Alberto Ibarrondo, H. Chabanne, V. Despiegel, Melek Önen
This paper proposes a novel method to perform privacy-preserving face identification based on the notion of group testing, and applies it to a solution using the Cheon-Kim-Kim-Song (CKKS) homomorphic encryption scheme. Securely computing the closest reference template to a given live template requires K comparisons, as many as there are identities in a biometric database. Our solution, named Grote, replaces element-wise testing by group testing to drastically reduce the number of such costly, non-linear operations in the encrypted domain from K to up to 2sqrtK . More specifically, we approximate the max of the coordinates of a large vector by raising to the α-th power and cumulative sum in a 2D layout, incurring a small impact in the accuracy of the system while greatly speeding up its execution. We implement Grote and evaluate its performance.
{"title":"Grote: Group Testing for Privacy-Preserving Face Identification","authors":"Alberto Ibarrondo, H. Chabanne, V. Despiegel, Melek Önen","doi":"10.1145/3577923.3583656","DOIUrl":"https://doi.org/10.1145/3577923.3583656","url":null,"abstract":"This paper proposes a novel method to perform privacy-preserving face identification based on the notion of group testing, and applies it to a solution using the Cheon-Kim-Kim-Song (CKKS) homomorphic encryption scheme. Securely computing the closest reference template to a given live template requires K comparisons, as many as there are identities in a biometric database. Our solution, named Grote, replaces element-wise testing by group testing to drastically reduce the number of such costly, non-linear operations in the encrypted domain from K to up to 2sqrtK . More specifically, we approximate the max of the coordinates of a large vector by raising to the α-th power and cumulative sum in a 2D layout, incurring a small impact in the accuracy of the system while greatly speeding up its execution. We implement Grote and evaluate its performance.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121051724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Haoxiang Qin, Zhenyu Song, Weijuan Zhang, Si-Cheng Huang, Wentao Yao, Ge Liu, Xiaoqi Jia, Haichao Du
AMD Secure Encrypted Virtualization (SEV) assumes the hypervisor (HV) is untrusted and introduces hardware memory encryption support for virtual machines (VMs). Previous studies have proposed various attacks against encrypted VMs by exploiting SEV security flaws such as unencrypted VMCB and lack of memory integrity. Most of these flaws have been solved by the subsequent releases of SEV with Encrypted State (SEV-ES) and SEV with Secure Nested Paging (SEV-SNP). However, the latest SEV-SNP cannot stop the malicious HV tampering with critical flags in the nested page table (NPT). So SEV-SNP is still vulnerable to the nested page fault (NPF) controlled channel attack, which is a commonly shared step of most attacks against SEV. Existing works on SEV also cannot defend against NPF controlled channel. In this paper, we first analyze the root cause of NPF controlled channel. Then we propose a software-based approach to protect encrypted VMs from NPF controlled channel. We introduce a virtualization security module (VSM) as a software TCB to deprivilege the HV by modifing the HV to access critical resources indirectly through interfaces managed by VSM. To prevent the untrusted HV from compromising the VSM-based protection, we extend the nested kernel architecture to the virtualization layer to provide isolation for VSM at the same privilege level. A prototype of this approach is implemented based on KVM. The experiments show that the approach can protect encrypted VMs from NPF controlled channel with 1.21% average runtime overhead and 1.47% average I/O overhead.
{"title":"Protecting Encrypted Virtual Machines from Nested Page Fault Controlled Channel","authors":"Haoxiang Qin, Zhenyu Song, Weijuan Zhang, Si-Cheng Huang, Wentao Yao, Ge Liu, Xiaoqi Jia, Haichao Du","doi":"10.1145/3577923.3583659","DOIUrl":"https://doi.org/10.1145/3577923.3583659","url":null,"abstract":"AMD Secure Encrypted Virtualization (SEV) assumes the hypervisor (HV) is untrusted and introduces hardware memory encryption support for virtual machines (VMs). Previous studies have proposed various attacks against encrypted VMs by exploiting SEV security flaws such as unencrypted VMCB and lack of memory integrity. Most of these flaws have been solved by the subsequent releases of SEV with Encrypted State (SEV-ES) and SEV with Secure Nested Paging (SEV-SNP). However, the latest SEV-SNP cannot stop the malicious HV tampering with critical flags in the nested page table (NPT). So SEV-SNP is still vulnerable to the nested page fault (NPF) controlled channel attack, which is a commonly shared step of most attacks against SEV. Existing works on SEV also cannot defend against NPF controlled channel. In this paper, we first analyze the root cause of NPF controlled channel. Then we propose a software-based approach to protect encrypted VMs from NPF controlled channel. We introduce a virtualization security module (VSM) as a software TCB to deprivilege the HV by modifing the HV to access critical resources indirectly through interfaces managed by VSM. To prevent the untrusted HV from compromising the VSM-based protection, we extend the nested kernel architecture to the virtualization layer to provide isolation for VSM at the same privilege level. A prototype of this approach is implemented based on KVM. The experiments show that the approach can protect encrypted VMs from NPF controlled channel with 1.21% average runtime overhead and 1.47% average I/O overhead.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"191 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123006284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Momen Oqaily, Suryadipta Majumdar, Lingyu Wang, Mohammad Ekramul Kabir, Yosr Jarraya, A. S. M. Asadujjaman, M. Pourzandi, M. Debbabi, Mohammad Ekramul Kabir
There is a growing trend of hosting chains of Virtual Network Functions (VNFs) on third-party clouds for more cost-effective deployment. However, the multi-actor nature of such a deployment may allow a mismatch to silently arise between tenant-level specifications of VNF chains and their cloud provider-level deployment. Most existing auditing approaches would face difficulties in identifying such an integrity breach. First, relying on the cloud provider may not be sufficient, since modifications made by a stealthy attacker may seem legitimate to the provider. Second, the tenant cannot directly perform the auditing due to limited access to the provider-level data. In addition, shipping such data to the tenant would incur prohibitive overhead and confidentiality concerns. In this paper, we design a tenant-based, two-stage solution where the first stage leverages tenant-level side-channel information to identify suspected integrity breaches, and then the second stage automatically identifies and anonymizes selected provider-level data for the tenant to verify the suspected breaches from the first stage. The key advantages of our solution are: (i) the first stage gives tenants more control and transparency (with the capability of identifying integrity breaches without the provider's assistance), and (ii) the second stage provides tenants higher accuracy (with the capability of rigorous verification based on provider-level data). Our solution is integrated into OpenStack/Tacker (a popular choice for NFV deployment), and its effectiveness is demonstrated via experiments (e.g., up to 90% accuracy with the first stage alone).
{"title":"A Tenant-based Two-stage Approach to Auditing the Integrity of Virtual Network Function Chains Hosted on Third-Party Clouds","authors":"Momen Oqaily, Suryadipta Majumdar, Lingyu Wang, Mohammad Ekramul Kabir, Yosr Jarraya, A. S. M. Asadujjaman, M. Pourzandi, M. Debbabi, Mohammad Ekramul Kabir","doi":"10.1145/3577923.3583643","DOIUrl":"https://doi.org/10.1145/3577923.3583643","url":null,"abstract":"There is a growing trend of hosting chains of Virtual Network Functions (VNFs) on third-party clouds for more cost-effective deployment. However, the multi-actor nature of such a deployment may allow a mismatch to silently arise between tenant-level specifications of VNF chains and their cloud provider-level deployment. Most existing auditing approaches would face difficulties in identifying such an integrity breach. First, relying on the cloud provider may not be sufficient, since modifications made by a stealthy attacker may seem legitimate to the provider. Second, the tenant cannot directly perform the auditing due to limited access to the provider-level data. In addition, shipping such data to the tenant would incur prohibitive overhead and confidentiality concerns. In this paper, we design a tenant-based, two-stage solution where the first stage leverages tenant-level side-channel information to identify suspected integrity breaches, and then the second stage automatically identifies and anonymizes selected provider-level data for the tenant to verify the suspected breaches from the first stage. The key advantages of our solution are: (i) the first stage gives tenants more control and transparency (with the capability of identifying integrity breaches without the provider's assistance), and (ii) the second stage provides tenants higher accuracy (with the capability of rigorous verification based on provider-level data). Our solution is integrated into OpenStack/Tacker (a popular choice for NFV deployment), and its effectiveness is demonstrated via experiments (e.g., up to 90% accuracy with the first stage alone).","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"141 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122914170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the rising number of devices connected to the internet, the number of cyber-attacks on these devices increases in parallel. There are several strategies that an attacker can pursue, like stealing intellectual property of a victim or encrypting data to demand ransom for the decryption. In this work, we are focusing on the detection of so called cryptojacking attacks, in which an attacker that gained access to a system, then introduces programs that use the processing power of the victim device to mine cryptocurrencies. The presence of such an attack is not obvious right away and the longer an attacker manages to remain undetected, the longer they can profit having the victim foot the power bill. In this study, we combine previous approaches to demonstrate that cryptojacking attacks can be detected with an accuracy of 96% by leveraging hardware performance counters on the Windows operating system. Further, we present a method to determine which performance events result in the best detection rates, thus allowing the selection of a few performance events that can be monitored simultaneously by modern consumer CPUs. In a next step, we show that the CPU counters-based detection mechanism fails when an attacker switches from using the CPU resources to GPUs for the mining tasks. Based on these findings we then improve the previous detection approaches by extending the CPU performance counters with GPU-specific metrics resulting in 99.86% accuracy for the GPU-based cryptojacking attack class. In addition to a high detection rate the presented approach only causes a negligible performance loss while monitoring the whole system, which allows for continuous monitoring of live systems.
{"title":"Overcoming the Pitfalls of HPC-based Cryptojacking Detection in Presence of GPUs","authors":"Claudius Pott, Berk Gulmezoglu, T. Eisenbarth","doi":"10.1145/3577923.3583655","DOIUrl":"https://doi.org/10.1145/3577923.3583655","url":null,"abstract":"With the rising number of devices connected to the internet, the number of cyber-attacks on these devices increases in parallel. There are several strategies that an attacker can pursue, like stealing intellectual property of a victim or encrypting data to demand ransom for the decryption. In this work, we are focusing on the detection of so called cryptojacking attacks, in which an attacker that gained access to a system, then introduces programs that use the processing power of the victim device to mine cryptocurrencies. The presence of such an attack is not obvious right away and the longer an attacker manages to remain undetected, the longer they can profit having the victim foot the power bill. In this study, we combine previous approaches to demonstrate that cryptojacking attacks can be detected with an accuracy of 96% by leveraging hardware performance counters on the Windows operating system. Further, we present a method to determine which performance events result in the best detection rates, thus allowing the selection of a few performance events that can be monitored simultaneously by modern consumer CPUs. In a next step, we show that the CPU counters-based detection mechanism fails when an attacker switches from using the CPU resources to GPUs for the mining tasks. Based on these findings we then improve the previous detection approaches by extending the CPU performance counters with GPU-specific metrics resulting in 99.86% accuracy for the GPU-based cryptojacking attack class. In addition to a high detection rate the presented approach only causes a negligible performance loss while monitoring the whole system, which allows for continuous monitoring of live systems.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130045839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham
The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.
{"title":"The Design of an Ontology for ATT&CK and its Application to Cybersecurity","authors":"Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham","doi":"10.1145/3577923.3585051","DOIUrl":"https://doi.org/10.1145/3577923.3585051","url":null,"abstract":"The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128590670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sayon Duttagupta, Eduard Marin, Dave Singelée, B. Preneel
During the last few years, Implantable Medical Devices (IMDs) have evolved considerably. IMD manufacturers are now starting to rely on standard wireless technologies for connectivity. Moreover, there is an evolution towards open systems where the IMD can be remotely monitored or reconfigured through personal commercial-off-the-shelf devices such as smartphones or tablets. Nevertheless, a major problem that still remains unsolved today is the secure establishment of cryptographic keys between the IMD and such personal devices. Researchers have already proposed various solutions, most notably by relying on an additional external device. Unfortunately, these proposed approaches are either insecure, difficult to realise in practice, or are unsuitable for the latest generation of IMDs. Motivated by this, we present HAT, a secure and practical solution to provide fine-grained and dynamic access control for the next generation of IMDs, while offering full control and transparency to the patient. The main idea behind HAT is to shift the access control responsibilities from the IMD to an external device under the user's control, such as a smartphone, acting as the IMD's Key Distribution Center. We show that HAT only introduces minimal energy and memory overhead and formally prove its security using Verifpal.
{"title":"HAT: Secure and Practical Key Establishment for Implantable Medical Devices","authors":"Sayon Duttagupta, Eduard Marin, Dave Singelée, B. Preneel","doi":"10.1145/3577923.3583646","DOIUrl":"https://doi.org/10.1145/3577923.3583646","url":null,"abstract":"During the last few years, Implantable Medical Devices (IMDs) have evolved considerably. IMD manufacturers are now starting to rely on standard wireless technologies for connectivity. Moreover, there is an evolution towards open systems where the IMD can be remotely monitored or reconfigured through personal commercial-off-the-shelf devices such as smartphones or tablets. Nevertheless, a major problem that still remains unsolved today is the secure establishment of cryptographic keys between the IMD and such personal devices. Researchers have already proposed various solutions, most notably by relying on an additional external device. Unfortunately, these proposed approaches are either insecure, difficult to realise in practice, or are unsuitable for the latest generation of IMDs. Motivated by this, we present HAT, a secure and practical solution to provide fine-grained and dynamic access control for the next generation of IMDs, while offering full control and transparency to the patient. The main idea behind HAT is to shift the access control responsibilities from the IMD to an external device under the user's control, such as a smartphone, acting as the IMD's Key Distribution Center. We show that HAT only introduces minimal energy and memory overhead and formally prove its security using Verifpal.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131304229","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Most state-of-the-art facial recognition systems (FRS:s) use face embeddings. In this paper, we present the IdDecoder framework, capable of effectively synthesizing realistic-neutralized face images from face embeddings, and two effective attacks on state-of-the-art facial recognition models using embeddings. The first attack is a black-box version of a model inversion attack that allows the attacker to reconstruct a realistic face image that is both visually and numerically (as determined by the FRS:s) recognized as the same identity as the original face used to create a given face embedding. This attack raises significant privacy concerns regarding the membership of the gallery dataset of these systems and highlights the importance of both the people designing and deploying FRS:s paying greater attention to the protection of the face embeddings than currently done. The second attack is a novel attack that performs the model inversion, so to instead create the face of an alternative identity that is visually different from the original identity but has close identity distance (ensuring that it is recognized as being of the same identity). This attack increases the attacked system's false acceptance rate and raises significant security concerns. Finally, we use IdDecoder to visualize, evaluate, and provide insights into differences between three state-of-the-art facial embedding models.
{"title":"IdDecoder: A Face Embedding Inversion Tool and its Privacy and Security Implications on Facial Recognition Systems","authors":"Minh-Ha Le, Niklas Carlsson","doi":"10.1145/3577923.3583645","DOIUrl":"https://doi.org/10.1145/3577923.3583645","url":null,"abstract":"Most state-of-the-art facial recognition systems (FRS:s) use face embeddings. In this paper, we present the IdDecoder framework, capable of effectively synthesizing realistic-neutralized face images from face embeddings, and two effective attacks on state-of-the-art facial recognition models using embeddings. The first attack is a black-box version of a model inversion attack that allows the attacker to reconstruct a realistic face image that is both visually and numerically (as determined by the FRS:s) recognized as the same identity as the original face used to create a given face embedding. This attack raises significant privacy concerns regarding the membership of the gallery dataset of these systems and highlights the importance of both the people designing and deploying FRS:s paying greater attention to the protection of the face embeddings than currently done. The second attack is a novel attack that performs the model inversion, so to instead create the face of an alternative identity that is visually different from the original identity but has close identity distance (ensuring that it is recognized as being of the same identity). This attack increases the attacked system's false acceptance rate and raises significant security concerns. Finally, we use IdDecoder to visualize, evaluate, and provide insights into differences between three state-of-the-art facial embedding models.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"300 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129313302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents a novel approach for generating Attribute-based Access Control policies from a given Access Control Matrix (ACM). In contrast to the existing techniques for policy mining, which group the desired accesses in the ACM using certain heuristics, we pose it as a search problem in the policy space. A randomized algorithm is then used to identify the policy that best represents the given ACM. Our initial experiments show promising results.
{"title":"RanSAM: Randomized Search for ABAC Policy Mining","authors":"Nakul Aggarwal, S. Sural","doi":"10.1145/3577923.3585050","DOIUrl":"https://doi.org/10.1145/3577923.3585050","url":null,"abstract":"This paper presents a novel approach for generating Attribute-based Access Control policies from a given Access Control Matrix (ACM). In contrast to the existing techniques for policy mining, which group the desired accesses in the ACM using certain heuristics, we pose it as a search problem in the policy space. A randomized algorithm is then used to identify the policy that best represents the given ACM. Our initial experiments show promising results.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121427432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Attribute-based Access Control (ABAC) is increasingly being used in a wide variety of applications that include cloud services, IoT, smart homes, healthcare and several others. Conducting systematic and reproducible experiments with benchmark realistic datasets, however, still remains a challenge. To address this shortcoming, in this paper we introduce a method called ConGRASS (Conditional Tabular GAN for Realistic ABAC Simulation Studies) for generating large ABAC datasets. Starting with a given real world dataset of (potentially) limited size, we first train a conditional tabular generative adversarial network for learning its distribution. The trained model is used to generate realistic datasets of arbitrarily large sizes having distribution similar to the original dataset. ConGRASS has been implemented as a free to use web-based tool in which a user can choose the name of a listed real dataset along with the desired dataset size. A CSV file containing ABAC data is generated as output. Extensive evaluation shows the ability of the model to faithfully learn the statistical properties of the selected real data. When such a dataset is used in an actual problem, significant improvement in performance is achieved, proving the utility of ConGRASS.
{"title":"Tool/Dataset Paper: Realistic ABAC Data Generation using Conditional Tabular GAN","authors":"Ritwik Rai, S. Sural","doi":"10.1145/3577923.3583635","DOIUrl":"https://doi.org/10.1145/3577923.3583635","url":null,"abstract":"Attribute-based Access Control (ABAC) is increasingly being used in a wide variety of applications that include cloud services, IoT, smart homes, healthcare and several others. Conducting systematic and reproducible experiments with benchmark realistic datasets, however, still remains a challenge. To address this shortcoming, in this paper we introduce a method called ConGRASS (Conditional Tabular GAN for Realistic ABAC Simulation Studies) for generating large ABAC datasets. Starting with a given real world dataset of (potentially) limited size, we first train a conditional tabular generative adversarial network for learning its distribution. The trained model is used to generate realistic datasets of arbitrarily large sizes having distribution similar to the original dataset. ConGRASS has been implemented as a free to use web-based tool in which a user can choose the name of a listed real dataset along with the desired dataset size. A CSV file containing ABAC data is generated as output. Extensive evaluation shows the ability of the model to faithfully learn the statistical properties of the selected real data. When such a dataset is used in an actual problem, significant improvement in performance is achieved, proving the utility of ConGRASS.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127881476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
IoT devices have become an integral part of our day to day activities, and are also being deployed to fulfil a number of industrial, enterprise and agricultural use cases. To efficiently manage and operate these devices, the IoT ecosystem relies on several IoT management platforms. Given the security-sensitive nature of the operations performed by these platforms, analyzing them for security vulnerabilities is critical to protect the ecosystem from potential cyber threats. In this work, by exploring the core functionalities offered by leading platforms, we first design a security evaluation framework. Subsequently, we use our framework to analyze 42 IoT management platforms. Our analysis uncovers a number of high severity unauthorized access vulnerabilities in 9/42 platforms, which could lead to attacks such as remote SIM deactivation, IoT SIM overcharging and device data forgery. Furthermore, we find broken authentication in 11/42 platforms, including complete account takeover on 7/42 platforms, along with remote code execution on one of the platforms. Overall, on 11/42 platforms, we find vulnerabilities that could lead to platform-wide attacks, that affect all users and all devices connected to those platforms.
{"title":"All Your IoT Devices Are Belong to Us: Security Weaknesses in IoT Management Platforms","authors":"B. Tejaswi, Mohammad Mannan, A. Youssef","doi":"10.1145/3577923.3583636","DOIUrl":"https://doi.org/10.1145/3577923.3583636","url":null,"abstract":"IoT devices have become an integral part of our day to day activities, and are also being deployed to fulfil a number of industrial, enterprise and agricultural use cases. To efficiently manage and operate these devices, the IoT ecosystem relies on several IoT management platforms. Given the security-sensitive nature of the operations performed by these platforms, analyzing them for security vulnerabilities is critical to protect the ecosystem from potential cyber threats. In this work, by exploring the core functionalities offered by leading platforms, we first design a security evaluation framework. Subsequently, we use our framework to analyze 42 IoT management platforms. Our analysis uncovers a number of high severity unauthorized access vulnerabilities in 9/42 platforms, which could lead to attacks such as remote SIM deactivation, IoT SIM overcharging and device data forgery. Furthermore, we find broken authentication in 11/42 platforms, including complete account takeover on 7/42 platforms, along with remote code execution on one of the platforms. Overall, on 11/42 platforms, we find vulnerabilities that could lead to platform-wide attacks, that affect all users and all devices connected to those platforms.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126842199","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: