Ali Kassem, G. Ács, C. Castelluccia, C. Palamidessi
In order to protect individuals' privacy, data have to be "well-sanitized" before sharing them, i.e. one has to remove any personal information before sharing data. However, it is not always clear when data shall be deemed well-sanitized. In this paper, we argue that the evaluation of sanitized data should be based on whether the data allows the inference of sensitive information that is specific to an individual, instead of being centered around the concept of re-identification. We propose a framework to evaluate the effectiveness of different sanitization techniques on a given dataset by measuring how much an individual's record from the sanitized dataset influences the inference of his/her own sensitive attribute. Our intent is not to accurately predict any sensitive attribute but rather to measure the impact of a single record on the inference of sensitive information. We demonstrate our approach by sanitizing two real datasets in different privacy models and evaluate/compare each sanitized dataset in our framework.
{"title":"Differential Inference Testing: A Practical Approach to Evaluate Sanitizations of Datasets","authors":"Ali Kassem, G. Ács, C. Castelluccia, C. Palamidessi","doi":"10.1109/SPW.2019.00024","DOIUrl":"https://doi.org/10.1109/SPW.2019.00024","url":null,"abstract":"In order to protect individuals' privacy, data have to be \"well-sanitized\" before sharing them, i.e. one has to remove any personal information before sharing data. However, it is not always clear when data shall be deemed well-sanitized. In this paper, we argue that the evaluation of sanitized data should be based on whether the data allows the inference of sensitive information that is specific to an individual, instead of being centered around the concept of re-identification. We propose a framework to evaluate the effectiveness of different sanitization techniques on a given dataset by measuring how much an individual's record from the sanitized dataset influences the inference of his/her own sensitive attribute. Our intent is not to accurately predict any sensitive attribute but rather to measure the impact of a single record on the inference of sensitive information. We demonstrate our approach by sanitizing two real datasets in different privacy models and evaluate/compare each sanitized dataset in our framework.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134430743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Anecdotal evidence suggests an increasing number of people are turning to VPN services for the properties of privacy, anonymity and free communication over the internet. Despite this, there is little research into what these services are actually being used for. We use DNS cache snooping to determine what domains people are accessing through VPNs. This technique is used to discover whether certain queries have been made against a particular DNS server. Some VPNs operate their own DNS servers, ensuring that any cached queries were made by users of the VPN. We explore 3 methods of DNS cache snooping and briefly discuss their strengths and limitations. Using the most reliable of the methods, we perform a DNS cache snooping scan against the DNS servers of several major VPN providers. With this we discover which domains are actually accessed through VPNs. We run this technique against popular domains, as well as those known to be censored in certain countries; China, Indonesia, Iran, and Turkey. Our work gives a glimpse into what users use VPNs for, and provides a technique for discovering the frequency with which domain records are accessed on a DNS server.
{"title":"Analysing Censorship Circumvention with VPNs Via DNS Cache Snooping","authors":"Oliver Farnan, Alexander Darer, Joss Wright","doi":"10.1109/SPW.2019.00046","DOIUrl":"https://doi.org/10.1109/SPW.2019.00046","url":null,"abstract":"Anecdotal evidence suggests an increasing number of people are turning to VPN services for the properties of privacy, anonymity and free communication over the internet. Despite this, there is little research into what these services are actually being used for. We use DNS cache snooping to determine what domains people are accessing through VPNs. This technique is used to discover whether certain queries have been made against a particular DNS server. Some VPNs operate their own DNS servers, ensuring that any cached queries were made by users of the VPN. We explore 3 methods of DNS cache snooping and briefly discuss their strengths and limitations. Using the most reliable of the methods, we perform a DNS cache snooping scan against the DNS servers of several major VPN providers. With this we discover which domains are actually accessed through VPNs. We run this technique against popular domains, as well as those known to be censored in certain countries; China, Indonesia, Iran, and Turkey. Our work gives a glimpse into what users use VPNs for, and provides a technique for discovering the frequency with which domain records are accessed on a DNS server.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115762958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
T. Vissers, Peter Janssen, W. Joosen, Lieven Desmet
Domain blacklists are widely-used in security research. However, given their proprietary nature, there is little insight into how they operate and how effective they are. In this paper, we analyze a unique combination of DNS traffic measurements with domain registration and blacklisting data. We focus in particular on large-scale malicious campaigns that register thousands of domain names used in orchestrated attacks. This allows us to gain insights into how blacklists and cybercriminals interact with each other. Furthermore, it enables us to pinpoint scenarios where blacklist operators struggle to detect campaign registrations.
{"title":"Assessing the Effectiveness of Domain Blacklisting Against Malicious DNS Registrations","authors":"T. Vissers, Peter Janssen, W. Joosen, Lieven Desmet","doi":"10.1109/SPW.2019.00045","DOIUrl":"https://doi.org/10.1109/SPW.2019.00045","url":null,"abstract":"Domain blacklists are widely-used in security research. However, given their proprietary nature, there is little insight into how they operate and how effective they are. In this paper, we analyze a unique combination of DNS traffic measurements with domain registration and blacklisting data. We focus in particular on large-scale malicious campaigns that register thousands of domain names used in orchestrated attacks. This allows us to gain insights into how blacklists and cybercriminals interact with each other. Furthermore, it enables us to pinpoint scenarios where blacklist operators struggle to detect campaign registrations.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"754 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123875268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Message from the IWPE 2019 Organizers","authors":"","doi":"10.1109/spw.2019.00008","DOIUrl":"https://doi.org/10.1109/spw.2019.00008","url":null,"abstract":"","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126634520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sean Rivera, S. Lagraa, C. Nita-Rotaru, Sheila Becker, R. State
In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought.
{"title":"ROS-Defender: SDN-Based Security Policy Enforcement for Robotic Applications","authors":"Sean Rivera, S. Lagraa, C. Nita-Rotaru, Sheila Becker, R. State","doi":"10.1109/SPW.2019.00030","DOIUrl":"https://doi.org/10.1109/SPW.2019.00030","url":null,"abstract":"In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125863606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Message from the WTMC 2019 Organizers","authors":"","doi":"10.1109/spw.2019.00012","DOIUrl":"https://doi.org/10.1109/spw.2019.00012","url":null,"abstract":"","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124176138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ala'a Al-Momani, F. Kargl, R. Schmidt, A. Kung, Christoph Bösch
After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.
{"title":"A Privacy-Aware V-Model for Software Development","authors":"Ala'a Al-Momani, F. Kargl, R. Schmidt, A. Kung, Christoph Bösch","doi":"10.1109/SPW.2019.00028","DOIUrl":"https://doi.org/10.1109/SPW.2019.00028","url":null,"abstract":"After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"135 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131983770","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We describe a method for approximating any bounded activation function given encrypted input data. The utility of our method is exemplified by simulating it within two typical machine learning tasks: namely, a Variational Autoencoder that learns a latent representation of MNIST data, and an MNIST image classifier.
{"title":"Efficient Evaluation of Activation Functions over Encrypted Data","authors":"Patricia Thaine, S. Gorbunov, Gerald Penn","doi":"10.1109/SPW.2019.00022","DOIUrl":"https://doi.org/10.1109/SPW.2019.00022","url":null,"abstract":"We describe a method for approximating any bounded activation function given encrypted input data. The utility of our method is exemplified by simulating it within two typical machine learning tasks: namely, a Variational Autoencoder that learns a latent representation of MNIST data, and an MNIST image classifier.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114985326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Trigger-action platforms enable end-users to program their smart homes using simple conditional rules of the form: if "condition" then "action". Although these rules are easy to program, subtleties in their interpretation can cause users to make errors that have consequences ranging from incorrect and undesired functionality to security and privacy violations. Based on prior work, we enumerate a set of nine classes of errors that users can make, and we empirically study the relationship between these classes and the interface design of eight commercially available trigger-action platforms. Particularly, we examine whether each interface prevents (e.g., via good design) or allows each class of error. Based on this analysis, we develop a framework to classify errors and extract insights that lay a foundation for the design of future trigger-action programming interfaces where certain classes of errors can be mitigated by technical means or by alerting the user of the possibility of an error. For instance, we identify that an analysis of a dataset of functionally-similar trigger-action rules could be used to predict whether certain types of error patterns are about to occur.
{"title":"Analysis of the Susceptibility of Smart Home Programming Interfaces to End User Error","authors":"Mitali Palekar, Earlence Fernandes, Franziska Roesner","doi":"10.1109/SPW.2019.00034","DOIUrl":"https://doi.org/10.1109/SPW.2019.00034","url":null,"abstract":"Trigger-action platforms enable end-users to program their smart homes using simple conditional rules of the form: if \"condition\" then \"action\". Although these rules are easy to program, subtleties in their interpretation can cause users to make errors that have consequences ranging from incorrect and undesired functionality to security and privacy violations. Based on prior work, we enumerate a set of nine classes of errors that users can make, and we empirically study the relationship between these classes and the interface design of eight commercially available trigger-action platforms. Particularly, we examine whether each interface prevents (e.g., via good design) or allows each class of error. Based on this analysis, we develop a framework to classify errors and extract insights that lay a foundation for the design of future trigger-action programming interfaces where certain classes of errors can be mitigated by technical means or by alerting the user of the possibility of an error. For instance, we identify that an analysis of a dataset of functionally-similar trigger-action rules could be used to predict whether certain types of error patterns are about to occur.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129568059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: