Sanchuan Chen, Xiaokuan Zhang, M. Reiter, Yinqian Zhang
Intel Software Guard Extension (SGX) protects the confidentiality and integrity of an unprivileged program running inside a secure enclave from a privileged attacker who has full control of the entire operating system (OS). Program execution inside this enclave is therefore referred to as shielded. Unfortunately, shielded execution does not protect programs from side-channel attacks by a privileged attacker. For instance, it has been shown that by changing page table entries of memory pages used by shielded execution, a malicious OS kernel could observe memory page accesses from the execution and hence infer a wide range of sensitive information about it. In fact, this page-fault side channel is only an instance of a category of side-channel attacks, here called privileged side-channel attacks, in which privileged attackers frequently preempt the shielded execution to obtain fine-grained side-channel observations. In this paper, we present Deja Vu, a software framework that enables a shielded execution to detect such privileged side-channel attacks. Specifically, we build into shielded execution the ability to check program execution time at the granularity of paths in its control-flow graph. To provide a trustworthy source of time measurement, Deja Vu implements a novel software reference clock that is protected by Intel Transactional Synchronization Extensions (TSX), a hardware implementation of transactional memory. Evaluations show that Deja Vu effectively detects side-channel attacks against shielded execution and against the reference clock itself.
{"title":"Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu","authors":"Sanchuan Chen, Xiaokuan Zhang, M. Reiter, Yinqian Zhang","doi":"10.1145/3052973.3053007","DOIUrl":"https://doi.org/10.1145/3052973.3053007","url":null,"abstract":"Intel Software Guard Extension (SGX) protects the confidentiality and integrity of an unprivileged program running inside a secure enclave from a privileged attacker who has full control of the entire operating system (OS). Program execution inside this enclave is therefore referred to as shielded. Unfortunately, shielded execution does not protect programs from side-channel attacks by a privileged attacker. For instance, it has been shown that by changing page table entries of memory pages used by shielded execution, a malicious OS kernel could observe memory page accesses from the execution and hence infer a wide range of sensitive information about it. In fact, this page-fault side channel is only an instance of a category of side-channel attacks, here called privileged side-channel attacks, in which privileged attackers frequently preempt the shielded execution to obtain fine-grained side-channel observations. In this paper, we present Deja Vu, a software framework that enables a shielded execution to detect such privileged side-channel attacks. Specifically, we build into shielded execution the ability to check program execution time at the granularity of paths in its control-flow graph. To provide a trustworthy source of time measurement, Deja Vu implements a novel software reference clock that is protected by Intel Transactional Synchronization Extensions (TSX), a hardware implementation of transactional memory. Evaluations show that Deja Vu effectively detects side-channel attacks against shielded execution and against the reference clock itself.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"73 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79152121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Although there are over 1,900,000 third-party Android apps in the Google Play Store, little is understood about how their security and privacy characteristics, such as dangerous permission usage and the vulnerabilities they contain, have evolved over time. Our research is two-fold: we take quarterly snapshots of the Google Play Store over a two-year period to understand how permission usage by apps has changed; and we analyse 30,000 apps to understand how their security and privacy characteristics have changed over the same two-year period. Extrapolating our findings, we estimate that over 35,000 apps in the Google Play Store ask for additional dangerous permissions every three months. Our statistically significant observations suggest that free apps and popular apps are more likely to ask for additional dangerous permissions when they are updated. Worryingly, we discover that Android apps are not getting safer as they are updated. In many cases, app updates serve to increase the number of distinct vulnerabilities contained within apps, especially for popular apps. We conclude with recommendations to stakeholders for improving the security of the Android ecosystem.
{"title":"To Update or Not to Update: Insights From a Two-Year Study of Android App Evolution","authors":"Vincent F. Taylor, I. Martinovic","doi":"10.1145/3052973.3052990","DOIUrl":"https://doi.org/10.1145/3052973.3052990","url":null,"abstract":"Although there are over 1,900,000 third-party Android apps in the Google Play Store, little is understood about how their security and privacy characteristics, such as dangerous permission usage and the vulnerabilities they contain, have evolved over time. Our research is two-fold: we take quarterly snapshots of the Google Play Store over a two-year period to understand how permission usage by apps has changed; and we analyse 30,000 apps to understand how their security and privacy characteristics have changed over the same two-year period. Extrapolating our findings, we estimate that over 35,000 apps in the Google Play Store ask for additional dangerous permissions every three months. Our statistically significant observations suggest that free apps and popular apps are more likely to ask for additional dangerous permissions when they are updated. Worryingly, we discover that Android apps are not getting safer as they are updated. In many cases, app updates serve to increase the number of distinct vulnerabilities contained within apps, especially for popular apps. We conclude with recommendations to stakeholders for improving the security of the Android ecosystem.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"30 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80333830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security- critical, e.g., automotive electronics, medical devices, or SCADA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of the scientific community and government. Initially, the primary attacker model was a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the functionality of a chip. Many other attacker models exist too. For instance, a legitimate IC manufacturer, such as a consumer electronics company, might be in cohort with a national intelligence agency and could alter its products in a way that compromises their security. Even though hardware Trojans have been studied for a decade or so in the literature, little is known about how they might look, and what the "use cases" for them is. We describe two applications for low-level hardware manipulations. One introduces an ASIC Trojans by sub-transistor changes, and the other is a novel type of fault-injection attacks against FPGAs. As an example for an extremely stealthy manipulations, we show how a dangerous Trojans can be introduced by merely changing the dopant polarity of selected existing transistors of a design. The Trojan manipulates the digital post-processing of Intel's cryptographically secure random number generator used in the Ivy Bridge processors. The adversary is capable of exactly controlling the entropy of the RNG. For example, the attacker can reduce the RNG's entropy to 40 bits of randomness. Due to the AES-based one-way function after the entropy extracting, the Trojan is very difficult to detect. Crucially, this approach does not require to add new circuits to the IC. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), our family of Trojans is resistant to many detection techniques, including fine-grain optical inspection and checking against "golden chips". As a second "use case", we show how an adversary can extract cryptographic keys from an unknown FPGA design. The attack, coined bitstream fault injection (BiFI), systematically manipulates the bitstream by changing random LUT contents, configures the target device, and collects the resulting faulty ciphertexts. The ciphertexts are used to recover the key by testing a set of hypotheses, e.g., that the ciphertext is the plaintext XORed with the key. The attack only needs a black-box assumption about the bitstream structure and format. It was verified by considering a set of 3 rd party AES designs on different standard FPGAs. In 15 out of 16 designs, we were able to extract the AES key.
{"title":"Hardware Trojans and Other Threats against Embedded Systems","authors":"C. Paar","doi":"10.1145/3052973.3053885","DOIUrl":"https://doi.org/10.1145/3052973.3053885","url":null,"abstract":"Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security- critical, e.g., automotive electronics, medical devices, or SCADA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of the scientific community and government. Initially, the primary attacker model was a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the functionality of a chip. Many other attacker models exist too. For instance, a legitimate IC manufacturer, such as a consumer electronics company, might be in cohort with a national intelligence agency and could alter its products in a way that compromises their security. Even though hardware Trojans have been studied for a decade or so in the literature, little is known about how they might look, and what the \"use cases\" for them is. We describe two applications for low-level hardware manipulations. One introduces an ASIC Trojans by sub-transistor changes, and the other is a novel type of fault-injection attacks against FPGAs. As an example for an extremely stealthy manipulations, we show how a dangerous Trojans can be introduced by merely changing the dopant polarity of selected existing transistors of a design. The Trojan manipulates the digital post-processing of Intel's cryptographically secure random number generator used in the Ivy Bridge processors. The adversary is capable of exactly controlling the entropy of the RNG. For example, the attacker can reduce the RNG's entropy to 40 bits of randomness. Due to the AES-based one-way function after the entropy extracting, the Trojan is very difficult to detect. Crucially, this approach does not require to add new circuits to the IC. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), our family of Trojans is resistant to many detection techniques, including fine-grain optical inspection and checking against \"golden chips\". As a second \"use case\", we show how an adversary can extract cryptographic keys from an unknown FPGA design. The attack, coined bitstream fault injection (BiFI), systematically manipulates the bitstream by changing random LUT contents, configures the target device, and collects the resulting faulty ciphertexts. The ciphertexts are used to recover the key by testing a set of hypotheses, e.g., that the ciphertext is the plaintext XORed with the key. The attack only needs a black-box assumption about the bitstream structure and format. It was verified by considering a set of 3 rd party AES designs on different standard FPGAs. In 15 out of 16 designs, we were able to extract the AES key.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"19 1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83040351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Gildas Avoine, Xavier Bultel, S. Gambs, David Gérault, P. Lafourcade, Cristina Onete, J. Robert
Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, verifiers have to authenticate the credentials of untrusted provers. Unfortunately, these protocols are themselves subject to complex threats such as terrorist-fraud attacks, in which a malicious prover helps an accomplice to authenticate. Provably guaranteeing the resistance of distance-bounding protocols to these attacks is complex. The classical solutions assume that rational provers want to protect their long-term authentication credentials, even with respect to their accomplices. Thus, terrorist-fraud resistant protocols generally rely on artificial extraction mechanisms, ensuring that an accomplice can retrieve the credential of his partnering prover, if he is able to authenticate. We propose a novel approach to obtain provable terrorist-fraud resistant protocols that does not rely on an accomplice being able to extract any long-term key. Instead, we simply assume that he can replay the information received from the prover. Thus, rational provers should refuse to cooperate with third parties if they can impersonate them freely afterwards. We introduce a generic construction for provably secure distance-bounding protocols, and give three instances of this construction: (1) an efficient symmetric-key protocol, (2) a public-key protocol protecting the identities of provers against external eavesdroppers, and finally (3) a fully anonymous protocol protecting the identities of provers even against malicious verifiers that try to profile them.
{"title":"A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol","authors":"Gildas Avoine, Xavier Bultel, S. Gambs, David Gérault, P. Lafourcade, Cristina Onete, J. Robert","doi":"10.1145/3052973.3053000","DOIUrl":"https://doi.org/10.1145/3052973.3053000","url":null,"abstract":"Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, verifiers have to authenticate the credentials of untrusted provers. Unfortunately, these protocols are themselves subject to complex threats such as terrorist-fraud attacks, in which a malicious prover helps an accomplice to authenticate. Provably guaranteeing the resistance of distance-bounding protocols to these attacks is complex. The classical solutions assume that rational provers want to protect their long-term authentication credentials, even with respect to their accomplices. Thus, terrorist-fraud resistant protocols generally rely on artificial extraction mechanisms, ensuring that an accomplice can retrieve the credential of his partnering prover, if he is able to authenticate. We propose a novel approach to obtain provable terrorist-fraud resistant protocols that does not rely on an accomplice being able to extract any long-term key. Instead, we simply assume that he can replay the information received from the prover. Thus, rational provers should refuse to cooperate with third parties if they can impersonate them freely afterwards. We introduce a generic construction for provably secure distance-bounding protocols, and give three instances of this construction: (1) an efficient symmetric-key protocol, (2) a public-key protocol protecting the identities of provers against external eavesdroppers, and finally (3) a fully anonymous protocol protecting the identities of provers even against malicious verifiers that try to profile them.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"22 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87708881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
SP3 presents the design and implementation of a service to allow clients to send themselves a limited amount of network traffic from an arbitrary source IP address. Packet Spoofing is a powerful tool, although often misused, and has the potential to establish TCP connections between clients located behind NATs, to learn about network firewall policies, and to obscure communication patterns by separating source and destination. SP^3 is the first system to offer this capability as a service, while implementing safeguards to prevent malicious users from attacking others. This poster presents the design of SP^3.
{"title":"A Secure, Practical & Safe Packet Spoofing Service","authors":"W. Scott","doi":"10.1145/3052973.3055155","DOIUrl":"https://doi.org/10.1145/3052973.3055155","url":null,"abstract":"SP3 presents the design and implementation of a service to allow clients to send themselves a limited amount of network traffic from an arbitrary source IP address. Packet Spoofing is a powerful tool, although often misused, and has the potential to establish TCP connections between clients located behind NATs, to learn about network firewall policies, and to obscure communication patterns by separating source and destination. SP^3 is the first system to offer this capability as a service, while implementing safeguards to prevent malicious users from attacking others. This poster presents the design of SP^3.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"27 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90584372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Memory Corruption Att. & Def.","authors":"Heng Yin","doi":"10.1145/3248550","DOIUrl":"https://doi.org/10.1145/3248550","url":null,"abstract":"","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"25 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90974846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Frederik Armknecht, C. Boyd, Gareth T. Davies, Kristian Gjøsteen, Mohsen Toorani
Deduplication removes redundant copies of files or data blocks stored on the cloud. Client-side deduplication, where the client only uploads the file upon the request of the server, provides major storage and bandwidth savings, but introduces a number of security concerns. Harnik et al. (2010) showed how cross-user client-side deduplication inherently gives the adversary access to a (noisy) side-channel that may divulge whether or not a particular file is stored on the server, leading to leakage of user information. We provide formal definitions for deduplication strategies and their security in terms of adversarial advantage. Using these definitions, we provide a criterion for designing good strategies and then prove a bound characterizing the necessary trade-off between security and efficiency.
{"title":"Side Channels in Deduplication: Trade-offs between Leakage and Efficiency","authors":"Frederik Armknecht, C. Boyd, Gareth T. Davies, Kristian Gjøsteen, Mohsen Toorani","doi":"10.1145/3052973.3053019","DOIUrl":"https://doi.org/10.1145/3052973.3053019","url":null,"abstract":"Deduplication removes redundant copies of files or data blocks stored on the cloud. Client-side deduplication, where the client only uploads the file upon the request of the server, provides major storage and bandwidth savings, but introduces a number of security concerns. Harnik et al. (2010) showed how cross-user client-side deduplication inherently gives the adversary access to a (noisy) side-channel that may divulge whether or not a particular file is stored on the server, leading to leakage of user information. We provide formal definitions for deduplication strategies and their security in terms of adversarial advantage. Using these definitions, we provide a criterion for designing good strategies and then prove a bound characterizing the necessary trade-off between security and efficiency.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"46 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89629320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Genomic privacy has attracted much attention from the research community, mainly since its risks are unique and breaches can lead to terrifying leakage of most personal and sensitive information. The much less explored topic of genomic security needs to mitigate threats of the digitized genome being altered by its owner or an outside party, which can have dire consequences, especially, in medical or legal settings. At the same time, many anticipated genomic applications (with varying degrees of trust) require only small amounts of genomic data. Supporting such applications requires a careful balance between security and privacy. Furthermore, genome's size raises performance concerns. We argue that genomic security must be taken seriously and explored as a research topic in its own right. To this end, we discuss the problem space, identify the stakeholders, discuss assumptions about them, and outline several simple approaches based on common cryptographic techniques, including signature variants and authenticated data structures. We also present some extensions and identify opportunities for future research. The main goal of this paper is to highlight the importance of genomic security as a research topic in its own right.
{"title":"Security in Personal Genomics: Lest We Forget","authors":"G. Tsudik","doi":"10.1145/3052973.3056128","DOIUrl":"https://doi.org/10.1145/3052973.3056128","url":null,"abstract":"Genomic privacy has attracted much attention from the research community, mainly since its risks are unique and breaches can lead to terrifying leakage of most personal and sensitive information. The much less explored topic of genomic security needs to mitigate threats of the digitized genome being altered by its owner or an outside party, which can have dire consequences, especially, in medical or legal settings. At the same time, many anticipated genomic applications (with varying degrees of trust) require only small amounts of genomic data. Supporting such applications requires a careful balance between security and privacy. Furthermore, genome's size raises performance concerns. We argue that genomic security must be taken seriously and explored as a research topic in its own right. To this end, we discuss the problem space, identify the stakeholders, discuss assumptions about them, and outline several simple approaches based on common cryptographic techniques, including signature variants and authenticated data structures. We also present some extensions and identify opportunities for future research. The main goal of this paper is to highlight the importance of genomic security as a research topic in its own right.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"43 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77376720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Distributed data stores have been rapidly evolving to serve the needs of large-scale applications such as online gaming and real-time targeting. In particular, distributed key-value stores have been widely adopted due to their superior performance. However, these systems do not guarantee to provide strong protection of data confidentiality, and as a result fall short of addressing serious privacy concerns raised from massive data breaches. In this paper, we introduce EncKV, an encrypted key-value store with secure rich query support. First, EncKV stores encrypted data records with multiple secondary attributes in the form of encrypted key-value pairs. Second, it leverages the latest practical primitives for searching over encrypted data, i.e., searchable symmetric encryption and order-revealing encryption, and provides encrypted indexes with guaranteed security to support exact-match and range-match queries via secondary attributes of data records. Third, it carefully integrates these indexes into a distributed index framework to facilitate secure query processing in parallel. To mitigate recent inference attacks on encrypted database systems, EncKV protects the order information during range queries, and presents an interactive batch query mechanism to further hide the associations across data values on different attributes. We implement an EncKV prototype on a Redis cluster, and conduct an extensive set of performance evaluations on the Amazon EC2 public cloud platform. Our results show that EncKV effectively preserves the efficiency and scalability of plaintext distributed key-value stores.
{"title":"EncKV: An Encrypted Key-value Store with Rich Queries","authors":"Xingliang Yuan, Yu Guo, Xinyu Wang, Cong Wang, Baochun Li, X. Jia","doi":"10.1145/3052973.3052977","DOIUrl":"https://doi.org/10.1145/3052973.3052977","url":null,"abstract":"Distributed data stores have been rapidly evolving to serve the needs of large-scale applications such as online gaming and real-time targeting. In particular, distributed key-value stores have been widely adopted due to their superior performance. However, these systems do not guarantee to provide strong protection of data confidentiality, and as a result fall short of addressing serious privacy concerns raised from massive data breaches. In this paper, we introduce EncKV, an encrypted key-value store with secure rich query support. First, EncKV stores encrypted data records with multiple secondary attributes in the form of encrypted key-value pairs. Second, it leverages the latest practical primitives for searching over encrypted data, i.e., searchable symmetric encryption and order-revealing encryption, and provides encrypted indexes with guaranteed security to support exact-match and range-match queries via secondary attributes of data records. Third, it carefully integrates these indexes into a distributed index framework to facilitate secure query processing in parallel. To mitigate recent inference attacks on encrypted database systems, EncKV protects the order information during range queries, and presents an interactive batch query mechanism to further hide the associations across data values on different attributes. We implement an EncKV prototype on a Redis cluster, and conduct an extensive set of performance evaluations on the Amazon EC2 public cloud platform. Our results show that EncKV effectively preserves the efficiency and scalability of plaintext distributed key-value stores.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"442 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76329757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Omid Mirzaei, Guillermo Suarez-Tangil, J. Tapiador, J. M. D. Fuentes
Information flows in Android can be effectively used to give an informative summary of an application's behavior, showing how and for what purpose apps use specific pieces of information. This has been shown to be extremely useful to characterize risky behaviors and, ultimately, to identify unwanted or malicious applications in Android. However, identifying information flows in an application is computationally highly expensive and, with more than one million apps in the Google Play market, it is critical to prioritize applications that are likely to pose a risk. In this work, we develop a triage mechanism to rank applications considering their potential risk. Our approach, called TriFlow, relies on static features that are quick to obtain. TriFlow combines a probabilistic model to predict the existence of information flows with a metric of how significant a flow is in benign and malicious apps. Based on this, TriFlow provides a score for each application that can be used to prioritize analysis. TriFlow also provides an explanatory report of the associated risk. We evaluate our tool with a representative dataset of benign and malicious Android apps. Our results show that it can predict the presence of information flows very accurately and that the overall triage mechanism enables significant resource saving.
{"title":"TriFlow: Triaging Android Applications using Speculative Information Flows","authors":"Omid Mirzaei, Guillermo Suarez-Tangil, J. Tapiador, J. M. D. Fuentes","doi":"10.1145/3052973.3053001","DOIUrl":"https://doi.org/10.1145/3052973.3053001","url":null,"abstract":"Information flows in Android can be effectively used to give an informative summary of an application's behavior, showing how and for what purpose apps use specific pieces of information. This has been shown to be extremely useful to characterize risky behaviors and, ultimately, to identify unwanted or malicious applications in Android. However, identifying information flows in an application is computationally highly expensive and, with more than one million apps in the Google Play market, it is critical to prioritize applications that are likely to pose a risk. In this work, we develop a triage mechanism to rank applications considering their potential risk. Our approach, called TriFlow, relies on static features that are quick to obtain. TriFlow combines a probabilistic model to predict the existence of information flows with a metric of how significant a flow is in benign and malicious apps. Based on this, TriFlow provides a score for each application that can be used to prioritize analysis. TriFlow also provides an explanatory report of the associated risk. We evaluate our tool with a representative dataset of benign and malicious Android apps. Our results show that it can predict the presence of information flows very accurately and that the overall triage mechanism enables significant resource saving.","PeriodicalId":20540,"journal":{"name":"Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security","volume":"260 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82960079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: