International Conferences: MobiCom 2015, Paris

 

	International Conferences: Mobile Computing and Networking 2015  Paris

The 21st Annual International Conference on Mobile Computing and Networking (MobiCom ’15) was held September 7–11, 2015 in Paris, France. MobiCom is a forum for research in mobile systems and wireless networks. The technical program this year featured papers on energy, sensing, security, wireless access, applications, localization, Internet of Things, mobile cloud, measurement, and analysis. The ones cited here focus on Science of Security.

---

Teng Wei, Shu Wang, Anfu Zhou, Xinyu Zhang; “Acoustic Eavesdropping through Wireless Vibrometry,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 130–141. doi:10.1145/2789168.2790119
Abstract: Loudspeakers are widely used in conferencing and infotainment systems. Private information leakage from loudspeaker sound is often assumed to be preventable using sound-proof isolators like walls. In this paper, we explore a new acoustic eavesdropping attack that can subvert such protectors using radio devices. Our basic idea lies in an acoustic-radio transformation (ART) algorithm, which recovers loudspeaker sound by inspecting the subtle disturbance it causes to the radio signals generated by an adversary or by its co-located WiFi transmitter. ART builds on a modeling framework that distills key factors to determine the recovered audio quality. It incorporates diversity mechanisms and noise suppression algorithms that can boost the eavesdropping quality. We implement the ART eavesdropper on a software-radio platform and conduct experiments to verify its feasibility and threat level. When targeted at vanilla PC or smartphone loudspeakers, the attacker can successfully recover high-quality audio even when blocked by sound-proof walls. On the other hand, we propose several pragmatic countermeasures that can effectively reduce the attacker’s audio recovery quality by orders of magnitude.
Keywords: acoustic eavesdropping, acoustic-radio transformation, wifi devices (ID#: 15-6893)
URL: http://doi.acm.org/10.1145/2789168.2790119

 

Jian Liu, Yan Wang, Gorkem Kar, Yingying Chen, Jie Yang, Marco Gruteser; “Snooping Keystrokes with mm-level Audio Ranging on a Single Phone,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 142–154. doi:10.1145/2789168.2790122
Abstract: This paper explores the limits of audio ranging on mobile devices in the context of a keystroke snooping scenario. Acoustic keystroke snooping is challenging because it requires distinguishing and labeling sounds generated by tens of keys in very close proximity. Existing work on acoustic keystroke recognition relies on training with labeled data, linguistic context, or multiple phones placed around a keyboard — requirements that limit usefulness in an adversarial context. In this work, we show that mobile audio hardware advances can be exploited to discriminate mm-level position differences and that this makes it feasible to locate the origin of keystrokes from only a single phone behind the keyboard. The technique clusters keystrokes using time-difference of arrival measurements as well as acoustic features to identify multiple strokes of the same key. It then computes the origin of these sounds precise enough to identify and label each key. By locating keystrokes this technique avoids the need for labeled training data or linguistic context. Experiments with three types of keyboards and off-the-shelf smartphones demonstrate scenarios where our system can recover $94\%$ of keystrokes, which to our knowledge, is the first single-device technique that enables acoustic snooping of passwords.
Keywords: audio ranging, keystroke snooping, single phone, time difference of arrival (TDoA) (ID#: 15-6894)
URL: http://doi.acm.org/10.1145/2789168.2790122

 

He Wang, Ted Tsung-Te Lai, Romit Roy Choudhury; “MoLe: Motion Leaks Through Smartwatch Sensors,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 155–166. doi:10.1145/2789168.2790121
Abstract: Imagine a user typing on a laptop keyboard while wearing a smart watch. This paper asks whether motion sensors from the watch can leak information about what the user is typing. While its not surprising that some information will be leaked, the question is how much? We find that when motion signal processing is combined with patterns in English language, the leakage is substantial. Reported results show that when a user types a word $W$, it is possible to shortlist a median of 24 words, such that $W$ is in this shortlist. When the word is longer than $6$ characters, the median shortlist drops to $10$. Of course, such leaks happen without requiring any training from the user, and also under the (obvious) condition that the watch is only on the left hand. We believe this is surprising and merits awareness, especially in light of various continuous sensing apps that are emerging in the app market. Moreover, we discover additional “leaks” that can further reduce the shortlist — we leave these exploitations to future work.
Keywords: Bayesian inference, accelerometer, gesture, gyroscope, malware, motion leaks, security, side-channel attacks, smartwatch (ID#: 15-6895)
URL: http://doi.acm.org/10.1145/2789168.2790121

 

Anastasia Shuba, Anh Le, Minas Gjoka, Janus Varmarken, Simon Langhoff, Athina Markopoulou; “AntMonitor: A System for Mobile Traffic Monitoring and Real-Time Prevention of Privacy Leaks,” MobiCom '15 Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 170–172. doi:10.1145/2789168.2789170
Abstract: Mobile devices play an essential role in the Internet today, and there is an increasing interest in using them as a vantage point for network measurement from the edge. At the same time, these devices store personal, sensitive information, and there is a growing number of applications that leak it. We propose AntMonitor—the first system of its kind that supports (i) collection of large-scale, semantic-rich network traffic in a way that respects users’ privacy preferences and (ii) detection and prevention of leakage of private information in real time. The first property makes AntMonitor a powerful tool for network researchers who want to collect and analyze large-scale yet fine-grained mobile measurements. The second property can work as an incentive for using AntMonitor and contributing data for analysis. As a proof-of-concept, we have developed a prototype of AntMonitor, deployed it to monitor 9 users for 2 months, and collected and analyzed 20 GB of mobile data from 151 applications. Preliminary results show that fine-grained data collected from AntMonitor could enable application classification with higher accuracy than state-of-the-art approaches. In addition, we demonstrated that AntMonitor could help prevent several apps from leaking private information over unencrypted traffic, including phone numbers, emails, and device identifiers.
Keywords: android security, mobile network monitoring, privacy leakage detection (ID#: 15-6896)
URL: http://doi.acm.org/10.1145/2789168.2789170

 

Wei Wang, Alex X. Liu, Muhammad Shahzad, Kang Ling, Sanglu Lu; “Understanding and Modeling of WiFi Signal Based Human Activity Recognition,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 65–76. doi:10.1145/2789168.2790093
Abstract: Some pioneer WiFi signal based human activity recognition systems have been proposed. Their key limitation lies in the lack of a model that can quantitatively correlate CSI dynamics and human activities. In this paper, we propose CARM, a CSI based human Activity Recognition and Monitoring system. CARM has two theoretical underpinnings: a CSI-speed model, which quantifies the correlation between CSI value dynamics and human movement speeds, and a CSI-activity model, which quantifies the correlation between the movement speeds of different human body parts and a specific human activity. By these two models, we quantitatively build the correlation between CSI value dynamics and a specific human activity. CARM uses this correlation as the profiling mechanism and recognizes a given activity by matching it to the best-fit profile. We implemented CARM using commercial WiFi devices and evaluated it in several different environments. Our results show that CARM achieves an average accuracy of greater than 96%.
Keywords: activity recognition, channel state information (CSI), wifi (ID#: 15-6897)
URL: http://doi.acm.org/10.1145/2789168.2790093

 

Kamran Ali, Alex Xiao Liu, Wei Wang, Muhammad Shahzad; “Keystroke Recognition Using WiFi Signals,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 90–102.  doi:10.1145/2789168.2790109
Abstract: Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize keystrokes in a continuously typed sentence with an accuracy of 93.5%.
Keywords: channel state information, cots wifi devices, gesture recognition, keystroke recovery, wireless security (ID#: 15-6898)
URL: http://doi.acm.org/10.1145/2789168.2790109

 

Yanzi Zhu, Yibo Zhu, Ben Y. Zhao, Haitao Zheng; “Reusing 60GHz Radios for Mobile Radar Imaging,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 103–116. doi:10.1145/2789168.2790112
Abstract: The future of mobile computing involves autonomous drones, robots and vehicles. To accurately sense their surroundings in a variety of scenarios, these mobile computers require a robust environmental mapping system. One attractive approach is to reuse millimeterwave communication hardware in these devices, e.g. 60GHz networking chipset, and capture signals reflected by the target surface. The devices can also move while collecting reflection signals, creating a large synthetic aperture radar (SAR) for high-precision RF imaging. Our experimental measurements, however, show that this approach provides poor precision in practice, as imaging results are highly sensitive to device positioning errors that translate into phase errors. We address this challenge by proposing a new 60GHz imaging algorithm, {\em RSS Series Analysis}, which images an object using only RSS measurements recorded along the device’s trajectory. In addition to object location, our algorithm can discover a rich set of object surface properties at high precision, including object surface orientation, curvature, boundaries, and surface material. We tested our system on a variety of common household objects (between 5cm–30cm in width). Results show that it achieves high accuracy (cm level) in a variety of dimensions, and is highly robust against noises in device position and trajectory tracking. We believe that this is the first practical mobile imaging system (re)using 60GHz networking devices, and provides a basic primitive towards the construction of detailed environmental mapping systems.
Keywords: 60GHz, RF imaging, environmental mapping, mobile radar (ID#: 15-6899)
URL: http://doi.acm.org/10.1145/2789168.2790112

 

Davide Pesavento, Giulio Grassi, Giovanni Pau, Paramvir Bahl, Serge Fdida; “Car-Fi: Opportunistic V2I by Exploiting Dual-Access Wi-Fi Networks,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 173–175. doi:10.1145/2789168.2789171
Abstract: The need for Internet access from moving vehicles has been steadily increasing in the past few years. Solutions that rely on cellular connectivity are becoming impractical to deploy due to technical and economic reasons. Car-Fi proposes an approach that leverages existing home Wi-Fi access points configured in dual-access mode, in order to offload all data traffic from the congested and expensive cellular infrastructure to whatever Wi-Fi network is available. Thanks to an improved scanning algorithm and numerous optimizations to the connection setup, Car-Fi makes downloading large amounts of data from a moving car feasible.
Keywords: 802.11, V2I, fast roaming, scanning, vehicular networks (ID#: 15-6900)
URL: http://doi.acm.org/10.1145/2789168.2789171

 

Gaetan Harter, Roger Pissard-Gibollet, Frederic Saint-Marcel, Guillaume Schreiner, Julien Vandaele; “FIT IoT-LABA: Large Scale Open Experimental IoT Testbed,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 176–178. doi:10.1145/2789168.2789172
Abstract: FIT IoT-LAB’s goal is to provide a very large scale open experimental testbed for the Internet of Things, by deploying more than 2700 experimentation nodes over 6 sites in France. Our demonstration purpose is to illustrate what the IoT-LAB platform offers through small applications involving radio communications and mobile nodes. Thanks to these examples, we will show how to run an experiment in the testbed and some of the tools it provides to help in developing, tuning and monitoring such large-scale applications.
Keywords: internet of things, testbed, wireless sensor network (ID#: 15-6901)
URL: http://doi.acm.org/10.1145/2789168.2789172

 

Loïc Baron, Fadwa Boubekeur, Radomir Klacza, Mohammed Yasin Rahman, Ciro Scognamiglio, Nina Kurose, Timur Friedman, Serge Fdida;  “OneLab: Major Computer Networking Testbeds for IoT and Wireless Experimentation,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 199–200. doi:10.1145/2789168.2789180
Abstract: Gathering the required measurements to produce accurate results for mobile communications and wireless networking protocols, technologies and applications, relies on the use of expensive experimental computer networking facilities. Until very recently, large-scale testbed facilities have existed in separate silos, each with its own authentication mechanisms and experiment support tools. There lacked a viable federation model that reconciled the challenges posed by how to provide a single entry point to access heterogeneous and distributed resources, and how to federate these resources that are under the control of multiple authorities. The OneLab experimental facility, which came online in 2014, realizes this model, making a set of world-class testbeds freely available to researchers through a unique credential for each user and a common set of tools. We allow users to deploy innovative experiments across our federated platforms that include the embedded object testbeds of FIT IoT-Lab, the cognitive radio testbed of FIT CorteXlab, the wireless testbeds of NITOS-Lab, and the internet overlay testbed PlanetLab Europe (PLE), which together provide thousands of nodes for experimentation. Also federated under OneLab are the FUSECO Playground, which includes cloud, M2M, SDN, and mobile broadband; w-iLab.t wireless facilities; and the Virtual Wall testbed of wired networks and applications. Our demo describes the resources offered by the OneLab platforms, and illustrates how any member of the MobiCom community can create an account and start using these platforms today to deploy experiments for mobile and wireless testing.
Keywords: experimental facility, heterogeneous testbed federation, myslice, slice-based federation architecture, unique credential (ID#: 15-6902)
URL: http://doi.acm.org/10.1145/2789168.2789180

 

Georgios Z. Papadopoulos, Antoine Gallais, Guillaume Schreiner, Thomas Noël; “Live Adaptations of Low-power MAC Protocols,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 207–209. doi:10.1145/2789168.2789184
Abstract: This demonstration aims at observing in an interactive manner the impact of modification of preamble and sampling periods at the low-power family of MAC protocols, and thus, illustrating in real-time the energy consumption and delay performance of each node accordingly. To do so, we implemented the ability for users to generate traffic at some remote nodes that are involved in two distinct deployed topologies. Those deployed networks operate with either a statically configured network, by employing X-MAC on top of the Contiki OS, or T-AAD, a lightweight traffic auto-adaptive protocol that allows live and automatic modifications of duty-cycle configurations.
Keywords: MAC layer, bursty traffic, low-power protocols, traffic adaptivity, wireless sensor network (ID#: 15-6903)
URL: http://doi.acm.org/10.1145/2789168.2789184

 

Matteo Pozza, Claudio Enrico Palazzi, Armir Bujari; “Poster: Mobile Data Offloading Testbed,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 212–214. doi:10.1145/2789168.2795159
Abstract: Recent research has proposed swarming protocols as a possible approach to offload the Internet infrastructure when some content can be shared by several users. However, simulations have been generally used as experimental means. Instead, we present an application platform that allows a rapid development and testing of swarming protocols using off-the-shelf smartphones.
Keywords: data offload, mobile, testbed, wireless (ID#: 15-6904)
URL: http://doi.acm.org/10.1145/2789168.2795159

 

Yanzhi Dou, Kexiong (Curtis) Zeng, Yaling Yang; “Poster: Privacy-Preserving Server-Driven Dynamic Spectrum Access System,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 218–220. doi:10.1145/2789168.2795161
Abstract: Dynamic spectrum access (DSA) technique has been widely accepted as a crucial solution to mitigate the potential spectrum scarcity problem. As a key form of DSA, government is proposing to release more federal spectrum for sharing with commercial wireless users. However, the flourish of federal-commercial sharing hinges upon how privacy issues are managed. In current DSA proposals, the sensitive operation parameters of both federal incumbent users (IUs) and commercial secondary users (SUs) need to be shared with the dynamic spectrum access system (SAS) to realize efficient spectrum allocation. Since SAS is not necessarily operated by a trusted third party, the current proposals dissatisfy the privacy requirement of both IUs and SUs. To address the privacy issues, this paper presents a privacy-preserving SAS design, which realizes the complex spectrum allocation decision process of DSA through secure computation over ciphertext based on homomorphic encryption, thus none of the IU or SU operation parameters are exposed to SAS.
Keywords: homomorphic encryption, privacy, server-driven dsa (ID#: 15-6905)
URL: http://doi.acm.org/10.1145/2789168.2795161

 

Tan Zhang, Aakanksha Chowdhery, Paramvir (Victor) Bahl, Kyle Jamieson, Suman Banerjee; “The Design and Implementation of a Wireless Video Surveillance System,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 426–438. doi:10.1145/2789168.2790123
Abstract: Internet-enabled cameras pervade daily life, generating a huge amount of data, but most of the video they generate is transmitted over wires and analyzed offline with a human in the loop. The ubiquity of cameras limits the amount of video that can be sent to the cloud, especially on wireless networks where capacity is at a premium. In this paper, we present Vigil, a real-time distributed wireless surveillance system that leverages edge computing to support real-time tracking and surveillance in enterprise campuses, retail stores, and across smart cities. Vigil intelligently partitions video processing between edge computing nodes co-located with cameras and the cloud to save wireless capacity, which can then be dedicated to Wi-Fi hotspots, offsetting their cost. Novel video frame prioritization and traffic scheduling algorithms further optimize Vigil’s bandwidth utilization. We have deployed Vigil across three sites in both whitespace and Wi-Fi networks. Depending on the level of activity in the scene, experimental results show that Vigil allows a video surveillance system to support a geographical area of coverage between five and 200 times greater than an approach that simply streams video over the wireless network. For a fixed region of coverage and bandwidth, Vigil outperforms the default equal throughput allocation strategy of Wi-Fi by delivering up to 25% more objects relevant to a user’s query.
Keywords: edge computing, video surveillance, wireless (ID#: 15-6906)
URL: http://doi.acm.org/10.1145/2789168.2790123

 

Puneet Jain, Justin Manweiler, Romit Roy Choudhury; “Poster: User Location Fingerprinting at Scale,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 260–262. doi:10.1145/2789168.2795175
Abstract: Many emerging mobile computing applications are continuous vision based. The primary challenge these applications face is computation partitioning between the phone and cloud. The indoor location information is one metadata that can help these applications in making this decision. In this extended-abstract, we propose a vision based scheme to uniquely fingerprint an environment which can in turn be used to identify user’s location from the uploaded visual features. Our approach takes into account that the opportunity to identify location is fleeting and the phones are resource constrained — therefore minimal yet sufficient computation needs to be performed to make the offloading decision. Our work aims to achieve near real-time performance while scaling to buildings of arbitrary sizes. The current work is in preliminary stages but holds promise for the future — may apply to many applications in this area.
Keywords: cloud offloading, continuous vision, localization (ID#: 15-6907)
URL: http://doi.acm.org/10.1145/2789168.2795175

 

Hossein Shafagh, Anwar Hithnawi, Andreas Droescher, Simon Duquennoy, Wen Hu; “Poster: Towards Encrypted Query Processing for the Internet of Things,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 251–253. doi:10.1145/2789168.2795172
Abstract: The Internet of Things (IoT) is envisioned to digitize the physical world, resulting in a digital representation of our proximate living space. The possibility of inferring privacy violating information from IoT data necessitates adequate security measures regarding data storage and communication. To address these privacy and security concerns, we introduce our system that stores IoT data securely in the Cloud database while still allowing query processing over the encrypted data. We enable this by encrypting IoT data with a set of cryptographic schemes such as order-preserving and partially homomorphic encryptions. To achieve this on resource-limited devices, our system relies on optimized algorithms that accelerate partial homomorphic and order-preserving encryptions by 1 to 2 orders of magnitude. Our early results show the feasibility of our system on low-power devices. We envision our system as an enabler of secure IoT applications.
Keywords: computing on encrypted data, data security, encrypted computing, internet of things, system design (ID#: 15-6908)
URL: http://doi.acm.org/10.1145/2789168.2795172

 

Mohammad A. Hoque, Kasperi Saarikoski, Eemil Lagerspetz, Julien Mineraud, Sasu Tarkoma; “Poster: VPN Tunnels for Energy Efficient Multimedia Streaming,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 239–241. doi:10.1145/2789168.2795168
Abstract: Minimizing the energy consumption of mobile devices for wireless network access is important. In this article, we analyze the energy efficiency of a new set of applications which use Virtual Private Network (VPN) tunnels for secure communication. First, we discuss the energy efficiency of a number of VPN applications from a large scale deployment of 500 K devices. We next measure the energy consumption of some of these applications with different use cases. Finally, we demonstrate that a VPN tunnel can be instrumented for enhanced energy efficiency with multimedia streaming applications. Our results indicate energy savings of 40% for this class of applications.
Keywords: energy consumption, multimedia streaming, traffic scheduling, virtual private network (ID#: 15-6909)
URL: http://doi.acm.org/10.1145/2789168.2795168
 

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

International Conferences: MobiHoc 2015, China

 

	International Conferences:  Mobile Ad Hoc Networking and Computing 2015 China

The ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc ’15) addressed wireless networking and computing. It included the Workshop on Privacy-Aware Mobile Computing (PAMCO) and was held at Hangzhou, China, June 22–25, 2015. Topics offered included foundations for privacy-aware mobile computing—e.g., key exchange, distribution and management, location privacy, privacy-preserving data collection, privacy-preserving data aggregation and analytics, privacy issues in wearable computing, data analysis on traffic logs, privacy issues in cellular networks, privacy issues in body-area networks, emerging privacy threats from mobile apps, privacy issues in near-field communication (NFC), Bluetooth security and privacy, secure and privacy-preserving cooperation, jamming and counter measures, and capacity and security analysis of covert channels.  

---

Qinggang Yue, Zhen Ling, Wei Yu, Benyuan Liu, Xinwen Fu; “Blind Recognition of Text Input on Mobile Devices via Natural Language Processing,” PAMCO ’15 Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing, June 2015, Pages 19-24. doi:10.1145/2757302.2757304
Abstract: In this paper, we investigate how to retrieve meaningful English text input on mobile devices from recorded videos while the text is illegible in the videos. In our previous work, we were able to retrieve random passwords with high success rate at a certain distance. When the distance increases, the success rate of recovering passwords decreases. However, if the input is meaningful text such as email messages, we can further increase the success rate via natural language processing techniques since the text follows spelling and grammar rules and is context sensitive. The process of retrieving the text from videos can be modeled as noisy channels. We first derive candidate words for each word of the input sentence, model the whole sentence with a Hidden Markov model and then apply the trigram language model to derive the original sentence. Our experiments validate our technique of retrieving meaningful English text input on mobile devices from recorded videos.
Keywords: computer vision, mobile security, natural language processing (ID#: 15-6858)
URL: http://doi.acm.org/10.1145/2757302.2757304

 

Maya Larson, Chunqiang Hu, Ruinian Li, Wei Li, Xiuzhen Cheng; “Secure Auctions without an Auctioneer via Verifiable Secret Sharing,” in PAMCO ’15 Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing, June 2015, Pages 1-6. doi:10.1145/2757302.2757305
Abstract: Combinatorial auctions are a research hot spot. They impact people’s daily lives in many applications such as spectrum auctions held by the FCC. In such auctions, bidders may want to submit bids for combinations of goods. The challenge is how to protect the privacy of bidding prices and ensure data security in these auctions?  To tackle this challenge, we present an approach based on verifiable secret sharing. The approach is to represent the price in the degree of a polynomial; thus the maximum/sum of the degree of two polynomials can be obtained by the degree of the sum/product of the two polynomials based on secret sharing. This protocol hides the information of bidders (bidding price) from the auction servers. The auctioneers can obtain their secret shares from bidders without a secure channel. Since it doesn’t need a secure channel, this scheme is more practical and applicable to more scenarios. This scheme provides resistance to collusion attacks, conspiracy attacks, passive attacks and so on. Compared to [11, 12], our proposed scheme provides authentication without increasing the communication cost.
Keywords: (not provided) (ID#: 15-6859)
URL: http://doi.acm.org/10.1145/2757302.2757305

 

Tong Yan, Yachao Lu, Nan Zhang; “Privacy Disclosure from Wearable Devices,” in PAMCO ’15 Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing, June 2015, Pages 13–18. doi:10.1145/2757302.2757306
Abstract: In recent years, wearable devices have seen an explosive growth of popularity and a rapid enhancement of functionalities. Current off-the-shelf wearable devices offer pack sensors such as pedometer, gyroscope, accelerometer, altimeter, compass, GPS, and heart rate monitor. These sensors work together to quietly monitor various aspects of a user’s daily life, enabling a wide spectrum of health- and social-related applications. Nevertheless, the data collected by such sensors, even in their aggregated form, may cause significant privacy concerns if shared with third-party applications and/or a user’s social connections (as many wearable platforms now support). This paper studies a novel problem of the potential inference of sensitive user behavior from seemingly insensitive sensor outputs. Specifically, we examine whether it is possible to infer the behavioral sequence of a user such as moving from one place to another, visiting a coffee shop, grocery shopping, etc., based on the outputs of pedometer sensors (aggregated over certain time intervals, e.g., 1 minute). We demonstrate through real-world experiments that it is often possible to infer such behavior with a high success probability, raising privacy concerns on the sharing of such information as currently supported by various wearable devices.
Keywords: data mining, information retrieval, privacy, time series, wearable devices (ID#: 15-6860)
URL: http://doi.acm.org/10.1145/2757302.2757306

 

Zhongli Liu, Zupei Li, Benyuan Liu, Xinwen Fu, Ioannis Raptis, Kui Ren; “Rise of Mini-Drones: Applications and Issues,” in PAMCO ’15 Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing, June 2015, Pages 7–12. doi:10.1145/2757302.2757303
Abstract: Miniature (mini) drones are enjoying increasing attention. They have a broad market and applications. However, a powerful technology often has two ethical sides. Miniature drones can be abused, rendering security and privacy concerns. The contribution of this paper is two-fold. First, we will perform a survey of mini-drones on market and compare their specifications such as flight time, maximum payload weight, and price, and regulations and issues of operating mini-drones. Second, we propose novel aerial localization strategies and compare six different localization strategies for a thorough study of aerial localization by a single drone.
Keywords: (not provided) (ID#: 15-6861)
URL: http://doi.acm.org/10.1145/2757302.2757303

 

Xinwen Fu, Nan Zhang, Program Chairs; “Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing,” PAMCO ’15 at MobiHoc ’15, Hangzhou, China, June 22–25, 2015, ACM, New York, NY, 2015. ISBN: 978-1-4503-3523-2
Abstract: It is our great pleasure to welcome you to the 2015 ACM MobiHoc Workshop on Privacy-Aware Mobile Computing–PAMCO’15. This is the first year of this workshop, which aims to bring together researchers from mobile computing and security/privacy communities to discuss topics related to the protection of privacy in mobile computing, including both theoretical studies and implementation/experimentations papers, especially analysis of privacy threats from emerging applications in mobile environments — e.g., location-based services, mobile apps, wearable computing, etc.
Keywords: (not provided) (ID#: 15-6862)
URL: http://dl.acm.org/citation.cfm?id=2757302&coll=DL&dl=GUIDE&CFID=713685223&CFTOKEN=18305797

 

Shanhe Yi, Cheng Li, Qun Li; “A Survey of Fog Computing: Concepts, Applications and Issues,” in Mobidata ’15 Proceedings of the 2015 Workshop on Mobile Big Data, June 2015, Pages 37–42. doi:10.1145/2757384.2757397
Abstract: Despite the increasing usage of cloud computing, there are still issues unsolved due to inherent problems of cloud computing such as unreliable latency, lack of mobility support and location-awareness. Fog computing can address those problems by providing elastic resources and services to end users at the edge of network, while cloud computing are more about providing resources distributed in the core network. This survey discusses the definition of fog computing and similar concepts, introduces representative application scenarios, and identifies various aspects of issues we may encounter when designing and implementing fog computing systems. It also highlights some opportunities and challenges, as direction of potential future work, in related techniques that need to be considered in the context of fog computing.
Keywords: cloud computing, edge computing, fog computing, mobile cloud computing, mobile edge computing, review
(ID#: 15-6863)
URL:  http://doi.acm.org/10.1145/2757384.2757397

 

Jian Liu, Yan Wang, Yingying Chen, Jie Yang, Xu Chen, Jerry Cheng; “Tracking Vital Signs During Sleep Leveraging
Off-the-Shelf WiFi,” in Mobidata ’15 Proceedings of the 2015 Workshop on Mobile Big Data, June 2015, Pages 267–276. doi:10.1145/2746285.2746303
Abstract: Tracking human vital signs of breathing and heart rates during sleep is important as it can help to assess the general physical health of a person and provide useful clues for diagnosing possible diseases. Traditional approaches (e.g., Polysomnography (PSG)) are limited to clinic usage. Recent radio frequency (RF) based approaches require specialized devices or dedicated wireless sensors and are only able to track breathing rate. In this work, we propose to track the vital signs of both breathing rate and heart rate during sleep by using off-the-shelf WiFi without any wearable or dedicated devices. Our system re-uses existing WiFi network and exploits the fine-grained channel information to capture the minute movements caused by breathing and heart beats. Our system thus has the potential to be widely deployed and perform continuous long-term monitoring. The developed algorithm makes use of the channel information in both time and frequency domain to estimate breathing and heart rates, and it works well when either individual or two persons are in bed. Our extensive experiments demonstrate that our system can accurately capture vital signs during sleep under realistic settings, and achieve comparable or even better performance comparing to traditional and existing approaches, which is a strong indication of providing non-invasive, continuous fine-grained vital signs monitoring without any additional cost.
Keywords: channel state information (csi), sleep monitoring, vital signs, wifi (ID#: 15-6864)
URL: http://doi.acm.org/10.1145/2746285.2746303

 

Zhongli Liu, Zupei Li, Benyuan Liu, Xinwen Fu, Ioannis Raptis, Kui Ren; “Rise of Mini-Drones: Applications and Issues,” in PAMCO ’15 Proceedings of the 2015 Workshop on Privacy-Aware Mobile Computing, June 2015, Pages 7–12.  doi:10.1145/2757302.2757303
Abstract: Miniature (mini) drones are enjoying increasing attention. They have a broad market and applications. However, a powerful technology often has two ethical sides. Miniature drones can be abused, rendering security and privacy concerns. The contribution of this paper is two-fold. First, we will perform a survey of mini-drones on market and compare their specifications such as flight time, maximum payload weight, and price, and regulations and issues of operating mini-drones. Second, we propose novel aerial localization strategies and compare six different localization strategies for a thorough study of aerial localization by a single drone.
Keywords: (not provided) (ID#: 15-6865)
URL: http://doi.acm.org/10.1145/2757302.2757303

 

Yu Cao, Peng Hou, Donald Brown, Jie Wang, Songqing Chen; “Distributed Analytics and Edge Intelligence: Pervasive Health Monitoring at the Era of Fog Computing,” in Mobidata ’15 Proceedings of the 2015 Workshop on Mobile Big Data, June 2015, Pages 43–48. doi:10.1145/2757384.2757398
Abstract: Biomedical research and clinical practice are entering a data-driven era. One of the major applications of biomedical big data research is to utilize inexpensive and unobtrusive mobile biomedical sensors and cloud computing for pervasive health monitoring. However, real-world user experiences with mobile cloud-based health monitoring were poor, due to the factors such as excessive networking latency and longer response time. On the other hand, fog computing, a newly proposed computing paradigm, utilizes a collaborative multitude of end-user clients or near-user edge devices to conduct a substantial amount of computing, storage, communication, and etc. This new computing paradigm, if successfully applied for pervasive health monitoring, has great potential to accelerate the discovery of early predictors and novel biomarkers to support smart care decision making in a connected health scenarios. In this paper, we employ a real-world pervasive health monitoring application (pervasive fall detection for stroke mitigation) to demonstrate the effectiveness and efficacy of fog computing paradigm in health monitoring. Fall is a major source of morbidity and mortality among stroke patients. Hence, detecting falls automatically and in a timely manner becomes crucial for stroke mitigation in daily life. In this paper, we set to (1) investigate and develop new fall detection algorithms and (2) design and employ a real-time fall detection system employing fog computing paradigm (e.g., distributed analytics and edge intelligence), which split the detection task between the edge devices (e.g., smartphones attached to the user) and the server (e.g., servers in the cloud). Experimental results show that distributed analytics and edge intelligence, supported by fog computing paradigm, are very promising solutions for pervasive health monitoring.
Keywords: distributed analytics, edge intelligence, fog computing, mobile computing, pervasive health monitoring (ID#: 15-6866)
URL:  http://doi.acm.org/10.1145/2757384.2757398

 

Jiajia Liu, Nei Kato; “Device-to-Device Communication Overlaying Two-Hop Multi-Channel Uplink Cellular Networks,” in MobiHoc ’15 Proceedings of the 16th ACM International Symposium on Mobile Ad Hoc Networking and Computing, June 2015, Pages 307–316. doi:10.1145/2746285.2746311
Abstract: Different from previous works, in this paper, we adopt D2D communication as a routing extension to traditional cellular uplinks thus enabling a two-hop route between a user and the serving BS via a D2D relay. Specifically, a BS establishes a cellular link with a mobile user only if the pilot signal strength received from the user is above a specified threshold; otherwise, the user may establish a D2D link with a neighboring user and connect to a nearby BS in a two-hop manner. We present a stochastic geometry based framework to analyze the coverage probability and average rate in such a two-hop multi-channel uplink cellular network where mobile users adopt the fractional channel inversion power control with maximum transmit power limit. As validated by extensive numerical results, the developed framework enables network designers to efficiently determine the optimal control parameters so as to achieve the optimum system performance. Our results show that employing D2D link based two-hop connection can significantly improve both the network coverage and average rate for uplink traffic.
Keywords: device-to-device communication, fractional power control, multi-channel cellular network, stochastic geometry, uplink (ID#: 15-6867)
URL: http://doi.acm.org/10.1145/2746285.2746311

 

Xi Xiong, Zheng Yang, Longfei Shangguan, Yun Fei, Milos Stojmenovic, Yunhao Liu; “SmartGuide: Towards Single-Image Building Localization with Smartphone,” in MobiHoc ’15 Proceedings of the 16th ACM International Symposium on Mobile Ad Hoc Networking and Computing, June 2015, Pages 117–126. doi:10.1145/2746285.2746294
Abstract: We introduce SmartGuide, a light-weighted and efficient approach to localize and recognize a distant unknown building. Our approach relies on shooting only a single photo of a target building via a smartphone and a local 2D Google map. SmartGuide first extracts a partial top view contour of a building from its side-view photo by applying vanishing point and the Manhattan World Assumption, and then fetches a candidate building set from a local 2D Google map based on smartphone’s GPS readings. Partial top view shape, orientation and distance relative to the camera are used as input parameters in a probability model, which adversely recognizes the best candidate building in the local map. Our model is developed based on kernel density estimation that helps reduce noise in the smartphone sensors, such as GPS readings and camera ray direction reported by noisy accelerometer and compass. Experimental results demonstrate that our approach recognizes buildings ranging from 20m to 520m and achieves 92.7% accuracy in downtown areas where the Manhattan World Assumption is applicable. In addition, the processing time is no more than 6 seconds for 87% of cases. Compared with existing building localization schemes, SmartGuide offers numerous advantages. Our method avoids taking multiple photos, intricate 3D reconstruction or any initial deployment cost of database construction, making it faster and less labor-intensive than existing solutions.
Keywords: building localization, mobile computing, single image, smartphone (ID#: 15-6868)
URL: http://doi.acm.org/10.1145/2746285.2746294

 

Muyuan Li, Haojin Zhu, Zhaoyu Gao, Si Chen, Le Yu, Shangqian Hu, Kui Ren; “All Your Location Are Belong to Us: Breaking Mobile Social Networks for Automated User Location Tracking,” in MobiHoc ’14 Proceedings of the 15th ACM International Symposium on Mobile Ad Hoc Networking and Computing, August 2014, Pages 43–52. doi:10.1145/2632951.2632953
Abstract: Location-based social networks (LBSNs) feature friend discovery by location proximity that has attracted hundreds of millions of users world-wide. While leading LBSN providers claim the well-protection of their users’ location privacy, for the first time we show through real world attacks that these claims do not hold. In our identified attacks, a malicious individual with the capability of no more than a regular LBSN user can easily break most LBSNs by manipulating location information fed to LBSN client apps and running them as location oracles. We further develop an automated user location tracking system and test it on leading LBSNs including Wechat, Skout, and Momo. We demonstrate its effectiveness and efficiency via a 3 week real-world experiment on 30 volunteers and show that we could geo-locate any target with high accuracy and readily recover his/her top 5 locations. Finally, we also develop a framework that explores a grid reference system and location classifications to mitigate the attacks. Our result serves as a critical security reminder of the current LBSNs pertaining to a vast number of users
Keywords: location privacy, mobile social network (ID#: 15-6869)
URL: http://doi.acm.org/10.1145/2632951.2632953

 

Haiming Jin, Lu Su, Danyang Chen, Klara Nahrstedt, Jinhui Xu; “Quality of Information Aware Incentive Mechanisms for Mobile Crowd Sensing Systems,” in MobiHoc ’15 Proceedings of the 16th ACM International Symposium on Mobile Ad Hoc Networking and Computing, June 2015, Pages 167–176. doi:10.1145/2746285.2746310
Abstract: Recent years have witnessed the emergence of mobile crowd sensing (MCS) systems, which leverage the public crowd equipped with various mobile devices for large scale sensing tasks. In this paper, we study a critical problem in MCS systems, namely, incentivizing user participation. Different from existing work, we incorporate a crucial metric, called users’ quality of information (QoI), into our incentive mechanisms for MCS systems. Due to various factors (e.g., sensor quality, noise, etc.) the quality of the sensory data contributed by individual users varies significantly. Obtaining high quality data with little expense is always the ideal of MCS platforms. Technically, we design incentive mechanisms based on reverse combinatorial auctions. We investigate both the single-minded and multi-minded combinatorial auction models. For the former, we design a truthful, individual rational and computationally efficient mechanism that approximately maximizes the social welfare with a guaranteed approximation ratio. For the latter, we design an iterative descending mechanism that achieves close-to-optimal social welfare while satisfying individual rationality and computational efficiency. Through extensive simulations, we validate our theoretical analysis about the close-to-optimal social welfare and fast running time of our mechanisms.
Keywords: crowd sensing, incentive mechanism, quality of information (ID#: 15-6870)
URL:  http://doi.acm.org/10.1145/2746285.2746310

 

Divya Saxena, Vaskar Raychoudhury, Nalluri SriMahathi; “SmartHealth-NDNoT: Named Data Network of Things for Healthcare Services,” in MobileHealth ’15 Proceedings of the 2015 Workshop on Pervasive Wireless Healthcare, June 2015, Pages 45–50. doi:10.1145/2757290.2757300
Abstract: In recent years, healthcare sector has emerged as a major application area of Internet-of-Things (IoT). IoT aims to automate healthcare services through remote monitoring of patients using several vital sign sensors. Remotely collected patient records are then conveyed to the hospital servers through the user’s smartphones. Healthcare IoT can thus reduce a lot of overhead while allowing people to access healthcare services all the time and everywhere. However, healthcare IoT exchanges data over the IP-centric Internet which has vulnerabilities related to security, privacy, and mobility. Those features are added to the Internet as external add-ons. In order to solve this problem, in this paper, we propose to use Named Data Networking (NDN), which is a future Internet paradigm based on Content-Centric Networking (CCN). NDN has in-built support for user mobility which is well-suited for mobile patients and caregivers. NDN also ensures data security instead of channel security earlier provided by the Internet. In this paper, we have developed NDNoT, which is an IoT solution for smart mobile healthcare using NDN. Our proof-of-concept prototype shows the usability of our proposed architecture.
Keywords: healthcare, internet of things (iot), named data networking (ndn), ndnot, open mhealth architecture (ID#: 15-6871)
URL:  http://doi.acm.org/10.1145/2757290.2757300

---

Note:

Articles listed on these Pages have been found on publicly available internet Pages and are cited with links to those Pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

International Conferences: SACMAT 2015, Vienna

 

	International Conferences: Access Control Models and Technologies 2015 Vienna

The 20th ACM Symposium on Access Control Models and Technologies (SACMAT) was held June 1–3, 2015 in Vienna, Austria. The aims of the symposium were to share novel access control solutions that fulfil the needs of heterogeneous applications and environments, and to identify new directions for future research and development. The editors deem works cited here useful to the Science of Security community. 

---

Lionel Montrieux, Zhenjiang Hu; “Towards Attribute-Based Authorisation for Bidirectional Programming,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 185–196. doi:10.1145/2752952.2752963
Abstract: Bidirectional programming allows developers to write programs that will produce transformations that extract data from a source document into a view. The same transformations can then be used to update the source in order to propagate the changes made to the view, provided that the transformations satisfy two essential properties.  Bidirectional transformations can provide a form of authorisation mechanism. From a source containing sensitive data, a view can be extracted that only contains the information to be shared with a subject. The subject can modify the view, and the source can be updated accordingly, without risk of release of the sensitive information to the subject. However, the authorisation model afforded by bidirectional transformations is limited. Implementing an attribute-based access control (ABAC) mechanism directly in bidirectional transformations would violate the essential properties of well-behaved transformations; it would contradict the principle of separation of concerns; and it would require users to write and maintain a different transformation for every subject they would like to share a view with.  In this paper, we explore a solution to enforce ABAC on bidirectional transformations, using a policy language from which filters are generated to enforce the policy rules.
Keywords: access control, authorization, bidirectional transformation (ID#: 15-6910)
URL: http://doi.acm.org/10.1145/2752952.2752963

 

Jun Zhu, Bill Chu, Heather Lipford, Tyler Thomas; “Mitigating Access Control Vulnerabilities through Interactive Static Analysis,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 199–209. doi:10.1145/2752952.2752976
Abstract: Access control vulnerabilities due to programming errors have consistently ranked amongst top software vulnerabilities. Previous research efforts have concentrated on using automatic program analysis techniques to detect access control vulnerabilities in applications. We report a comparative study of six open source PHP applications, and find that implicit assumptions of previous research techniques can significantly limit their effectiveness. We propose a more effective hybrid approach to mitigate access control vulnerabilities. Developers are reminded in-situ of potential access control vulnerabilities, where self-review of code can help them discover mistakes. Additionally, developers are prompted for application-specific access control knowledge, providing samples of code that could be thought of as static analysis by example. These examples are turned into code patterns that can be used in performing static analysis to detect additional access control vulnerabilities and alert the developer to take corrective actions. Our evaluation of six open source applications detected 20 zero-day access control vulnerabilities in addition to finding all access control vulnerabilities detected in previous works.
Keywords: access control vulnerability, secure programming, static analysis (ID#: 15-6911)
URL: http://doi.acm.org/10.1145/2752952.2752976

 

Claudio Soriente, Ghassan O. Karame, Hubert Ritzdorf, Srdjan Marinovic, Srdjan Capkun; “Commune: Shared Ownership in an Agnostic Cloud,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 39–50. doi:10.1145/2752952.2752972
Abstract: Cloud storage platforms promise a convenient way for users to share files and engage in collaborations, yet they require all files to have a single owner who unilaterally makes access control decisions. Existing clouds are, thus, agnostic to shared ownership. This can be a significant limitation in many collaborations because, for example, one owner can delete files and revoke access without consulting the other collaborators.  In this paper, we first formally define a notion of shared ownership within a file access control model. We then propose a solution, called Commune, to the problem of distributed enforcement of shared ownership in agnostic clouds, so that access grants require the support of an agreed threshold of owners. Commune can be used in existing clouds without modifications to the platforms. We analyze the security of our solution and evaluate its performance through an implementation integrated with Amazon S3.
Keywords: cloud security, distributed enforcement, shared ownership (ID#: 15-6912)
URL: http://doi.acm.org/10.1145/2752952.2752972

 

Jingwei Li, Anna Squicciarini, Dan Lin, Shuang Liang, Chunfu Jia; “SecLoc: Securing Location-Sensitive Storage in the Cloud,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 51–61. doi:10.1145/2752952.2752965
Abstract: Cloud computing offers a wide array of storage services. While enjoying the benefits of flexibility, scalability and reliability brought by the cloud storage, cloud users also face the risk of losing control of their own data, in partly because they do not know where their data is actually stored. This raises a number of security and privacy concerns regarding one’s sensitive data such as health records. For example, according to Canadian laws, data related to personal identifiable information must be stored within Canada. Nevertheless, in contrast to the urgent demands, privacy requirements regarding to cloud storage locations have not been well investigated in the current cloud computing market, fostering security and privacy concerns among potential adopters. Aiming at addressing this emerging critical issue, we propose a novel secure location-sensitive storage framework, called SecLoc, which offers protection for cloud users’ data following the storage location restrictions, with minimum management overhead to existing cloud storage services. We conduct security analysis, complexity analysis and experimental evaluation on the proposed SecLoc system. Our results demonstrate both effectiveness and efficiency of our mechanism.
Keywords: access control, attribute-based encryption, cloud storage, location sensitive (ID#: 15-6913)
URL: http://doi.acm.org/10.1145/2752952.2752965

 

Zeqing Guo, Weili Han, Liangxing Liu, Wenyuan Xu, Ruiqi Bu, Minyue Ni; “SPA: Inviting Your Friends to Help Set Android Apps,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 221–231. doi:10.1145/2752952.2752974
Abstract: More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users’ friends can help users set applications without the leakage of friends’ preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.
Keywords: android, policy administration, policy based management, social computing, socialized policy administration
(ID#: 15-6914)
URL: http://doi.acm.org/10.1145/2752952.2752974

 

Carlos E. Rubio-Medrano, Ziming Zhao, Adam Doupe, Gail-Joon Ahn; “Federated Access Management for Collaborative Network Environments: Framework and Case Study,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 125–134. doi:10.1145/2752952.2752977
Abstract: With the advent of various collaborative sharing mechanisms such as Grids, P2P and Clouds, organizations including private and public sectors have recognized the benefits of being involved in inter-organizational, multi-disciplinary, and collaborative projects that may require diverse resources to be shared among participants. In particular, an environment that often makes use of a group of high-performance network facilities would involve large-scale collaborative projects and tremendously seek a robust and flexible access control for allowing collaborators to leverage and consume resources, e.g., computing power and bandwidth. In this paper, we propose a federated access management scheme that leverages the notion of attributes. Our approach allows resource-sharing organizations to provide distributed provisioning (publication, location, communication, and evaluation) of both attributes and policies for federated access management purposes. Also, we provide a proof-of-concept implementation that leverages distributed hash tables (DHT) to traverse chains of attributes and effectively handle the federated access management requirements devised for inter-organizational resource sharing and collaborations.
Keywords: (not provided) (ID#: 15-6915)
URL: http://doi.acm.org/10.1145/2752952.2752977

 

Ha Thanh Le, Cu Duy Nguyen, Lionel Briand, Benjamin Hourte; “Automated Inference of Access Control Policies for Web Applications,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 27–37. doi:10.1145/2752952.2752969
Abstract: In this paper, we present a novel, semi-automated approach to infer access control policies automatically for web-based applications. Our goal is to support the validation of implemented access control policies, even when they have not been clearly specified or documented. We use role-based access control as a reference model. Built on top of a suite of security tools, our approach automatically exercises a system under test and builds access spaces for a set of known users and roles. Then, we apply a machine learning technique to infer access rules. Inconsistent rules are then analysed and fed back to the process for further testing and improvement. Finally, the inferred rules can be validated based on pre-specified rules if they exist. Otherwise, the inferred rules are presented to human experts for validation and for detecting access control issues. We have evaluated our approach on two applications; one is open source while the other is a proprietary system built by our industry partner. The obtained results are very promising in terms of the quality of inferred rules and the access control vulnerabilities it helped detect.
Keywords: access control policies, inference, machine learning (ID#: 15-6916)
URL: http://doi.acm.org/10.1145/2752952.2752969

 

Syed Zain R. Rizvi, Philip W.L. Fong, Jason Crampton, James Sellwood; “Relationship-Based Access Control for an Open-Source Medical Records System,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 113–134. doi:10.1145/2752952.2752962
Abstract: Inspired by the access control models of social network systems, Relationship-Based Access Control (ReBAC) was recently proposed as a general-purpose access control paradigm for application domains in which authorization must take into account the relationship between the access requestor and the resource owner. The healthcare domain is envisioned to be an archetypical application domain in which ReBAC is sorely needed: e.g., my patient record should be accessible only by my family doctor, but not by all doctors.  In this work, we demonstrate for the first time that ReBAC can be incorporated into a production-scale medical records system, OpenMRS, with backward compatibility to the legacy RBAC mechanism. Specifically, we extend the access control mechanism of OpenMRS to enforce ReBAC policies. Our extensions incorporate and extend advanced ReBAC features recently proposed by Crampton and Sellwood. In addition, we designed and implemented the first administrative model for ReBAC. In this paper, we describe our ReBAC implementation, discuss the system engineering lessons learnt as a result, and evaluate the experimental work we have undertaken. In particular, we compare the performance of the various authorization schemes we implemented, thereby demonstrating the feasibility of ReBAC.
Keywords: administrative model, authorization graph, authorization principal, medical records system, relationship-based access control (ID#: 15-6917)
URL: http://doi.acm.org/10.1145/2752952.2752962

 

Weili Han, Yin Zhang, Zeqing Guo, Elisa Bertino; “Fine-Grained Business Data Confidentiality Control in Cross-Organizational Tracking,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 135–145. doi:10.1145/2752952.2752973
Abstract: With the support of the Internet of Things (IoT for short) technologies, tracking systems are being widely deployed in many companies and organizations in order to provide more efficient and trustworthy delivery services. Such systems usually support easy-to-use interfaces, by which users can visualize the shipping status and progress of merchandise, according to business data which are collected directly from the merchandise through sensing technologies. However, these business data may include sensitive business information, which should be strongly protected in cross-organizational scenarios. Thus, it is critical for suppliers that the disclosure of such data to unauthorized users is prevented in the context of the open environment of these tracking systems. As business data from different suppliers and organizations are usually associated together with merchandise being shipped, it is also important to support fine-grained confidentiality control. In this paper, we articulate the problem of fine-grained business data confidentiality control in IoT-enabled cross-organizational tracking systems. We then propose a fine-grained confidentiality control mechanism, referred to as xCP-ABE, to address the problem in the context of open environment. The xCP-ABE mechanism is a novel framework which makes suppliers in tracking systems able to selectively authorize specific sets of users to access their sensitive business data and satisfies the confidentiality of transmission path of goods. We develop a prototype of the xCP-ABE mechanism, and then evaluate its performance. We also carry out a brief security analysis of our proposed mechanism. Our evaluation and analysis show that our framework is an effective and efficient solution to ensure the confidentiality of business data in cross-organizational tracking systems.
Keywords: access control, ciphertext-policy attribute-based encryption (cp-abe), cross-organizational, electronic pedigree, fine-grained, internet of things (iot), tracking system (ID#: 15-6918)
URL: http://doi.acm.org/10.1145/2752952.2752973

 

Khalid Bijon, Ram Krishnan, Ravi Sandhu; ”Mitigating Multi-Tenancy Risks in IaaS Cloud Through Constraints-Driven Virtual Resource Scheduling,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 63–74. doi:10.1145/2752952.2752964
Abstract: A major concern in the adoption of cloud infrastructure-as-a-service (IaaS) arises from multi-tenancy, where multiple tenants share the underlying physical infrastructure operated by a cloud service provider. A tenant could be an enterprise in the context of a public cloud or a department within an enterprise in the context of a private cloud. Enabled by virtualization technology, the service provider is able to minimize cost by providing virtualized hardware resources such as virtual machines, virtual storage and virtual networks, as a service to multiple tenants where, for instance, a tenant’s virtual machine may be hosted in the same physical server as that of many other tenants. It is well-known that separation of execution environment provided by the hypervisors that enable virtualization technology has many limitations. In addition to inadvertent misconfigurations, a number of attacks have been demonstrated that allow unauthorized information flow between virtual machines hosted by a hypervisor on a given physical server. In this paper, we present attribute-based constraints specification and enforcement as a mechanism to mitigate such multi-tenancy risks that arise in cloud IaaS. We represent relevant properties of virtual resources (e.g., virtual machines, virtual networks, etc.) as their attributes. Conflicting attribute values are specified by the tenant or by the cloud IaaS system as appropriate. The goal is to schedule virtual resources on physical resources in a conflict-free manner. The general problem is shown to be NP-complete. We explore practical conflict specifications that can be efficiently enforced. We have implemented a prototype for virtual machine scheduling in OpenStack, a widely-used open-source cloud IaaS software, and evaluated its performance overhead, resource requirements to satisfy conflicts, and resource utilization.
Keywords: cloud iaas, constraint, multi-tenancy, virtual-resource scheduling, vm co-residency management, vm migration
(ID#: 15-6919)
URL: http://doi.acm.org/10.1145/2752952.2752964

 

David Lorenzi, Pratik Chattopadhyay, Emre Uzun, Jaideep Vaidya, Shamik Sural, Vijayalakshmi Atluri; “Generating Secure Images for CAPTCHAs Through Noise Addition,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 169–172. doi:10.1145/2752952.2753065
Abstract: As online automation, image processing and computer vision become increasingly powerful and sophisticated, methods to secure online assets from automated attacks (bots) are required. As traditional text based CAPTCHAs become more vulnerable to attacks, new methods for ensuring a user is human must be devised. To provide a solution to this problem, we aim to reduce some of the security shortcomings in an alternative style of CAPTCHA — more specifically, the image CAPTCHA. Introducing noise helps image CAPTCHAs thwart attacks from Reverse Image Search (RIS) engines and Computer Vision (CV) attacks while still retaining enough usability to allow humans to pass challenges. We present a secure image generation method based on noise addition that can be used for image CAPTCHAs, along with 4 different styles of image CAPTCHAs to demonstrate a fully functional image CAPTCHA challenge system.
Keywords: (not provided) (ID#: 15-6920)
URL: http://doi.acm.org/10.1145/2752952.2753065

 

Jason Crampton, Gregory Gutin, Daniel Karapetyan; “Valued Workflow Satisfiability Problem,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 3–13. doi:10.1145/2752952.2752961
Abstract: A workflow is a collection of steps that must be executed in some specific order to achieve an objective. A computerised workflow management system may enforce authorisation policies and constraints, thereby restricting which users can perform particular steps in a workflow. The existence of policies and constraints may mean that a workflow is unsatisfiable, in the sense that it is impossible to find an authorised user for each step in the workflow and satisfy all constraints. In this paper, we consider the problem of finding the “least bad” assignment of users to workflow steps by assigning a weight to each policy and constraint violation. To this end, we introduce a framework for associating costs with the violation of workflow policies and constraints and define the valued workflow satisfiability problem (Valued WSP), whose solution is an assignment of steps to users of minimum cost. We establish the computational complexity of Valued WSP with user-independent constraints and show that it is fixed-parameter tractable. We then describe an algorithm for solving Valued WSP with user-independent constraints and evaluate its performance, comparing it to that of an off-the-shelf mixed integer programming package.
Keywords: parameterized complexity, valued workflow satisfiability problem, workflow satisability (ID#: 15-6921)
URL: http://doi.acm.org/10.1145/2752952.2752961

 

Federica Paci, Nicola Zannone; “Preventing Information Inference in Access Control,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 87–97. doi:10.1145/2752952.2752971
Abstract: Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A solution often proposed to alleviate users’ privacy concerns is to let them specify access control policies that reflect their privacy constraints. However, existing approaches to access control often produce policies which either are too restrictive or allow the leakage of sensitive information. In this paper, we present a novel access control model that reduces the risk of information leakage. The model relies on a data model which encodes the domain knowledge along with the semantic relations between data. We illustrate how the access control model and the reasoning over the data model can be automatically translated in XACML. We evaluate and compare our model with existing access control models with respect to its effectiveness in preventing leakage of sensitive information and efficiency in authoring policies. The evaluation shows that the proposed model allows the definition of effective access control policies that mitigate the risks of inference of sensitive data while reducing users’ effort in policy authoring compared to existing models.
Keywords: comparison study, inference control, information leakage, semantic approach, xacml (ID#: 15-6922)
URL: http://doi.acm.org/10.1145/2752952.2752971

 

Jafar Haadi Jafarian, Hassan Takabi, Hakim Touati, Ehsan Hesamifard, Mohamed Shehab; “Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 211–220. doi:10.1145/2752952.2752975
Abstract: Role Based Access Control (RBAC) is the most widely used advanced access control model deployed in a variety of organizations. To deploy an RBAC system, one needs to first identify a complete set of roles, including permission role assignments and role user assignments. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. Since many organizations already have some form of user permission assignments defined, it makes sense to identify roles from this existing information. This process, known as role mining, has gained significant interest in recent years and numerous role mining techniques have been developed that take into account the characteristics of the core RBAC model, as well as its various extended features and each is based on a specific optimization metric. In this paper, we propose a generic approach which transforms the role mining problem into a constraint satisfaction problem. The transformation allows us to discover the optimal RBAC state based on customized optimization metrics. We also extend the RBAC model to include more context-aware and application specific constraints. These extensions broaden the applicability of the model beyond the classic role mining to include features such as permission usage, hierarchical role mining, hybrid role engineering approaches, and temporal RBAC models. We also perform experiments to show applicability and effectiveness of the proposed approach.
Keywords: access control, constraint satisfaction problem, rbac, role mining, smt solver (ID#: 15-6923)
URL: http://doi.acm.org/10.1145/2752952.2752975

 

Masoud Narouei, Hassan Takabi; “Towards an Automatic Top-down Role Engineering Approach Using Natural Language Processing Techniques,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 157–160. doi:10.1145/2752952.2752958
Abstract: Role Based Access Control (RBAC) is the most widely used model for access control due to the ease of administration as well as economic benefits it provides. In order to deploy an RBAC system, one requires to first identify a complete set of roles. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. In this paper, we propose a top-down role engineering approach and take the first steps towards using natural language processing techniques to extract policies from unrestricted natural language documents. Most organizations have high-level requirement specifications that include a set of access control policies which describes allowable operations for the system. However, it is very time consuming, labor-intensive, and error-prone to manually sift through these natural language documents to identify and extract access control policies. Our goal is to automate this process to reduce manual efforts and human errors. We apply natural language processing techniques, more specifically semantic role labeling to automatically extract access control policies from unrestricted natural language documents, define roles, and build an RBAC model. Our preliminary results are promising and by applying semantic role labeling to automatically identify predicate-argument structure, and a set of predefined rules on the extracted arguments, we were able correctly identify access control policies with a precision of 75%, recall of 88%, and F1 score of 80%.
Keywords: natural language processing, privacy policy, role based access control, role engineering, semantic role labeling
(ID#: 15-6924)
URL: http://doi.acm.org/10.1145/2752952.2752958

 

Rainer Fischer; “A Prototype to Reduce the Amount of Accessible Information,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 147–149. doi:10.1145/2752952.2752953
Abstract: Authorized insiders downloading mass data via their user interface are still a problem. In this paper a prototype to prevent mass data extractions is proposed. Access control models efficiently protect security objects but fail to define subsets of data which are narrow enough to be harmless if downloaded. Instead of controlling access to security objects the prototype limits the amount of accessible information. A heuristic approach to measures the amount of information is used. The paper describes the implementation of the prototype which is an extension of an SAP system as an example for a large enterprise information system.
Keywords: access control, data leakage protection, sap security, security policy (ID#: 15-6925)
URL: http://doi.acm.org/10.1145/2752952.2752953

 

Alessandro Armando, Silvio Ranise, Riccardo Traverso, Konrad Wrona; “A SMT-based Tool for the Analysis and Enforcement of NATO Content-based Protection and Release Policies,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 151–155. doi:10.1145/2752952.2752954
Abstract: NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.
Keywords: attribute-based access control, nato information sharing infrastructure, xacml (ID#: 15-6926)
URL: http://doi.acm.org/10.1145/2752952.2752954

 

Nima Mousavi, Mahesh Tripunitara; “Hard Instances for Verification Problems in Access Control,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 161–164. doi:10.1145/2752952.2752959
Abstract: We address the generation and analysis of hard instances for verification problems in access control that are NP-hard. Given the customary assumption that P ≠ NP, we know that such classes exist. We focus on a particular problem, the user-authorization query problem (UAQ) in Role-Based Access Control (RBAC). We show how to systematically generate hard instances for it. We then analyze what we call the structure of those hard instances. Our work brings the important aspect of systematic investigation of hard input classes to access control research.
Keywords: hard instances, intractability, role-based access control, user authorization query (ID#: 15-6927)
URL: http://doi.acm.org/10.1145/2752952.2752959

 

Jason Crampton, Charles Morisset, Nicol Zannone; “On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 99–109. doi:10.1145/2752952.2752970
Abstract: Attribute Based Access Control (ABAC) is becoming the reference model for the specification and evaluation of access control policies. In ABAC policies and access requests are defined in terms of pairs attribute names/values. The applicability of an ABAC policy to a request is determined by matching the attributes in the request with the attributes in the policy. Some languages supporting ABAC, such as PTaCL or XACML 3.0, take into account the possibility that some attributes values might not be correctly retrieved when the request is evaluated, and use complex decisions, usually describing all possible evaluation outcomes, to account for missing attributes.  In this paper, we argue that the problem of missing attributes in ABAC can be seen as a non-deterministic attribute retrieval process, and we show that the current evaluation mechanism in PTaCL or XACML can return a complex decision that does not necessarily match with the actual possible outcomes. This, however, is problematic for the enforcing mechanism, which needs to resolve the complex decision into a conclusive one. We propose a new evaluation mechanism, explicitly based on non-deterministic attribute retrieval for a given request. We extend this mechanism to probabilistic attribute retrieval and implement a probabilistic policy evaluation mechanism for PTaCL in PRISM, a probabilistic model-checker.
Keywords: missing attribute, policy evaluation, probabilistic model-checking, ptacl (ID#: 15-6928)
URL: http://doi.acm.org/10.1145/2752952.2752970

 

Marcos Cramer, Jun Pang, Yang Zhang; “A Logical Approach to Restricting Access in Online Social Networks,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 75–86. doi:10.1145/2752952.2752967
Abstract: Nowadays in popular online social networks users can blacklist some of their friends in order to disallow them to access resources that other non-blacklisted friends may access. We identify three independent binary decisions to utilize users’ blacklists in access control policies, resulting into eight access restrictions. We formally define these restrictions in a hybrid logic for relationship-based access control, and provide syntactical transformations to rewrite a hybrid logic access control formula when fixing an access restriction. This enables a flexible and user-friendly approach for restricting access in social networks. We develop efficient algorithms for enforcing a subset of access control policies with restrictions. The effectiveness of the access restrictions and the efficiency of our algorithms are evaluated on a Facebook dataset.
Keywords: access control, blacklist, hybrid logic, online social networks (ID#: 15-6929)
URL: http://doi.acm.org/10.1145/2752952.2752967

 

Feng Wang, Mathias Kohler, Andreas Schaad; “Initial Encryption of Large Searchable Data Sets Using Hadoop,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 165–168. doi:10.1145/2752952.2752960
Abstract: With the introduction and the widely use of external hosted infrastructures, secure storage of sensitive data becomes more and more important. There are systems available to store and query encrypted data in a database, but not all applications may start with empty tables rather than having sets of legacy data. Hence, there is a need to transform existing plaintext databases to encrypted form. Usually existing enterprise databases may contain terabytes of data. A single machine would require many months for the initial encryption of a large data set. We propose encrypting data in parallel using a Hadoop cluster which is a simple five step process including the Hadoop set up, target preparation, source data import, encrypting the data, and finally exporting it to the target. We evaluated our solution on real world data and report on performance and data consumption. The results show that encrypting data in parallel can be done in a very scalable manner. Using a parallelized encryption cluster compared to a single server machine reduces the encryption time from months down to days or even hours.
Keywords: database, hadoop, performance, searchable encryption (ID#: 15-6930)
URL: http://doi.acm.org/10.1145/2752952.2752960

 

Bart Preneel; “Post-Snowden Threat Models,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 1–1. doi:10.1145/2752952.2752978
Abstract: In June 2013 Edward Snowden leaked a large collection of documents that describe the capabilities and technologies of the NSA and its allies. Even to security experts the scale, nature and impact of some of the techniques revealed was surprising. A major consequence is the increased awareness of the public at large of the existence of highly intrusive mass surveillance techniques. There has also been some impact in the business world, including a growing interest in companies that (claim to) develop end-to-end secure solutions. There is no doubt that large nation states and organized crime have carefully studied the techniques and are exploring which ones they can use for their own benefit. But after two years, there is little progress in legal or governance measures to address some of the excesses by increasing accountability. Moreover, the security research community seems to have been slow to respond to the new threat landscape. In this lecture we analyze these threats and speculate how they could be countered.
Keywords: information security, mass surveillance, system security, threat models (ID#: 15-6931)
URL: http://doi.acm.org/10.1145/2752952.2752978

 

Anna Cinzia Squicciarini, Ting Yu; “Privacy and Access Control: How are These Two Concepts Related?,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 197–198. doi:10.1145/2752952.2752980
Abstract: (not provided). Panel description and references available at URL: http://www.sacmat.org/2015/toc.html
Keywords: access control, privacy, security (ID#: 15-6932)
URL: http://doi.acm.org/10.1145/2752952.2752980

 

Jonathan Shahen, Jianwei Niu, Mahesh Tripunitara; “Mohawk+T: Efficient Analysis of Administrative Temporal Role-Based Access Control (ATRBAC) Policies,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 15–26. doi:10.1145/2752952.2752966
Abstract: Safety analysis is recognized as a fundamental problem in access control. It has been studied for various access control schemes in the literature. Recent work has proposed an administrative model for Temporal Role-Based Access Control (TRBAC) policies called Administrative TRBAC (ATRBAC). We address ATRBAC-safety. We first identify that the problem is PSPACE-Complete. This is a much tighter identification of the computational complexity of the problem than prior work, which shows only that the problem is decidable. With this result as the basis, we propose an approach that leverages an existing open-source software tool called Mohawk to address ATRBAC-safety. Our approach is to efficiently reduce ATRBAC-safety to ARBAC-safety, and then use Mohawk. We have conducted a thorough empirical assessment. In the course of our assessment, we came up with a “reduction toolkit,” which allows us to reduce Mohawk+T input instances to instances that existing tools support. Our results suggest that there are some input classes for which Mohawk+T outperforms existing tools, and others for which existing tools outperform Mohawk+T. The source code for Mohawk+T is available for public download.
Keywords: administration, role-based access control, safety analysis, temporal (ID#: 15-6933)
URL: http://doi.acm.org/10.1145/2752952.2752966

 

Marcos Cramer, Diego Agustín Ambrossio, Pieter Van Hertum; “A Logic of Trust for Reasoning about Delegation and Revocation,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 173–184. doi:10.1145/2752952.2752968
Abstract: In ownership-based access control frameworks with the possibility of delegating permissions and administrative rights, chains of delegated accesses will form. There are different ways to treat these delegation chains when revoking rights, which give rise to different revocation schemes. Hagström et al. [8] proposed a framework for classifying revocation schemes, in which the different revocation schemes are defined graph-theoretically; they motivate the revocation schemes in this framework by presenting various scenarios in which the agents have different reasons for revocating. This paper is based on the observation that there are some problems with Hagström et al.’s definitions of the revocation schemes, which have led us to propose a refined framework with new graph-theoretic definitions of the revocation schemes. In order to formally study the merits and demerits of various definitions of revocation schemes, we propose to apply the axiomatic method originating in social choice theory to revocation schemes. For formulating an axiom, i.e. a desirable property of revocation frameworks, we propose a logic, Trust Delegation Logic (TDL), with which one can formalize the different reasons an agent may have for performing a revocation. We show that our refined graph-theoretic definitions of the revocation schemes, unlike Hagström et al.’s original definitions, satisfy the desirable property that can be formulated using TDL.
Keywords: access control, delegation, logic, revocation, trust (ID#: 15-6934)
URL: http://doi.acm.org/10.1145/2752952.2752968

 

Trent Jaeger; “Challenges in Making Access Control Sensitive to the ‘Right’ Contexts,” in SACMAT ’15 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, June 2015, Pages 111–111. doi:10.1145/2752952.2752979
Abstract: Access control is a fundamental security mechanism that both protects processes from attacks and confines compromised processes that may try to propagate an attack. Nonetheless, we still see an ever increasing number of software vulnerabilities. Researchers have long proposed that improvements in access control could prevent many vulnerabilities, many of which capture contextual information to more accurately detect obviously unsafe operations. However, developers are often hesitant to extend their access control mechanisms to use more sensitive access control policies. My experience leads me to propose that it is imperative that an access control systems be able to extract context accurately and efficiently and be capable of inferring any non-trivial policies. In this talk, I will discuss some recent research that enforces context-sensitive policies by either extracting process context, integrating code to extract context from programs, or extracting user context. We find that context-sensitive mechanisms can prevent some obviously unsafe operations from being authorized efficiently and discuss our experiences in inferring access control policies. Based on this research, we are encouraged that future research may enable context-sensitive access control policies to be produced and enforced to prevent vulnerabilities.
Keywords: capabilities, context-sensitive, program analysis (ID#: 15-6935)
URL: http://doi.acm.org/10.1145/2752952.2752979

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

 

International Conferences: SIGMIS-CPR 2015, Newport Beach, CA

–

	International Conferences: SIGMIS – Computers and People Research 2015 Newport Beach, CA

The ACM SIGMIS Computers and People Research 2015 conference met at Newport Beach, California on June 4-6, 2015. This year’s conference theme was the Cyber Security Workforce in the Global Context. Topics covered are related to the Hard Problem of human factors in cybersecurity.  

---

David H. Tobey; “A Vignette-Based Method for Improving Cybersecurity Talent Management through Cyber Defense Competition Design,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 31–39. doi:10.1145/2751957.2751963
Abstract: The preliminary findings are reported from a four-year study of cybersecurity competency assessment and development achieved through the design of cyber defense competitions. The first year of the study focused on identifying the abilities that should indicate aptitude to perform well in the areas of operational security testing and advanced threat response. A recently developed method for Job Performance Modeling (JPM) is applied which uses vignettes — critical incident stories — to guide the elicitation of a holistic description of mission-critical roles grounded in the latest tactics, techniques and protocols defining the current state-of-the-art, or ground truth, in cyber defense. Implications are drawn for design of scoring engines and achievement of game balance in cyber defense competitions as a talent management system.
Keywords: aptitude, competency model, critical incident, cyber defense competition, game balance, job performance model, ksa, talent management, vignette (ID#: 15-6936)
URL: http://doi.acm.org/10.1145/2751957.2751963

 

Leigh Ellen Potter, Gregory Vickers; “What Skills Do You Need to Work in Cyber Security?: A Look at the Australian Market,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015,
Pages 67–72. doi:10.1145/2751957.2751967
Abstract: The demand for cyber security professionals is rising as the incidence of cyber crime and security breaches increases, leading to suggestions of a skills shortage in the technology industry. While supply and demand are factors in the recruitment process for any position, in order to secure the best people in the security field we need to know what skills are required to be a security professional in the current cyber security environment. This paper seeks to explore this question by looking at the current state of the Australian Industry. Recent job listings in the cyber security area were analysed, and current security professionals in industry were asked for their opinion as to what skills were required in this profession. It was found that each security professional role has its own set of skill requirements, however there is significant overlap between the roles for many soft skills, including analysis, consulting and process skills, leadership, and relationship management. Both communication and presentation skills were valued. A set of “hard” skills emerged as common across all categories: experience, qualifications and certifications, and technical expertise. These appear to represent the need for a firm background in the security area as represented by formal study and industry certifications, and supported by solid experience in the industry. Specific technical skills are also required, although the exact nature of these will vary according to the requirements of each role.
Keywords: cyber security, security professional, skills (ID#: 15-6937)
URL:  http://doi.acm.org/10.1145/2751957.2751967

 

Nishtha Kesswani, Sanjay Kumar; “Maintaining Cyber Security: Implications, Cost and Returns,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 161–164. doi:10.1145/2751957.2751976
Abstract: Cyber security is one of the most critical issues that are faced globally by most of the countries and organizations. With the ever increasing use of computers and the internet, there has been tremendous growth of cyber-attacks. The attackers target not only high end companies but also banks and government agencies. As a result the companies and governments across the globe are sparing huge amount of money to create a cyber-secure niche. In every organization, whenever an investment has to be made, everybody is concerned about the return which the organization will be getting from that investment. Every investment has to be justified from the point of view of return. Investments made in cyber security are never preferred by the organizations as they do not give any return. Return on Investments made in Cyber security is not measured in terms of profits and gains, but rather in terms of prevented losses. This paper provides an insight in to various established approaches which can be used for measurement of return on cyber security investment. Cost-benefit analysis of cyber security investments can be useful to the organization to have insight into whether money is well spent or not.
Keywords: annual loss expectancy approach, cost benefit analysis, gordon and loeb approach, net present value approach
(ID#: 15-6938)
URL:  http://doi.acm.org/10.1145/2751957.2751976

 

Michelle L. Kaarst-Brown, E. Dale Thompson; “Cracks in the Security Foundation: Employee Judgments about Information Sensitivity,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 145–151. doi:10.1145/2751957.2751977
Abstract: Despite the increased focus on IT security, much of our reliance on “information sensitivity classifications” is based on broadly specified technical “access controls” or policies and procedures for the handling of organizational data — many of them developed incrementally over decades. One area ignored in research and practice is how human beings make “sensitivity judgments” or “classify” information they may encounter in everyday activities. This has left what we view as a crack in the IT security foundation. This crack has created a tension between formal IT security classification schema, technical controls, and policy, and the sensitivity judgments that everyday workers must make about the non-coded information they deal with. As noted in government and private reports, a new look at information sensitivity classification is vital to the expanding reach and criticality of information security. Based on a grounded theory study that elicited 188 judgements of sensitive information, we found valuable lessons for IT security in how workers, both in IT and outside of IT, recognize, classify, and react to their human judgments of sensitive information.
Keywords: classification, employee judgments, information sensitivity, it security, security awareness, security judgments
(ID#: 15-6939)
URL:  http://doi.acm.org/10.1145/2751957.2751977

 

Conrad Shayo, Javier Torner, Frank Lin, Jake Zhu, Joon Son; “Is Managing IT Security a Mirage?,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 97–98. doi:10.1145/2751957.2751970
Abstract: The purpose of this panel is to provide a forum to discuss the main IT security issues confronting organizations today. The panelists and attendees will discuss the existing gap between current IT security practices vs. best practices based on survey trends on IT security for the past 5 years, explore popular models used to justify IT security investments, and showcase some of the most popular hacking tools to demonstrate why it is so easy to compromise organizational IT security assets. The panel will conclude by discussing the emerging IT security standards and practices that may help deter, detect, and mitigate the impact of cyber-attacks. As the title suggests, we posit the question: Is Managing IT Security a Mirage?
Keywords: cyber-attacks, cybersecurity, hacking, information system risk, information system security, it vulnerability, ransomware, secure it infrastructure (ID#: 15-6940)
URL:  http://doi.acm.org/10.1145/2751957.2751970

 

Shuyuan Mary Ho, Hengyi Fu, Shashanka S. Timmarajus, Cheryl Booth, Jung Hoon Baeg, Muye Liu; “Insider Threat: Language-Action Cues in Group Dynamics,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 101–104. doi:10.1145/2751957.2751978
Abstract: Language as a symbolic medium plays an important role in virtual communications. Words communicated online as action cues can provide indications of an actor’s behavioral intent. This paper describes an ongoing investigation into the impact of a deceptive insider on group dynamics in virtual team collaboration. An experiment using an online game environment was conducted in 2014. Our findings support the hypothesis that language-action cues of group interactions will change significantly after an insider has been compromised and makes efforts to deceive. Furthermore, the language used in group dynamic interaction will tend to employ more cognition, inclusivity and exclusivity words when interacting with each other and with the focal insider. Future work will employ finely tuned complex Linguistic Inquiry and Word Count dictionaries to identify additional language-action cues for deception.
Keywords: insider threat detection, language-action cues., online deception, trusted human-computer interaction (ID#: 15-6941)
URL:  http://doi.acm.org/10.1145/2751957.2751978

 

Antoine Lemay, Sylvain P. Leblanc, Tiago de Jesus; “Lessons from the Strategic Corporal: Implications of Cyber Incident Response,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 61–66. doi:10.1145/2751957.2751965
Abstract: With the rise of cyber espionage the role of cyber incident responders is becoming more complex, but the personnel profile of incident handlers has remained constant. In this new environment, the strategic position of companies is being affected by operation personnel, including cyber incident responders, who have little to no awareness of the strategic implications of their technical decisions. In recent decades, the military has gone through a similar situation and has dubbed this new reality the “Strategic Corporal”. This paper analyzes cyber incident response through the theoretical framework of the Strategic Corporal to argue that today’s cyber incident responders fit that profile. The paper looks at three solutions put forward by the military, namely training, communication of the commander’s intent and embracing decentralization, and shows that these are viable solutions to make cyber incident responders ready to meet the current challenge.
Keywords: cyber incident response, cyber responder training, management of cyber responders, strategic impact of cyber decisions (ID#: 15-6942)
URL:  http://doi.acm.org/10.1145/2751957.2751965

 

Rinku Sen, Manojit Chattopadhyay, Nilanjan Sen; “An Efficient Approach to Develop an Intrusion Detection System Based on Multi Layer Backpropagation Neural Network Algorithm: IDS Using BPNN Algorithm,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 105–108. doi:10.1145/2751957.2751979
Abstract: The key success factor of the business depends upon correct and timely information. The vital resources of the organization should be protected from inside and outside threats. Among many threats of network security, intrusion has become a crucial reason for many organizations to incur loss. Many researchers are trying their level best to handle the different types of intrusion affecting the business. To detect such a type of intrusion, our initiative is to us a very popular soft computing tool namely back propagation neural network (BPNN). We have prepared a flexible BPNN architecture to identify the intrusion with the help of anomaly detection methodology. The result we obtained is better than or at per with many best research paper in this field of study. We have used KDD dataset for our experiment.
Keywords: anomaly detection, artificial neural network, bpnn, intrusion detection system, kdd cup 99 dataset (ID#: 15-6943)
URL:  http://doi.acm.org/10.1145/2751957.2751979

 

Masoud Hayeri Khyavi, Mina Rahimi; “The Missing Circle of ISMS (LL-ISMS),” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 73–77. doi:10.1145/2751957.2751972
Abstract: Information security management (ISMS) subject is a new area which has been discussed in various companies and organizations and many large and small security companies also are thinking of investigating on this topic. However experience has shown that imitation of a scientific and technological issue and its implementation at the national level not only showed best real effect of that ever(but also) has caused a huge waste of resources. In this paper, we have an idea for localization of ISMS which in regard to ISO standards and importance of this subject, prepares the facility and best area for research and work on ISMS. In this essay we introduce a new circle which covers a new level in ISMS subject
Keywords: management, security (ID#: 15-6944)
URL:  http://doi.acm.org/10.1145/2751957.2751972

 

Mark G. Graff; “Key Traits of Successful Cyber Security Practitioners,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 21–21. doi:10.1145/2751957.2751983
Abstract: The author’s view, formed over a decades-long career as a cyber security practitioner, is that successful professionals in the field have historically tended to share certain personality traits. Beyond the knack for problem solving and tolerance for late nights and vending machine food common in Information Technology (IT) circles, elements of integrity and character are, for example, often key to achievement in this career niche. The author describes several such traits, illustrating with informal case histories their operation and impact — both positive and negative. Implications for education, training and staffing in this field are also discussed.
Keywords: cyber security, education, management, personality, profession, staffing, training (ID#: 15-6945)
URL:  http://doi.acm.org/10.1145/2751957.2751983

 

Santos M. Galvez, Joshua D. Shackman, Indira R. Guzman, Shuyuan M. Ho; “Factors Affecting Individual Information Security Practices,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 135–144. doi:10.1145/2751957.2751966
Abstract: Data and information within organizations have become important assets that can create a significant competitive advantage and therefore need to be given careful attention. Research from industry has reported that the majority of security-related problems are indirectly caused by employees who disobey the information security policies of their organizations. This study proposes a model to evaluate the factors that influence the individual’s information security practices (IISP) at work. Drawing on social cognitive and control theories, the proposed model includes cognitive, environmental, and control factors as antecedents of ISSP. The findings of this study could be used to develop effective security policies and training. They could also be used to develop effective security audits and further recommendations for organizations that are looking to make significant improvements in their information security profiles
Keywords: control theory, information security behavior, information security practices, iso27002, mandatoriness, security standards, self-efficacy, social cognitive theory (ID#: 15-6946)
URL:  http://doi.acm.org/10.1145/2751957.2751966

 

Mohammad Mohammad; “IT Surveillance and Social Implications in the Workplace,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 79–85. doi:10.1145/2751957.2751959
Abstract: The workplace is where most adults spend roughly half of their waking hours. It is not surprising, therefore, that employment practices affect a broad range of privacy rights. With the exception of polygraph testing, there are few areas of workplace activities that are covered by the American constitution or privacy laws. Accordingly, employers have a great deal of leeway in collecting data on their employees, regulating access to personnel files, and disclosing file contents to outsiders. In addition to the issue of personnel files, workplace privacy involves such practices as polygraph testing, drug testing, computer and telephone monitoring, and interference with personal lifestyle. All of these practices stem from a combination of modern employer concerns employee theft, drug abuse, productivity, courtesy and the protection of trade secrets and technological advances that make it more economical to engage in monitoring and testing. The result for employees, however, is a dramatic increase in workplace surveillance. Unprecedented numbers of workers are urinating into bottles for employer run, drug-testing programs. Thousands of data entry operators have their every keystroke recorded by the very computers on which they are working. Surveillance is so thorough in some offices that employers can check to see exactly when employees leave their work stations to go to the bathroom and how long they take. A significant step toward resolving these issues can be taken by considering the possibilities and limitations posed by the extended use of surveillance and developing a model to balance these competing concerns. The model is proposed a master plan entitled "Monitoring Process Model (MPM)" showing the employers and employees and their inter-related activities. Which uses a thorough examination of the research literature, thus far to advocate the use of justifications for surveillance that Weigh Company interests against a notion of transactional privacy a form of privacy that focuses on trust and relationships.
Keywords: monitor, privacy, surveillance, trust (ID#: 15-6947)
URL:  http://doi.acm.org/10.1145/2751957.2751959

 

John R. Magrane, Jr.; “Personal Information Sharing with Major User Concerns in the Online B2C Market: A Social Contract Theory Perspective,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 7–8. doi:10.1145/2751957.2755507
Abstract: The cyber world has seen growth in the online business over the past two decades and e-commerce continues to expand. Moreover it has brought ease and comfort in the lives of the people and now there is no distinction of states and regions. Mainstream people can buy anything from anywhere in the world through web-platforms such as Amazon.com, thus enhancing e-commerce. However, the major concern that arises is the security apprehension. This research paper studies the willingness of the online shopper to disclose personal information. The study will use a conceptual model to examine customers’ online activities and how variables such as user trust, knowledge sharing behavior, and loyalty intentions influence users’ privacy concerns, and further moderated by one’s perceived environmental security in the B2C Internet market. Social Contract Theory (SCT) will be used to analyze the issue in the behavioral perspective, based on the human obligations towards one another and on the state as the supreme authority that establishes the principles that maintain the balance of a society.
Keywords: environmental security, knowledge sharing behavior, loyalty, personal information, privacy concerns, trust
(ID#: 15-6948)
URL:  http://doi.acm.org/10.1145/2751957.2755507

 

Tina Francis, Muthiya Madiajagan, Vijay Kumar; “Privacy Issues and Techniques in E-Health Systems,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 113–115. doi:10.1145/2751957.2751981
Abstract: During the present era, mobiles and smart devices are in abundance. A number of services have been provided through these devices. Ubiquitous services is gaining popularity in the present era. Ubiquity in healthcare is a sector which has gained importance in the current decade, as medical costs are not affordable to the common man. Ubiquitous healthcare has scope in seamlessly monitoring patients and identifying their health conditions. However privacy is at risk when using ubiquitous healthcare as personal health data are given to third party individuals for monitoring, storage and retrieval. This paper we proposes a privacy preserving model of an e-health system, so as to maintain the security of patient data across different domains in the e-health system.
Keywords: access control, access controls, cloud computing, cryptography, data encryption, cloud data security, patterns, security, security monitoring, trusted computing (ID#: 15-6949)
URL:  http://doi.acm.org/10.1145/2751957.2751981

 

Glourise M. Haya; “Complexity Reduction in Information Security Risk Assessment,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 5–6. doi:10.1145/2751957.2755506
Abstract: Results of research done by Dlamini et al. [5] clearly show information security was once focused around technical issues. However, over time, that approach transitioned to a more strategic governance model where legal and regulatory compliance, risk management, and digital forensics disciplines became the significant contributors in the domain. This focus has resulted in a proliferation of information security risk assessment models, which on the whole, have not necessarily helped to reduce risks or appropriately respond to security events. This research seeks to develop a new information security risk assessment model through the aggregation of existing models.
Keywords: information security, risk assessment, risk management (ID#: 15-6950)
URL: http://doi.acm.org/10.1145/2751957.2755506

 

Christian Sillaber, Ruth Breu; “Using Stakeholder Knowledge for Data Quality Assessment in IS Security Risk Management Processes,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 153–159. doi:10.1145/2751957.2751960
Abstract: The availability of high quality documentation of the IS as well as knowledgeable stakeholders are an important prerequisite for successful IS security risk management processes. However, little is known about the relationship between stakeholders, their knowledge about the IS, security documentation and how quality aspects influence the security and risk properties of the IS under investigation. We developed a structured data quality assessment process to identify quality issues in the security documentation of an information system. For this, organizational stakeholders were interviewed about the IS under investigation and models were created from their description in the context of an ongoing security risk management process process. Then, the research model was evaluated in a case study. We found that contradictions between the models created from stakeholder interviews and those created from documentation were a good indicator for potential security risks. The findings indicate that the proposed data quality assessment process provides valuable inputs for the ongoing security and risk management process. While current research considers users as the most important resource in security and risk management processes, little is known about the hidden value of various entities of documentation available at the organizational level. This study highlights the importance of utilizing existing IS security documentation in the security and risk management process and provides risk managers with a toolset for the prioritization of security documentation driven improvement activities.
Keywords: data quality of information system, information system security documentation quality, information systems security risk management (ID#: 15-6951)
URL: http://doi.acm.org/10.1145/2751957.2751960

 

Jordan Shropshire, Art Gowan; “Characterizing the Traits of Top-Performing Security Personnel,” in SIGMIS-CPR ’15 Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research, June 2015, Pages 55–59. doi:10.1145/2751957.2751971
Abstract: Organizational information security is a talent-centric proposition. Information assurance is a product of the combined expertise, attention-to-detail, and creativity of an information security team. A competitive edge can be obtained by hiring the top information security professionals. Therefore, identifying the right people is a mission-critical task. To assist in the candidate selection process, this research analyzes the enduring traits of top security performers. Specifically, it evaluates the Big Five Model of personality and the Six Workplace Values. In a laboratory study, 62 undergraduates majoring in information assurance completed a series of simulations which assessed their ability to solve various information security problems. The characteristics of top information security performers were contrasted against the rest of the cohort. In terms of personality, the top performers have high levels of conscientiousness and openness. With respect to workplace values, the top performers have a stronger preference for theoretical endeavors such as the pursuit of truth.
Keywords: employee attitudes, performance, personality, security (ID#: 15-6952)
URL: http://doi.acm.org/10.1145/2751957.2751971

 

Diana Burley, Indira R. Guzman, Daniel P. Manson, Leigh Ellen Potter; “
Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research,” Newport Beach, CA, June 4–6, 2015. ACM, New York, NY. 2015. ISBN: 978-1-4503-3557-7
Abstract: It is our great pleasure to welcome you to the 2015 ACM SIGMIS Computers and People Research Conference -- CPR ’15. CPR has long been the premier forum for the presentation of research and experiential reports on themes related to developing and managing the information technology (IT) workforce. This year's conference extends that tradition with the theme: Cyber Security Workforce in the Global Context. CPR provides both researchers and practitioners with a unique opportunity to share their perspectives with others interested in the various aspects of building the IT workforce globally.  The call for papers attracted forty-seven submissions from global researchers. Submissions from Australia, Austria, Canada, France, Germany, India, Iran (Islamic Republic of), New Zealand, Pakistan, Singapore, United Arab Emirates, and the United States covered a variety of topics including; gaming and competitions related to information security, digital inequality, cyber security skills, teamwork, surveillance, and security judgment. The program includes five panels on cybersecurity workforce development, an industry panel, one focus group and a poster session. The doctoral consortium welcomes six Ph.D. students and we thank the generosity of the doctoral consortium mentors who will work to advance their research. In addition to the paper sessions, we also encourage participants to attend our keynote speech and invited presentations. These valuable and insightful talks can and will guide us to a better understanding of the future. We are pleased to highlight our keynote address: “Key Traits of Successful Cyber Security Practitioners,” Mark G. Graff of Tellagraff, LLC (most recently the CISO of NASDAQ and the 2014 Internet Security Executive of the Year for the Northeast United States). (ID#: 15-6953)
URL: http://dl.acm.org/citation.cfm?id=2751957&coll=DL&dl=GUIDE&CFID=546454935&CFTOKEN=60376420

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

 

International Conferences: WiSec 2015, New York

 

	International Conferences: Security & Privacy in Wireless and Mobile Networks 2015, New York

The 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec ’15 ) was held June 22–26, 2015 in New York. The focus of the conference was on the security and privacy aspects of wireless communications, mobile networks, mobile software platforms, and mobile or wireless applications, including both theoretical and systems contributions. The articles cited here cover privacy, resilience, and metrics.  

---

Pieter Robyns, Peter Quax, Wim Lamotte; “Injection Attacks on 802.11n MAC Frame Aggregation,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 13. doi:10.1145/2766498.2766513
Abstract: The ability to inject packets into a network is known to be an important tool for attackers: it allows them to exploit or probe for potential vulnerabilities residing on the connected hosts. In this paper, we present a novel practical methodology for injecting arbitrary frames into wireless networks, by using the Packet-In-Packet (PIP) technique to exploit the frame aggregation mechanism introduced in the 802.11n standard. We show how an attacker can apply this methodology over a WAN -- without physical proximity to the wireless network and without requiring a wireless interface card. The practical feasibility of our injection method is then demonstrated through a number of proof-of-concept attacks. More specifically, in these proof-of-concepts we illustrate how a host scan can be performed on the network, and how beacon frames can be injected from a remote location. We then both analytically and experimentally estimate the success rate of these attacks in a realistic test setup. Finally, we present several defensive measures that network administrators can put in place in order to prevent exploitation of our frame injection methodology.
Keywords: frame aggregation, injection attack, wireless security (ID#: 15-6872)
URL: http://doi.acm.org/10.1145/2766498.2766513

 

Lucky Onwuzurike, Emiliano De Cristofaro; “Danger Is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 15. doi:10.1145/2766498.2766522
Abstract: This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our experiments show that, although prior work has drawn a lot of attention to SSL implementations on mobile platforms, several popular apps (32/100) accept all certificates and all hostnames, and four actually transmit sensitive data unencrypted. We set up an experimental testbed simulating man-in-the-middle attacks and find that many apps (up to 91% when the adversary has a certificate installed on the victim’s device) are vulnerable, allowing the attacker to access sensitive information, including credentials, files, personal details, and credit card numbers. Finally, we provide a few recommendations to app developers and highlight several open research problems.
Keywords: Android security, information leakage, privacy (ID#: 15-6873)
URL: http://doi.acm.org/10.1145/2766498.2766522

 

Denzil Ferreira, Vassilis Kostakos, Alastair R. Beresford, Janne Lindqvist, Anind K. Dey; “Securacy: An Empirical Investigation of Android Applications’ Network Usage, Privacy And Security,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 11. doi:10.1145/2766498.2766506
Abstract: Smartphone users do not fully know what their apps do. For example, an applications’ network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users’ privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications’ communications behavior globally, indicating that the majority of apps currently use insecure network connections.
Keywords: applications, context, experience sampling, network, privacy (ID#: 15-6874)
URL: http://doi.acm.org/10.1145/2766498.2766506

 

Karim Emara, Wolfgang Woerndl, Johann Schlichter; “CAPS: Context-Aware Privacy Scheme for VANET Safety Applications,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 21. doi:10.1145/2766498.2766500
Abstract: Preserving location privacy in vehicular ad hoc networks (VANET) is an important requirement for public acceptance of this emerging technology. Many privacy schemes concern changing pseudonyms periodically to avoid linking messages. However, the spatiotemporal information contained in beacons makes vehicles traceable and the driver’s privacy breached. Therefore, the pseudonym change should be performed in a mix-context to discontinue the spatial and temporal correlation of subsequent beacons. Such mix-context is commonly accomplished by using a silence period or in predetermined locations (e.g., mix-zone). In this paper, we propose a location privacy scheme that lets vehicles decide when to change its pseudonym and enter a silence period and when to exit from it adaptively based on its context. In this scheme, a vehicle monitors the surrounding vehicles and enters silence when it finds one or more neighbors silent. It resumes beaconing with a new pseudonym when its actual state is likely to be mixed with the state of a silent neighbor. We evaluate this scheme against a global multi-target tracking adversary using simulated and realistic vehicle traces and compare it with the random silent period scheme. Furthermore, we evaluate the quality of service of a forward collision warning safety application to ensure its applicability in safety applications. We measure the quality of service by estimating the probability of correctly identifying the fundamental factors of that application using Monte Carlo analysis.
Keywords: context-aware privacy, forward collision warning, location privacy, random silent period, safety application
(ID#: 15-6875)
URL: http://doi.acm.org/10.1145/2766498.2766500

 

Célestin Matte, Jagdish Prasad Achara, Mathieu Cunche; “Device-to-Identity Linking Attack Using Targeted Wi-Fi Geolocation Spoofing,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 20. doi:10.1145/2766498.2766521
Abstract: Today, almost all mobile devices come equipped with Wi-Fi technology. Therefore, it is essential to thoroughly study the privacy risks associated with this technology. Recent works have shown that some Personally Identifiable Information (PII) can be obtained from the radio signals emitted by Wi-Fi equipped devices. However, most of the times, the identity of the subject of those pieces of information remains unknown and the Wi-Fi MAC address of the device is the only available identifier. In this paper, we show that it is possible for an attacker to get the identity of the subject.  The attack presented in this paper leverages the geolocation information published on some geotagged services, such as Twitter, and exploits the fact that geolocation information obtained through Wi-Fi-based Positioning System (WPS) can be easily manipulated. We show that geolocation manipulation can be targeted to a single device, and in most cases, it is not necessary to jam real Wi-Fi access points (APs) to mount a successful attack on WPS.
Keywords: 802.11, geolocation, privacy (ID#: 15-6876)
URL: http://doi.acm.org/10.1145/2766498.2766521

 

Xin Chen, Sencun Zhu; “DroidJust: Automated Functionality-Aware Privacy Leakage Analysis for Android Applications,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article
No. 5. doi:10.1145/2766498.2766507
Abstract: Android applications (apps for short) can send out users’ sensitive information against users’ intention. Based on the stats from Genome and Mobile-Sandboxing, 55.8% and 59.7% Android malware families feature privacy leakage. Prior approaches to detecting privacy leakage on smartphones primarily focused on the discovery of sensitive information flows. However, Android apps also send out users’ sensitive information for legitimate functions. Due to the fuzzy nature of the privacy leakage detection problem, we formulate it as a justification problem, which aims to justify if a sensitive information transmission in an app serves any purpose, either for intended functions of the app itself or for other related functions. This formulation makes the problem more distinct and objective, and therefore more feasible to solve than before. We propose DroidJust, an automated approach to justifying an app’s sensitive information transmission by bridging the gap between the sensitive information transmission and application functions. We also implement a prototype of DroidJust and evaluate it with over 6000 Google Play apps and over 300 known malware collected from VirusTotal. Our experiments show that our tool can effectively and efficiently analyze Android apps w.r.t their sensitive information flows and functionalities, and can greatly assist in detecting privacy leakage.
Keywords: Android security, privacy leakage detection, static taint analysis (ID#: 15-6877)
URL: http://doi.acm.org/10.1145/2766498.2766507

 

Elena Pagnin, Anjia Yang, Gerhard Hancke, Aikaterini Mitrokotsa; “HB+DB, Mitigating Man-in-the-Middle Attacks Against HB+ with Distance Bounding,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 3.  doi:10.1145/2766498.2766516
Abstract: Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices’ radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.
Keywords: HB-protocol, HB+, distance bounding, physical layer security  (ID#: 15-6878)
URL: http://doi.acm.org/10.1145/2766498.2766516

 

Marcin Nagy, Thanh Bui, Emiliano De Cristofaro, N. Asokan, Jörg Ott, Ahmad-Reza Sadeghi; “How Far Removed Are You?: Scalable Privacy-Preserving Estimation of Social Path Length With Social Pal,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 18. doi:10.1145/2766498.2766501
Abstract: Social relationships are a natural basis on which humans make trust decisions. Online Social Networks (OSNs) are increasingly often used to let users base trust decisions on the existence and the strength of social relationships. While most OSNs allow users to discover the length of the social path to other users, they do so in a centralized way, thus requiring them to rely on the service provider and reveal their interest in each other.  This paper presents Social PaL, a system supporting the privacy-preserving discovery of arbitrary-length social paths between any two social network users. We overcome the bootstrapping problem encountered in all related prior work, demonstrating that Social PaL allows its users to find all paths of length two and to discover a significant fraction of longer paths, even when only a small fraction of OSN users is in the Social PaL system — e.g., discovering 70% of all paths with only 40% of the users. We implement Social PaL using a scalable server-side architecture and a modular Android client library, allowing developers to seamlessly integrate it into their apps.
Keywords: mobile social networks, privacy, proximity (ID#: 15-6879)
URL: http://doi.acm.org/10.1145/2766498.2766501

 

Meiko Jensen; “Applying the Protection Goals for Privacy Engineering to Mobile Devices,” in WiSec ’15 Proceedings
of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 26. doi:10.1145/2766498.2774986
Abstract: In this paper, we propose to use a set of common core principles (the protection goals for privacy engineering) for measuring and comparing privacy features of mobile device systems. When utilized as a baseline for mobile phone software development, these protection goals can help with acting in legal compliance independent from the exact juridical location of the user.
Keywords: (not provided) (ID#: 15-6880)
URL: http://doi.acm.org/10.1145/2766498.2774986

 

Guqian Dai, Jigang Ge, Minghang Cai, Daoqian Xu, Wenjia Li; “SVM-Based Malware Detection for Android Applications,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 33. doi:10.1145/2766498.2774991
Abstract: In this paper, we study a SVM-based malware detection scheme for Android application, which integrates both risky permission combinations and vulnerable API calls and use them as features in the SVM algorithm. Preliminary experiments have validated the proposed malware detection scheme.
Keywords: Android, TF-IDF, malware, support vector machine (SVM) (ID#: 15-6881)
URL: http://doi.acm.org/10.1145/2766498.2774991

 

Xingmin Cui, Jingxuan Wang, Lucas C. K. Hui, Zhongwei Xie, Tian Zeng, S. M. Yiu; “WeChecker: Efficient and Precise Detection of Privilege Escalation Vulnerabilities in Android Apps,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 25. doi:10.1145/2766498.2766509
Abstract: Due to the rapid increase of Android apps and their wide usage to handle personal data, a precise and large-scaling checker is in need to validate the apps’ permission flow before they are listed on the market. Several tools have been proposed to detect sensitive data leaks in Android apps. But these tools are not applicable to large-scale analysis since they fail to deal with the arbitrary execution orders of different event handlers smartly. Event handlers are invoked by the framework based on the system state, therefore we cannot pre-determine their order of execution. Besides, since all exported components can be invoked by an external app, the execution orders of these components are also arbitrary. A naive way to simulate these two types of arbitrary execution orders yields a permutation of all event handlers in an app. The time complexity is O(n!) where n is the number of event handlers in an app. This leads to a high analysis overhead when n is big. To give an illustration, CHEX [10] found 50.73 entry points of 44 unique class types in an app on average. In this paper we propose an improved static taint analysis to deal with the challenge brought by the arbitrary execution orders without sacrificing the high precision. Our analysis does not need to make permutations and achieves a polynomial time complexity. We also propose to unify the array and map access with object reference by propagating access paths to reduce the number of false positives due to field-insensitivity and over approximation of array access and map access.  We implement a tool, WeChecker, to detect privilege escalation vulnerabilities in Android apps. WeChecker achieves 96% precision and 96% recall in the state-of-the-art test suite DriodBench (for compairson, the precision and recall of FlowDroid  are 86% and 93%, respectively). The evaluation of WeChecker on real apps shows that it is efficient (average analysis time of each app: 29.985s) and fits for large-scale checking.
Keywords: Android, control flow, data flow checking, privilege escalation attack, taint analysis (ID#: 15-6882)
URL: http://doi.acm.org/10.1145/2766498.2766509

 

Daniel T. Wagner, Daniel R. Thomas, Alastair R. Beresford, Andrew Rice; “Device Analyzer: A Privacy-Aware Platform to Support Research on the Android Ecosystem,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 34. doi:10.1145/2766498.2774992
Abstract: Device Analyzer is an Android app available from the Google Play store. It is designed to collect a large range of data from the handset and, with agreement from our contributors, share it with researchers around the world. Researchers can access the data collected, and can also use the platform to support their own user studies. In this paper we provide an overview of the privacy-enhancing techniques used in Device Analzyer, including transparency, consent, purpose, access, withdrawal, and accountability. We also demonstrate the utility of our platform by assessing the security of the Android ecosystem to privilege escalation attacks and determine that 88% of Android devices are, on average, vulnerable to one or more of these type of attacks.
Keywords: (not provided) (ID#: 15-6883)
URL: http://doi.acm.org/10.1145/2766498.2774992

 

Yajin Zhou, Lei Wu, Zhi Wang, Xuxian Jiang; “Harvesting Developer Credentials in Android Apps,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 23. 
doi:10.1145/2766498.2766499
Abstract: Developers often integrate third-party services into their apps. To access a service, an app must authenticate itself to the service with a credential. However, credentials in apps are often not properly or adequately protected, and might be easily extracted by attackers. A leaked credential could pose serious privacy and security threats to both the app developer and app users.  In this paper, we propose CredMiner to systematically study the prevalence of unsafe developer credential uses in Android apps. CredMiner can programmatically identify and recover (obfuscated) developer credentials unsafely embedded in Android apps. Specifically, it leverages data flow analysis to identify the raw form of the embedded credential, and selectively executes the part of the program that builds the credential to recover it. We applied CredMiner to 36,561 apps collected from various Android markets to study the use of free email services and Amazon AWS. There were 237 and 196 apps that used these two services, respectively. CredMiner discovered that 51.5% (121/237) and 67.3% (132/196) of them were vulnerable. In total, CredMiner recovered 302 unique email login credentials and 58 unique Amazon AWS credentials, and verified that 252 and 28 of these credentials were still valid at the time of the experiments, respectively.
Keywords: Amazon AWS, CredMiner, information flow, static analysis (ID#: 15-6884)
URL: http://doi.acm.org/10.1145/2766498.2766499

 

Sadegh Farhang, Yezekael Hayel, Quanyan Zhu; “Physical Layer Location Privacy Issue in Wireless Small Cell Networks,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 32. doi:10.1145/2766498.2774990
Abstract: High data rates are essential for next-generation wireless networks to support a growing number of computing devices and networking services. Small cell base station (SCBS) (e.g., picocells, microcells, femtocells) technology is a cost-effective solution to address this issue. However, one challenging issue with the increasingly dense network is the need for a distributed and scalable access point association protocol. In addition, the reduced cell size makes it easy for an adversary to map out the geographical locations of the mobile users, and hence breaching their location privacy. To address these issues, we establish a game-theoretic framework to develop a privacy-preserving stable matching algorithm that captures the large scale and heterogeneity nature of 5G networks. We show that without the privacy-preserving mechanism, an attacker can infer the location of the users by observing wireless connections and the knowledge of physical-layer system parameters. The protocol presented in this work provides a decentralized differentially private association algorithm which guarantees privacy to a large number of users in the network. We evaluate our algorithm using case studies, and demonstrate the tradeoff between privacy and system-wide performance for different privacy requirements and a varying number of mobile users in the network. Our simulation results corroborate the result that the total number of mobile users should be lower than the overall network capacity to achieve desirable levels of privacy and QoS.
Keywords: (not provided) (ID#: 15-6885)
URL: http://doi.acm.org/10.1145/2766498.2774990

 

Dan Ping, Xin Sun, Bing Mao; “TextLogger: Inferring Longer Inputs on Touch Screen Using Motion Sensors,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 24. doi:10.1145/2766498.2766511
Abstract: Today’s smartphones are equipped with precise motion sensors like accelerometer and gyroscope, which can measure tiny motion and rotation of devices. While they make mobile applications more functional, they also bring risks of leaking users’ privacy. Researchers have found that tap locations on screen can be roughly inferred from motion data of the device. They mostly utilized this side-channel for inferring short input like PIN numbers and passwords, with repeated attempts to boost accuracy. In this work, we study further for longer input inference, such as chat record and e-mail content, anything a user ever typed on a soft keyboard. Since people increasingly rely on smartphones for daily activities, their inputs directly or indirectly expose privacy about them. Thus, it is a serious threat if their input text is leaked. To make our attack practical, we utilize the shared memory side-channel for detecting window events and tap events of a soft keyboard. The up or down state of the keyboard helps triggering our Trojan service for collecting accelerometer and gyroscope data. Machine learning algorithms are used to roughly predict the input text from the raw data and language models are used to further correct the wrong predictions. We performed experiments on two real-life scenarios, which were writing emails and posting Twitter messages, both through mobile clients. Based on the experiments, we show the feasibility of inferring long user inputs to readable sentences from motion sensor data. By applying text mining technology on the inferred text, more sensitive information about the device owners can be exposed.
Keywords: edit distance model, keystroke inference using motion sensors, language model, machine learning, shared memory side-channel, side-channel attacks, smartphone security (ID#: 15-6886)
URL: http://doi.acm.org/10.1145/2766498.2766511

 

Daibin Wang, Haixia Yao, Yingjiu Li, Hai Jin, Deqing Zou, Robert H. Deng; “CICC: A Fine-Grained, Semantic-Aware, and Transparent Approach to Preventing Permission Leaks for Android Permission Managers,” in WiSec ’15 Proceedings
of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 6. doi:10.1145/2766498.2766518
Abstract: Android’s permission system offers an all-or-nothing installation choice for users. To make it more flexible, users may choose a popular app tool, called permission manager, to selectively grant or revoke an app’s permissions at runtime. A fundamental requirement for such permission manager is that the granted or revoked permissions should be enforced faithfully. However, we discover that none of existing permission managers meet this requirement due to permission leaks. To address this problem, we propose CICC, a fine-grained, semantic-aware, and transparent approach for any permission managers to defend against the permission leaks. Compared to existing solutions, CICC is fine-grained because it detects the permission leaks using call-chain information at the component instance level, instead of at the app level or component level. The fine-grained feature enables it to generate a minimal impact on the usability of running apps. CICC is semantic-aware in a sense that it manages call-chains in the whole lifecycle of each component instance. CICC is transparent to users and app developers, and it requires minor modification to permission managers. Our evaluation shows that CICC incurs relatively low performance overhead and power consumption.
Keywords: Android, call-chain, permission leaks, permission manager (ID#: 15-6887)
URL: http://doi.acm.org/10.1145/2766498.2766518

 

David Förster, Frank Kargl, Hans Löhr; “A Framework for Evaluating Pseudonym Strategies in Vehicular Ad-Hoc Networks,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 19. doi:10.1145/2766498.2766520
Abstract: The standard approach to privacy-friendly authentication in vehicular ad-hoc networks is the use of pseudonym certificates. The level of location privacy users can enjoy under the threat of an attacker depends on the attacker’s coverage and strategy as well as on the users’ strategy for changing their pseudonym certificates.  With this paper, we propose a generic framework for evaluation and comparison of different pseudonym change strategies with respect to the privacy level they provide under the threat of a realistic, local, passive attacker. To illustrate the applicability of this framework, we propose a new tracking strategy that achieves unprecedented success in vehicle tracking and thus lowers the achievable location privacy significantly. We use this attacker as a means to evaluate different pseudonym change strategies and highlight the need for more research in this direction.
Keywords: location privacy, pseudonym systems, vehicular ad-hoc networks (ID#: 15-6888)
URL: http://doi.acm.org/10.1145/2766498.2766520

 

Daniel Steinmetzer, Matthias Schulz, Matthias Hollick; “Lockpicking Physical Layer Key Exchange: Weak Adversary Models Invite the Thief,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 1. doi:10.1145/2766498.2766514
Abstract: Physical layer security schemes for wireless communications are currently crossing the chasm from theory to practice. They promise information-theoretical security, for instance by guaranteeing the confidentiality of wireless transmissions. Examples include schemes utilizing artificial interference—that is ‘jamming for good’—to enable secure physical layer key exchange or other security mechanisms. However, only little attention has been payed to adjusting the employed adversary models during this transition from theory to practice. Typical assumptions give the adversary antenna configurations and transceiver capabilities similar to all other nodes: single antenna eavesdroppers are the norm. We argue that these assumptions are perilous and ‘invite the thief’. In this work, we evaluate the security of a representative practical physical layer security scheme, which employs artificial interference to secure physical layer key exchange. Departing from the standard single-antenna eavesdropper, we utilize a more realistic multi-antenna eavesdropper and propose a novel approach that detects artificial interferences. This facilitates a practical attack, effectively ‘lockpicking’ the key exchange by exploiting the diversity of the jammed signals. Using simulation and real-world software-defined radio (SDR) experimentation, we quantify the impact of increasingly strong adversaries. We show that our approach reduces the secrecy capacity of the scheme by up to 97% compared to single-antenna eavesdroppers. Our results demonstrate the risk unrealistic adversary models pose in current practical physical layer security schemes.
Keywords: OFDM, SDR, WARP, artificial interference, friendly jamming, key exchange, physical layer security (ID#: 15-6889)
URL: http://doi.acm.org/10.1145/2766498.2766514

 

Max Maass, Uwe Müller, Tom Schons, Daniel Wegemer, Matthias Schulz; “NFCGate: An NFC Relay Application for Android,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 27. doi:10.1145/2766498.2774984
Abstract: Near Field Communication (NFC) is a technology widely used for security-critical applications like access control or payment systems. Many of these systems rely on the security assumption that the card has to be in close proximity to communicate with the reader. We developed NFCGate, an Android application capable of relaying NFC communication between card and reader using two rooted but otherwise unmodified Android phones. This enables us to increase the distance between card and reader, eavesdrop on, and even modify the exchanged data. The application should work for any system built on top of ISO 14443-3 that is not hardened against relay attacks, and was successfully tested with a popular contactless card payment system and an electronic passport document.
Keywords: Android, near field communication, relay attack (ID#: 15-6890)
URL: http://doi.acm.org/10.1145/2766498.2774984

 

Roberto Gallo, Patricia Hongo, Ricardo Dahab, Luiz C. Navarro, Henrique Kawakami, Kaio Galvão, Glauber Junqueira, Luander Ribeiro; “Security and System Architecture: Comparison of Android Customizations,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 12. doi:10.1145/2766498.2766519
Abstract: Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.
Keywords: Android customizations, permissions, security architecture (ID#: 15-6891)
URL: http://doi.acm.org/10.1145/2766498.2766519

 

Wanqing You, Kai Qian, Minzhe Guo, Prabir Bhattacharya, Ying Qian, Lixin Tao,”A Hybrid Approach for Mobile Security Threat Analysis,” in WiSec ’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 28 doi:10.1145/2766498.2774987
Abstract: Research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. Static analysis and dynamic analysis constitute two of the most popular types of techniques for security analysis and evaluation; nevertheless, each of them has its strengths and weaknesses. To leverage the benefits of both approaches, we propose a hybrid approach that integrates the static and dynamic analysis for detecting security threats in mobile applications. The key of this approach is the unification of data states and software execution on critical test paths. The approach consists of two phases. In the first phase, a pilot static analysis is conducted to identify potential critical attack paths based on Android APIs and existing attack patterns. In the second phase, a dynamic analysis follows the identified critical paths to execute the program in a limited and focused manner. Attacks shall be detected by checking the conformance of the detected paths with existing attack patterns. The method will report the types of detected attack scenarios based on types of sensitive data that may be compromised, such as web browser cookie.
Keywords: Android application analysis, data path tracing, dynamic analysis, static analysis, symbolic execution (ID#: 15-6892)
URL: http://doi.acm.org/10.1145/2766498.2774987

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---