Author

Bayerl, Sebastian P, Brasser, Ferdinand, Busch, Christoph, Frassetto, Tommaso, Jauernig, Patrick, Kolberg, Jascha, Nautsch, Andreas, Riedhammer, Korbinian, Sadeghi, Ahmad-Reza, Schneider, Thomas, Stapf, Emmanuel, Treiber, Amos, Weinert, Christian, Bayerl, Sebastian P, Brasser, Ferdinand, Busch, Christoph, Frassetto, Tommaso, Jauernig, Patrick, Kolberg, Jascha, Nautsch, Andreas, Riedhammer, Korbinian, Sadeghi, Ahmad-Reza, Schneider, Thomas, Stapf, Emmanuel, Treiber, Amos, and Weinert, Christian

Published
2019

20. CURE: A Security Architecture with CUstomizable and Resilient Enclaves

Author

Bahmani, Raad, Brasser, Ferdinand, Dessouky, Ghada, Jauernig, Patrick, Klimmek, Matthias, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Security architectures providing Trusted Execution Environments (TEEs) have been an appealing research subject for a wide range of computer systems, from low-end embedded devices to powerful cloud servers. The goal of these architectures is to protect sensitive services in isolated execution contexts, called enclaves. Unfortunately, existing TEE solutions suffer from significant design shortcomings. First, they follow a one-size-fits-all approach offering only a single enclave type, however, different services need flexible enclaves that can adjust to their demands. Second, they cannot efficiently support emerging applications (e.g., Machine Learning as a Service), which require secure channels to peripherals (e.g., accelerators), or the computational power of multiple cores. Third, their protection against cache side-channel attacks is either an afterthought or impractical, i.e., no fine-grained mapping between cache resources and individual enclaves is provided. In this work, we propose CURE, the first security architecture, which tackles these design challenges by providing different types of enclaves: (i) sub-space enclaves provide vertical isolation at all execution privilege levels, (ii) user-space enclaves provide isolated execution to unprivileged applications, and (iii) self-contained enclaves allow isolated execution environments that span multiple privilege levels. Moreover, CURE enables the exclusive assignment of system resources, e.g., peripherals, CPU cores, or cache resources to single enclaves. CURE requires minimal hardware changes while significantly improving the state of the art of hardware-assisted security architectures. We implemented CURE on a RISC-V-based SoC and thoroughly evaluated our prototype in terms of hardware and performance overhead. CURE imposes a geometric mean performance overhead of 15.33% on standard benchmarks., Accepted to be published in the proceedings of the 30th USENIX Security Symposium (USENIX Security '21 )

Published
2020

24. Sustainable security & safety

Author

Paverd, Andrew, Völp, Marcus, Brasser, Ferdinand, Schunter, Matthias, Asokan, N., Sadeghi, Ahmad Reza, Esteves-Veríssimo, Paulo, Steininger, Andreas, Holz, Thorsten, Asplund, Mikael, Paulitsch, Michael, Microsoft USA, University of Luxembourg, Technische Universität Darmstadt, Intel Labs, Helsinki Institute for Information Technology (HIIT), Vienna University of Technology, Ruhr University Bochum, Department of Computer Science, Aalto-yliopisto, and Aalto University

Subjects
Sustainability, Security, Safety
Abstract

A significant proportion of today’s information and communication technology (ICT) systems are entrusted with high value assets, and our modern society has become increasingly dependent on these systems operating safely and securely over their anticipated lifetimes. However, we observe a mismatch between the lifetimes expected from ICT-supported systems (such as autonomous cars) and the duration for which these systems are able to remain safe and secure, given the spectrum of threats they face. Whereas most systems today are constructed within the constraints of foreseeable technology advancements, we argue that long term, i.e., sustainable security & safety, requires anticipating the unforeseeable and preparing systems for threats not known today. In this paper, we set out our vision for sustainable security & safety. We summarize the main challenges in realizing this desideratum in real-world systems, and we identify several design principles that could address these challenges and serve as building blocks for achieving this vision.

Published
2019

25. Sustainable Security and Safety: Challenges and Opportunities

Author

Paverd, Andrew, Volp, Marcus, Brasser, Ferdinand, Schunter, Matthias, N Asokan, Sadeghi, Ahmad-Reza, Verissimo, Paulo, Steininger, Andreas, Holz, Thorsten, Intel Labs [sponsor], and Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Critical and Extreme Security and Dependability Research Group (CritiX) [research center]

Subjects
Computer science [C05] [Engineering, computing & technology], Sciences informatiques [C05] [Ingénierie, informatique & technologie]
Abstract

A significant proportion of today's information and communication technology (ICT) systems are entrusted with high value assets, and our modern society has become increasingly dependent on these systems operating safely and securely over their anticipated lifetimes. However, we observe a mismatch between the lifetimes expected from ICT-supported systems (such as autonomous cars) and the duration for which these systems are able to remain safe and secure, given the spectrum of threats they face. Whereas most systems today are constructed within the constraints of foreseeable technology advancements, we argue that long term, i.e., sustainable security & safety, requires anticipating the unforeseeable and preparing systems for threats not known today. In this paper, we set out our vision for sustainable security & safety. We summarize the main challenges in realizing this desideratum in real-world systems, and we identify several design principles that could address these challenges and serve as building blocks for achieving this vision.

Published
2019

26. Sustainable Security & Safety: Challenges and Opportunities

Author

Paverd, Andrew, Völp, Marcus, Brasser, Ferdinand, Schunter, Matthias, Asokan, N., Sadeghi, Ahmad-Reza, Esteves-Veríssimo, Paulo, Steininger, Andreas, and Holz, Thorsten

Subjects
000 Computer science, knowledge, general works, Computer Science
Abstract

A significant proportion of today's information and communication technology (ICT) systems are entrusted with high value assets, and our modern society has become increasingly dependent on these systems operating safely and securely over their anticipated lifetimes. However, we observe a mismatch between the lifetimes expected from ICT-supported systems (such as autonomous cars) and the duration for which these systems are able to remain safe and secure, given the spectrum of threats they face. Whereas most systems today are constructed within the constraints of foreseeable technology advancements, we argue that long term, i.e., sustainable security & safety, requires anticipating the unforeseeable and preparing systems for threats not known today. In this paper, we set out our vision for sustainable security & safety. We summarize the main challenges in realizing this desideratum in real-world systems, and we identify several design principles that could address these challenges and serve as building blocks for achieving this vision.

Published
2019
Full Text
View/download PDF

27. When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs

Author

Dessouky, Ghada, Gens, David, Haney, Patrick, Persyn, Garrett, Kanuparthi, Arun, Khattri, Hareesh, Fung, Jason M., Sadeghi, Ahmad-Reza, and Rajendran, Jeyavijayan

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

In this paper, we take a deep dive into microarchitectural security from a hardware designer's perspective by reviewing the existing approaches to detect hardware vulnerabilities during the design phase. We show that a protection gap currently exists in practice that leaves chip designs vulnerable to software-based attacks. In particular, existing verification approaches fail to detect specific classes of vulnerabilities, which we call HardFails: these bugs evade detection by current verification techniques while being exploitable from software. We demonstrate such vulnerabilities in real-world SoCs using RISC-V to showcase and analyze concrete instantiations of HardFails. Patching these hardware bugs may not always be possible and can potentially result in a product recall. We base our findings on two extensive case studies: the recent Hack@DAC 2018 hardware security competition, where 54 independent teams of researchers competed world-wide over a period of 12 weeks to catch inserted security bugs in SoC RTL designs, and an in-depth systematic evaluation of state-of-the-art verification approaches. Our findings indicate that even combinations of techniques will miss high-impact bugs due to the large number of modules with complex interdependencies and fundamental limitations of current detection approaches. We also craft a real-world software attack that exploits one of the RTL bugs from Hack@DAC that evaded detection and discuss novel approaches to mitigate the growing problem of cross-layer bugs at design time.

Published
2018

28. On the Security of Strong Memristor-based Physically Unclonable Functions.

Author

Zeitouni, Shaza, Stapf, Emmanuel, Fereidooni, Hossein, and Sadeghi, Ahmad-Reza

Subjects
COMPUTER security, MACHINE learning, ALGORITHMS, OPEN source software, INTEGRATED circuits
Abstract

PUFs are cost-effective security primitives that extract unique identifiers from integrated circuits. However, since their introduction, PUFs have been subject to modeling attacks based on machine learning. Recently, researchers explored emerging nano-electronic technologies, e.g., memristors, to construct hybrid-PUFs, which outperform CMOS-only PUFs and are claimed to be more resilient to modeling attacks. However, since such PUF designs are not open-source, the security claims remain dubious. In this paper, we reproduce a set of memristor-PUFs and extensively evaluate their unpredictability property. By leveraging state-of-the-art machine learning algorithms, we show that it is feasible to successfully model memristor-PUFs with high prediction rates of 98%. Even incorporating XOR gates, to further strengthen PUFs' against modeling attacks, has a negligible effect. [ABSTRACT FROM AUTHOR]

Published
2020

29. INVITED: AI Utopia or Dystopia - On Securing AI Platforms.

Author

Dessouky, Ghada, Jauernig, Patrick, Mentens, Nele, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Subjects
ARTIFICIAL intelligence, ARTIFICIAL neural networks, ALGORITHMS, PERSONALLY identifiable information, SMART homes
Abstract

Today we are witnessing the widespread deployment of AI algorithms on many computing platforms already to provide various services, thus driving the growing market for AI-based platforms. On the one end, AI support is demanded for resource-constrained embedded devices, e.g., integrated into smart homes and vehicles. On the other end, hi-tech giants and cloud services require AI platforms with increasing computational power to feed their data- hungry neural networks. Neglecting security and privacy aspects on both such low-end and high-end AI platforms can have devastating consequences for end users (privacy and safety) as well as for the AI service providers (IP theft). The utopia of a world where intelligent devices ease the human life can easily turn into a dystopia where the ownership of personal data is threatened. In recent years, tremendous effort has been invested in the development of security architectures that protect sensitive services in isolated execution contexts, called enclaves, which provide protection beyond that of commodity operating systems. In this paper, we elaborate on the most well-known enclave-based security architectures to protect AI services. We point out their shortcomings in providing the security guarantees needed for existing and emerging AI services and discuss new ideas and research directions. [ABSTRACT FROM AUTHOR]

Published
2020

31. ASSURED

Author

Asokan, N., Nyman, Thomas, Rattanavipanon, Norrathep, Sadeghi, Ahmad-Reza, Tsudik, Gene, Adj. Prof Asokan N. group, University of California Irvine, Technische Universität Darmstadt, Department of Computer Science, Aalto-yliopisto, and Aalto University

Subjects
Computer security, embedded systems, embedded software, Internet of Things (IoT)
Abstract

Secure firmware update is an important stage in the IoT device life-cycle. Prior techniques, designed for other computational settings, are not readily suitable for IoT devices, since they do not consider idiosyncrasies of a realistic large-scale IoT deployment. This motivates our design of ASSURED, a secure and scalable update framework for IoT. ASSURED includes all stakeholders in a typical IoT update ecosystem, while providing end-to-end security between manufacturers and devices. To demonstrate its feasibility and practicality, ASSURED is instantiated and experimentally evaluated on two commodity hardware platforms. Results show that ASSURED is considerably faster than current update mechanisms in realistic settings.

Published
2018

32. D\'IoT: A Federated Self-learning Anomaly Detection System for IoT

Author

Nguyen, Thien Duc, Marchal, Samuel, Miettinen, Markus, Fereidooni, Hossein, Asokan, N., and Sadeghi, Ahmad-Reza

Subjects
Computer Science - Cryptography and Security
Abstract

IoT devices are increasingly deployed in daily life. Many of these devices are, however, vulnerable due to insecure design, implementation, and configuration. As a result, many networks already have vulnerable IoT devices that are easy to compromise. This has led to a new category of malware specifically targeting IoT devices. However, existing intrusion detection techniques are not effective in detecting compromised IoT devices given the massive scale of the problem in terms of the number of different types of devices and manufacturers involved. In this paper, we present D\"IoT, an autonomous self-learning distributed system for detecting compromised IoT devices effectively. In contrast to prior work, D\"IoT uses a novel self-learning approach to classify devices into device types and build normal communication profiles for each of these that can subsequently be used to detect anomalous deviations in communication patterns. D\"IoT utilizes a federated learning approach for aggregating behavior profiles efficiently. To the best of our knowledge, it is the first system to employ a federated learning approach to anomaly-detection-based intrusion detection. Consequently, D\"IoT can cope with emerging new and unknown attacks. We systematically and extensively evaluated more than 30 off-the-shelf IoT devices over a long term and show that D\"IoT is highly effective (95.6% detection rate) and fast (~257 ms) at detecting devices compromised by, for instance, the infamous Mirai malware. D\"IoT reported no false alarms when evaluated in a real-world smart home deployment setting., Comment: Accepted version of paper to appear at ICDCS 2019, Dallas, TX, USA, July 2019

Published
2018

34. HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement

Author

Nyman, Thomas, Dessouky, Ghada, Zeitouni, Shaza, Lehikoinen, Aaro, Paverd, Andrew, Asokan, N., and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the control flow of the code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented programming (DOP) demonstrated highly expressive (Turing-complete) attacks, even in the presence of these state-of-the-art defenses. Although multiple real-world DOP attacks have been demonstrated, no efficient defenses are yet available. We propose run-time scope enforcement (RSE), a novel approach designed to efficiently mitigate all currently known DOP attacks by enforcing compile-time memory safety constraints (e.g., variable visibility rules) at run-time. We present HardScope, a proof-of-concept implementation of hardware-assisted RSE for the new RISC-V open instruction set architecture. We discuss our systematic empirical evaluation of HardScope which demonstrates that it can mitigate all currently known DOP attacks, and has a real-world performance overhead of 3.2% in embedded benchmarks.

Published
2017

35. Execution Integrity with In-Place Encryption

Author

Sullivan, Dean, Arias, Orlando, Gens, David, Davi, Lucas, Sadeghi, Ahmad-Reza, and Jin, Yier

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Instruction set randomization (ISR) was initially proposed with the main goal of countering code-injection attacks. However, ISR seems to have lost its appeal since code-injection attacks became less attractive because protection mechanisms such as data execution prevention (DEP) as well as code-reuse attacks became more prevalent. In this paper, we show that ISR can be extended to also protect against code-reuse attacks while at the same time offering security guarantees similar to those of software diversity, control-flow integrity, and information hiding. We present Scylla, a scheme that deploys a new technique for in-place code encryption to hide the code layout of a randomized binary, and restricts the control flow to a benign execution path. This allows us to i) implicitly restrict control-flow targets to basic block entries without requiring the extraction of a control-flow graph, ii) achieve execution integrity within legitimate basic blocks, and iii) hide the underlying code layout under malicious read access to the program. Our analysis demonstrates that Scylla is capable of preventing state-of-the-art attacks such as just-in-time return-oriented programming (JIT-ROP) and crash-resistant oriented programming (CROP). We extensively evaluate our prototype implementation of Scylla and show feasible performance overhead. We also provide details on how this overhead can be significantly reduced with dedicated hardware support.

Published
2017

36. Software Grand Exposure: SGX Cache Attacks Are Practical

Author

Brasser, Ferdinand, M��ller, Urs, Dmitrienko, Alexandra, Kostiainen, Kari, Capkun, Srdjan, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring, as well. However, prior to our work, the practicality and the extent of such information leakage was not studied. In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and therefore we mount our attack without interrupting enclave execution. This approach has major technical challenges, since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves, which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.

Published
2017

38. With Great Complexity Comes Great Vulnerability: From Stand-Alone Fixes to Reconfigurable Security.

Author

Dessouky, Ghada, Frassetto, Tommaso, Jauernig, Patrick, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Abstract

The increasing complexity of modern computing devices has rendered security architectures vulnerable to recent side-channel and transient-execution attacks. We discuss the most relevant defenses as well as their drawbacks and how to overcome them for next-generation secure processor design. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

39. Trusted Execution Environments: Properties, Applications, and Challenges.

Author

Jauernig, Patrick, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Abstract

Software attacks on modern computer systems have been a persisting challenge for several decades, leading to a continuous arms race between attacks and defenses. As a first line of defense, operating system kernels enforce process isolation to limit potential attacks to only the code containing the vulnerabilities. However, vulnerabilities in the kernel itself (for example, various vulnerabilities found by Google Project Zero), side-channel attacks,1 or even physical attacks2 can be used to undermine process isolation. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

40. INVITED: In Hardware We Trust: Gains and Pains of Hardware-assisted Security.

Author

Batina, Lejla, Jauernig, Patrick, Mentens, Nele, Sadeghi, Ahmad-Reza, and Stapf, Emmanuel

Subjects
ELECTRONIC data processing, CENTRAL processing units, DATA integrity, INTERNET of things, EMBEDDED computer systems
Abstract

Data processing and communication in almost all electronic systems are based on Central Processing Units (CPUs). In order to guarantee confidentiality and integrity of the software running on a CPU, hardware-assisted security architectures are used. However, both the threat model and the non-functional platform requirements, i.e. performance and energy budget, differ when we go from high-end desktop computers and servers to low-end embedded devices that populate the internet of things (IoT). For high-end platforms, a relatively large energy budget is available to protect software against attacks. However, measures to optimize performance give rise to microarchitectural side-channel attacks. IoT devices, in contrast, are constrained in terms of energy consumption and do not incorporate the performance enhancements found in high-end CPUs. Hence, they are less likely to be susceptible to microarchitectural attacks, but give rise to physical attacks, exploiting, e.g., leakage in power consumption or through fault injection. Whereas previous work mostly concentrates on a specific architecture, this paper covers the whole spectrum of computing systems, comparing the corresponding hardware architectures, and most relevant threats. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

41. HardScope: Hardening Embedded Systems Against Data-Oriented Attacks.

Author

Nyman, Thomas, Dessouky, Ghada, Zeitouni, Shaza, Lehikoinen, Aaro, Paverd, Andrew, Asokan, N., and Sadeghi, Ahmad-Reza

Subjects
EMBEDDED computer systems, PROGRAMMING languages, C++, GENERATIVE adversarial networks, COMPUTER software development
Abstract

Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks like control-flow hijacking. However, defenses against control-flow attacks, such as (fine-grained) randomization or control-flow integrity are ineffective against data-oriented attacks and more expressive Data- oriented Programming (DOP) attacks that bypass state-of-the-art defenses. We propose run-time scope enforcement (RSE), a novel approach that efficiently mitigates all currently known DOP attacks by enforcing compile-time memory safety constraints like variable visibility rules at run-time. We present Hardscope, a proof-of-concept implementation of hardware-assisted RSE for RISC-V, and show it has a low performance overhead of 3.2% for embedded benchmarks. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

42. ARM2GC: Succinct Garbled Processor for Secure Computation.

Author

Songhori, Ebrahim M., Riazi, M. Sadegh, Hussain, Siam U., Sadeghi, Ahmad-Reza, and Koushanfar, Farinaz

Subjects
PROGRAMMING languages, CRYPTOGRAPHY, COMPUTER hardware description languages, DATA encryption, COMPILERS (Computer programs)
Abstract

We present ARM2GC, a novel secure computation framework based on Yao's Garbled Circuit (GC) protocol and the ARM processor. It allows users to develop privacy-preserving applications using standard high-level programming languages (e.g., C) and compile them using off-the-shelf ARM compilers, e.g., gcc-arm. The main enabler of this framework is the introduction of SkipGate, an algorithm that dynamically omits the communication and encryption cost of a gate when its output is independent of the private data. SkipGate greatly enhances the performance of ARM2GC by omitting costs of the gates associated with the instructions of the compiled binary, which is known by both parties involved in the computation. Our evaluation on benchmark functions demonstrates that ARM2GC outperforms the prior best solution by 156x. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

43. Key agreement for heterogeneous mobile ad-hoc groups

Author

Manulis, Mark and Sadeghi, Ahmad-Reza

Subjects
Ad hoc networks (Computer networks) -- Forecasts and trends, Mobile devices -- Technology application, Market trend/market analysis, Technology application, High technology industry
Abstract

Byline: Mark Manulis, Ahmad-Reza Sadeghi Security of various group-oriented applications for mobile ad-hoc groups requires a group secret shared between all participants. Contributory Group Key Agreement (CGKA) protocols can be used in mobile ad-hoc scenarios due to the absence of any trusted central authority (group manager) that actively participates in the computation of the group key. Members of spontaneously formed mobile ad-hoc groups are usually equipped with different kinds of mobile devices with varying performance capabilities. This heterogeneity opens new ways for the design of CGKA protocols and states additional security requirements with regard to the trustworthiness of the devices. In this paper we propose a CGKA protocol for mobile ad hoc groups that fairly distributes the computation costs amongst mobile devices by taking into account their performance limitations and preventing possible cheating through Trusted Computing techniques.

Published
2010

44. CAn't Touch This: Practical and Generic Software-only Defenses Against Rowhammer Attacks

Author

Brasser, Ferdinand, Davi, Lucas, Gens, David, Liebchen, Christopher, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Rowhammer is a hardware bug that can be exploited to implement privilege escalation and remote code execution attacks. Previous proposals on rowhammer mitigation either require hardware changes or follow heuristic-based approaches (based on CPU performance counters). To date, there exists no instant protection against rowhammer attacks on legacy systems. In this paper, we present the design and implementation of two practical and efficient software-only defenses against rowhammer attacks. Our defenses prevent the attacker from leveraging rowhammer to corrupt physically co-located data in memory that is owned by a different system entity. Our first defense, B-CATT, extends the system bootloader to disable vulnerable physical memory. B-CATT is highly practical, does not require changes to the operating system, and can be deployed on virtually all x86-based systems. While B-CATT is able to stop all known rowhammer attacks, it does not yet tackle the fundamental problem of missing memory isolation in physical memory. To address this problem, we introduce our second defense G-CATT, a generic solution that extends the physical memory allocator of the OS to physically isolate the memory of different system entities (e.g., kernel and user space). As proof of concept, we implemented B-CATT on x86, and our generic defense, G-CATT, on x86 and ARM to mitigate rowhammer-based kernel exploits. Our extensive evaluation shows that both mitigation schemes (i) can stop available real- world rowhammer attacks, (ii) impose virtually no run-time overhead for common user and kernel benchmarks as well as commonly used applications, and (iii) do not affect the stability of the overall system., Clarifications based on intial feedback -- p7: clarified formula p10: included rest of pts/memory (cachebench/ramspeed) in Tab III p12: include discussion on how single-sided rowhammer attacks are mitigated and benchmark selection p13: updated related work p14: updated acknowledgment

Published
2016

45. SandBlaster: Reversing the Apple Sandbox

Author

Deaconescu, R��zvan, Deshotels, Luke, Bucicoiu, Mihai, Enck, William, Davi, Lucas, and Sadeghi, Ahmad-Reza

Subjects
FOS: Computer and information sciences, Computer Science - Operating Systems, Software_OPERATINGSYSTEMS, Computer Science - Cryptography and Security, Operating Systems (cs.OS), D.4.6, Cryptography and Security (cs.CR)
Abstract

In order to limit the damage of malware on Mac OS X and iOS, Apple uses sandboxing, a kernel-level security layer that provides tight constraints for system calls. Particularly used for Apple iOS, sandboxing prevents apps from executing potentially dangerous actions, by defining rules in a sandbox profile. Investigating Apple's built-in sandbox profiles is difficult as they are compiled and stored in binary format. We present SandBlaster, a software bundle that is able to reverse/decompile Apple binary sandbox profiles to their original human readable SBPL (SandBox Profile Language) format. We use SandBlaster to reverse all built-in Apple iOS binary sandbox profiles for iOS 7, 8 and 9. Our tool is, to the best of our knowledge, the first to provide a full reversing of the Apple sandbox, shedding light into the inner workings of Apple sandbox profiles and providing essential support for security researchers and professionals interested in Apple security mechanisms., 25 pages, 9 figures, 14 listings This report is an auxiliary document to the paper "SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles", to be presented at the ACM Conference on Computer and Communications Security (CCS) 2016

Published
2016

47. Regulating Smart Personal Devices in Restricted Spaces

Author

Ganapathy, Vinod, Iftode, Liviu, Sadeghi, Ahmad-Reza, Brasser, Ferdinand, Kim, Daeyoung, and Liebchen, Christopher

Abstract

Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.

Published
2015
Full Text
View/download PDF

48. Invited: Reconciling Remote Attestation and Safety-Critical Operation on Simple IoT Devices.

Author

Carpent, Xavier, Eldefrawy, Karim, Rattanavipanon, Norrathep, Sadeghi, Ahmad-Reza, and Tsudik, Gene

Subjects
INTERNET of things, MALWARE, MEMORY, PSYCHOLOGY, AUTOMOBILE industry
Abstract

Remote attestation (RA) is a means of malware detection, typically realized as an interaction between a trusted verifier and a potentially compromised remote device (prover). RA is especially relevant for low-end embedded devices that are incapable of protecting themselves against malware infection. Most current RA techniques require on-demand and uninterruptible (atomic) operation. The former fails to detect transient malware that enters and leaves between successive RA instances; the latter involves performing potentially time-consuming computation over prover's memory and/or storage, which can be harmful to the device's safety-critical functionality and general availability. However, relaxing either on-demand or atomic RA operation is tricky and prone to vulnerabilities. This paper identifies some issues that arise in reconciling requirements of safety-critical operation with those of secure remote attestation, including detection of transient and self-relocating malware. It also investigates mitigation techniques, including periodic self-measurements as well as interruptible attestation modality that involves shuffed memory traversals and various memory locking mechanisms. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

49. It's Hammer Time: How to Attack (Rowhammer-based) DRAM-PUFs.

Author

Zeitouni, Shaza, Gens, David, and Sadeghi, Ahmad-Reza

Subjects
CRYPTOGRAPHY, ELECTRIC circuits, ELECTRIC circuit networks, VOLTAGE reversal, ALGORITHMS
Abstract

Physically Unclonable Functions (PUFs) are still considered promising technology as building blocks in cryptographic protocols. While most PUFs require dedicated circuitry, recent research leverages DRAM hardware for PUFs due to its intrinsic properties and wide deployment. Recently, a new memory-based PUF was proposed that utilizes the infamous Rowhammer effect in DRAM. In this paper, we show two remote attacks on DRAM-based PUFs. First, a DoS attack that exploits the Rowhammer effect to manipulate PUF responses. Second, a modeling attack that predicts PUF responses by observing few challenge-response pairs. Our results indicate that DRAM may not be suitable for PUFs. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

50. AuDI: Toward Autonomous IoT Device-Type Identification Using Periodic Communication.

Author

Marchal, Samuel, Miettinen, Markus, Nguyen, Thien Duc, Sadeghi, Ahmad-Reza, and Asokan, N.

Subjects
TELECOMMUNICATION systems, IDENTIFICATION, COMPUTER network security, COMMUNICATION models, LOGIC circuits
Abstract

IoT devices are being widely deployed. But the huge variance among them in the level of security and requirements for network resources makes it unfeasible to manage IoT networks using a common generic policy. One solution to this challenge is to define policies for classes of devices based on device type. In this paper, we present AuDI, a system for quickly and effectively identifying the type of a device in an IoT network by analyzing their network communications. AuDI models the periodic communication traffic of IoT devices using an unsupervised learning method to perform identification. In contrast to prior work, AuDI operates autonomously after initial setup, learning, without human intervention nor labeled data, to identify previously unseen device types. AuDI can identify the type of a device in any mode of operation or stage of lifecycle of the device. Via systematic experiments using 33 off-the-shelf IoT devices, we show that AuDI is effective (98.2% accuracy). [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results