SECRYPT 2024 Abstracts

Full Papers

Paper Nr:	19
Title:	From Plant to Lab: Industrial Emulation Tools for Real-World Security Testing in Industrial Control Systems
Authors:	Argiro Anagnostopoulou, Thomas Papaloukas, George Stergiopoulos and Dimitris Gritzalis
Abstract:	The industry and research communities have introduced a variety of approaches and algorithms that require evaluation of their security and safety in industrial settings. However, conducting such assessments is challenging, given the need to maintain operational availability of these infrastructures. Consequently, scientists often capture datasets from authentic industrial environments, but assess attacks on such data in emulated or simulated environments. To replicate proper industrial conditions within controlled and simulated environments, testbeds need to be able to assess the effectiveness of implemented attacks and provide results usable to real-world systems. In this study, we present and compare such tools that aim to emulate or simulate industrial control systems by establishing eight criteria. The objective of our work is to address concerns surrounding the selection of an appropriate emulation tool based on specific needs.
Download

Paper Nr:	25
Title:	Attribute Threat Analysis and Risk Assessment for ABAC and TBAC Systems
Authors:	Leonard Bradatsch, Artur Hermann and Frank Kargl
Abstract:	As enterprises increasingly adopt Zero Trust security, access control based on attributes is regaining attention as a core aspect of Zero Trust. Evaluating the accuracy of access decisions is a vital aspect of securing access control systems, typically involving threat analysis and risk assessment. A notable threat is attackers gaining illegitimate access by compromising the attributes checked by the access control policies. However, a systematic methodology for assessing attribute compromise risk is lacking. Knowing this risk aids in designing more accurate access control policies. This paper introduces a novel framework to address this gap, using modeled attackers and enterprises for risk assessment of attribute compromise. We also present a detailed case study featuring six attackers and two enterprises, demonstrating the framework’s practicality and providing insights into the security strength of fifteen common access control attributes. In the context of the case study, attributes such as Certificate Authentication , along with User Usage and Device Usage, which both reflect the coupling of users and devices, demonstrated high resilience against compromise attempts.
Download

Paper Nr:	26
Title:	Fuzzy Vault Security Enhancement Avoid Statistical Biases
Authors:	Sara Majbour, Morgan Barbier and Jean-Marie Le Bars
Abstract:	We assess the fuzzy vault’s security against the exploitation of statistical biases, conducting bias examination through features on a sample of biometric set. Our comparative analysis quantifies the scheme’s vulnerability to security-compromising attacks, using three bases of feature templates derived from real biometric databases of various modalities, showcasing variable quality levels, and quantifying scheme weaknesses. This study shows a decrease in the scheme’s security under such attacks and significantly contributes to understanding the fuzzy vault’s limitations regarding biases in the stored set. Moreover, we propose the first solution without requiring additional information, preserving the security of the fuzzy vault against such attacks.
Download

Paper Nr:	37
Title:	UPCARE: User Privacy-Preserving Cancer Research Platform
Authors:	Georg Bramm, Melek Önen, Martin Schanzenbach, Ilya Komarov, Frank Morgner, Christian Tiebel and Juan Cadavid
Abstract:	Cancer research has entered a new era with the advent of big data and advanced computational analytics. However, the utilization of such medical data poses significant privacy and security challenges. This paper presents a comprehensive examination of User Privacy-preserving Cancer Research Platform (UPCARE), a research platform that enables the secure and ethical sharing of sensitive medical cancer data for collaborative researchers, while safeguarding patient privacy. To our knowledge, only a few approaches have been pursued so far in building a uniform cancer research platform protected by modern cryptography. We try to provide a uniform platform for research UPCARE leverages cutting-edge cryptographic access methods, like attribute-based encryption, as well as data anonymization techniques, like multiparty homomorphic encryption, to allow secure data sharing with researchers, ensuring compliance with stringent regulatory requirements. This paper discusses the architecture, methodologies, and applications of UPCARE, highlighting its potential to improve cancer research and accelerate advancements in precision medicine while preserving user privacy.
Download

Paper Nr:	48
Title:	Verifying Artifact Authenticity with Unclonable Optical Tags
Authors:	Mónica P. Arenas, Gabriele Lenzini, Mohammadamin Rakeei, Peter Y. A. Ryan, Marjan Škrobot and Maria Zhekova
Abstract:	We study the challenge of authenticating objects. This problem is relevant when buyers need proof that a purchase is authentic and not fake. Typically, manufacturers watermark their goods, give them IDs, and provide a certificate of authenticity. Buyers, for their part, check the IDs and verify the certificate. However, even if manufacturers are honest online registration and verification are vulnerable to hacking; servers can leak private data; goods out-for-delivery can have the ID cloned and can be replaced with imitations. We propose a cyber-physical solution that combines physical properties and cryptographic protocols and that is robust against a curious registry server and attempts to physical manipulation. Security depends on two elements: (I) a material inseparably joined with an object from which we can generate digital identities and other cryptographic tokens; (ii) two novel cryptographic protocols that ensure data and object integrity and authentication of agents and objects. Besides, we show that a material with all the desired security properties exists. We can use it to coat objects, and it has optical properties, such as unclonability, from which we can build secure cryptographic protocols. We formally prove our security claims with Proverif.
Download

Paper Nr:	55
Title:	A Composition Algebra for Decentralized Enforcement of Access Control Policies with an Application to Vehicular Networks
Authors:	Peter Amthor and René Gorges
Abstract:	Highly volatile and open distributed systems typically incorporate a significant amount of secure interactions between autonomous agents. This is especially true for vehicular networks, where smart or autonomous vehicles rely on information shared with each other or traffic infrastructure. However, controlling such decentralized interaction with respect to security restrictions requires a common definition of a temporary composite policy. As a first step towards this goal, this paper presents ACCA, a lightweight extension of Boolean algebra which allows to precisely specify how access control policies should be composed. It enables to build vehicular network systems that retain independence and autonomy of their participants while reducing the amount of communication about policy knowledge. An implementation of a simulation prototype of ACCA serves as a first, promising step towards tailoring the compositional semantics to specific use cases.
Download

Paper Nr:	56
Title:	DYNAMO: Towards Network Attack Campaign Attribution via Density-Aware Active Learning
Authors:	Helene Orsini and Yufei Han
Abstract:	Network attack attribution is crucial for identifying and understanding attack campaigns, and implementing preemptive measures. Traditional machine learning approaches face challenges such as labor-intensive campaign annotation, imbalanced attack data distribution, and concept drift. To address these challenges, we propose DYNAMO, a novel weakly supervised and human-in-the-loop machine learning framework for automated network attack attribution using raw network traffic records. DYNAMO integrates self-supervised learning and density-aware active learning techniques to reduce the overhead of exhaustive annotation, querying human analysts to label only a few selected highly representative network traffic samples. Our experiments on the CTU-13 dataset demonstrate that annotating less than 3% of the records achieves attribution accuracy comparable to fully supervised approaches with twice as many labeled records. Moreover, compared to classic active learning and semi-supervised techniques, DYNAMO achieves 20% higher attribution accuracy and nearly perfect detection accuracy for unknown botnet campaigns with minimal annotations.
Download

Paper Nr:	57
Title:	Characterization of Consensus Correctness in Ripple (XRP) Networks
Authors:	Rudrapana K. Shyamasundar
Abstract:	Ripple network or the XRP network is one of the most versatile blockchain platforms used worldwide for payment systems, healthcare applications etc. The abstract protocol called XRP ledger consensus protocol (XRPL for short) is a refined version of the initial design referred to as Ripple Protocol consensus algorithm (RPCA). It is based on the Byzantine fault-tolerant (BFT) agreement protocol but does not use the standard models or implementation but utilizes collectively-trusted sub-networks within a large network. Consensus is achieved by maintaining a certain level of “trust” for the sub-networks and a certain minimal connectivity throughout the network so that the network can be robust in the face of Byzantine failures. For each server in the XRP network called there is sub-network of validators, referrred to as the Unique Node List (UNL) consisting of a subset of the servers of the whole network. To be robust against Byzantine failures, XRPL enforces 80% quorum and a certain overlap of nodes across the UNLs. The overlap was initially specified to be 20% and was later enhanced to be greater than 90% to satisfy conditions of safety and liveness. However, even with such an enhancement, safety and liveness are not satisfied. In this paper, we characterize, the XRP Ledger Consensus protocol (abbreviated XRPL) for consensus correctness using a notion of similarity metric called rand-index (RI) used for cluster analysis of networks. We establish that XRPL with 80% quorum and UNLs satisfying 50% RI similarity, is robust against 20% failures, that is, no fraudulent transactions will be accepted by the network. Further, the network satisfies consensus correctness if the UNLs of the network are more than 50% RI similar that would imply at least 80% quorum across all the UNLs.
Download

Paper Nr:	58
Title:	A Secure and Privacy-Preserving Authentication Scheme with a Zero-Trust Approach to Vehicle Renting in VANETs
Authors:	Mahdi Akil, Leonardo Martucci and Jaap-Henk Hoepman
Abstract:	Vehicular Ad-hoc Networks (VANETs) enable communications between vehicles and infrastructure and are a key part of future Intelligent Transportation Systems. Significant advancements have been made in ensuring anonymous and secure communication within VANETs; however, integrating privacy-preserving vehicle rentals in VANETS is an unsolved problem. Existing protocols do not address the unique challenges posed by vehicle sharing and rentals, particularly regarding vehicle owners’ and renters’ privacy. This paper proposes a novel rental protocol within VANETs. Our solution is based on delegatable anonymous credentials and Non-Interactive Zero-Knowledge (NIZK) proofs. It allows drivers to securely delegate credentials to vehicles. This approach ensures that each vehicle broadcasts authenticated messages, verified through NIZK proofs, while the identity of the actual driver is verifiably escrowed to an inspector that can lift driver privacy in case of abuse. The latter property implements accountability into the system. Our protocol addresses the trust issues inherent in previous systems by providing a robust mechanism for privacy-preserving, accountable vehicle rentals in VANETs, enhancing the overall security and functionality of these networks.
Download

Paper Nr:	59
Title:	On Privacy of RFID-Based Authentication Protocols
Authors:	Ferucio L. Ţiplea
Abstract:	RFID-based authentication protocols have started increasingly being used in various fields, such as tracking assets, managing stock, controlling quality processes, and automotive and healthcare services. In addition to authentication (unilateral or mutual), it is necessary that these protocols also ensure a certain level of privacy. Very often, privacy properties are studied ad hoc or informally. In this paper, we highlight two scenarios that, once identified in such protocols, show us that they cannot satisfy a certain level of privacy in the Hermans-Pashalidis-Vercauteren-Preneel (HPVP) privacy model. For each scenario, general results are presented and exemplified by existing protocols. We then analyze a recent authentication protocol based on simulatable PUFs and prove that a simplified variant of it achieves strong privacy in the HPVP model.
Download

Paper Nr:	62
Title:	Backdoor Attacks During Retraining of Machine Learning Models: A Mitigation Approach
Authors:	Matthew Yudin, Achyut Reddy, Sridhar Venkatesan and Rauf Izmailov
Abstract:	Machine learning (ML) models are increasingly being adopted to develop Intrusion Detection Systems (IDS). Such models are usually trained on large, diversified datasets. As a result, they demonstrate excellent performance on previously unseen samples provided they are generally within the distribution of the training data. However, as operating environments and the threat landscape change over time (e.g., installations of new applications, discovery of a new malware), the underlying distributions of the modeled behavior also change, leading to a degradation in the performance of ML-based IDS over time. Such a shift in distribution is referred to as concept drift. Models are periodically retrained with newly collected data to account for concept drift. Data curated for retraining may also contain adversarial samples i.e., samples that an attacker has modified in order to evade the ML-based IDS. Such adversarial samples, when included for re-training, would poison the model and subsequently degrade the model’s performance. Concept drift and adversarial samples are both considered to be out-of-distribution samples that cannot be easily differentiated by a trained model. Thus, an intelligent monitoring of the model inputs is necessary to distinguish between these two classes of out-of-distribution samples. In the paper, we consider a worst-case setting for the defender in which the original ML-based IDS is poisoned through an out-of-band mechanism. We propose an approach that perturbs an input sample at different magnitudes of noise and observes the change in the poisoned model’s outputs to determine if an input sample is adversarial. We evaluate this approach in two settings: Network-IDS and an Android malware detection system. We then compare it with existing techniques that detect either concept drift or adversarial samples. Preliminary results show that the proposed approach provides strong signals to differentiate between adversarial and concept drift samples. Furthermore, we show that techniques that detect only concept drift or only adversarial samples are insufficient to detect the other class of out-of-distribution samples.
Download

Paper Nr:	64
Title:	Perception of Privacy Tools for Social Media: A Qualitative Analysis Among Japanese
Authors:	Vanessa Bracamonte, Yohko Orito, Yasunori Fukuta, Kiyoshi Murata and Takamasa Isohara
Abstract:	Social media platforms are used worldwide, and privacy risks are encountered by all users regardless of country. Therefore, privacy-enhancing tools that automatically detect relevant information in a users’ post could be useful globally, but perception of such tools has not been widely investigated. To address this issue, we conducted a qualitative analysis of perception in Japan, where there is high social media use, to understand what are users’ opinions and privacy concerns towards this type of privacy tools. We find that Japanese users’ perception of privacy tool appears to be influenced by an overall sense of distrust towards apps and developers and by general privacy concerns. On the other hand, specific privacy concerns due to the nature of the privacy tool are less frequent, and there were not marked differences in perception when compared to concerns towards a non-privacy tool. The findings suggest that the acceptance of privacy tools in Japan would be influenced by the general sense of anxiety for privacy.
Download

Paper Nr:	65
Title:	Violence Detection: A Serious-Gaming Approach
Authors:	Derkjan Elzinga, Stan Ruessink, Giuseppe Cascavilla, Damian Tamburri, Francesco Leotta, Massimo Mecella and Willem-Jan Van Den Heuvel
Abstract:	Widespread use of IoT, like surveillance cameras, raises privacy concerns in citizens’ lives. However, limited studies explore AI-based automatic recognition of criminal incidents due to a lack of real data, constrained by legal and privacy regulations, preventing effective training and testing of deep learning models. To address dataset limitations, we propose using generative technology and virtual gaming data, such as the Grand Theft Auto (GTA-V) platform. However, it’s unclear if synthetic data accurately mirrors real-world videos for effective deep learning model performance. This research aims to explore the potential of identifying criminal scenarios using deep learning models based on gaming data. We propose a deep-learning violence detection framework using virtual gaming data. The 3-stage deep learning model focuses on person identification and violence activity recognition. We introduce a new dataset for supervised training and find virtual persons closely resembling real-world individuals. Our research demonstrates a 15% higher accuracy in identifying violent scenarios compared to three established real-world datasets, showcasing the effectiveness of a serious gaming approach.
Download

Paper Nr:	68
Title:	DISC: A Dataset for Information Security Classification
Authors:	Elijah Bass, Massimiliano Albanese and Marcos Zampieri
Abstract:	Research in information security classification has traditionally relied on carefully curated datasets. However, the sensitive nature of the classified information contained in such documents poses challenges in terms of accessibility and reproducibility. Existing data sources often lack openly available resources for automated data collection and quality review processes, making it difficult to facilitate reproducible research. Additionally, datasets constructed from declassified information, though valuable, are not readily available to the public, and their creation methods remain poorly documented, rendering them non-reproducible. This paper addresses these challenges by introducing DISC, a dataset and framework, driven by artificial intelligence principles, for information security classification. This process aims to streamline all the stages of dataset creation, from preprocessing of raw documents to annotation. By enabling reproducibility and augmentation, this approach enhances the utility of available document collections for information security classification research and allows researchers to create new datasets in a principled way.
Download

Paper Nr:	71
Title:	A White-Box Watermarking Modulation for Encrypted DNN in Homomorphic Federated Learning
Authors:	Mohammed Lansari, Reda Bellafqira, Katarzyna Kapusta, Vincent Thouvenot, Olivier Bettan and Gouenou Coatrieux
Abstract:	Federated Learning (FL) is a distributed paradigm that enables multiple clients to collaboratively train a model without sharing their sensitive local data. In such a privacy-sensitive setting, Homomorphic Encryption (HE) plays an important role by enabling computations on encrypted data. This prevents the server from reverse-engineering the model updates, during the aggregation, to infer private client data, a significant concern in scenarios like the healthcare industry where patient confidentiality is paramount. Despite these advancements, FL remains susceptible to intellectual property theft and model leakage due to malicious participants during the training phase. To counteract this, watermarking emerges as a solution for protecting the intellectual property rights of Deep Neural Networks (DNNs). However, traditional watermarking methods are not compatible with HE, primarily because they require the use of non-polynomial functions, which are not natively supported by HE. In this paper, we address these challenges by proposing the first white-box DNN watermarking modulation on a single homomorphically encrypted model. We then extend this modulation to a server-side FL context that complies with HE’s processing constraints. Our experimental results demonstrate that the performance of the proposed watermarking modulation is equivalent to the one on unencrypted domain.
Download

Paper Nr:	81
Title:	Formal Analysis of C-ITS PKI Protocols
Authors:	Mounira Msahli, Pascal Lafourcade and Dhekra Mahmoud
Abstract:	Vehicular networking is gaining a lot of popularity and attraction from among the industry and academic research communities in the last decade. The communication between vehicles will lead to more efficient and secured roads because we will be able to provide information about traffic and road conditions to vehicle’s drivers. However, ensuring the security of these networks and devices still remains a main major concern to guarantee the expected services. Secure Public Key Infrastructure (PKI) represents a common solution to achieve many security and privacy requirements. Unfortunately, current Cooperative Intelligent Transport Systems (C-ITS) PKI protocols were not verified in terms of security and privacy. In this paper, we propose a security analysis of C-ITS PKI protocols in the symbolic model using ProVerif. We formally modeled C-ITS PKI protocols based on the specifications given in the ETSI standard. We model C-ITS PKI protocols and formalize their security properties in the applied Pi-calculus. We used an automatic privacy verifier UKano to analyse Enrolment protocol. We found attacks on authentication properties, in Authorization and Validation protocols when considering a dishonest Authorization Authority (AA). We analysed proof results and we fixed identified attacks by introducing new parameters in protocol request.
Download

Paper Nr:	85
Title:	Balancing Patient Privacy and Health Data Security: The Role of Compliance in Protected Health Information (PHI) Sharing
Authors:	Md Al Amin, Hemanth Tummala, Rushabh Shah and Indrajit Ray
Abstract:	Protected Health Information (PHI) sharing significantly enhances patient care quality and coordination, contributing to more accurate diagnoses, efficient treatment plans, and a comprehensive understanding of patient history. Compliance with strict privacy and security policies, such as those required by laws like HIPAA, is critical to protect PHI. Blockchain technology, which offers a decentralized and tamper-evident ledger system, hold promise in policy compliance. This system ensures the authenticity and integrity of PHI while facilitating patient consent management. In this work, we propose a blockchain technology that integrates smart contracts to partially automate consent-related processes and ensuring that PHI access and sharing follow patient preferences and legal requirements.
Download

Paper Nr:	92
Title:	Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks
Authors:	Myria Bouhaddi and Kamel Adi
Abstract:	Machine learning (ML) models, widely used in sectors like healthcare, finance, and smart city development, face significant privacy risks due to their use of crowdsourced data containing sensitive information. These models are particularly susceptible to attribute inference attacks, where adversaries use model predictions and public or acquired metadata to uncover sensitive attributes such as locations or political affiliations. In response, our study proposes a novel, two-phased defense mechanism designed to efficiently balance data utility with privacy. Initially, our approach identifies the minimal level of noise needed in the prediction score to thwart an adversary’s classifier. This threshold is determined using adversarial ML techniques. We then enhance privacy by injecting noise based on a probability distribution derived from a constrained convex optimization problem. To validate the effectiveness of our privacy mechanism, we conducted extensive experiments using real-world datasets. Our results indicate that our defense model significantly outperforms existing methods, and additionally demonstrates its adaptability to various data types.
Download

Paper Nr:	117
Title:	Classifying Human-Generated and AI-Generated Election Claims in Social Media
Authors:	Alphaeus Dmonte, Marcos Zampieri, Kevin Lybarger, Massimiliano Albanese and Genya Coulter
Abstract:	Politics is one of the most prevalent topics discussed on social media platforms, particularly during major election cycles, where users engage in conversations about candidates and electoral processes. Malicious actors may use this opportunity to disseminate misinformation to undermine trust in the electoral process. The emergence of Large Language Models (LLMs) exacerbates this issue by enabling malicious actors to generate misinformation at an unprecedented scale. Artificial intelligence (AI)-generated content is often indistinguishable from authentic user content, raising concerns about the integrity of information on social networks. In this paper, we present a novel taxonomy for characterizing election-related claims. This taxonomy provides an instrument for analyzing election-related claims, with granular categories related to jurisdiction, equipment, processes, and the nature of claims. We introduce ElectAI, a novel benchmark dataset comprising 9,900 tweets, each labeled as human- or AI-generated. We annotated a subset of 1,550 tweets using the proposed taxonomy to capture the characteristics of election-related claims. We explored the capabilities of LLMs in extracting the taxonomy attributes and trained various machine learning models using ElectAI to distinguish between human-and AI-generated posts and identify the specific LLM variant.
Download

Paper Nr:	124
Title:	Towards a Cryptographic Model for Wireless Communication
Authors:	Frederik Armknecht and Christian Müller
Abstract:	The Man-in-the-Middle Model (MitMM) is commonly used in cryptography for modeling an attacker in multi-party scenarios. It essentially assumes that the attacker fully controls the communication between all parties, i. e., can stop and modify messages at her discretion. We argue that this model is too strong for realistically capturing the case of wireless communication. In consequence, schemes that exploit properties of wireless communication such as friendly jamming or distance bounding, cannot be analyzed in a common framework. Moreover, the lack of an appropriate model hinders the development of new schemes. Given the ever-increasing importance of wireless communication, e. g., in the context of the Internet of Things, we propose a new formal model for wireless communication. Starting from the formal MitMM, we identify three key aspects — communication channels, signals, and locality — that are not represented, explain how to extend the model accordingly, and propose a tailored WCM. Based thereon, we explain how these limit the capabilities of an attacker in the form of a WAM. Moreover, we demonstrate for an existing security mechanism, namely friendly jamming, which is not covered by the MitMM how the new model allows for analyzing/formalizing the security.
Download

Paper Nr:	126
Title:	Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses
Authors:	Julien Maillard, Thomas Hiscock, Maxime Lecomte and Christophe Clavier
Abstract:	Remote side-channel attacks on processors exploit hardware and micro-architectural effects observable from software measurements. So far, the analysis of micro-architectural leakages over physical side-channels (power consumption, electromagnetic field) received little treatment. In this paper, we argue that those attacks are a serious threat, especially against systems such as smartphones and Internet-of-Things (IoT) devices which are physically exposed to the end-user. Namely, we show that the observation of Dynamic Random Access Memory (DRAM) accesses with an electromagnetic (EM) probe constitutes a reliable alternative to time measurements in cache side-channel attacks. We describe the EVICT+EM attack, that allows recovering a full AES key on a T-Tables implementation with similar number of encryptions than state-of-the-art EVICT+RELOAD attacks on the studied ARM platforms. This new attack paradigm removes the need for shared memory and exploits EM radiations instead of high precision timers. Then, we introduce PRIME+EM, which goal is to reverse-engineer cache usage patterns of applications. This attack allows to recover the layout of lookup tables within the cache. Finally, we present COLLISION+EM, a collision-based attack on a Systemon-chip (SoC) that does not require malicious code execution, and show its practical efficiency in recovering key material on an ARM TrustZone application. Those results show that physical observation of the microarchitecture can lead to improved attacks.
Download

Paper Nr:	138
Title:	MATRaCAE: Time-Based Revocable Access Control in the IoT
Authors:	Clémentine Gritti, Emanuel Regnath and Sebastian Steinhorst
Abstract:	Internet of Things (IoT) promises a strong connection between digital and physical environments. Nevertheless, this framework comes with security vulnerabilities, due to the heterogeneous nature of devices and the diversity of their provenance. Furthermore, technical constraints (e.g. devices’ limited resources) require to lighten the design of the underlying security protocols. Liu et al. presented a system for data access with time-based control and direct user revocation that are beneficial features in IoT. In this paper, we propose an extension of this system, called MATRaCAE, that involves multiple authorities and considers binary time credentials. Doing so, we mitigate the key escrow problem and comes with a better trade-off between key update frequency and number of revoked users, which limited the applicability of Liu et al.’s scheme in IoT. Our solution can be proved secure under the Decisional Bilinear Diffie-Hellman Exponent assumption. Subsequently, we implement and evaluate MATRaCAE to demonstrate its suitability to IoT frameworks.
Download

Paper Nr:	142
Title:	Large-Scale Analysis of GitHub and CVEs to Determine Prevalence of SQL Concatenations
Authors:	Kevin Dennis, Bianca Dehaan, Parisa Momeni, Gabriel Laverghetta and Jay Ligatti
Abstract:	SQL Injection Attacks (SQLIAs) remain one of the top security risks in modern web applications. Vulnerabilities to SQLIAs arise when unsanitized input is concatenated into dynamically constructed SQL statements. Because existing prepared statement implementations cannot insert identifiers into prepared statements, programmers have no choice but to concatenate dynamically determined identifiers directly into SQL statements. If an identifier is not sanitized before concatenation, a kind of SQLIA called a SQL Identifier Injection Attack (SQL-IDIA) is possible. To investigate the prevalence of SQL concatenations in real code, we conducted, to our knowledge, the largest analysis of open-source software to date. We crawled 4,762,175 files in 944,316 projects on GitHub to identify SQL statements constructed using concatenation and potential SQL-IDIAs. Our crawler classified 42% of Java, 91% of PHP, and 56% of C# files as constructing SQL statements via concatenation. It further found that 27% of the Java, 6% of the PHP, and 22% of the C# files of these concatenations contain identifiers. Manual analysis indicates that the automated SQL-IDIA classifier achieved an overall accuracy of 93.4%. Further testing suggests approximately 22.7% of web applications may be exploitable via a SQL-IDIA. PHP applications were particularly exploitable at 38% of applications.
Download

Paper Nr:	151
Title:	QuDPas-FHA: Quantum-Defended Privacy-Preserved Fast Handover Authentication in Space Information Networks
Authors:	Arijit Karati, Ting-Yu Chen and Kai-Yao Lin
Abstract:	The Space Information Network (SIN) has evolved from a terrestrial network to an extension, enhancing communication capabilities and enabling augmented intelligence research. However, communication security is crucial due to potential risks like inadequate implementation and high access latency. This could allow malicious organizations to access gateways and compromise the system’s safety and privacy. This work proposes a novel framework and authentication protocol to streamline the incorporation of security measures into unencrypted wireless communication within the SIN. The proposed authentication protocol is based on signcryption and HMAC, ensuring communication confidentiality, access identity validation, and anonymity. The protocol utilizes lattice cryptography and demonstrates resilience against quantum attacks. Besides, the protocol ensures user anonymity while safeguarding identity management by considering a suitable approach to overseeing revocable keys. The evaluated protocol satisfies message authentication, unlinkability, traceability, and identity privacy criteria, thwarting several security risks, including replay attacks, man-in-the-middle attacks, node impersonation, and quantum attacks. Compared to existing works, our protocol exhibits significant promise in enabling secure communication with adequate functional overheads within the SIN framework.
Download

Paper Nr:	156
Title:	Imperceptible QR Watermarks in High-Resolution Videos
Authors:	Tymoteusz Lindner, Tomasz Hawro and Piotr Syga
Abstract:	The recent advancements in watermarking have indicated the capacity of deep learning for video copyright protection. We introduce a novel deep neural network architecture that uses QR-coded-based messages for video watermarking. Our framework encompasses an encoder-decoder structure, integrating two noiser components, to adeptly increase the robustness against attacks, including MPEG compression. Our solution is aimed at real-life applications; hence we focus on high-resolution videos and intend the encoded image to be indistinguishable from the cover image. To that end, we perform a subjective evaluation on a group of 72 volunteers as well as calculate objective quality metrics obtaining 0.000241 LPIPS, 1.000 SSIM, and 63.8dB PSNR for the best scenario. The obtained results improve PSNR reported by REVMark (Y. Zhang et al., 2023) by around 30dB and LPIPS by a factor of 100. Furthermore, extensive evaluation on both standard COCO dataset and high-resolution videos underlines the method's high robustness against image distortion attacks, achieving over 0.9 bit accuracy for JPEG (q=90), Dropout (p=0.85) and chroma subsampling (4:2:0).
Download

Paper Nr:	172
Title:	Code Obfuscation Classification Using Singular Value Decomposition on Grayscale Image Representations
Authors:	Sebastian Raubitzek, Sebastian Schrittwieser, Caroline Lawitschka, Kevin Mallinger, Andreas Ekelhart and Edgar Weippl
Abstract:	In the ever-evolving world of cybersecurity, malware code hidden through code obfuscation is a key challenge for detection systems. This research explores how to identify and analyze these obfuscations by turning binary code into grayscale images, avoiding traditional code analysis methods that obfuscations might disrupt. We convert the bytes of binary code to grayscale values and use singular value decomposition (SVD) to uncover patterns that different obfuscation techniques create in the images. This method helps us see if specific obfuscation approaches cause unique patterns in the binary data, allowing us to classify them accurately. We apply this technique to improve malware obfuscation detection and help software developers choose obfuscation methods that are harder to spot. The main achievements of this study include developing a dependable system for classifying obfuscated code, a detailed evaluation of how obfuscations affect binary structure and visual representations thereof, and insights into using visual analysis for structural code analysis.
Download

Paper Nr:	177
Title:	An ASM-Based Approach for Security Assessment of Ethereum Smart Contracts
Authors:	C. Braghin, E. Riccobene and Simone Valentini
Abstract:	Blockchain-based smart contracts are gaining widespread adoption due to their potential to automate complex transactions securely and transparently. However, ensuring the correctness and security of smart contracts remains a challenge. This paper proposes a novel approach to modeling and verifying Ethereum smart contracts’ exception-related vulnerabilities using Abstract State Machines (ASMs). ASMs provide a formal modeling language that enables the precise representation of system behavior and properties. We developed an ASM model of a Solidity smart contract and demonstrated its use on Unhandled Exception vulnerability identification and check contract correctness. Our approach offers a formal framework for smart contract modeling and verification. It leverages the power of ASM tools to identify vulnerabilities and ensure contract reliability, contributing to more secure and trustworthy blockchain-based applications.
Download

Paper Nr:	180
Title:	Towards a Secure and Intelligent Access Control Policy Adapter for Big Data Environment
Authors:	El M. Chakir, Marouane Hachimi and Mohammed Erradi
Abstract:	In today’s digital landscape, Big Data is crucial for business efficiency and decision-making, but it raises significant Access Control challenges due to its growing scale, complexity, and diversity of user interactions. These challenges include ensuring data integrity, maintaining privacy, and preventing unauthorized access, all of which become increasingly difficult as data volumes and access points expand. In this paper, we propose an approach that combines Time Series Anomaly Detection with Machine Learning (ML) to enable adaptive Access Control policies that dynamically adjust based on detected anomalies and changing user behaviors in Big Data environments. By analyzing collected logs, we extract models of users’ behaviors, which are then utilized to train an ML model specifically designed to identify abnormal behavioral patterns indicative of potential security breaches or unauthorized access attempts. The Access Control Policy Adapter uses the anomalies identified by the ML model, along with static and behavioral anomaly detection techniques, to adjust Access Control policies, thus ensuring that the system remains robust against evolving threats. We validate this approach using a synthetic dataset, and initial results demonstrate the effectiveness of this method, underscoring its potential to significantly enhance data security in complex Big Data ecosystems.
Download

Paper Nr:	191
Title:	TI-NERmerger: Semi-Automated Framework for Integrating NER Datasets in Cybersecurity
Authors:	Inoussa Mouiche and Sherif Saad
Abstract:	Recent advancements highlight the crucial role of high-quality data in developing accurate AI models, especially in threat intelligence named entity recognition (TI-NER). This technology automates the detection and classification of information from extensive cyber reports. However, the lack of scalable annotated security datasets hinders TI-NER system development. To overcome this, researchers often use data augmentation techniques such as merging multiple annotated NER datasets to improve variety and scalability. Integrating these datasets faces challenges like maintaining consistent entity annotations and entity categories and adhering to standardized tagging schemes. Manually merging datasets is time-consuming and impractical on a large scale. Our paper presents TI-NERmerger, a semi-automated framework that integrates diverse TI-NER datasets into scalable, compliant datasets aligned with cybersecurity standards like STIX-2.1. We validated the framework’s efficiency and effectiveness by comparing it with manual processes using the DNRTI and APTNER datasets, producing Augmented APTNER (2APTNER). The results demonstrate over 94% reduction in manual labour, saving several months of work in just minutes. Additionally, we applied advanced ML algorithms to validate the effectiveness of the integrated NER datasets. We also provide publicly accessible datasets and resources, supporting further research in threat intelligence and AI model developments.
Download

Short Papers

Paper Nr:	27
Title:	Higher Order Leakage Assessment and Neural Network-based Attack on CRYSTALS-Kyber
Authors:	Buvana Ganesh, Mosabbah M. Ahmed and Alieeldin Mady
Abstract:	To enable the secure deployment of CRYSTALS-Kyber as the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) standard for key encapsulation mechanisms (KEM), several attacks have emerged for both the algorithm and its implementations. In this work, a thorough higher order test vector leakage assessment has been performed on open source implementations of CRYSTALS-Kyber. With the traces obtained using the ChipWhisperer framework, the leakage is determined and a template Side Channel Attacks (SCA) is performed with deep learning to successfully uncover the secret key from the first-order masked implementation of CRYSTALS-Kyber. Overall, this work performs a comprehensive leakage assessment and neural network-based SCAs on the masked implementation of CRYSTALS-Kyber.
Download

Paper Nr:	29
Title:	K-Resilient Public Key Authenticated Encryption with Keyword Search
Authors:	Koon-Ming Chan, Swee-Huay Heng, Syh-Yuan Tan and Shing-Chiang Tan
Abstract:	The public key encryption with keyword search (PEKS) scheme is a cryptographic primitive introduced to securely store and allow specific searches within encrypted data. Traditional encryption prioritises confidentiality but complicates search operations, requiring decryption before searches can be conducted. PEKS scheme addresses this limitation by enabling authorised users to search for specific keywords within encrypted data without compromising the underlying encryption. This facilitates efficient and secure data retrieval without the need to decrypt the entire dataset. However, PEKS is susceptible to the keyword guessing attack (KGA), exploiting the deterministic nature of the PEKS trapdoor so the adversary can correctly guess the keyword encrypted in a trapdoor. To enhance PEKS security to counter KGA, various schemes have been proposed. A notable one is public key authenticated encryption with keyword search (PAEKS). PAEKS combines authentication and encryption with keyword-based search functionalities, ensuring data source authentication, encrypted information security, and keyword-based searches. This approach offers a more robust and secure alternative to traditional PEKS. However, many existing PAEKS schemes rely on computationally exhaustive bilinear pairing. In this paper, we propose a PAEKS scheme based on k-resilient identity-based encryption without bilinear pairing. By using the provable security approach, we show that our proposed PAEKS scheme satisfies keyword privacy and trapdoor privacy. Furthermore, we also present a performance evaluation of our proposed PAEKS scheme with other related PAEKS schemes and show the efficiency of our proposed scheme.
Download

Paper Nr:	31
Title:	An Extended Method for Transmitting Secret Messages in Textual Documents Based on Paragraph Resizing
Authors:	Benjamin Aziz, Estabraq Makiyah and Aysha Bukhelli
Abstract:	This short paper presents an extended method for the embedding of secret messages in text documents based on the readjustment of paragraph sizes in a document. The new method improves on an existing method in literature proposed by the authors previously, by introducing the idea of choice functions, which allows for any two paragraphs in a document to be compared. This new method provides for greater flexibility when performing text steganography. The paper also defines a modified algorithm, based on the Diffie-Hellman protocol, for establishing an agreement between two communicating parties on the choice of paragraphs to compare prior to the commencement of the communication session. Finally, the paper demonstrates the applicability of the extended method by means of a few examples.
Download

Paper Nr:	32
Title:	High-Speed Pipelined FPGA Implementation of a Robust Steganographic Scheme for Secure Data Communication Systems
Authors:	Salah Harb, M. O. Ahmad and M. S. Swamy
Abstract:	In this paper, we introduce a high-speed and area-efficient hardware design for a novel modulus-based image steganographic scheme, specifically targeting constrained-area steganographic embedded systems. The proposed modulus-based image steganography scheme enhances both image quality and embedding rate while ensuring resilience against PVD histogram analysis, salt-and-pepper noise, and RS analysis attack. The hardware architecture incorporates pipelined registers placed to guarantee balanced-execution paths among computing components. A memory-less finite state machine model is developed to efficiently control the instructions for the steganographic operations. Employing a hardware-software co-design approach, the proposed hardware design is realized as an IP core on the AMD Xilinx Zynq-7000 APSoC platform. It processes concealing operations in just 13 clock cycles, utilizes 148 slices, and operates at 290 MHz. This results in a remarkable throughput of 2.32 Gbps. The hardware design demonstrates significant improvements in speed, resource utilization, and throughput compared to recent steganographic hardware implementations, making it ideal for resource-constrained, real-time applications ranging from secure embedded communication to advanced IoT data protection.
Download

Paper Nr:	34
Title:	Security Analysis for BB84 Key Distillation
Authors:	Sara Nikula, Anssi Lintulampi and Kimmo Halunen
Abstract:	Key distillation, also referred to as classical post-processing, plays a pivotal role in Quantum Key Distribution (QKD) protocols. Key distillation encompasses numerous subroutines, making the analysis of its overall security implications potentially challenging for those outside the research community. In this paper, we elucidate the role of the key distillation phase in QKD from a security standpoint. We begin by analyzing the different components of the key distillation phase individually, followed by an examination of the process as a whole. We then calculate the bit strength of the produced key, assuming that an attacker is executing an intercept and resend attack. For our analysis, we employ a practical key distillation implementation linked to a decoy state BB84 protocol as a case study. Our findings suggest that the security of the final key, post the key distillation phase, hinges on several factors. These include the theoretical security of the implemented subroutines, the total information leakage throughout the process, and the choices of subroutine parameters. Given these assumptions, we can distill 287 secure bits for every 1000 bits that undergo the key distillation procedure.
Download

Paper Nr:	39
Title:	MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection
Authors:	Claudio Curto, Daniela Giordano, Simone Palazzo and Daniel G. Indelicato
Abstract:	Research in software vulnerability detection has grown exponentially and a great number of vulnerability detection systems have been proposed. Recently, researchers have started considering machine learning and deep learning-based approaches. Various techniques, models and approaches with state of the art performance have been proposed for vulnerability detection, with some of these performing line-level localization of the vulnerabilities in the source code. However, the majority of these approaches suffers from several limitations, caused mainly by the use of synthetic data and by the inability to categorize the vulnerabilities detected. Our study propose a method to overcome these limitations, exploring the effects of different transformer-based approaches to extend the models capabilities while enhancing the vulnerability detection performance. Finally, we propose a transformer-based multitask model trained on real world data for highly reliable results in vulnerability detection, CWE categorization and line-level detection.
Download

Paper Nr:	43
Title:	SCWAD: Automated Pentesting of Web Applications
Authors:	Natan Talon, Valérie T. Tong, Gilles Guette, Yufei Han and Youssef Laarouchi
Abstract:	A wide array of techniques and tools can be employed for web application security assessment. Some methods, such as fuzzers and scanners, are partially or fully automated, offering speed and cost-effectiveness. However, these tools often fall short in detecting specific vulnerabilities like broken access control and are prone to generating false positives. On the other hand, manual processes like penetration testing, though more time-consuming and necessitating expertise, provide a more comprehensive risk assessment. To overcome the limitations of automated tools, these techniques are frequently combined. Fuzzers and scanners, despite their ease of use and quick results, require the expertise of penetration testing experts to address their limitations. By integrating these approaches, a more robust and nuanced security assessment can be achieved. This article presents SCWAD, an automated and customizable penetration testing framework designed to assess vulnerabilities in web applications.
Download

Paper Nr:	46
Title:	Dvorak: A Browser Credential Dumping Malware
Authors:	José Areia, Bruno Santos and Mário Antunes
Abstract:	Memorising passwords poses a significant challenge for individuals, leading to the increasing adoption of password managers, particularly browser password managers. Despite their benefits to users’ daily routines, the use of these tools introduces new vulnerabilities to web and network security. This paper aims to investigate these vulnerabilities and analyse the security mechanisms of browser-based password managers integrated into Google Chrome, Microsoft Edge, Opera GX, Mozilla Firefox, and Brave. Through malware development and deployment, Dvorak is capable of extracting essential files from the browser’s password manager for subsequent decryption. To assess Dvorak functionalities we conducted a controlled security analysis across all aforementioned browsers. Our findings reveal that the designed malware successfully retrieves all stored passwords from the tested browsers when no master password is used. However, the results differ depending on whether a master password is used. A comparison between browsers is made, based on the results of the malware. The paper ends with recommendations for potential strategies to mitigate these security concerns.
Download

Paper Nr:	50
Title:	The Use of the DWARF Debugging Format for the Identification of Potentially Unwanted Applications (PUAs) in WebAssembly Binaries
Authors:	Calebe Helpa, Tiago Heinrich, Marcus Botacin, Newton C. Will, Rafael R. Obelheiro and Carlos A. Maziero
Abstract:	Debugging formats are well-known means to store information from an application, that help developers to find errors, bugs, or unexpected behavior during the development period. The Debugging With Attributed Record Format (DWARF) is an example of a generic format that can be used for a range of programming languages and formats, such as WebAssembly, a low-level binary format that provides a compilation target for high-level languages. Given the use of debugging formats, their potential for intrusion detection is still unknown. Our study consists of evaluating the use of data extracted with the DWARF format, and their respective potential for an intrusion detection solution. In this context, we present a strategy for identifying Potentially Unwanted Application (PUA) in WebAssembly binaries, through feature extraction and static analysis using the DWARF format as a data source from WebAssembly binary. Our results are promising, with an overall f1score performance above 96% for the algorithms.
Download

Paper Nr:	74
Title:	Automating Compliance for Improving TLS Security Postures: An Assessment of Public Administration Endpoints
Authors:	Riccardo Germenia, Salvatore Manfredi, Matteo Rizzi, Giada Sciarretta, Alessandro Tomasi and Silvio Ranise
Abstract:	System administrators tasked with configuring TLS servers must make numerous decisions - e.g., selecting the appropriate ciphers, signature algorithms, and TLS extensions - and it may not be obvious, even to security experts, which decisions may expose them to attacks. To address this issue, raise awareness, and establish a security threshold, numerous cybersecurity agencies around the world issue technical guidelines for the use and configuration of TLS. In this paper we carry out an assessment of the TLS security posture of European and US based endpoints in relation to their respective national cybersecurity guidelines. Our results show that a surprisingly high amount of the analyzed websites have a low compliance level when compared to their respective national guideline. We attempt to identify potential causes by presenting a series of observations that may underlie the lack of compliance. The analysis is conducted by employing a TLS analyzer we developed to automate the compliance analysis and the application of the suggested changes, assisting system administrators during this important yet complex task. Our tool and the dataset containing the machine-readable requirements for automating conformity assessment are publicly available, thus making the process auditable and the assets extensible.
Download

Paper Nr:	78
Title:	Organizing Records for Retrieval in Multi-Dimensional Range Searchable Encryption
Authors:	Mahdieh Heidaripour, Ladan Kian, Maryam Rezapour, Mark Holcomb, Benjamin Fuller, Gagan Agrawal and Hoda Maleki
Abstract:	Storage of sensitive multi-dimensional arrays must be secure and efficient in storage and processing time. Searchable encryption allows one to trade between security and efficiency. Searchable encryption design focuses on building indexes, overlooking the crucial aspect of record retrieval. Gui et al. (PoPETS 2023) showed that understanding the security and efficiency of record retrieval is critical to understand the overall system. A common technique for improving security is partitioning data tuples into parts. When a tuple is requested, the entire relevant part is retrieved, hiding the tuple of interest. This work assesses tuple partitioning strategies in the dense data setting, considering parts that are random, 1-dimensional, and multi-dimensional. We consider synthetic datasets of 2,3 and 4 dimensions, with sizes extending up to 2M tuples. We compare security and efficiency across a variety of record retrieval methods. Our findings are: is any size as long as the query is large in all other dimensions. et al., USENIX Security 2020).
Download

Paper Nr:	82
Title:	Autoencoder for Detecting Malicious Updates in Differentially Private Federated Learning
Authors:	Lucia Alonso and Mina Alishahi
Abstract:	Differentially Private Federated Learning (DP-FL) is a novel machine learning paradigm that integrates federated learning with the principles of differential privacy. In DP-FL, a global model is trained across decentralized devices or servers, each holding local data samples, without the need to exchange raw data. This approach ensures data privacy by adding noise to the model updates before aggregation, thus preventing any individual contributor’s data from being compromised. However, ensuring the integrity of the model updates from these contributors is paramount. This research explores the application of autoencoders as a means to detect anomalous or fraudulent updates from contributors in DP-FL. By leveraging the reconstruction errors generated by autoencoders, this study assesses their effectiveness in identifying anomalies while also discussing potential limitations of this approach.
Download

Paper Nr:	86
Title:	The IoT Breaches Your Household Again
Authors:	Davide Bonaventura, Sergio Esposito and Giampaolo Bella
Abstract:	Despite their apparent simplicity, devices like smart light bulbs and electrical plugs are often perceived as exempt from rigorous security measures. However, this paper challenges this misconception, uncovering how vulnerabilities in these seemingly innocuous devices can expose users to significant risks. This paper extends the findings outlined in previous work, introducing a novel attack scenario. This new attack allows malicious actors to obtain sensitive credentials, including the victim’s Tapo account email and password, as well as the SSID and password of her local network. Furthermore, we demonstrate how these findings can be replicated, either partially or fully, across other smart devices within the same IoT ecosystem, specifically those manufactured by Tp-Link. Our investigation focused on the Tp-Link Tapo range, encompassing smart bulbs (Tapo L530E, Tapo L510E V2, and Tapo L630), a smart plug (Tapo P100), and a smart camera (Tapo C200). Utilizing similar communication protocols, or slight variants thereof, we found that the Tapo L530E, Tapo L510E V2, and Tapo L630 are susceptible to complete exploitation of all attack scenarios, including the newly identified one. Conversely, the Tapo P100 and Tapo C200 exhibit vulnerabilities to only a subset of attack scenarios. In conclusion, by highlighting these vulnerabilities and their potential impact, we aim to raise awareness and encourage proactive steps towards mitigating security risks in smart device deployment.
Download

Paper Nr:	88
Title:	A Formal Analysis of CIE Level 2 Multi-Factor Authentication via SMS OTP
Authors:	Roberto Van Eeden, Matteo Paier and Marino Miculan
Abstract:	We analyze the security of Level 2 multi-factor authentication (MFA) based on SMS One-Time Passcode (OTP) of Italian Electronic Identity Card (CIE). We propose a novel threat model encompassing password compromise, network disruptions, user errors, and malware attacks. The combinations of the adversary’s attack capabilites yield a plethora of possible attack scenarios, which we systematically generate, formalise and verify in ProVerif. Our analysis reveals that CIE MFA based on SMS OTP is vulnerable to attacks with read access to the mobile device or keyboard, or to phishing, but event to mere read access to the user’s computer screen. To address the latter vulnerability, we propose a minor modification of the protocol. The threat model we introduce paves the way for the analysis of other CIE MFA protocols.
Download

Paper Nr:	90
Title:	Solving Access Control Conflicts in Multi-User Systems
Authors:	Alba Martinez Anton, Clara Bertolissi and Jean-Marc Talbot
Abstract:	Collaborative systems deal with shared content which is jointly owned and managed by multiple users. Individual privacy preferences should be taken into account during access control evaluation, resolving conflicts while ensuring the acceptability of collective access decisions. In this work we propose a threshold-based conflict resolution strategy in the context of social networks. The resolution method is based on the information captured in the social graph, supporting the interpersonal relations between users, and the provenance graph, supporting the multi-management of data. A prototype implementation attests the feasibility of the proposed approach.
Download

Paper Nr:	94
Title:	CVE2CWE: Automated Mapping of Software Vulnerabilities to Weaknesses Based on CVE Descriptions
Authors:	Massimiliano Albanese, Olutola Adebiyi and Frank Onovae
Abstract:	Vulnerabilities in software systems are inevitable, but proper mitigation strategies can greatly reduce the risk to organizations. The Common Vulnerabilities and Exposures (CVE) list makes vulnerability information readily available and organizations rely on this information to effectively mitigate vulnerabilities in their systems. CVEs are classified into Common Weakness Enumeration (CWE) categories based on their underlying weaknesses and semantics. This classification provides an understanding of software flaws, their potential impacts, and means to detect, fix and prevent them. This understanding can help security administrators efficiently allocate resources to address critical security issues. However, mapping of CVEs to CWEs is mostly a manual process. To address this limitation, we introduce CVE2CWE, an automated approach for mapping Common Vulnerabilities and Exposures (CVEs) to Common Weakness Enumeration (CWE) entries. Leveraging natural language processing techniques, CVE2CWE extracts relevant information from CVE descriptions and maps them to corresponding CWEs. The proposed method utilizes TF-IDF vector representations to model CWEs and CVEs and assess the semantic similarity between CWEs and previously unseen CVEs, facilitating accurate and efficient mapping. Experimental results demonstrate the effectiveness of CVE2CWE in automating the vulnerability-to-weakness mapping process, thereby aiding cybersecurity professionals in prioritizing and addressing software vulnerabilities more effectively. Additionally, we study the similarities and overlaps between CWEs and quantitatively assess their impact on the classification process.
Download

Paper Nr:	103
Title:	Amun: Securing E-Voting Against Over-the-Shoulder Coercion
Authors:	Riccardo Longo and Chiara Spadafora
Abstract:	In an election where each voter may express P preferences among M possible choices, the Amun protocol allows to secure vote casting against over-the-shoulder adversaries, retaining privacy, fairness, end-to-end verifiability, and correctness. We prove the security of the construction under the standard Decisional Diffie Hellman assumption in the random oracle model.
Download

Paper Nr:	105
Title:	Simulating SASCA on Keccak: Security Implications for Post-Quantum Cryptographic Schemes
Authors:	Julien Maillard, Thomas Hiscock, Maxime Lecomte and Christophe Clavier
Abstract:	Keccak is a standard hashing algorithm that is used in cryptographic protocols as Pseudo Random Functions (PRF), as Pseudo Random Number Generator (PRNG), to check data integrity or to create a Hash-based Message Authentication Code (HMAC). In many cryptographic constructions, secret data is processed with hashing functions. In these cases, recovering the input given to the hashing algorithm allows retrieving secret data. In this paper, we investigate the application of Soft Analytical Side-Channel Attacks (SASCA), based on a Belief Propagation (BP) framework, to recover the input of SHA-3 instances. Thanks to a simulation framework, we extend existing work on the Keccak-f permutation function by developing a comprehensive study of the attacker’s recovery capacity depending on the hash function variant. Then, we study the security implications of SASCA on cryptosystems performing multiple calls to hashing functions with inputs derived from the same secret data. We show that such constructions can be exploited efficiently by an attacker and show typical use-cases by targeting Kyber’s encryption routine and Dilithium’s signing routine. We also show that increasing Kyber’s security parameters implies weaker security against SASCA. Finally, our study gives insights about the minimal bit-level classification accuracy required for successful SASCA on Keccak.
Download

Paper Nr:	107
Title:	Kex-Filtering: A Proactive Approach to Filtering
Authors:	Fabrizio Baiardi, Filippo Boni, Giovanni Braccini, Emanuele Briganti and Luca Deri
Abstract:	Kex-Filtering is a method to identify malicious nodes by analyzing their configuration when they try to connect as clients to an SSH server. The process adopts the hassh hashing network fingerprinting standard to discover and record the distinct configurations of malicious SSH clients. The method computes an MD5 hash during the SSH handshake when the client and server exchange their SSH configurations, including a specific range of algorithms to establish a secure SSH channel. Kex-Filtering fully exploits that, to simplify botnet management, a large number of nodes of a botnet share the same configuration of their SSH clients. Experimental data collected through honeypots confirm that Kex-Filtering stops a large percentage of attacks and it results in a very low number of false positives and negatives even when using few hashes.
Download

Paper Nr:	129
Title:	Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs
Authors:	Arka Ghosh, Massimiliano Albanese, Preetam Mukherjee and Amir Alipour-Fanid
Abstract:	Intrusion Detection Systems (IDS) are strategically installed on specific nodes of an enterprise network to detect ongoing attempts to exploit vulnerable systems. However, deploying a large number of detection rules in each IDS may reduce their efficiency and effectiveness, especially when an IDS is monitoring high-speed data communication channels. Existing research on optimal IDS placement strategies does not address the problem at such a level of granularity. This paper proposes a novel approach for strategic rule deployment subject to various practical constraints. Attack graph-based modeling, along with knowledge of the network topology, is employed to identify the set of suitable rules for deployment on individual IDSs, and capacity constraints are considered to balance the load across IDSs. We provide a formal specification of the optimization problem and propose a practical heuristic solution based on a genetic algorithm.
Download

Paper Nr:	144
Title:	Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures
Authors:	George Stergiopoulos, Michalis Detsis, Sozon Leventopoulos and Dimitris Gritzalis
Abstract:	This research paper presents a methodology and corresponding tool that aim to automate decision-making in prioritizing cybersecurity investments by identifying a minimal subset of assets based on their risk exposure, the protection of which would yield maximum risk reduction and cost efficiency. The presented method aims to assist in strategic security planning, offering significant savings while ensuring robust cyber defense mechanisms are in place. To achieve this, we developed an application that identifies and classifies critical assets within ICT networks using supervised machine learning, graph centrality measurements and cascading attack paths. We utilize over 100 randomly generated network models taken from existing companies to build a classifier able to determine ICT critical nodes. We use topological features and dependency risk graphs to simulate potential cyberattack paths.
Download

Paper Nr:	161
Title:	Bringing Binary Exploitation at Port 80: Understanding C Vulnerabilities in WebAssembly
Authors:	Emmanuele Massidda, Lorenzo Pisu, Davide Maiorca and Giorgio Giacinto
Abstract:	WebAssembly (Wasm) has emerged as a novel approach for integrating binaries into web applications starting from various programming languages such as C, Rust and Python. Despite the numerous claims about its memory safety, issues such as buffer overflow, format strings, use after free, and integer overflow have resurfaced within Wasm. These vulnerabilities can be used to impact web application security, potentially leading to critical issues like Cross-Site Scripting (XSS) and Remote Code Execution (RCE). Our work aims to demonstrate how memory-related vulnerabilities in C codes, when compiled into Wasm, can be exploited for XSS and RCE. Our methodology proposes proof of concepts related to exploiting important stack- and heap-based vulnerabilities. In particular, we demonstrate for the first time that specific vulnerabilities (such as format string) can be effectively employed to achieve arbitrary read and write in Wasm contexts. Our results pose serious concerns about the reliability of Wasm in terms of memory safety, which we believe should be addressed in the next releases.
Download

Paper Nr:	162
Title:	Safe or Scam? An Empirical Simulation Study on Trust Indicators in Online Shopping
Authors:	Sebastian Schrittwieser, Andreas Ekelhart, Esther Seidl and Edgar Weippl
Abstract:	Complaints from Internet users about online shopping scams have increased significantly in recent years. An indication of the trustworthiness of a store can be obtained by a user on the basis of a number of trust indicators, such as available payment methods or availability and correctness of contact information. In this paper, we analyzed the behavior of 646 participants during online shopping with regards to non-technical trust indicators. Our work is based on an online shopping simulation study including one trustworthy and two scam store imitations. By automatically tracking the participants’ behavior, we found that only a minority of users pay attention to trust indicators and most participants of the study purchased in an obvious scam store (28%) – most likely due to its lower prices. Personal (age, gender, educational level, frequency of online purchase or Internet usage at work) and contextual (time pressure) factors did not significantly influence the choice.
Download

Paper Nr:	170
Title:	Do You Trust Your Device? Open Challenges in IoT Security Analysis
Authors:	Lorenzo Binosi, Pietro Mazzini, Alessandro Sanna, Michele Carminati, Giorgio Giacinto, Riccardo Lazzeretti, Stefano Zanero, Mario Polino, Emilio Coppa and Davide Maiorca
Abstract:	Several critical contexts, such as healthcare, smart cities, drones, transportation, and agriculture, nowadays rely on IoT, or more in general embedded, devices that require comprehensive security analysis to ensure their integrity before deployment. Security concerns are often related to vulnerabilities that result from inadequate coding or undocumented features that may create significant privacy issues for users and companies. Current analysis methods, albeit dependent on complex tools, may lead to superficial assessments due to compatibility issues, while authoritative entities struggle with specifying feasible firmware analysis requests for manufacturers within operational contexts. This paper urges the scientific community to collaborate with stakeholders—manufacturers, vendors, security analysts, and experts—to forge a cooperative model that clarifies manufacturer contributions and aligns analysis demands with operational constraints. Aiming at a modular approach, this paper highlights the crucial need to refine security analysis, ensuring more precise requirements, balanced expectations, and stronger partnerships between vendors and analysts. To achieve this, we propose a threat model based on the feasible interactions of actors involved in the security evaluation of a device, with a particular emphasis on the responsibilities and necessities of all entities involved.
Download

Paper Nr:	182
Title:	Comparison of Access Control Approaches for Graph-Structured Data
Authors:	Aya Mohamed, Dagmar Auer, Daniel Hofer and Josef Küng
Abstract:	Access control is the enforcement of the authorization policy, which defines subjects, resources, and access rights. Graph-structured data requires advanced, flexible, and fine-grained access control due to its complex structure as sequences of alternating vertices and edges. Several research works focus on protecting property graph-structured data, enforcing fine-grained access control, and proving the feasibility and applicability of their concept. However, they differ conceptually and technically. To gain a profound overview of the current state of research, we study works from our systematic literature review on authorization and access control for different database models in addition to recent ones. Based on defined criteria, we exclude research works which do not protect graph-structured data, have coarse-grained approaches, consider models other than the property graph model, or have no proof-of-concept implementation. The latest version of the remaining works are discussed in detail in terms of their access control approach as well as authorization policy definition and enforcement. Finally, we analyze the strengths and limitations of the selected works and provide a comparison with respect to different aspects, including the base access control model, open/closed policy, negative permission support, and datastore-independent enforcement.
Download

Paper Nr:	184
Title:	Membership Inference Attacks Against Indoor Location Models
Authors:	Vahideh Moghtadaiee, Amir Fathalizadeh and Mina Alishahi
Abstract:	With the widespread adoption of location-based services and the increasing demand for indoor positioning systems, the need to protect indoor location privacy has become crucial. One metric used to assess a dataset’s resistance against leaking individuals’ information is the Membership Inference Attack (MIA). In this paper, we provide a comprehensive examination of MIA on indoor location privacy, evaluating their effectiveness in extracting sensitive information about individuals’ locations. We investigate the vulnerability of indoor location datasets under white-box and black-box attack settings. Additionally, we analyze MIA results after employing Differential Privacy (DP) to privatize the original indoor location training data. Our findings demonstrate that DP can act as a defense mechanism, especially against black-box MIA, reducing the efficiency of MIA on indoor location models. We conduct extensive experimental tests on three real-world indoor localization datasets to assess MIA in terms of the model architecture, the nature of the data, and the specific characteristics of the training datasets.
Download

Paper Nr:	187
Title:	Enhancing Privacy and Utility in Federated Learning: A Hybrid P2P and Server-Based Approach with Differential Privacy Protection
Authors:	Luca Corbucci, Anna Monreale and Roberto Pellungrini
Abstract:	Federated Learning has been recently adopted in several contexts as a solution to train a Machine Learning model while preserving users’ privacy. Even though it avoids data sharing among the users involved in the training, it is common to use it in conjunction with a privacy-preserving technique like DP due to potential privacy issues. Unfortunately, often the application of privacy protection strategies leads to a degradation of the model’s performance. Therefore, in this paper, we propose a framework that allows the training of a collective model through Federated Learning using a hybrid architecture that enables clients to mix within the same learning process collaborations with (semi-)trusted entities and collaboration with untrusted participants. To reach this goal we design and develop a process that exploits both the classic Client-Server and the Peer-to-Peer training mechanism. To evaluate how our methodology could impact the model utility we present an experimental analysis using three popular datasets. Experimental results demonstrate the effectiveness of our approach in reducing, in some cases, up to 32% the model accuracy degradation caused by the use of DP.
Download

Paper Nr:	18
Title:	Black Sheep Wall: Towards Multiple Vantage Point-Based Information Space Situational Awareness
Authors:	Bernhards Blumbergs
Abstract:	CSIRTs rely on processing extensive amounts of incident and threat intelligence data. While the market is saturated with such solutions, they are limited to a narrow range of Internet positions for data collection, impeding the establishment of the security context and comprehensive awareness of the monitored Internet resources. To tackle this challenge, a novel approach is proposed for distributed content collection. Simultaneously employing multiple Internet positions and various content access techniques, a broader representation of the content may be obtained by combining data from all positions, followed by automated difference analysis and clustering. The solution enables fully automated large-scale deployments across globally distributed IP networks and seamless integration into existing toolsets. It enhances CSIRT capabilities in identifying content changes, access restrictions, contextual intelligence on cybercrime and threat actor campaigns, as well as detecting defacement and availability attacks, and misinformation attempts. Initial evaluation of the prototype demonstrated its effectiveness by detecting significant and distinct changes in website content, thereby providing expanded visibility and intelligence. Prototype code and validation datasets are released publicly for further use, research, and validation.
Download

Paper Nr:	21
Title:	Evaluating Digital Forensic Readiness: A Honeypot Approach
Authors:	Philip Zimmermann and Sebastian Obermeier
Abstract:	Digital forensic readiness has proven to be a challenging undertaking for small to medium-sized companies. To improve, it is important to evaluate the effectiveness of forensic processes. In this paper, an approach for a forensic honeypot is proposed that simulates an environment based on real company devices and is hosted in the cloud. The data collected is used for the evaluation of the forensic process, enabling the identification of discrepancies within the forensic readiness approach. The experimental results show the feasibility of the approach in collecting forensic evidence in a short time. The paper also discusses limitations with regard to the introduction of new security threats and the use and placement of endpoint intrusion detection systems.
Download

Paper Nr:	22
Title:	HydroLab: A Versatile Hydroelectric Power Lab for Security Research and Education
Authors:	Sebastian Obermeier, Giorgio Tresoldi, Bernhard Tellenbach and Vincent Lenders
Abstract:	We present our experiences with designing, building and operating a lab for critical infrastructure consisting of a hydroelectric power plant for power generation and a substation automation system for the transfer of energy. The lab is unique in that it serves a double purpose, providing opportunities for both education and research. The paper outlines the architecture, hardware and software components of the lab and validates its effectiveness through classroom teaching and participation in two hackathons. The lab’s ability to combine real-world applications with hands-on learning makes it an essential resource for students and researchers interested in critical infrastructure systems. The presented lab can aid in advancing the understanding and development of these systems for cyber security purposes.
Download

Paper Nr:	24
Title:	LAMA: Leakage Abuse Attacks Against Microsoft Always Encrypted
Authors:	Ryan Seah, Daren Khu, Alexander Hoover and Ruth Ng
Abstract:	Always Encrypted (AE) is a Microsoft SQL Server feature that allows clients to encrypt sensitive data inside client applications and ensures that the sensitive data is hidden from untrusted servers and database administrators. AE offers two column-encryption options: deterministic encryption (DET) and randomized encryption (RND). In this paper, we explore the security implications of using AE with both DET and RND encryption modes by running Leakage Abuse Attacks (LAAs) against the system. We demonstrate how an adversary could extract the necessary data to run a frequency analysis LAA against DET-encrypted columns and an LAA for Order-Revealing Encryption against RND-encrypted columns. We run our attacks using real-world datasets encrypted in a full-scale AE instancer and demonstrate that a snooping server can recovers over 95% of the rows in 8 out of 15 DET-encrypted columns, and 10 out of 15 RND-encrypted columns.
Download

Paper Nr:	28
Title:	chiku: Efficient Probabilistic Polynomial Approximations Library
Authors:	Devharsh Trivedi, Nesrine Kaaniche, Aymen Boudguiga and Nikos Triandopoulos
Abstract:	Fully Homomorphic Encryption (FHE) is a prime candidate to design privacy-preserving schemes due to its cryptographic security guarantees. Bit-wise FHE (e.g., FHEW , T FHE) provides basic operations in logic gates, thus supporting arbitrary functions presented as boolean circuits. While word-wise FHE (e.g., BFV , CKKS) schemes offer additions and multiplications in the ciphertext (encrypted) domain, complex functions (e.g., Sin, Sigmoid, TanH) must be approximated as polynomials. Existing approximation techniques (e.g., Taylor, Pade, Chebyshev) are deterministic, and this paper presents an Artificial Neural Networks (ANN) based probabilistic polynomial approximation approach using a Perceptron with linear activation in our publicly available Python library chiku. As ANNs are known for their ability to approximate arbitrary functions, our approach can be used to generate a polynomial with desired degree terms. We further provide third and seventh-degree approximations for univariate Sign(x) ∈ {−1, 0, 1} and Compare(a − b) ∈ {0, 12 , 1} functions in the intervals [−1, 1] and [−5, −5]. Finally, we empirically prove that our probabilistic ANN polynomials can improve up to 15% accuracy over deterministic Chebyshev’s.
Download

Paper Nr:	36
Title:	On the Implementation of a Lattice-Based DAA for Vanet System
Authors:	Doryan Lesaignoux and Mikael Carmona
Abstract:	Direct Anonymous Attestation (DAA) is a cryptographic protocol that enables users with a Trusted Platform Module (TPM) to authenticate without revealing their identity. DAA has been adapted to Vehicle Ad-hoc NETwork system (VANETs) to offer secure vehicle-to-anything communication (V2X). In this paper, we provide an implementation of the most advanced post-quantum DAA for VANETs with a complete parametrization and benchmark in order to embed this scheme on TPM.
Download

Paper Nr:	40
Title:	Towards Privacy-Preserving Multi-Cloud Identity Management Using SOLID
Authors:	Alfredo Cuzzocrea and Islam Belmerabet
Abstract:	Digital identity management services are essential for user authentication in Cloud Computing infrastructures. They allow for flexible access control to services based on the characteristics (also called attributes) of the user and the history of interactions. These services ought to safeguard users privacy while enhancing cross-domain interoperability and streamlining identity verification procedures. In this research, we provide a strategy for satisfying these requirements by fusing protocols for Zero-Knowledge proofing, semantic matching techniques, and high-level identity verification principles expressed in terms of identity attributes. The paper describes the fundamental strategies we employ as well as the design of a preliminary architecture based on these methods.
Download

Paper Nr:	44
Title:	Linkage Between CVE and ATT&CK with Public Information
Authors:	Tomoaki Mimoto, Yuta Gempei, Kentaro Kita, Takamasa Isohara, Shinsaku Kiyomoto and Toshiaki Tanaka
Abstract:	Establishing rapid and effective cyber threat intelligence collection and analysis methodologies are required to counter the rapidly growing sophistication of cyberattacks. The overview of known vulnerability information and related information can be found in databases such as NVD. However, the relationship between vulnerabilities and TTPs, which are effective CTIs, must be analyzed individually by experts, and many of these relationships are unknown. In this study, we attempt to connect vulnerability information keyed to CVE-IDs with the ATT&CK, which is a knowledge base for TTPs. Specifically, vulnerability information and techniques associated with ATT&CK are each put into an embedding representation with related information, and the similarities between them are evaluated to estimate the techniques related to the CVE-IDs. This study considers the reproducibility problem due to the lack of ground truth in the cybersecurity field by handling only information available from the surface Web.
Download

Paper Nr:	49
Title:	A Framework for Federated Analysis of Health Data Using Multiparty Homomorphic Encryption
Authors:	Miroslav Puskaric
Abstract:	Although federated data analysis represents a significant contribution toward ensuring data privacy, the risk of information leakage from the intermediate results exchanged during the analysis process still exists. These risks become even more emphasised when analysing sensitive data such as health records. One of the approaches to mitigate these issues is homomorphic encryption, a novel encryption algorithm which allows for performing computations over encrypted data. This article presents a federated data analysis framework where intermediate analysis results are exchanged and processed as ciphertexts and where data sources are connected in a decentralised manner by forming multiple clusters, with each cluster having a central node. Besides processing encrypted information, another advantage of the homomorphic encryption algorithms is the support for a multiparty encryption scheme. A workflow for creating a shared public and evaluation key is presented, where central nodes are part of the workflow and data sources only receive the shared keys. Furthermore, as data analysis examples, workflows for Kaplan-Meier survival analysis and distributed mean value are presented, whose results do match those obtained through centralized analysis. As a last step of the federated data analysis, multiparty decryption of the final result occurs.
Download

Paper Nr:	53
Title:	A Performant Quantum-Resistant KEM for Constrained Hardware: Optimized HQC
Authors:	Ridwane Aissaoui, Jean-Christophe Deneuville, Christophe Guerber and Alain Pirovano
Abstract:	Secure Key Encapsulation Mechanisms (KEMs) are necessary for providing authentication and confidentiality through symmetrical encryption. The emergence of quantum computers is a threat to current KEM standards, therefore new quantum-resistant algorithms have been developed in recent years. One of these propositions is the code-based Hamming Quasi-Cyclic (HQC) algorithm. However, a lightweight version of this algorithm is required to run on low-performance systems such as Internet of Things (IoT) devices or small Unmanned Aerial Vehicles (UAVs). This article presents an algorithmic optimization of the HQC algorithm applied on constrained hardware. The goal is to improve the performance for real-life applications, and thus the test bed uses a Real-Time Operating System (RTOS) to emulate a system able to complete complex tasks. This optimization reduces the completion time of key generation, encapsulation, and decapsulation by a factor of 10, and reduces significantly the Random Access Memory (RAM) usage for the algorithm. These improvements make HQC viable for real-life applications on constrained hardware, and the performance could be further improved by using hardware-specific optimizations.
Download

Paper Nr:	54
Title:	OIPM: Access Control Method to Prevent ID/Session Token Abuse on OpenID Connect
Authors:	Junki Yuasa, Taisho Sasada, Christophe Kiennert, Gregory Blanc, Yuzo Taenaka and Youki Kadobayashi
Abstract:	In recent years, the adoption of Single Sign-On (SSO) has been progressing to reduce the burden of user account management in web services. In web services using OpenID Connect, a primary SSO protocol, the user is authenticated using an ID Token (IDT) issued by the identity provider. The Session Token (ST) generated after authentication is often used to authenticate subsequent requests. However, attackers can acquire victims’ IDT/ST through Cross-Site Scripting (XSS) or malicious browser extensions, enabling them to hijack sessions and impersonate victims. Related studies have proposed countermeasures against impersonation attacks using IDT/ST. Still, their effectiveness is limited against user-level malware (e.g., malicious browser extensions), making it impossible to prevent impersonation entirely. This study proposes OIPM (OpenID Connect Impersonation Prevention Mechanism) as a countermeasure to address the issue of impersonation using IDT/ST. Specifically, a unique private key is generated during user registration using FIDO, a passwordless authentication technology. This private key’s signature is verified during authentication to prevent impersonation, and a temporary private key generated at authentication is used for subsequent request verification. Additionally, post-authentication high-confidentiality operations require user verification through FIDO-based gestures such as fingerprints to ensure security against user-level malware.
Download

Paper Nr:	60
Title:	Encrypted KNN Implementation on Distributed Edge Device Network
Authors:	B. K. Reddy, Ruchika Meel and Ayantika Chatterjee
Abstract:	Machine learning (ML) as a service has emerged as a rapidly expanding field across various industries like healthcare, finance, marketing, retail and e-commerce, Industry 4.0, etc where a huge amount of data is generated. To handle this amount of data, huge computational power is required for which cloud computing used to be the first choice. However, there are several challenges in cloud computing like limitations of bandwidth, network connectivity, higher latency, etc. To address these issues, edge computing is prominent nowadays, where the data from sensor nodes is collected and processed on low-cost edge devices. As simple sensor nodes are not capable of handling complex computations of ML models, data from sensor nodes need to be transferred to some nearest edge devices for further processing. If this sensor data is related to some security-critical application, the privacy of such sensitive data needs to be preserved both during communication from sensor node to edge device and computation in edge nodes. This increased need to perform edge-based ML on privacy-preserved data has led to a surge in interest in homomorphic encryption (HE) due to its ability to perform computations on encrypted form of data. The highest form of HE, Fully Homomorphic Encryption (FHE), is capable of theoretically handling arbitrary encrypted algorithms but comes with huge computational overhead. Hence, the implementation of such a complex encrypted ML model on a single edge node is not very practical in terms of latency requirements. Our paper introduces a low-cost encrypted ML framework on a distributed edge cluster, where multiple low-cost edge devices (Raspberry Pi boards) are clustered to perform encrypted distributed K-Nearest Neighbours (KNN) algorithm computations. Our experimental result shows, KNN prediction on standard Wisconsin breast cancer dataset takes approximately 1.2 hours, implemented on a cluster of six pi boards, maintaining end-to-end data confidentiality of critical medical data without any requirement of costly cloud-based computation resource support.
Download

Paper Nr:	63
Title:	GAN-based Seed Generation for Efficient Fuzzing
Authors:	Shyamili Toluchuri, Aishwarya Upadhyay, Smita Naval, Vijay Laxmi and Manoj S. Gaur
Abstract:	Software vulnerabilities are a substantial concern in development, with testing being crucial for identifying mistakes. Fuzzing, a prevalent technique, involves modifying a seed input to discover software bugs. Selecting the right seed is pivotal, as indicated by recent research. In our study, we extensively analyze leading gray-box fuzzing tools, applying them to identify bugs across 22 open-source applications. An innovative addition to our approach is the integration of a Deep Learning Generative Model (DCGAN). This model offers a novel method for generating seed files by learning from crash files in previous experiments. Notably, it excels in generating images across various formats, enhancing flexibility in applications with consistent input formats. The system’s primary advantages lie in its flexibility and improved fuzzing efficiency. It outperforms other applications in identifying vulnerabilities swiftly, marking a significant advancement in the current state of affairs.
Download

Paper Nr:	70
Title:	InspectorLog: A New Tool for Offline Attack Detection over Web Log Trace Files
Authors:	Jesús E. Díaz-Verdejo, Javier Muñoz-Calle, Rafael Estepa Alonso and Antonio Estepa Alonso
Abstract:	InspectorLog is a novel tool for offline analysis of HTTP logs. The tool processes web server logs to identify attacks using diverse rule sets, focusing primarily on the URI field. It is compatible with standard rule formats from systems such as Snort, Nemesida, and ModSecurity. This paper describes InspectorLog functionalities, architecture and applications to the scientific community. We also experimentally validate InspectorLog by comparing its detection power with that of the IDS from which rules are taken. Inspector log fills a gap in available tools in cybersecurity practices in forensic analysis, dataset sanitization, and signature tuning. Future enhancements are planned to support additional Web Application Firewalls (WAFs), new rule types, and HTTP protocol methods, aiming to broaden its scope and utility in the ever-evolving domain of network security.
Download

Paper Nr:	72
Title:	An Efficient Hash Function Construction for Sparse Data
Authors:	Nir Soffer and Erez Waisbard
Abstract:	Verifying the integrity of files during transfer is a fundamental operation critical to ensuring data reliability and security. This is accomplished by computing and comparing a hash value generated from the file’s contents by both the sender and the receiver. This process becomes prohibitively slow when dealing with large files, even in scenarios involving sparse disk images where significant portions of the file may be unallocated. We introduce blkhash, the first hash construction tailored specifically for optimizing hash computation performance in sparse disk images. Our approach addresses the inefficiencies inherent in traditional hashing algorithms by significantly reducing the computational overhead associated with unallocated areas within the file. Moreover, blkhash implements a parallel computation strategy that leverages multiple cores, further enhancing efficiency and scalability. We have implemented the blkhash construction and conducted extensive performance evaluations to assess its efficacy. Our results demonstrate remarkable improvements in hash computation speed, outperforming state-of-the-art hash functions by up to four orders of magnitude. This substantial acceleration in hash computation offers immense potential for use cases requiring rapid verification of large virtual disk images, particularly in virtualization and software-defined storage.
Download

Paper Nr:	75
Title:	Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication
Authors:	Farha Masroor, Adarsh Gopalakrishnan and Neena Goveas
Abstract:	The Internet of Things (IoT) is poised to revolutionize healthcare by enabling remote patient monitoring and data access from any device. However, ensuring secure and flexible access control on IoT device-based systems remains a challenge, especially when handling multiple users with varying privileges at different points in time. Most of the current proprietary IoT products have a data pipeline where the measured data is sent to cloud-based servers before any access is possible. This creates data privacy issues, access problems or devices not working when Internet connectivity is not perfect. An ideal solution for an IoT-based system is one in which data can be stored and accessed on device in real-time with additional cloud-based storage and access for later use. To address these challenges, we propose a Blockchain-based Non-Fungible Token (NFT) based mechanism for IoT systems. Our system uses Blockchain technology to provide untameable NFT access keys, ensuring only authorized individuals can access patient data on a given IoT device. We conducted an experimental study using ESP32 microcontroller, Beaglebone Black boards, and Raspberry Pi devices to evaluate the effectiveness of our approach. Our results show that this approach is suitable for deployment on resource-constrained devices, with minimal computational requirements and negligible delays. Additionally, we implemented a Zero-trust type of architecture where no implicit trust is granted to any user or device, regardless of prior successful authentication and authorization validation. We find that the delays due to the additional processing of NFTs are negligible even within such constraints. Our findings demonstrate that utilizing NFTs for access control of patient data on resource-constrained IoT devices is feasible and offers a secure and scalable solution for developing cost-effective and safe IoT systems for healthcare.
Download

Paper Nr:	83
Title:	Towards an Adaptive Trust Management Model Based on ANFIS in the SIoT
Authors:	Hamdi Ouechtati and Nadia Ben Azzouna
Abstract:	The integration of social networking concepts into the IoT environment has led to the Social Internet of Things (SIoT) paradigm which enables connected devices and people to facilitate information sharing, interact, and enable a variety of attractive applications. However, with this emerging paradigm, people feel cautious and wary. They worry about violating their privacy and revealing their data. Without trustworthy mechanisms to guarantee the reliability of user’s communications and interactions, the SIoT will not reach enough popularity to be considered as a cutting-edge technology. Accordingly, trust management becomes a major challenge to improve security and provide qualified services. Therefore, we overcome these issues through proposing an adaptive trust management model based on Adaptive Neuro-Fuzzy Inference System (ANFIS) in order to estimate the trust level of objects in the Social Internet of Things. We formalized and implemented a new trust management model built ANFIS, to analyze different trust parameters, estimate the trust level of objects and distinguish malicious behavior from benign behaviors. Experimentation made on a real data set proves the performance and the resilience of our trust management model.

Paper Nr:	87
Title:	Secure Multi-Party Traversal Queries over Federated Graph Databases
Authors:	Nouf Aljuaid, Alexei Lisitsa and Sven Schewe
Abstract:	We introduce and compare two protocols for the execution of secure multi-party traversal queries over federated graph databases. The first, client based protocol uses client-to-client communication; it minimises the exposure of data on a need-to-know basis. The second protocol uses a semi-trusted server; it combines the use of private channels for communication between the server and clients with the use of encrypted hashing to prevent the exposure of data to the server. We have conducted experiments to compare the efficiency of the two protocols. The results demonstrated that the execution times for the server-based protocol are around half an order of magnitude higher. This does, however, seem to be down to the security layer provided by encrypted hashing: when switching it off, the running time becomes comparable.
Download

Paper Nr:	89
Title:	Leveraging Deep Learning for Intrusion Detection in IoT Through Visualized Network Data
Authors:	Amine Hattak, Fabio Martinelli, Francesco Mercaldo and Antonella Santone
Abstract:	In an era marked by increasing reliance on digital technology, the security of interconnected devices and networks has become a paramount concern in the realm of information technology. Recognizing the pivotal role of network analysis in identifying and thwarting cyber threats, this paper delves into network security, specifically targeting the classification of network traffic using deep learning techniques within the Internet of Things (IoT) ecosystem. This paper introduces a deep learning-based approach tailored for traffic classification, beginning with raw traffic data in PCAP format. This data undergoes a transformation into visualized images, which serve as input for deep learning models designed to differentiate between benign and malicious activities. We evaluate the efficacy of our proposed method using the TON IoT dataset (Dr Nickolaos Koroniotis, 2021), comprising 10 network traces across two categories: nine related to diverse vulnerability scenarios and one associated with a trusted application. Our results showcase an impressive accuracy of 99.1%, underscoring the potential of our approach in bolstering network security within IoT environments.
Download

Paper Nr:	100
Title:	FPGA Implementation of AES-Based on Optimized Dynamic s-Box
Authors:	Calvo M. Haroldo, Nakojah C. David, Mahdi Madani and El-Bay Bourennane
Abstract:	In this paper, we present a hardware implementation of an enhanced version of the AES (Advanced Encryption Standard) algorithm, and evaluate its performance. In the proposed design, we replaced the original static S-boxes with a robust dynamic S-box generator mechanism. The principle consists of using the secret key to generate new dynamic S-boxes by applying a bitwise XOR operation with all 256 bytes of the AES standardized S-box. Then, the architecture is implemented on a Xilinx XC7Z020 PYNQ-Z2 FPGA platform to accelerate the calculations, and its robustness is evaluated using many security tests. The experimental results prove the satisfaction of our design for several cryptographic properties, such as nonlinearity, bijectivity, and strict avalanche criterion that confirm its resistance against the main cryptanalysis attacks.
Download

Paper Nr:	104
Title:	Privacy-Preserving Anomaly Detection Through Sampled, Synthetic Data Generation
Authors:	Fatema Rashid and Ali Miri
Abstract:	Anomaly detection techniques have been used successfully in various applications such as in security, financial, and medical domains. These techniques, and in particular those using advanced machine learning techniques require a high level of expertise, and the use of large volumes of data and increasing computational complexity. Outsourcing the expertise and the operational needs can provide an attractive option to many organizations. However data collected and used can include sensitive and confidential information which may require privacy protection due to legal, business or ethical considerations. We propose a novel and robust scheme that offers a flexible solution to users and organizations with varying computational and communication capabilities. Our solution would allow organizations to use semi-trusted third party cloud service providers services, while ensuring that these organizations can achieve their privacy requirement needs through the generation of synthetic data within with their computational/communication capabilities. We will demonstrate that not only does our scheme work for commonly used balanced data sets, but it is also suitable and it provides accurate results when applied to highly imbalanced data sets with extreme fluctuations in the high and low percentages of anomalies.
Download

Paper Nr:	108
Title:	Spellchecker Analysis for Behavioural Biometric of Typing Errors Scenario
Authors:	Bartłomiej Marek and Wojciech Wodo
Abstract:	Unlike the typical approach using keystroke dynamics for user authentication and identification, we focus on a more inherent characteristic - the pattern of typing mistakes, which are not widely investigated in the literature. The paper presents initial research that enables the selection of an appropriate Python-based spellchecker for detection in behavioural biometrics systems based on static text characteristics: typing errors. Integrating a robust spellchecker into a biometric system based on static features such as errors made during typing can significantly enhance its effectiveness and user experience. The study evaluated seven tools and their combinations, amounting to forty-nine variants. The research is split into two phases. The first one used fewer sentences to filter satisfying the criteria tools, for which, in the second phase, the context was expanded to be able to choose the most appropriate one by using more sentences. The ultimate goal of the research is to create different user behavioural models for typing errors and test them in the verification and identification scenarios. We will apply the most promising spellcheckers based on the current investigation results.
Download

Paper Nr:	114
Title:	Enhancing Adversarial Defense in Behavioral Authentication Systems Through Random Projections
Authors:	Md M. Islam and Md K. Anam
Abstract:	Behavioral Authentication (BA) systems employ a verification algorithm to verify users based on their behavior patterns. To eliminate the need for a profile database to store the profiles and to enhance the system’s performance, the verification algorithm usually trains a Neural Network (NN) classifier on user profiles. However, like other NN applications, the NN-based BA classifiers are also susceptible to adversarial attacks. To defend against such attacks, we employed a method that adds noise to the training data by using Random Projection (RP) and its reverse process. This approach prevents model overfitting and maintains the model’s predictions at an expected level. Our technique has also proven effective against attacks based on adversarial examples. We tested our proposed method on two BA systems, achieving the expected classification accuracy. Furthermore, the attacks based on adversarial examples are significantly less effective against BA classifiers trained with noisy data compared to those trained with plain data. Our approach is general and can be applied to other BA systems to protect their classifiers from similar attacks.
Download

Paper Nr:	115
Title:	Lightweight Cryptographic Algorithms: A Position Paper
Authors:	Gabriela M. Corrêa de Miranda, José M. Xexéo and Renato H. Torres
Abstract:	The massive connection of devices and huge data traffic on networks have made information susceptible to different type of attacks in Internet of Things (IoT) ecosystem. Devices utilized in these settings introduce complexities in implementing traditional cryptographic solutions, given their constraints such as physical size, processing requirements, memory limitations, and energy consumption. This position paper motivates ongoing and future research on this topic by providing a review to identify, analyze, and classify design components of lightweight cryptographic algorithms. It emphasizes a need to define a set of evaluation metrics and gives a further research progress in lightweight algorithms implementations in order to contribute design robust solutions and architectures.
Download

Paper Nr:	116
Title:	An Uncertain Reasoning-Based Intrusion Detection System for DoS/DDoS Detection
Authors:	Harpreet Singh, Habib Louafi and Yiyu Yao
Abstract:	Network intrusion detection systems (NIDS) play an important role in cybersecurity, but they face obstacles such as unpredictability and computational complexity. To solve these challenges, we propose a novel probabilistic NIDS that detects DoS and DDoS attacks carried out on the TCP, UDP, and ICMP protocols. Our method incorporates knowledge from the fields of these protocols using Bayesian networks (BN) and Markov networks (MN). Inference is performed using Variable Elimination (VE) for BN and Shafer-Shenoy (SS) Propagation, as well as Lazy Propagation (LP) for MN. Extensive tests on the CAIDA dataset have yielded promising results, with higher Precision, Recall, and F1-Score metrics. Notably, both SS and LP are efficient, demonstrating the effectiveness of our proposed NIDS in improving network security.
Download

Paper Nr:	119
Title:	Manipulating Prompts and Retrieval-Augmented Generation for LLM Service Providers
Authors:	Aditya Kuppa, Jack Nicholls and Nhien-An Le-Khac
Abstract:	The emergence of large language models (LLMs) has revolutionized the field of AI, introducing a new era of generative models applied across diverse use cases. Within this evolving AI application ecosystem, numerous stakeholders, including LLM and AI application service providers, use these models to cater to user needs. A significant challenge arises due to the need for more visibility and understanding of the inner workings of these models to end-users. This lack of transparency can lead to concerns about how the models are being used, how outputs are generated, the nature of the data they are trained on, and the potential biases they may harbor. The user trust becomes a critical aspect of deploying and managing these advanced AI applications. This paper highlights the safety and integrity issues associated with service providers who may introduce covert, unsafe policies into their systems. Our study focuses on two attacks: the injection of biased content in generative AI search services, and the manipulation of LLM outputs during inference by altering attention heads. Through empirical experiments, we show that malicious service providers can covertly inject malicious content into the outputs generated by LLMs without the awareness of the end-user. This study reveals the subtle yet significant ways LLM outputs can be compromised, highlighting the importance of vigilance and advanced security measures in AI-driven applications. We demonstrate empirically that is it possible to increase the citation score of LLM output to include erroneous or unnecessary sources of information to redirect a reader to a desired source of information.
Download

Paper Nr:	127
Title:	Revolutionizing Blockchain Consensus: Towards Deliberative and Unanimous Agreement
Authors:	Syed Badruddoja, Ram Dantu, Mark Dockendorf, Abiola Salau and Kritagya Upadhyay
Abstract:	Consensus algorithms require a majority of nodes in a distributed system to agree on a single value. Blockchain systems commission these consensus algorithms to ensure security and trust in decentralized applications. However, current consensus algorithms do not address the requirements of high-stake applications that demand unanimous consensus with deliberation. For instance, a trial case at a court requires unanimous consensus to decide the fate of a criminal. With limited agreement structure and no deliberation, the current consensus protocol cannot handle the consensus problem. Our research determines the requirements of a deliberative unanimous consensus model for high-stake applications. Moreover, we propose a family of consensus models that agree on the answer’s correctness and the methods used to reach it.
Download

Paper Nr:	135
Title:	Compact Representation of Digital Camera's Fingerprint with Convolutional Autoencoder
Authors:	Jarosław Bernacki and Rafał Scherer
Abstract:	In this paper, we address the challenge of digital camera identification within the realm of digital forensics. While numerous algorithms leveraging camera fingerprints exist, few offer both speed and accuracy, particularly in the context of modern high-resolution digital cameras. Moreover, the storage requirements for these fingerprints, often represented as matrices corresponding to the original image dimensions, pose practical challenges for forensic centers. To tackle these issues, we propose a novel approach utilizing a convolutional autoencoder (AE) to generate compact representations of camera fingerprints. Our method aims to balance accuracy with efficiency, facilitating rapid and reliable identification across a range of cameras and image types. Extensive experimental evaluation demonstrates the effectiveness of our approach, showcasing its potential for practical deployment in forensic scenarios. By providing a streamlined method for camera identification, our work contributes to advancing the capabilities of digital forensic analysis.
Download

Paper Nr:	139
Title:	On the Privacy Afforded by Opaque Identifiers in Traffic Monitoring
Authors:	Marcus Gelderie
Abstract:	We consider traffic monitoring via license plate recognition. Anonymizing license plates by substituting randomized identifiers is a common privacy enhancing strategy in this situation. However, the systematic effect of this anonymization strategy has not been fully explored. We study the information gain of an adversary upon observing such anonymized output. We find the effectiveness of randomized IDs to deteriorate with decreasing popularity of a given route. Moreover, we study the effect differential privacy has on the situation, given that an adversary must be assumed to have prior knowledge about the likelihood of various traffic patterns. We find that travel participants with a very strong preference for a given route are put most at risk.
Download

Paper Nr:	141
Title:	QPTA: Quantum-Safe Privacy-Preserving Multi-Factor Authentication Scheme for Lightweight Devices
Authors:	Basker Palaniswamy and Arijit Karati
Abstract:	Smart healthcare is ubiquitous to lift the convenience of managing patients’ medical records. Accessibility of patients’ sensitive data stored in medical servers needs source authenticity. To ensure this, (Karati et al., 2023) proposed a three-factor authentication scheme using physical uncolonable functions. However, the scheme is vulnerable to a quantum adversary. To this end, we design a multi-factor authentication scheme called QPTA resistant to quantum adversaries for a healthcare scenario involving a user and a medical server. QPTA enables choice within the same factor in multi-factor authentication. The security of QPTA is formally analyzed using the “Attack Detection Logic.” QPTA is safe from known attacks, including unknown key share and man-in-the-middle attacks. We perform an informal security analysis of QPTA to ensure various security goals and privacy properties, namely anonymity, unlinkability, and conditional traceability. QPTA satisfies comprehensive security features and is suitable for the post-quantum era.
Download

Paper Nr:	145
Title:	Toward the Foundation of Digital Identity Theory
Authors:	Pierre F. Saha, Mohamed Mejri and Kamel Adi
Abstract:	Verifiable Credentials (VC) have become today a de facto digital credentials standard and play an increasingly important role in network exchanges. They often contain a large number of attributes that disclosure could have unfortunate consequences. Formally verifying whether the user can access the requested service and ensuring that their disclosed identity attributes generate the slightest risk, therefore, becomes very important. In this paper, using the product family algebra, we show how the consideration of verifiable credentials can help to easily and formally settle the question of whether a user can access a service and to respect the need-to-know principle. To this end, we propose a translation of product family algebra into first-order Boolean logic and vice versa. We then propose a Boolean equivalence of the product family algebra refinement operation. Using all these tools, we show how the problem of verifying a user’s ability to authenticate, expressed using product family algebra, easily translates into an SMT problem. In order to guarantee the preservation of privacy and ensure the need-to-know principle, we associate VC attributes with a risk score and show how the question of disclosing the attributes generating the least risk can easily be resolved with Maximum Weighted SMT. So we can easily use the z3 solver to solve these problems in SMT form.
Download

Paper Nr:	146
Title:	Local Differential Privacy for Data Clustering
Authors:	Lisa Bruder and Mina Alishahi
Abstract:	This study presents an innovative framework that utilizes Local Differential Privacy (LDP) to address the challenge of data privacy in practical applications of data clustering. Our framework is designed to prioritize the protection of individual data privacy by empowering users to proactively safeguard their information before it is shared to any third party. Through a series of experiments, we demonstrate the effectiveness of our approach in preserving data privacy while simultaneously facilitating insightful clustering analysis.
Download

Paper Nr:	147
Title:	Open-Source Post-Quantum Encryptor: Design, Implementation and Deployment
Authors:	Petr Tuma, Jan Hajny, Petr Muzikant, Jan Havlin, Lukas Malina, Patrik Dobias and Jan Willemson
Abstract:	This article describes an open-source quantum-resistant network traffic encryptor for the Linux platform. Our encryptor uses a combination of quantum and post-quantum key establishment methods to achieve quantum resistance combined with a fast encryption speed of AES to make quantum-resistant encryption readily available to the public. The packet-by-packet encryption architecture ensures that every bit of information is properly authenticated and encrypted. The combination of multiple key sources further increases the encryptor’s security – be it elliptic curve-based (Elliptic Curve Diffie Hellman, ECDH), quantum (Quantum Key Distribution, QKD) or post-quantum (CRYSTALS-Kyber). Without knowing all the keys obtained from different types of key sources, the final hybrid encryption key can only be obtained by brute-force means. Our contribution is very practical as the encryptor has reasonable performance, despite not being part of the Linux kernel.
Download

Paper Nr:	148
Title:	Graph-Based Modelling of Maximum Period Property for Nonlinear Feedback Shift Registers
Authors:	Eric Filiol and Pierre Filiol
Abstract:	NonLinear Feedback Shift Registers (NLFSRs) are key primitives to design pseudorandom generators in modern stream ciphers, especially when the feedback function is of low degree. Contrary to their linear counterparts (LFSRs) for which a general and comprehensive theory has been established, many fundamental problems related to NLFSRs remain open. In particular finding a systematic procedure of acceptable complexity for constructing NLFSRs with a guaranteed long period is still a general open problem and only a few results have been obtained so far. In this paper, we present the results of a exhaustive exploratory search and analysis of NLFSRs of low degree. We first model NLFSRs as graphs using their incidence matrix and express the maximum period property as graph properties. This enables to reduce the number of possible candidates greatly that can be tested finally for the maximum period property by HPC on GPGPUs and Massively Parallel Processor Array (MPPA).
Download

Paper Nr:	152
Title:	BlueDoS: A Novel Approach to Perform and Analyse DoS Attacks on Bluetooth Devices
Authors:	Poonam N. Shelke, Saurav Gupta and Sukumar Nandi
Abstract:	The use of Bluetooth devices is surging across the digital landscape. As the diversity and quantity of these devices increase, so does the focus on security within Bluetooth technology. Our research primarily concentrates on DoS attacks on Bluetooth devices. We discovered that existing tools rely on the Linux Bluetooth drivers and utilities provided by the Bluez protocol stack. Because of this reliance, these tools require full command over Bluetooth communication as they are confined to the functionalities offered by the underlying protocol stack. To address this limitation, we developed a Bluetooth driver binary using Bluez Linux protocol stack, our testbed named ”Bluedos”. As Bluedos is developed using C, similar to other Linux drivers, it provides more flexibility in packet creation and handling Bluetooth connections at the operating system level. With ”Blue-dos”, we extensively analysed DoS attacks on various Bluetooth devices, using headphones from reputable brands to illustrate potential attack vectors. We also analysed the ramifications of DoS attacks on different connection parameters, such as response time, and introduced a novel l2connect and an l2connect flooding attack against Bluetooth devices. We validated our findings using a Bluetooth sniffer and drew conclusions based on our analyses.
Download

Paper Nr:	158
Title:	Enhancing OpenID Connect for Verifiable Credentials with DIDComm
Authors:	Roberto De Prisco, Sergiy Shevchenko and Pompeo Faruolo
Abstract:	In the evolving landscape of digital identity management, the secure and efficient handling of verifiable credentials is paramount. OpenID Connect for Verifiable Credentials (OIDC4VC) provides a foundational framework for such interactions, yet it lacks mechanisms for robust, secure communication post-credential issuance and verification. This paper addresses these limitations by proposing an enhancement to OIDC4VC, integrating DIDComm to facilitate encrypted, direct communication between entities. This enhancement introduces a novel approach by embedding an ”X-Mediation” header within the OIDC4VC response, containing the URL of a mediator service that is essential for the continued secure exchange of messages and credentials via DID-Comm. The proposed solution, while ensuring backward compatibility, aims to enhance the privacy, security, and user engagement in digital identity systems by allowing credential issuance and verification processes to be initiated through push notifications, thereby aligning OIDC4VC more closely with the decentralized ethos of self-sovereign identity.
Download

Paper Nr:	165
Title:	Balancing Act: Navigating the Privacy-Utility Spectrum in Principal Component Analysis
Authors:	Saloni Kwatra, Anna Monreale and Francesca Naretto
Abstract:	A lot of research in federated learning is ongoing ever since it was proposed. Federated learning allows collaborative learning among distributed clients without sharing their raw data to a central aggregator (if it is present) or to other clients in a peer to peer architecture. However, each client participating in the federation shares their model information learned from their data with other clients participating in the FL process, or with the central aggregator. This sharing of information, however, makes this approach vulnerable to various attacks, including data reconstruction attacks. Our research specifically focuses on Principal Component Analysis (PCA), as it is a widely used dimensionality technique. For performing PCA in a federated setting, distributed clients share local eigenvectors computed from their respective data with the aggregator, which then combines and returns global eigenvectors. Previous studies on attacks against PCA have demonstrated that revealing eigenvectors can lead to membership inference and, when coupled with knowledge of data distribution, result in data reconstruction attacks. Consequently, our objective in this work is to augment privacy in eigenvectors while sustaining their utility. To obtain protected eigenvectors, we use k-anonymity, and generative networks. Through our experimentation, we did a complete privacy, and utility analysis of original and protected eigenvectors. For utility analysis, we apply HIERARCHICAL CLUSTERING, RANDOM FOREST regressor, and RANDOM FOREST classifier on the protected, and original eigenvectors. We got interesting results, when we applied HIERARCHICAL CLUSTERING on the original, and protected datasets, and eigenvectors. The height at which the clusters are merged declined from 250 to 150 for original, and synthetic version of CALIFORNIA-HOUSING data, respectively. For the k-anonymous version of CALIFORNIA-HOUSING data, the height lies between 150, and 250. To evaluate the privacy risks of the federated PCA system, we act as an attacker, and conduct a data reconstruction attack.
Download

Paper Nr:	166
Title:	Malware Analysis Using Transformer Based Models: An Empirical Study
Authors:	Abhishek Joshi, Divyateja Pasupuleti, P. Nischith, Sarvesh Sutaone, Soumil Ray, Soumyadeep Dey and Barsha Mitra
Abstract:	The massive demand for connected and smart applications and the growth of high-speed communication technologies like 5G have led to a surge in the use of Android and Internet-of-Things (IoT) devices. The popularity of such devices has resulted in a huge number of malware attacks and infections being inflicted upon these devices. Cyber criminals relentlessly target the Android and IoT devices by developing new strains of malware. To defend against these malware attacks, researchers have developed different types of malware detection and categorization techniques. In this paper, we investigate the applicability and effectiveness of different transformer-based models, which use self-attention to learn global dependencies and contextual information, for malware classification on two platforms: Android and IoT. We consider two types of inputs for malware analysis - images and sequences. For image-based analysis, we convert Android APKs and IoT traffic into images that reflect their structural and behavioral features. We compare various convolutional neural network (CNN) based models with and without transformer layers, and a pure transformer model that directly processes the images. For sequence-based analysis, we extract the API call sequences from Android APKs, and apply a transformer model to encode and classify them. We also explore the effect of pretraining and embedding initialization on the transformer models. Our experiments demonstrate the advantages and limitations of using transformer-based models for malware classification, and provide insights into the training strategies and challenges of these models. To the best of our knowledge, this is the first work that systematically explores and compares different transformer-based models for malware classification on both image and sequence inputs.
Download

Paper Nr:	176
Title:	Virtually Free Randomisations of NTT in RLWE Cryptosystem to Counteract Side Channel Attack Based on Belief Propagation
Authors:	Christophe Negre and Mbaye Ngom
Abstract:	At CHES 2017, Primas, Pessl and Mangard presented an attack on RLWE cryptosystem based on Belief Propagation. The attack applies on the Number Theoretic Transform (NTT) used to decipher a message. It gathers power consumption leakage of the multiplication by roots of unity in the NTT and then applies Belief Propagation to circulate the information of all leakage nodes, until the combined leakage reveal most of the output coefficients of the NTT. In this paper we present some randomisations which either induce in NTT some random mask on values or randomly rearrange the sequence of operations. We evaluate the level of randomisation provided by the proposed counter-measures and also the effect on the processed values in the NTT. We apply Belief Propagation on the proposed randomised NTT and we study how these randomisations affect the attack. Finally we point out that a set of three combined strategies provide a high level of randomisation and a good protection against Belief Propagation attack of Primas et al.
Download

Paper Nr:	188
Title:	Property Inference as a Regression Problem: Attacks and Defense
Authors:	Joshua Stock, Lucas Lange, Erhard Rahm and Hannes Federrath
Abstract:	In contrast to privacy attacks focussing on individuals in a training dataset (e.g., membership inference), Property Inference Attacks (PIAs) are aimed at extracting population-level properties from trained Machine Learning (ML) models. These sensitive properties are often based on ratios, such as the ratio of male to female records in a dataset. If a company has trained an ML model on customer data, a PIA could for example reveal the demographics of their customer base to a competitor, compromising a potential trade secret. For ratio-based properties, inferring over a continuous range using regression is more natural than classification. We therefore extend previous white-box and black-box attacks by modelling property inference as a regression problem. For the black-box attack we further reduce prior assumptions by using an arbitrary attack dataset, independent from a target model’s training data. We conduct experiments on three datasets for both white-box and black-box scenarios, indicating promising adversary performances in each scenario with a test R² between 0.6 and 0.86. We then present a new defense mechanism based on adversarial training that successfully inhibits our black-box attacks. This mechanism proves to be effective in reducing the adversary’s R² from 0.63 to 0.07 and induces practically no utility loss, with the accuracy of target models dropping by no more than 0.2 percentage points.
Download