SECRYPT 2015 Abstracts

Full Papers

Paper Nr:	4
Title:	WeXpose: Towards on-Line Dynamic Analysis of Web Attack Payloads using Just-In-Time Binary Modification
Authors:	Jennifer Bellizzi and Mark Vella
Abstract:	Web applications constitute a prime target for attacks. A subset of these inject code into their targets, posing a threat to the entire hosting infrastructure rather than just to the compromised application. Existing web intrusion detection systems (IDS) are easily evaded when code payloads are obfuscated. Dynamic analysis in the form of instruction set emulation is a well-known answer to this problem, which however is a solution for off-line settings rather than the on-line IDS setting and cannot be used for all types of web attacks payloads. Host-based approaches provide an alternative, yet all of them impose runtime overheads. This work proposes just-in-time (JIT) binary modification complemented with payload-based heuristics for the provision of obfuscation-resistant web IDS at the network level. A number of case studies conducted with WeXpose, a prototype implementation of the technique, shows that JIT binary modification fits the on-line setting due to native instruction execution, while also isolating harmful attack side-effects that consequentially become of concern. Avoidance of emulation makes the approach relevant to all types of payloads, while payload-based heuristics provide practicality.
Download

Paper Nr:	19
Title:	A Flexible Architecture for Industrial Control System Honeypots
Authors:	Alexandru Vlad Serbanescu, Sebastian Obermeier and Der-Yeuan Yu
Abstract:	While frequent reports on targeted attacks for Industrial Control Systems hit the news, the amount of untargeted attacks using standardized industrial protocols is still unclear, especially if devices are mistakenly or even knowingly connected to the Internet. To lay the foundation for a deeper insight into the interest of potential attackers, a large scale honeynet system that captures all interactions using industrial protocols is proposed. Special for the honeynet system architecture is the automated deployment on a cloud infrastructure and its modularisation of the industrial protocols. The centralized-but-redundant data collection allows correlating attacks that happen on multiple devices. A real-world experiment confirms the feasibility of the approach, and results of the observed interactions with the honeynet are presented.
Download

Paper Nr:	33
Title:	Mobile Malware Detection using Op-code Frequency Histograms
Authors:	Gerardo Canfora, Francesco Mercaldo and Corrado Aaron Visaggio
Abstract:	Mobile malware has grown in scale and complexity, as a consequence of the unabated uptake of smartphones worldwide. Malware writers have been developing detection evasion techniques which are rapidly making anti-malware technologies uneffective. In particular, zero-days malware is able to easily pass signature based detection, while dynamic analysis based techniques, which could be more accurate and robust, are too costly or inappropriate to real contexts, especially for reasons related to usability. This paper discusses a technique for discriminating Android malware from trusted applications that does not rely on signature, but on identifying a vector of features obtained from the static analysis of the Android’s Dalvik code. Experimentation accomplished on a sample of 11,200 applications revealed that the proposed technique produces high precision (over 93%) in mobile malware detection, with an accuracy of 95%.
Download

Paper Nr:	35
Title:	Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack
Authors:	Yukou Kobayashi, Naoto Yanai, Kazuki Yoneyama, Takashi Nishide, Goichiro Hanaoka, Kwangjo Kim and Eiji Okamoto
Abstract:	Password-based Authenticated Key Exchange (PAKE) allows a server to authenticate a user and to establish a session key shared between the server and the user just by having memorable passwords. In PAKE, conventionally the server is assumed to have the authentication functionality and also provide on-line services simultaneously. However, in the real-life applications, this may not be the case, and the authentication server may be separate from on-line service providers. In such a case, there is a problem that a malicious service provider with no authentication functionality may be able to guess the passwords by interacting with other participants repeatedly. Abdalla et al. put forward a notion of the server password protection security to deal with this problem. However, their proposed schemes turned out to be vulnerable to Undetectable On-line Dictionary Attack (UDonDA). To cope with this situation, we propose the Gateway Threshold PAKE provably secure against this password guessing attack by also taking the corruption of authentication servers into consideration.
Download

Paper Nr:	42
Title:	Evaluating the Comprehensive Complexity of Authorization-based Access Control Policies using Quantitative Metrics
Authors:	Malek Belhaouane, Joaquin Garcia-Alfaro and Hervé Debar
Abstract:	Access control models allow flexible authoring and management of security policies, using high-level statements. They enable the expression of structured and expressive policies. However, they have an impact on the policy characteristics. The complexity of such policies is one of the affected characteristics. We propose a series of quantitative metrics to assess comprehensive complexity of policies. By comprehensive, we mean the difficulty of understanding a policy by administrators. We formalize the concepts of authorization-based access control models, to propose general metrics regardless of the model. We also show the application of the proposed metrics through a content management system (CMS) policy example. We outline a proof-of-concept to evaluate the feasibility of our proposal, based on SELinux policies for a general-purpose CMS.
Download

Paper Nr:	43
Title:	Formal Analysis of E-Cash Protocols
Authors:	Jannik Dreier, Ali Kassem and Pascal Lafourcade
Abstract:	Electronic cash (e-cash) aims at achieving client privacy at payment, similar to real cash. Several security protocols have been proposed to ensure privacy in e-cash, as well as the necessary unforgery properties. In this paper, we propose a formal framework to define, analyze, and verify security properties of e-cash systems. To this end, we model e-cash systems in the applied p-calculus, and we define two client privacy properties and three properties to prevent forgery. Finally, we apply our definitions to an e-cash protocol from the literature proposed by Chaum et al., which has two variants and a real implementation based on it. Using ProVerif, we demonstrate that our framework is suitable for an automated analysis of this protocol.
Download

Paper Nr:	50
Title:	Algorithmic Information Theory for Obfuscation Security
Authors:	Rabih Mohsen and Alexandre Miranda Pinto
Abstract:	The main problem in designing effective code obfuscation is to guarantee security. State of the art obfuscation techniques rely on an unproven concept of security, and therefore are not regarded as provably secure. In this paper, we undertake a theoretical investigation of code obfuscation security based on Kolmogorov complexity and algorithmic mutual information. We introduce a new definition of code obfuscation that requires the algorithmic mutual information between a code and its obfuscated version to be minimal, allowing for controlled amount of information to be leaked to an adversary. We argue that our definition avoids the impossibility results of Barak et al. and is more advantageous then obfuscation indistinguishability definition in the sense it is more intuitive, and is algorithmic rather than probabilistic.
Download

Paper Nr:	70
Title:	A Uniform Modeling Pattern for Operating Systems Access Control Policies with an Application to SELinux
Authors:	Peter Amthor
Abstract:	Modern operating systems increasingly rely on enforcing mandatory access control through the use of security policies. Given the critical property of policy correctness in such systems, formal methods and models are applied for both specification and verification of these policies. Due to the heterogeneity of their respective semantics, this is an intricate and error-prone engineering process. However, diverse access control systems on the one hand and diverse formal criteria of correctness on the other hand have so far impeded a unifying framework for this task. This paper presents a step towards this goal. We propose to leverage core-based model engineering, a uniform approach to security policy formalization, and refine it by adding typical semantic abstractions of contemporary policy-controlled operating systems. This results in a simple, yet highly flexible framework for formalization, specification and analysis of operating system security policies. We substantiate this claim by applying our method to the SELinux system and practically demonstrate how to map policy semantics to an instance of the model.
Download

Paper Nr:	79
Title:	Automated Exploit Detection using Path Profiling - The Disposition Should Matter, Not the Position
Authors:	George Stergiopoulos, Panagiotis Petsanas, Panagiotis Katsaros and Dimitris Gritzalis
Abstract:	Recent advances in static and dynamic program analysis resulted in tools capable to detect various types of security bugs in the Applications under Test (AUT). However, any such analysis is designed for a priori specified types of bugs and it is characterized by some rate of false positives or even false negatives and certain scalability limitations. We present a new analysis and source code classification technique, and a prototype tool aiming to aid code reviews in the detection of general information flow dependent bugs. Our approach is based on classifying the criticality of likely exploits in the source code using two measuring functions, namely Severity and Vulnerability. For an AUT, we analyse every single pair of input vector and program sink in an execution path, which we call an Information Block (IB). A classification technique is introduced for quantifying the Severity (danger level) of an IB by static analysis and computation of its Entropy Loss. An IB’s Vulnerability is quantified using a tainted object propagation analysis along with a Fuzzy Logic system. Possible exploits are then characterized with respect to their Risk by combining the computed Severity and Vulnerability measurements through an aggregation operation over two fuzzy sets. An IB is characterized of a high risk, when both its Severity and Vulnerability rankings have been found to be above the low zone. In this case, a detected code exploit is reported by our prototype tool, called Entroine. The effectiveness of the approach has been tested by analysing 45 Java programs of NIST’s Juliet Test Suite, which implement 3 different common weakness exploits. All existing code exploits were detected without any false positive.
Download

Paper Nr:	97
Title:	Preserving Privacy in Collaborative Business Process Composition
Authors:	Hassaan Irshad, Basit Shafiq, Jaideep Vaidya, Muhammad Ahmed Bashir, Shafay Shamail and Nabil Adam
Abstract:	Collaborative business process composition exploits the knowledge of existing business processes of related organizations to compose an executable business process for a given organization based on its requirements and design specifications. Typically, this requires organizations to share and upload their existing business process execution sequences to a central repository. However, even after masking of confidential data, the execution sequences may still include sensitive business information which organizations may not want to share with their competitors. To address this issue, we develop a privacy-preserving Business Process Recommendation and Composition System (BPRCS), that generates a differentially private dataset of execution sequences which can be published and shared with other organizations for composition and implementation of their business processes. We also employ process mining and classification techniques on this differentially private dataset to regenerate the executable business process workflow. We experimentally validate the effectiveness of our approach.
Download

Paper Nr:	103
Title:	An OWL-based XACML Policy Framework
Authors:	Fabio Marfia, Mario Arrigoni Neri, Filippo Pellegrini and Marco Colombetti
Abstract:	We present an XACML policy framework implementation using OWL and reasoning technologies. Reasoning allows to easily generate policy decisions in complex environments for expressive policies, while satisfying the requirements of reliability and consistency for the framework. Furthermore, OWL ontologies represent a valid substratum for tackling advanced complex tasks, as Policy Harmonization and Explanation, with a complete rationale.
Download

Paper Nr:	106
Title:	New Results for Partial Key Exposure on RSA with Exponent Blinding
Authors:	Stelvio Cimato, Silvia Mella and Ruggero Susella
Abstract:	In 1998, Boneh, Durfee and Frankel introduced partial key exposure attacks, a novel application of Coppersmith’s method, to retrieve an RSA private key given only a fraction of its bits. This type of attacks is of particular interest in the context of side-channel attacks. By applying the exponent blinding technique as a countermeasure for side-channel attacks, the private exponent becomes randomized at each execution. Thus the attacker has to rely only on a single trace, significantly incrementing the noise, making the exponent bits recovery less effective. This countermeasure has also the side-effect of modifying the RSA equation used by partial key exposure attacks, in a way studied by Joye and Lepoint in 2012. We improve their results by providing a simpler technique in the case of known least significant bits and a better bound for the known most significant bits case. Additionally, we apply partial key exposure attacks to CRT-RSA when exponent blinding is used, a case not yet analyzed in literature. Our findings, for which we provide theoretical and experimental results, aim to reduce the number of bits to be recovered through side-channel attacks in order to factor an RSA modulus when the implementation is protected by exponent blinding.
Download

Paper Nr:	107
Title:	On the Instability of Sensor Orientation in Gait Verification on Mobile Phone
Authors:	Thang Hoang, Deokjai Choi and Thuc Nguyen
Abstract:	Authentication schemes using tokens or biometric modalities have been proposed to ameliorate the security strength on mobile devices. However, the existing approaches are obtrusive since the user is required to perform explicit gestures in order to be authenticated. While the gait signal captured by inertial sensors is understood to be a reliable profile for effective implicit authentication, recent studies have been conducted in ideal conditions and might therefore be inapplicable in the real mobile context. Particularly, the acquiring sensor is always fixed to a specific position and orientation. This paper mainly focuses on addressing the instability of sensor’s orientation which mostly happens in the reality. A flexible solution taking advantages of available sensors on mobile devices which can help to handle this problem is presented. Moreover, a novel gait recognition method utilizes statistical analysis and supervised learning to adapt itself to the instability of the biometric gait under various circumstances is also proposed. By adopting PCA+SVM to construct the gait model, the proposed method outperformed other state-of-the-art studies, with an equal error rate of 2.45% and accuracy rate of 99.14% in terms of the verification and identification aspects being achieved, respectively.
Download

Short Papers

Paper Nr:	11
Title:	Parallel Approaches for Efficient Scalar Multiplication over Elliptic Curve
Authors:	Christophe Negre and Jean-Marc Robert
Abstract:	This paper deals with parallel implementation of scalar multiplication over an elliptic curve. We present parallel approaches which split the scalar into two parts for E(Fp) or three parts for E(F2m ) and perform in parallel the scalar multiplication with each part of the scalar. We present timing results of these approaches implemented over an Intel Core i7 for NIST binary curves B233, B409 and for the twisted Edwards curve Curve25519 (Bernstein, 2006). For the curves B409 and Curve25519 the proposed approaches improve by at least 10% the computation time of the scalar multiplication.
Download

Paper Nr:	14
Title:	Policy Anomaly Detection for Distributed IPv6 Firewalls
Authors:	Claas Lorenz and Bettina Schnor
Abstract:	Concerning the design of a security architecture, Firewalls play a central role to secure computer networks. Facing the migration of IPv4 to IPv6, the setup of capable firewalls and network infrastructures will be necessary. The semantic differences between IPv4 and IPv6 make misconfigurations possible that may cause a lower performance or even security problems. For example, a cycle in a firewall configuration allows an attacker to craft network packets that may result in a Denial of Service. This paper investigates model checking techniques for automated policy anomaly detection. It shows that with a few adoptions existing approaches can be extended to support the IPv6 protocol with its specialities like the tremendously larger address space or extension headers. The performance is evaluated empirically by measurements with our prototype implementation ad6.
Download

Paper Nr:	20
Title:	Secure Physical Access Control with Strong Cryptographic Protection
Authors:	Jan Hajny, Petr Dzurenda and Lukas Malina
Abstract:	This paper is focused on the area of physical access control systems (PACs), particularly on the systems for building access control. We show how the application of modern cryptographic protocols, namely the cryptographic proofs of knowledge, can improve the security and privacy protection in practical access control systems. We propose a novel scheme SPAC (Secure Physical Access Control) based on modern cryptographic primitives. By employing the proofs of knowledge, the authentication process gets more secure and privacy friendly in comparison to existing schemes without negative influence on the implementation complexity or system performance. In this paper, we describe the weaknesses of existing schemes, show the full cryptographic specification of the novel SPAC scheme including its security proofs and provide benchmarks on off-the-shelf devices used in real commercial systems. Furthermore we show, that the transition from an old insecure system to strong authentication can be easy and cost-effective.
Download

Paper Nr:	36
Title:	Private Eyes: Secure Remote Biometric Authentication
Authors:	Ewa Syta, Michael J. Fischer, David Wolinsky, Abraham Silberschatz, Gina Gallegos-Garcia and Bryan Ford
Abstract:	We propose an efficient remote biometric authentication protocol that gives strong protection to the user’s biometric data in case of two common kinds of security breaches: (1) loss or theft of the user’s token (smart card, handheld device, etc.), giving the attacker full access to any secrets embedded within it; (2) total penetration of the server. Only if both client and server are simultaneously compromised is the user’s biometric data vulnerable to exposure. The protocol works by encrypting the user’s biometric template in a way that allows it to be used for authentication without being decrypted by either token or server. Further, the encrypted template never leaves the token, and only the server has the information that would enable it to be decrypted. We have implemented our protocol using two iris recognition libraries and evaluated its performance. The overall efficiency and recognition performance is essentially the same compared to an unprotected biometric system.
Download

Paper Nr:	48
Title:	MoCrySIL – Carry Your Cryptographic Keys in Your Pocket
Authors:	Florian Reimair, Peter Teufl, Christian Kollmann and Christoph Thaller
Abstract:	Today’s applications need to share data and workload in heterogeneous device environments. Many of these handle sensitive data and need to make use of cryptography, which induces keys that have to be provisioned, stored and shared securely. Our Cryptographic Service Interoperability Layer (CrySIL) architecture addressed these challenges by storing the key material off-device in a central hardened service that provides cryptographic functions to arbitrary devices via standardised APIs. While CrySIL is typically deployed by a trusted entity utilising hardware-security-modules (HSMs), the setup of this central trusted instance might be too complex or not desired in SME/personal deployment scenarios. Therefore, we present MoCrySIL, an extension to CrySIL that omits the need for a thrusted third party by making use of hardware-backed key-storage facilities available in today’s smart phones. We describe the MoCrySIL architectures and present a prototype that performs S/MIME based email encryption/signatures via a PKCS#11 library. We conduct a thorough security/risk analysis, and reflect on functional achievements and shortcomings.
Download

Paper Nr:	51
Title:	Modeling Authorization Policies for Web Services in Presence of Transitive Dependencies
Authors:	Worachet Uttha, Clara Bertolissi and Silvio Ranise
Abstract:	Access control is a crucial issue for the security of Web Services. Since these are independently designed, implemented, and managed, each with its own access control policy, it is challenging to mediate the access to the information they share. In this context, a particularly difficult case occurs when a service invokes another service to satisfy an initial request, leading to indirect authorization errors. To overcome this problem, we propose a new approach based on a version of ORganization Based Access Control (OrBAC) extended by a delegation graph to keep track of transitive authorization dependencies. We show that Datalog can be used as the specification language of our model. As a byproduct of this, an automated analysis technique for simulating execution scenarios before deployment is proposed. Finally, we show how to implement an enforcement mechanism for our model on top of the XACML architecture. To validate our approach, we present a case study adapted from the literature.
Download

Paper Nr:	57
Title:	Solving the Grid Defender’s Dilemma: Tamper Protection for Distributed Cyber-Physical Systems
Authors:	Jason Reeves and Sean Smith
Abstract:	Embedded devices installed as part of the smart grid rollout present a major dilemma for grid defenders, because they are soft targets that could allow an attacker to access critical assets (generators, control centers, etc.) deeper in the utility’s network. While both physical tampering and intrusion protection are large, well-studied fields, state-of-the-art protection schemes suffer from several flaws: They are not powerful enough to respond properly to different tamper events, their severe responses can lead to reduced grid availability, and they often require more setup resources than a utility operator can provide. To protect these networks, we present TEDDI (Tamper Event Detection on Distributed Infrastructure), a distributed, sensor-based tamper protection architecture for embedded devices on utility networks. TEDDI uses data gathered from across the network to make more-informed and more-accurate tamper decisions, and can customize its response based on the event it sees. It can also be configured and installed quickly, without needing a large base of knowledge beforehand. In this paper, we lay out the TEDDI architecture, and discuss how TEDDI solves the grid defender’s dilemma better than current work.
Download

Paper Nr:	61
Title:	Attack Surface and Vulnerability Assessment of Automotive Electronic Control Units
Authors:	Martin Salfer and Claudia Eckert
Abstract:	Modern vehicles are controlled by an on-board network of ECUs (Electronic Control Units), which are specially designed computers that contain tightly tailored and customized software. Especially the trends for ECU connectivity and for semi-autonomous driver assistance functions may have an impact on passenger safety and require thorough security assessments, yet the ECU divergence strains those assessments. We therefore propose an easily automated, quantitative, probabilistic method and metric based on ECU development data and software flash images for the attack surface and vulnerability assessment automation. Our method and metric is designed for the integration into an (iterative) engineering process and the facilitation of code reviews and other security assessments, such as penetration tests. The automotive attack surface comprises especially internal communication interfaces, including diagnosis protocols, external and user-accessible interfaces, such as USB sockets, as well as low-level hardware interfaces. Some exemplary indicators for the vulnerability are access restrictions, casing tamper-resistance, code size, previously found vulnerabilities; strictness of compilers, frameworks and application binary interfaces; conducted security audits and deployed exploit mitigation techniques. This paper’s main contributions are I) a method and a metric for collecting attack surface and predicting the engineering effort for a code injection exploit from ECU development data, II) an application of our metric and method on an example ECU and III) an integration into our graph-based security assessment.
Download

Paper Nr:	64
Title:	Semantic Secure Public Key Encryption with Filtered Equality Test - PKE-FET
Authors:	Kaibin Huang, Yu-Chi Chen and Raylin Tso
Abstract:	Cloud storage allows users to outsource their data to a storage server. For general security and privacy concerns, users prefer storing encrypted data to pure ones so that servers do not learn anything about privacy. However, there is a natural issue that servers have worked some analyses (i.e. statistics) or routines for encrypted data without losing privacy. In this paper, we address the basic functionality, equality test, over encrypted data, which at least can be applied to specific analyses like private information retrieval. We introduce a new system, called filtered equality test, which is an additional functionality for existing public key encryption schemes. It satisfies the following scenario: a ciphertext-receiver selects several messages as a set and produces its related warrant; then, on receiving this warrant, an user is able to perform equality test on the receiver’s ciphertext without decryption when the hidden message belongs to that message set. Similar to the attribute based encryption, ABE. In ABE schemes, those ones who match the settled conditions could get the privilege of decryption. In FET schemes, those ‘messages inside selected set’ can be equality tested. Combining PKE schemes and filtered equality test, we propose a framework of public key encryption scheme with filtered equality test, abbreviated as PKE-FET. Then, taking ElGamal for example, we propose a concrete PKE-FET scheme based on secret sharing and bilinear map. Finally, we prove our proposition with semantic security in the standard model.
Download

Paper Nr:	73
Title:	Cloud Resources Placement based on Functional and Non-functional Requirements
Authors:	Asma Guesmi, Patrice Clemente, Frederic Loulergue and Pascal Berthomé
Abstract:	It is difficult for customers to select the adequate cloud providers which fit their needs, as the number of cloud offerings increases rapidly. Many works thus focus on the design of cloud brokers. Unfortunately, most of them do not consider precise security requirements of customers. In this paper, we propose a methodology defined to place services in a multi-provider cloud environment, based on functional and non-functional requirements, including security requirements. To eliminate inner conflicts within customers requirements, and to match the cloud providers offers with these customers requirements, we use a formal analysis tool: Alloy. The broker uses a matching algorithm to place the required services in the adequate cloud providers, in a way that fulfills all customer requirements. We finally present a prototype implementation of the proposed broker.
Download

Paper Nr:	83
Title:	Light Blind: Why Encrypt If You Can Share?
Authors:	Pierpaolo Cincilla, Aymen Boudguiga, Makhlouf Hadji and Arnaud Kaiser
Abstract:	The emergence of cloud computing makes the use of remote storage more and more common. Clouds provide cheap and virtually unlimited storage capacity. Moreover, thanks to replication, clouds offer high availability of stored data. The use of public clouds storage make data confidentiality more critical as the user has no control on the physical storage device nor on the communication channel. The common solution is to ensure data confidentiality by encryption. Encryption gives strong confidentiality guarantees but comes with a price. The time needed to encrypt and decrypt data increases with respect to the size of input data, making encryption expensive. Due to its overhead, encryption is not universally used and a non-negligible amount of data is insecurely stored in the cloud. In this paper, we propose a new mechanism, called Light Blind, that allows confidentiality of data stored in the cloud at a lower time overhead than classical cryptographic techniques. The key idea of our work is to partition unencrypted data across multiple clouds in such a way that none of them can reconstruct the original information. In this paper we describe this new approach and we propose a partition algorithm with constant time complexity tailored for modern multi/many-core architectures.
Download

Paper Nr:	91
Title:	Scargos: Towards Automatic Vulnerability Distribution
Authors:	Florian Rhinow and Michael Clear
Abstract:	Recent work has suggested automated approaches to vulnerability distribution, but their usage has been limited to local networks and memory corruption detection techniques and has precluded custom vulnerability response processes. We present Scargos, a novel approach to automate the distribution and verification of vulnerabilities across the internet, while allowing for automatic, custom countermeasures without the need to trust a central authority. By leveraging collaborative detection, vulnerability reports can be contributed by anybody and are announced to an open network by using packet-based self-certifying alerts (SCA), which are a proof of the existence of a vulnerability by capturing the original, unmodified attack. We show that our approach allows for detection of previously unknown attacks, while an entire life cycle including distribution and verification is achieved on average in under 2 seconds.
Download

Paper Nr:	102
Title:	A Key-private Cryptosystem from the Quadratic Residuosity
Authors:	Marc Joye
Abstract:	This paper presents a key-private public-key cryptosystem. More specifically, in addition to confidentiality, it provides privacy. Informally, ciphertexts yield no information whatsoever about its recipient (beyond what is publicly known). The presented cryptosystem also features a very fast key generation: the key generation boils down to a mere squaring modulo an RSA modulus. Further, it comes with strong security guarantees: it is proved to be semantically secure and key-private under the standard quadratic residuosity assumption.
Download

Paper Nr:	118
Title:	Phish-IDetector: Message-Id Based Automatic Phishing Detection
Authors:	Rakesh M. Verma and Nirmala Rai
Abstract:	Phishing attacks are a well known problem in our age of electronic communication. Sensitive information like credit card details, login credentials for account, etc. are targeted by phishers. Emails are the most common channel for launching phishing attacks. They are made to resemble genuine ones as much as possible to fool recipients into divulging private and sensitive data, causing huge monetary losses every year. This paper presents a novel approach to detect phishing emails, which is simple and effective. It leverages the unique characteristics of the Message-ID field of an email header for successful detection and differentiation of phishing emails from legitimate ones. Using machine learning classifiers on n-gram features extracted from Message-IDs, we obtain over 99% detection rate with low false positives.
Download

Paper Nr:	2
Title:	hHB: A Harder HB+ Protocol
Authors:	Ahmad Khoureich Ka
Abstract:	In 2005, Juels and Weis proposed HB+, a perfectly adapted authentication protocol for resource-constrained devices such as RFID tags. The HB+ protocol is based on the Learning Parity with Noise (LPN) problem and is proven secure against active adversaries. Since a man-in-the-middle attack on HB+ due to Gilbert et al. was published, many proposals have been made to improve the HB+ protocol. But none of these was formally proven secure against general man-in-the-middle adversaries. In this paper we present a solution to make the HB+ protocol resistant to general man-in-the-middle adversaries without exceeding the computational and storage capabilities of the RFID tag.
Download

Paper Nr:	7
Title:	Anonymity and Fair-Exchange in e-Commerce Protocol for Physical Products Delivery
Authors:	Cătălin V. Bîrjoveanu
Abstract:	Fair exchange and customer’s and merchant’s anonymity are two important properties of e-commerce transactions. There is to date a variety of proposed e-commerce protocols to achieve fair exchange and customer’s anonymity for transactions involving digital products. For physical products delivery there is no e-commerce protocol to provide fair exchange and customer’s and merchant’s anonymity. In this paper, we propose the first e-commerce protocol for physical products delivery that will provide fair exchange in all circumstances, anonymity of customer and merchant for any collusion that can be formed, non-repudiation, integrity and confidentiality of data exchanged between the parties.
Download

Paper Nr:	8
Title:	A Framework for Incident Response in Industrial Control Systems
Authors:	Roman Schlegel, Ana Hristova and Sebastian Obermeier
Abstract:	Industrial control systems are used to control and supervise plants and critical infrastructures. They are crucial for operation of many industries and even society at large. However, despite efforts to secure such systems, there are frequent reports of incidents that lead to problems because of human error (e.g., installing unauthorized software on a mission-critical machine) or even cyber attacks. While such incidents should be prevented in the first place, it is not feasible to achieve 100% security; therefore, operators should be prepared to deal with incidents promptly and efficiently if they occur. In this paper, we present a general methodology and framework for investigating incidents in industrial control systems. The methodology is supported by a tool to automate an investigation, especially to efficiently determine the state of files on a device after an incident. This enables faster recovery from incidents by being able to identify suspicious files and focus on the files that have been modified compared to the initially installed files, or a previously taken baseline. An evaluation confirms the applicability of the methodology for an embedded industrial controller and for an industrial control system.
Download

Paper Nr:	9
Title:	Controlled Proxy Re-signing - Conditional Proxy Re-Signatures
Authors:	S. Sree Vivek and Guhan Balasubramanian
Abstract:	Delegation of authentication is one of the vital security management strategies to manage device authentication in an enormous network. Major issue while delegating authentication using traditional proxy cryptography is that the delegator loses control over the messages which are authenticated by the delegatee and in proxy re-cryptography controlling the proxy from resigning unintended signatures of the delegatee is not possible. To address this concern, we propose a useful delegation scheme called as conditional proxy re-signature. In this paper, we propose a security model for unidirectional conditional proxy re-signature, present a concrete scheme and prove the security of the scheme in the random oracle model.
Download

Paper Nr:	10
Title:	A Public-Key Cryptography Tool for Personal Use - A Real-world Implementation of ECC for Secure File Exchange
Authors:	Luigi Maria Bottasso
Abstract:	A new library of modular arithmetic and cryptographic functions was coded, and then used for the development of a crypto tool. We present the architecture and functionality of a hybrid ECC-AES cryptosystem which can be quickly deployed even in absence of Public Key Infrastructures and associated Certification Authorities. The tool was conceived for use in combination with readily available resources, e.g. email and possibly social networks. It allows secure exchange of files with associated ECDSA digital signature, providing the user with substantial flexibility and control of the security settings. Established protocols were used in an original way, notably exploiting direct embedding of the AES session key into an elliptic curve. The code has been developed in C++ entirely from scratch, with no use of pre-existing libraries. The implementation is associated with a web site http://www.elcrypto.com, www.elcrypto.com aimed at promoting the benefits of Elliptic Curve Cryptography.
Download

Paper Nr:	31
Title:	MEDA: A Machine Emulation Detection Algorithm
Authors:	Valerio Selis and Alan Marshall
Abstract:	Security in the Internet of Things (IoT) is now considered a priority, and trust in machine-to-machine (M2M) communications is expected to play a key role. This paper presents a mechanism to detect an emerging threat in M2M systems whereby an attacker may create multiple fake embedded machines using virtualized or emulated systems, in order to compromise either a targeted IoT device, or the M2M network. A new trust method is presented that is based on a characterisation of the behaviours of real embedded machines, and operates independently of their architectures and operating systems, in order to detect virtual and emulated systems. A range of tests designed to characterise embedded and virtual devices are presented, and the results underline the efﬁciency of the proposed solution for detecting these systems easily and quickly.
Download

Paper Nr:	34
Title:	Monitoring Software Vulnerabilities through Social Networks Analysis
Authors:	Slim Trabelsi, Henrik Plate, Amine Abida, M. Marouane Ben Aoun, Anis Zouaoui, Chedy Missaoui, Sofien Gharbi and Alaeddine Ayari
Abstract:	Monitoring software vulnerability information requires an important financial and human effort in order to track all the scattered sources publishing the last news about software vulnerabilities, patches and exploits. We noticed that in some social networks like Twitter we can aggregate a lot of information related to software vulnerabilities in a single channel. In this paper, we analyse the Twitter feed in order to monitor most of the information related to software vulnerabilities including zero-day publications.
Download

Paper Nr:	39
Title:	Practical IBE Secure under CBDH - Encrypting Without Pairing
Authors:	S. Sree Vivek, S. Sharmila Deva Selvi, Aanchal Malhotra and C. Pandu Rangan
Abstract:	Since the discovery of identity based cryptography, a number of identity based encryption schemes were reported in the literature. Although a few schemes were proposed after its introduction, the first efficient identity based encryption scheme was proposed by Dan Boneh and Matthew K. Franklin in 2001. This encryption scheme uses Weil pairing on elliptic curves during both encryption and decryption process. In this paper, we propose a new identity based encryption scheme and prove its security in the random oracle model. There are two highlighting features in our scheme. First, it does not employ bilinear pairing computation during the encryption process. Second, our scheme does not require full domain hashing, which makes our scheme more practical and efficiently implementable. Moreover, we prove the security of our scheme by reducing it to the well known Computational Bilinear Diffie-Hellman problem. We first prove the security of our scheme in weaker security notion i.e. we prove our scheme to be IND-CPA secure. Then using Fujisaki Okamoto transformation, we convert our scheme to IND-CCA secure version.
Download

Paper Nr:	41
Title:	Revealing Encrypted WebRTC Traffic via Machine Learning Tools
Authors:	Mario Di Mauro and Maurizio Longo
Abstract:	The detection of encrypted real-time traffic, both streaming and conversational, is an increasingly important issue for agencies in charge of lawful interception. Aside from well established technologies used in real-time communication (e.g. Skype, Facetime, Lync etc.) a new one is recently spreading: Web Real-Time Communication (WebRTC), which, with the support of a robust encryption method such as DTLS, offers capabilities for encrypted voice and video without the need of installing a specific application but using a common browser, like Chrome, Firefox or Opera. Encrypted WebRTC traffic cannot be recognized through methods of semantic recognition since it does not exhibit a discernible sequence of information pieces and hence statistical recognition methods are called for. In this paper we propose and evaluate a decision theory based system allowing to recognize encrypted WebRTC traffic by means of an open-source machine learning environment: Weka. Besides, a reasoned comparison among some of the most credited algorithms (J48, Simple Cart, Naïve Bayes, Random Forests) in the field of decision systems has been carried out, indicating the prevalence of Random Forests.
Download

Paper Nr:	46
Title:	DPA Resistance Enhancement through a Self-healing PLL based Power Mask
Authors:	Fleura Hajilou, Ehsan Mazidi and Shahab Ardalan
Abstract:	Attackers can benefit from different side-channel properties such as timing information, electromagnetic leaks and power consumption to achieve private key of a crypto-processor. Among side channel attacks, Differential Power Analysis (DPA) is widely used by hackers. In this paper a new approach is presented to make a system more immune to DPA. The proposed technique employs a low power Phase Locked Loop (PLL) to isolate supply voltage from crypto processor. The proposed method is implemented in 45nm CMOS technology.
Download

Paper Nr:	47
Title:	Design and Performance Aspects of Information Security Prediction Markets for Risk Management
Authors:	Pankaj Pandey and Einar Arthur Snekkenes
Abstract:	Prediction Markets are the markets designed and operated to mine and aggregate the information scattered among the traders. Recently, some researchers have started exploring the application of prediction markets in the information security domain. The information security prediction market will facilitate trading of contracts to hedge the financial impact of the risks associated with the underlying information security events, such as discovery of a vulnerability in a piece of software. However, prediction markets differ in their objectives and requirements, and therefore information security prediction markets need to be carefully engineered to meet the specific requirements. The contribution of this paper is the identification of a set of design requirements for an information security prediction market, and associated performance criteria. We present five categories of design requirements: Contracts, Trading Process, Participants and Incentives, Clearing House, and Market Management for the information security prediction market. Furthermore, we present six performance measures: Information Elicitation, Transparency, Efficiency, Transaction Cost, Liquidity, and Manipulation Resistance for the performance assessment of information security prediction market.
Download

Paper Nr:	53
Title:	Battling Against DDoS in SIP - Is Machine Learning-based Detection an Effective Weapon?
Authors:	Z. Tsiatsikas, A. Fakis, D. Papamartzivanos, D. Geneiatakis, G. Kambourakis and C. Kolias
Abstract:	This paper focuses on network anomaly-detection and especially the effectiveness of Machine Learning (ML) techniques in detecting Denial of Service (DoS) in SIP-based VoIP ecosystems. It is true that until now several works in the literature have been devoted to this topic, but only a small fraction of them have done so in an elaborate way. Even more, none of them takes into account high and low-rate Distributed DoS (DDoS) when assessing the efficacy of such techniques in SIP intrusion detection. To provide a more complete estimation of this potential, we conduct extensive experimentations involving 5 different classifiers and a plethora of realistically simulated attack scenarios representing a variety of (D)DoS incidents. Moreover, for DDoS ones, we compare our results with those produced by two other anomaly-based detection methods, namely Entropy and Hellinger Distance. Our results show that ML-powered detection scores a promising false alarm rate in the general case, and seems to outperform similar methods when it comes to DDoS.
Download

Paper Nr:	74
Title:	Distributed Intrusion Detection System based on Anticipation and Prediction Approach
Authors:	Hajar Benmoussa, Anas Abou El Kalam and Abdallah Ait Ouahman
Abstract:	Despite the importance and reputation of the current intrusion detection systems, their efficiency and effectiveness remain limited as they rely on passive defensive approaches. In fact, when an intrusion is detected by the IDS, it is already happened on the network and the time required to update security rules is usually short, which provide opportunity to the attacker to inflict damages that may paralyze the network. For this purpose we suggest a new approach of distributed intrusion detection system to wisely anticipate and predict intrusions before their first occurrence in the network to secure. Our approach is based on intelligent agents and using honeypot technology to gather a vast scope of information about attacks. Moreover it combines the two detection strategies "anomaly approach and misuse approach".
Download

Paper Nr:	75
Title:	Towards Secure Gigabit Passive Optical Networks - Signal Propagation based Key Establishment
Authors:	Lukas Malina, Petr Munster, Jan Hajny and Tomas Horvath
Abstract:	Nowadays, the Passive Optical Networks (PONs) technology is widely deployed in broadband access networks. This paper deals with the security issues of Gigabit PON (GPON) standardized by the International Telecommunications Union (ITU), namely, standard ITU-T G.984 that is widely implemented in Europe these days. We describe and analyze the security of this standard and show its security risks. In spite of that transmitted data are encrypted to provide their confidentiality on a multipoint fibre connection, session secret keys during their establishment can be observed by adversaries. To address this security flaw, we propose a key establishment protocol that securely sets the session secret keys between two communication parties in GPON. Furthermore, we provide the security analysis of the proposed protocol.
Download

Paper Nr:	81
Title:	Experimental Extraction of Shared Secret Key from Fluctuations of Multipath Channel at Moving a Mobile Transceiver in an Urban Environment
Authors:	Alexey D. Smolyakov, Amir I. Sulimov, Arkadiy V. Karpov and Aidar V. Galiev
Abstract:	The Wireless Key Distribution is one of the most promising and fast growing areas in modern applied cryptography. This area covers various techniques of secure secret key distribution between two legitimate users who share a common radio channel with unpredictable signal fading in a multipath environment. In essence, the pair of legitimate nodes uses their multipath radio channel as a source of common randomness to establish a shared encryption key. There are a number of studies have been presented in recent publications devoted to experimental implementation of the Wireless Key Distribution using random variations in the received power of fading signal. Despite a number of valuable benefits, there is a much fewer experimental verifications of phase method with all of them are limited to a key distribution within some indoor environments only. Apparently, this is due to the technical difficulties of precise synchronization of legitimate users’ equipment to provide coherent carrier phase measurements in a microwave radio frequency range. In this regard, our experiments can be considered as the first experimental verification of secure Wireless Key Distribution by observing random variations in the carrier phase of multipath signal at moving a mobile user within a real outdoor environment. To perform this, we used wireless Internet transmission of concurrent service data to maintain a required level of synchronization of one stationary and one mobile legal nodes. Despite the humble key generation rates we have achieved in practice, our results show possibility of secure wireless key distribution between the base station and mobile subscriber in a cellular communications scenario.
Download

Paper Nr:	92
Title:	A Formally Verified Access Control Mechanism for Information Centric Networks
Authors:	Mahdi Aiash and Jonathan Loo
Abstract:	Communications in Information-Centric Networking place more attention on WHAT data are being exchanged rather than WHO are exchanging them. A well-established approach of information centric networks is the Network of Information (NetInf) architecture, developed as part of the EU FP7 project SAIL. The security of NetInf has been fairly analysed in the literature. In particular, research efforts have been focusing on achieving data integrity and confidentially, source or publisher authenticity and authorization. This paper analyses some work in the literature to enforce authorized access to data in NetInf, highlights a potential security threat and proposes an enhancement to address the discovered threat. The new enhancement has been formally verified using formal method approach based on the Casper/FDR tool.
Download

Paper Nr:	93
Title:	A Note on Schoenmakers Algorithm for Multi Exponentiation
Authors:	Srinivasa Rao Subramanya Rao
Abstract:	In this paper, we provide a triple scalar multiplication analogue of the simultaneous double scalar Schoenmakers’ algorithm for multiexponentiation. We analyse this algorithm to show that on the average, the triple scalar Schoenmakers’ algorithm is more expensive than the straight forward method of computing the individual exponents and then computing the requisite product, thus making it undesirable for use in resource constrained environments. We also show the derivation of the Schoenmakers’ algorithm for simultaneous double scalar multiplication and this is then used to construct the triple scalar multiplication analogue.
Download

Paper Nr:	99
Title:	Performance Evaluation of Meteor Key Distribution
Authors:	Amir I. Sulimov and Arkadiy V. Karpov
Abstract:	The Wireless Key Distribution is a fast growing area of applied cryptography covering different approaches of secure distribution of secret encryption key based on channel stochastic properties in specific radio communication systems. To be applicable in key distribution purposes the radio channel must meet the three basic requirements: randomness, reciprocity and spatial selectivity. For a long time it was believed that only the fading channels in multipath environment could satisfy all the three requirements. However, several studies also considered a meteor burst channel as a potential candidate for the secure key distribution at distances up to 2000 km. Unfortunately, a rigorous analysis of meteor radio propagation processes shows that the channel has only approximate reciprocity. This may result in the two legitimate nodes would not be able to generate identical copies of the shared secret key indicating that the Meteor Key Distribution is impossible in practice. In addition, a complicated astronomical nature of the meteor burst channel causes deep diurnal variation in its performance. The aim of our research was a comprehensive evaluation of potential performance of the Meteor Key Distribution systems, taking into account all the physical layer effects of meteor burst channel. We also wanted to clarify, how strong the imperfection of a real meteor burst channel affects the key distribution feasibility.
Download

Paper Nr:	114
Title:	Adaptive SVDD-based Learning for False Alarm Reduction in Intrusion Detection
Authors:	Tayeb Kenaza, Abdenour Labed, Yacine Boulahia and Mohcen Sebehi
Abstract:	During the last decade the support vector data description (SVDD) has been used by researchers to develop anomaly-based intrusion detection systems (IDS), with the ultimate objective to design new efficient IDS that achieve higher detection rates together with lower rates of false alerts. However, most of these systems are generally evaluated during a short period without considering the dynamic aspect of the monitored environment. They are never experimented to test their behavior in long-term, namely after some long period of deployment. In this paper, we propose an adaptive SVDD-based learning approach that aims at continuously enhancing the performances of the SVDD classifier by refining the training dataset. This approach consists of periodically evaluating the classifier by an expert, and feedback in terms of false positives and confirmed attacks is used to update the training dataset. Experimental results using both refined training dataset and compromised dataset (dataset with mislabeling) have shown promising results.
Download

Paper Nr:	115
Title:	Counter based Detection and Mitigation of Signalling Attacks
Authors:	Mihajlo Pavloski, Gökçe Görbil and Erol Gelenbe
Abstract:	The increase of the number of smart devices using mobile networks’ services is followed by the increase of the number of security threats for mobile devices, generating new challenges for mobile network operators. Signalling attacks and storms represent an emerging type of distributed denial of service (DDoS) attacks and happen because of special malware installed on smart devices. These attacks are performed in the control plane of the network, rather than the data plane, and their goal is to overload the Signalling servers which leads to service degradation and even network failures. This paper proposes a detection and mitigation mechanism of such attacks which is based on counting repetitive bandwidth allocations by mobile terminals and blocking the misbehaving ones. The mechanism is implemented in our simulation environment for security in mobile networks SECSIM. The detector is evaluated calculating the probabilities of false positive and false negative detection and is characterised by very low negative impact on un-attacked terminals. Simulation results using joint work of both detector and mitigator, are shown for: the number of allowed attacking bandwidth allocations, end-to-end delay for normal users, wasted bandwidth and load on the Signalling server. Results suggest that for some particular settings of the mechanism, the impact of the attack is successfully lowered, keeping the network in stable condition and protecting the normal users from service degradations.
Download

Paper Nr:	117
Title:	Examining the Performance for Forensic Detection of Rare Videos Under Time Constraints
Authors:	Johan Garcia
Abstract:	In many digital forensic investigations large amounts of material needs to be examined. Investigations involving video files are one instance where the amounts of material can be very large. To aid in examinations involving video, automated tools for video content classification can be employed. In this work we examine the performance of several different video classifiers in the context of forensic detection of a small number of relevant videos among a large number of irrelevant videos. The higher level task performance that is of interest is thus the ability to detect a relevant video in a limited amount of time. The performance on this higher level task is a combination of the classification performance, but also the run-time performance of the classifiers. A variety of video classification techniques are available in the literature. This work examines task performance for 6 video classification approaches from literature using Monte-Carlo simulations. The results illustrate the interdependence between run-time and classification performance, and show that high classification performance in terms of true positive and false positive rates not necessarily lead to high task performance.
Download

Paper Nr:	120
Title:	Towards Compliant Reference Architectures by Finding Analogies and Overlaps in Compliance Regulations
Authors:	Eduardo B. Fernandez and Dereje Yimam
Abstract:	Business software is subject to a variety of regulations depending on the type of application. For example, software handling of medical records must follow HIPAA; software for financial applications must comply with Sarbanes Oxley, and so on. A close examination of the policies included in those regulations shows that they have analog and common aspects. Analog parts of regulations can be expressed as Semantic Analysis Patterns (SAPs), which can lead to building similar parts in other regulations. Overlapping parts usually correspond to security patterns and can be used to add security to other regulations. If we collect SAPs and security patterns in a catalog we can build reference architectures (RAs) for existing and new regulations. The resultant Compliant RAs (CRAs) can be used as guidelines for building compliant applications.
Download

Paper Nr:	126
Title:	Design and Implementation of an Espionage Network for Cache-based Side Channel Attacks on AES
Authors:	Bholanath Roy, Ravi Prakash Giri, Ashokkumar C. and Bernard Menezes
Abstract:	We design and implement the espionage infrastructure to launch a cache-based side channel attack on AES. This includes a spy controller and a ring of spy threads with associated analytic capabilities – all hosted on a single server. By causing the victim process (which repeatedly performs AES encryptions) to be interrupted, the spy threads capture the victim’s footprints in the cache memory where the lookup tables reside. Preliminary results indicate that our setup can deduce the encryption key in fewer than 30 encryptions and with far fewer victim interruptions compared to previous work. Moreover, this approach can be easily adapted to work on diverse hardware/OS platforms and on different versions of OpenSSL.
Download

Paper Nr:	129
Title:	Practical and Secure Integrated PKE+PEKS with Keyword Privacy
Authors:	Francesco Buccafurri, Gianluca Lax, Rajeev Anand Sahu and Vishal Saraswat
Abstract:	Public-key encryption with keyword search (PEKS) schemes are useful to delegate searching capabilities on encrypted data to a third party, who does not hold the entire secret key, but only an appropriate token which allows searching operations but preserves data privacy. We propose an efficient and practical integrated public-key encryption (PKE) and public-key encryption with keyword search (PEKS) scheme (PKE+PEKS) which we prove to be secure in the strongest security notion for PKE+PEKS schemes. In particular, we provide a unified security proof of its joint CCA-security in standard model. The security of our scheme relies on Symmetric eXternal Diffie-Hellman (SXDH) assumption which is a much simpler and more standard hardness assumption than the ones used in most of the comparable schemes. Ours is the first construction to use asymmetric pairings which enable an extremely fast implementation useful for practical applications. Finally we compare our scheme with other proposed integrated PKE+PEKS schemes and provide a relative analysis of its efficiency.
Download

Paper Nr:	131
Title:	A Risk Awareness Approach for Monitoring the Compliance of RBAC-based Policies
Authors:	Faouzi Jaidi and Faten Labbene Ayachi
Abstract:	The considerable increase of the risk associated to inner threats has motivated researches in risk assessment for access control systems. Two main approaches were adapted: (i) a risk mitigation approach via features such as constraints, and (ii) a risk quantification approach that manages access based on a quantified risk. Evaluating the risk associated to the evolutions of an access control policy is an important theme that allows monitoring the conformity of the policy in terms of risk. Unfortunately, no work has been defined in this context. We propose in this paper, a quantified risk-assessment approach for monitoring the compliance of concrete RBAC-based policies. We formalize the proposal and illustrate its application via a case of study.
Download