-
Landscape More Secure Than Portrait? Zooming Into the Directionality of Digital Images With Security Implications
Authors:
Benedikt Lorch,
Rainer Böhme
Abstract:
The orientation in which a source image is captured can affect the resulting security in downstream applications. One reason for this is that many state-of-the-art methods in media security assume that image statistics are similar in the horizontal and vertical directions, allowing them to reduce the number of features (or trainable weights) by merging coefficients. We show that this artificial sy…
▽ More
The orientation in which a source image is captured can affect the resulting security in downstream applications. One reason for this is that many state-of-the-art methods in media security assume that image statistics are similar in the horizontal and vertical directions, allowing them to reduce the number of features (or trainable weights) by merging coefficients. We show that this artificial symmetrization tends to suppress important properties of natural images and common processing operations, causing a loss of performance. We also observe the opposite problem, where unaddressed directionality causes learning-based methods to overfit to a single orientation. These are vulnerable to manipulation if an adversary chooses inputs with the less common orientation. This paper takes a comprehensive approach, identifies and systematizes causes of directionality at several stages of a typical acquisition pipeline, measures their effect, and demonstrates for three selected security applications (steganalysis, forensic source identification, and the detection of synthetic images) how the performance of state-of-the-art methods can be improved by properly accounting for directionality.
△ Less
Submitted 21 June, 2024;
originally announced June 2024.
-
Strategic Vote Timing in Online Elections With Public Tallies
Authors:
Aviv Yaish,
Svetlana Abramova,
Rainer Böhme
Abstract:
We study the effect of public tallies on online elections, in a setting where voting is costly and voters are allowed to strategically time their votes. The strategic importance of choosing \emph{when} to vote arises when votes are public, such as in online event scheduling polls (e.g., Doodle), or in blockchain governance mechanisms. In particular, there is a tension between voting early to influ…
▽ More
We study the effect of public tallies on online elections, in a setting where voting is costly and voters are allowed to strategically time their votes. The strategic importance of choosing \emph{when} to vote arises when votes are public, such as in online event scheduling polls (e.g., Doodle), or in blockchain governance mechanisms. In particular, there is a tension between voting early to influence future votes and waiting to observe interim results and avoid voting costs if the outcome has already been decided.
Our study draws on empirical findings showing that "temporal" bandwagon effects occur when interim results are revealed to the electorate: late voters are more likely to vote for leading candidates. To capture this phenomenon, we analyze a novel model where the electorate consists of informed voters who have a preferred candidate, and uninformed swing voters who can be swayed according to the interim outcome at the time of voting. In our main results, we prove the existence of equilibria where both early and late voting occur with a positive probability, and we characterize conditions that lead to the appearance of "last minute" voting behavior, where all informed voters vote late.
△ Less
Submitted 18 February, 2024; v1 submitted 15 February, 2024;
originally announced February 2024.
-
Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet Case
Authors:
Svetlana Abramova,
Rainer Böhme
Abstract:
Media reports show an alarming increase of data breaches at providers of cybersecurity products and services. Since the exposed records may reveal security-relevant data, such incidents cause undue burden and create the risk of re-victimization to individuals whose personal data gets exposed. In pursuit of examining a broad spectrum of the downstream effects on victims, we surveyed 104 persons who…
▽ More
Media reports show an alarming increase of data breaches at providers of cybersecurity products and services. Since the exposed records may reveal security-relevant data, such incidents cause undue burden and create the risk of re-victimization to individuals whose personal data gets exposed. In pursuit of examining a broad spectrum of the downstream effects on victims, we surveyed 104 persons who purchased specialized devices for the secure storage of crypto-assets and later fell victim to a breach of customer data. Our case study reveals common nuisances (i.e., spam, scams, phishing e-mails) as well as previously unseen attack vectors (e.g., involving tampered devices), which are possibly tied to the breach. A few victims report losses of digital assets as a form of the harm. We find that our participants exhibit heightened safety concerns, appear skeptical about litigation efforts, and demonstrate the ability to differentiate between the quality of the security product and the circumstances of the breach. We derive implications for the cybersecurity industry at large, and point out methodological challenges in data breach research.
△ Less
Submitted 1 August, 2023;
originally announced August 2023.
-
Parallel Proof-of-Work with Concrete Bounds
Authors:
Patrik Keller,
Rainer Böhme
Abstract:
Authorization is challenging in distributed systems that cannot rely on the identification of nodes. Proof-of-work offers an alternative gate-kee** mechanism, but its probabilistic nature is incompatible with conventional security definitions. Recent related work establishes concrete bounds for the failure probability of Bitcoin's sequential proof-of-work mechanism. We propose a family of state…
▽ More
Authorization is challenging in distributed systems that cannot rely on the identification of nodes. Proof-of-work offers an alternative gate-kee** mechanism, but its probabilistic nature is incompatible with conventional security definitions. Recent related work establishes concrete bounds for the failure probability of Bitcoin's sequential proof-of-work mechanism. We propose a family of state replication protocols using parallel proof-of-work. Our bottom-up design from an agreement sub-protocol allows us to give concrete bounds for the failure probability in adversarial synchronous networks. After the typical interval of 10 minutes, parallel proof-of-work offers two orders of magnitude more security than sequential proof-of-work. This means that state updates can be sufficiently secure to support commits after one block (i.e., after 10 minutes), removing the risk of double-spending in many applications. We offer guidance on the optimal choice of parameters for a wide range of network and attacker assumptions. Simulations show that the proposed construction is robust against violations of design assumptions.
△ Less
Submitted 19 September, 2022; v1 submitted 31 March, 2022;
originally announced April 2022.
-
Conflicting Privacy Preference Signals in the Wild
Authors:
Maximilian Hils,
Daniel W. Woods,
Rainer Böhme
Abstract:
Privacy preference signals allow users to express preferences over how their personal data is processed. These signals become important in determining privacy outcomes when they reference an enforceable legal basis, as is the case with recent signals such as the Global Privacy Control and the Transparency & Consent Framework. However, the coexistence of multiple privacy preference signals creates…
▽ More
Privacy preference signals allow users to express preferences over how their personal data is processed. These signals become important in determining privacy outcomes when they reference an enforceable legal basis, as is the case with recent signals such as the Global Privacy Control and the Transparency & Consent Framework. However, the coexistence of multiple privacy preference signals creates ambiguity as users may transmit more than one signal. This paper collects evidence about ambiguity flowing from the aforementioned two signals and the historic Do Not Track signal. We provide the first empirical evidence that ambiguous signals are sent by web users in the wild. We also show that preferences stored in the browser are reliable predictors of privacy preferences expressed in web dialogs. Finally, we provide the first evidence that popular cookie dialogs are blocked by the majority of users who adopted the Do Not Track and Global Privacy Control standards. These empirical results inform forthcoming legal debates about how to interpret privacy preference signals.
△ Less
Submitted 29 September, 2021;
originally announced September 2021.
-
Who are the arbitrageurs? Empirical evidence from Bitcoin traders in the Mt. Gox exchange platform
Authors:
Pietro Saggese,
Alessandro Belmonte,
Nicola Dimitri,
Angelo Facchini,
Rainer Böhme
Abstract:
We mine the leaked history of trades on Mt. Gox, the dominant Bitcoin exchange from 2011 to early 2014, to detect the triangular arbitrage activity conducted within the platform. The availability of user identifiers per trade allows us to focus on the historical record of 440 investors, detected as arbitrageurs, and consequently to describe their trading behavior. We begin by showing that a consid…
▽ More
We mine the leaked history of trades on Mt. Gox, the dominant Bitcoin exchange from 2011 to early 2014, to detect the triangular arbitrage activity conducted within the platform. The availability of user identifiers per trade allows us to focus on the historical record of 440 investors, detected as arbitrageurs, and consequently to describe their trading behavior. We begin by showing that a considerable difference appears between arbitrageurs when indicators of their expertise are taken into account. In particular, we distinguish between those who conducted arbitrage in a single or in multiple markets: using this element as a proxy for trade ability, we find that arbitrage actions performed by expert users are on average non-profitable when transaction costs are accounted for, while skilled investors conduct arbitrage at a positive and statistically significant premium. Next, we show that specific trading strategies, such as splitting orders or conducting arbitrage non aggressively, are further indicators of expertise that increase the profitability of arbitrage. Most importantly, we exploit within-user (across hours and markets) variation and document that expert users make profits on arbitrage by reacting quickly to plausible exogenous variations on the official exchange rates. We present further evidence that such differences are chiefly due to a better ability of the latter in incorporating information, both on the transactions costs and on the exchange rates volatility, eventually resulting in a better timing choice at small time scale intervals. Our results support the hypothesis that arbitrageurs are few and sophisticated users.
△ Less
Submitted 22 September, 2021;
originally announced September 2021.
-
iNNformant: Boundary Samples as Telltale Watermarks
Authors:
Alexander Schlögl,
Tobias Kupek,
Rainer Böhme
Abstract:
Boundary samples are special inputs to artificial neural networks crafted to identify the execution environment used for inference by the resulting output label. The paper presents and evaluates algorithms to generate transparent boundary samples. Transparency refers to a small perceptual distortion of the host signal (i.e., a natural input sample). For two established image classifiers, ResNet on…
▽ More
Boundary samples are special inputs to artificial neural networks crafted to identify the execution environment used for inference by the resulting output label. The paper presents and evaluates algorithms to generate transparent boundary samples. Transparency refers to a small perceptual distortion of the host signal (i.e., a natural input sample). For two established image classifiers, ResNet on FMNIST and CIFAR10, we show that it is possible to generate sets of boundary samples which can identify any of four tested microarchitectures. These sets can be built to not contain any sample with a worse peak signal-to-noise ratio than 70dB. We analyze the relationship between search complexity and resulting transparency.
△ Less
Submitted 14 June, 2021;
originally announced June 2021.
-
More Real than Real: A Study on Human Visual Perception of Synthetic Faces
Authors:
Federica Lago,
Cecilia Pasquini,
Rainer Böhme,
Hélène Dumont,
Valérie Goffaux,
Giulia Boato
Abstract:
Deep fakes became extremely popular in the last years, also thanks to their increasing realism. Therefore, there is the need to measures human's ability to distinguish between real and synthetic face images when confronted with cutting-edge creation technologies. We describe the design and results of a perceptual experiment we have conducted, where a wide and diverse group of volunteers has been e…
▽ More
Deep fakes became extremely popular in the last years, also thanks to their increasing realism. Therefore, there is the need to measures human's ability to distinguish between real and synthetic face images when confronted with cutting-edge creation technologies. We describe the design and results of a perceptual experiment we have conducted, where a wide and diverse group of volunteers has been exposed to synthetic face images produced by state-of-the-art Generative Adversarial Networks (namely, PG-GAN, StyleGAN, StyleGAN2). The experiment outcomes reveal how strongly we should call into question our human ability to discriminate real faces from synthetic ones generated through modern AI.
△ Less
Submitted 20 October, 2021; v1 submitted 14 June, 2021;
originally announced June 2021.
-
Privacy Preference Signals: Past, Present and Future
Authors:
Maximilian Hils,
Daniel W. Woods,
Rainer Böhme
Abstract:
Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and D…
▽ More
Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and Do Not Track (DNT), but vendors profiting from personal data faced few incentives to receive and respect the expressed wishes of data subjects. In the wake of recent privacy laws, a coalition of AdTech firms published the Transparency and Consent Framework (TCF), which defines an opt-in consent signal. This paper integrates post-GDPR developments into the wider history of privacy preference signals. Our main contribution is a high-frequency longitudinal study describing how TCF signal gained dominance as of February 2021. We explore which factors correlate with adoption at the website level. Both the number of third parties on a website and the presence of Google Ads are associated with higher adoption of TCF. Further, we show that vendors acted as early adopters of TCF 2.0 and provide two case-studies describing how Consent Management Providers shifted existing customers to TCF 2.0. We sketch ways forward for a pro-privacy signal.
△ Less
Submitted 14 July, 2021; v1 submitted 4 June, 2021;
originally announced June 2021.
-
Forensicability of Deep Neural Network Inference Pipelines
Authors:
Alexander Schlögl,
Tobias Kupek,
Rainer Böhme
Abstract:
We propose methods to infer properties of the execution environment of machine learning pipelines by tracing characteristic numerical deviations in observable outputs. Results from a series of proof-of-concept experiments obtained on local and cloud-hosted machines give rise to possible forensic applications, such as the identification of the hardware platform used to produce deep neural network p…
▽ More
We propose methods to infer properties of the execution environment of machine learning pipelines by tracing characteristic numerical deviations in observable outputs. Results from a series of proof-of-concept experiments obtained on local and cloud-hosted machines give rise to possible forensic applications, such as the identification of the hardware platform used to produce deep neural network predictions. Finally, we introduce boundary samples that amplify the numerical deviations in order to distinguish machines by their predicted label only.
△ Less
Submitted 18 February, 2021; v1 submitted 1 February, 2021;
originally announced February 2021.
-
Pricing Security in Proof-of-Work Systems
Authors:
George Bissias,
Rainer Böhme,
David Thibodeau,
Brian N. Levine
Abstract:
A key component of security in decentralized blockchains is proof of opportunity cost among block producers. In the case of proof-of-work (PoW), currently used by the most prominent systems, the cost is due to spent computation. In this paper, we characterize the security investment of miners in terms of its cost in fiat money. This enables comparison of security allocations across PoW blockchains…
▽ More
A key component of security in decentralized blockchains is proof of opportunity cost among block producers. In the case of proof-of-work (PoW), currently used by the most prominent systems, the cost is due to spent computation. In this paper, we characterize the security investment of miners in terms of its cost in fiat money. This enables comparison of security allocations across PoW blockchains that generally use different PoW algorithms and reward miners in different cryptocurrency units. We prove that there exists a unique allocation equilibrium, depending on market prices only, that is achieved by both strategic miners (who contemplate the actions of others) and by miners seeking only short-term profit. In fact, the latter will unknowingly compensate for any attempt to deliberately shift security allocation away from equilibrium.
Our conclusions are supported analytically through the development of a Markov decision process, game theoretical analysis, and derivation of no arbitrage conditions. We corroborate those results with empirical evidence from more than two years of blockchain and price data. Overall agreement is strong. We show that between January 1, 2018 and August 1, 2020, market prices predicted security allocation between Bitcoin and Bitcoin Cash with error less than 0.6%. And from the beginning of October 2019, until August 1, 2020, market prices predicted security allocation between Bitcoin and Litecoin with error of 0.45%. These results are further corroborated by our establishment of Granger-causality between change in market prices and change in security allocation.
To demonstrate the practicality of our results, we describe a trustless oracle that leverages the equilibrium to estimate the price ratios of PoW cryptocurrencies from on-chain information only.
△ Less
Submitted 7 December, 2020;
originally announced December 2020.
-
Collaborative Deanonymization
Authors:
Patrik Keller,
Martin Florian,
Rainer Böhme
Abstract:
Privacy-seeking cryptocurrency users rely on anonymization techniques like CoinJoin and ring transactions. By using such technologies benign users potentially provide anonymity to bad actors. We propose overlay protocols to resolve the tension between anonymity and accountability in a peer-to-peer manner. Cryptocurrencies can adopt this approach to enable prosecution of publicly recognized crimes.…
▽ More
Privacy-seeking cryptocurrency users rely on anonymization techniques like CoinJoin and ring transactions. By using such technologies benign users potentially provide anonymity to bad actors. We propose overlay protocols to resolve the tension between anonymity and accountability in a peer-to-peer manner. Cryptocurrencies can adopt this approach to enable prosecution of publicly recognized crimes. We illustrate how the protocols could apply to Monero rings and CoinJoin transactions in Bitcoin.
△ Less
Submitted 26 February, 2021; v1 submitted 7 May, 2020;
originally announced May 2020.
-
Watching the Weak Link into Your Home: An Inspection and Monitoring Toolkit for TR-069
Authors:
Maximilian Hils,
Rainer Böhme
Abstract:
TR-069 is a standard for the remote management of end-user devices by service providers. Despite being implemented in nearly a billion devices, almost no research has been published on the security and privacy aspects of TR-069. The first contribution of this paper is a study of the TR-069 ecosystem and techniques to inspect TR-069 communication. We find that the majority of analyzed providers do…
▽ More
TR-069 is a standard for the remote management of end-user devices by service providers. Despite being implemented in nearly a billion devices, almost no research has been published on the security and privacy aspects of TR-069. The first contribution of this paper is a study of the TR-069 ecosystem and techniques to inspect TR-069 communication. We find that the majority of analyzed providers do not use recommended security measures, such as TLS. Second, we present a TR-069 honeyclient to both analyze TR-069 behavior of providers and test configuration servers for security vulnerabilities. We find that popular open-source configuration servers use insecure methods to authenticate clients. TR-069 implementations based on these servers expose, for instance, their users' internet telephony credentials. Third, we develop components for a distributed system to continuously monitor activities in providers' TR-069 deployments. Our setup consists of inexpensive hardware sensors deployed on customer premises and centralized log collectors. We perform real-world measurements and find that the purported security benefits of TR-069 are not realized as providers' firmware update processes are lacking.
△ Less
Submitted 8 January, 2020;
originally announced January 2020.
-
Rationality is Self-Defeating in Permissionless Systems
Authors:
Bryan Ford,
Rainer Böhme
Abstract:
We outline a metacircular argument explaining why it is rational to be irrational when attacking open-world decentralized systems, and why systems whose security depend on rationality assumptions are insecure.
We outline a metacircular argument explaining why it is rational to be irrational when attacking open-world decentralized systems, and why systems whose security depend on rationality assumptions are insecure.
△ Less
Submitted 19 October, 2019;
originally announced October 2019.
-
Multiple Purposes, Multiple Problems: A User Study of Consent Dialogs after GDPR
Authors:
Dominique Machuletz,
Rainer Böhme
Abstract:
The European Union's General Data Protection Regulation (GDPR) requires websites to ask for consent to the use of cookies for \emph{specific purposes}. This enlarges the relevant design space for consent dialogs. Websites could try to maximize click-through rates and positive consent decision, even at the risk of users agreeing to more purposes than intended. We evaluate a practice observed on pop…
▽ More
The European Union's General Data Protection Regulation (GDPR) requires websites to ask for consent to the use of cookies for \emph{specific purposes}. This enlarges the relevant design space for consent dialogs. Websites could try to maximize click-through rates and positive consent decision, even at the risk of users agreeing to more purposes than intended. We evaluate a practice observed on popular websites by conducting an experiment with one control and two treatment groups ($N=150$ university students in two countries). We hypothesize that users' consent decision is influenced by (1) the number of options, connecting to the theory of choice proliferation, and (2) the presence of a highlighted default button (``select all''), connecting to theories of social norms and deception in consumer research. The results show that participants who see a default button accept cookies for more purposes than the control group, while being less able to correctly recall their choice. After being reminded of their choice, they regret it more often and perceive the consent dialog as more deceptive than the control group. Whether users are presented one or three purposes has no significant effect on their decisions and perceptions. We discuss the results and outline policy implications.
△ Less
Submitted 2 March, 2020; v1 submitted 27 August, 2019;
originally announced August 2019.
-
HotPoW: Finality from Proof-of-Work Quorums
Authors:
Patrik Keller,
Rainer Böhme
Abstract:
A fundamental conflict of many proof-of-work systems is that they want to achieve inclusiveness and security at the same time. We analyze and resolve this conflict with a theory of proof-of-work quorums, which enables a new bridge between Byzantine and Nakamoto consensus. The theory yields stochastic uniqueness of quorums as a function of a security parameter. We employ the theory in HotPoW, a sca…
▽ More
A fundamental conflict of many proof-of-work systems is that they want to achieve inclusiveness and security at the same time. We analyze and resolve this conflict with a theory of proof-of-work quorums, which enables a new bridge between Byzantine and Nakamoto consensus. The theory yields stochastic uniqueness of quorums as a function of a security parameter. We employ the theory in HotPoW, a scalable permissionless distributed log protocol that supports finality based on the pipelined three-phase commit previously presented for HotStuff. We evaluate HotPoW and variants with adversarial modifications by simulation. Results show that the protocol can tolerate network latency, churn, and targeted attacks on consistency and liveness with a small storage overhead compared to plain Nakamoto consensus and less complexity than protocols that rely on sidechains for finality.
△ Less
Submitted 21 February, 2020; v1 submitted 31 July, 2019;
originally announced July 2019.
-
The Operational Cost of Ethereum Airdrops
Authors:
Michael Fröwis,
Rainer Böhme
Abstract:
Efficient transfers to many recipients present a host of issues on Ethereum. First, accounts are identified by long and incompressible constants. Second, these constants have to be stored and communicated for each payment. Third, the standard interface for token transfers does not support lists of recipients, adding repeated communication to the overhead. Since Ethereum charges resource usage, eve…
▽ More
Efficient transfers to many recipients present a host of issues on Ethereum. First, accounts are identified by long and incompressible constants. Second, these constants have to be stored and communicated for each payment. Third, the standard interface for token transfers does not support lists of recipients, adding repeated communication to the overhead. Since Ethereum charges resource usage, even small optimizations translate to cost savings. Airdrops, a popular marketing tool used to boost coin uptake, present a relevant example for the value of optimizing bulk transfers. Therefore, we review technical solutions for airdrops of Ethereum-based tokens, discuss features and prerequisites, and compare the operational costs by simulating 35 scenarios. We find that cost savings of factor two are possible, but require specific provisions in the smart contract implementing the token system. Pull-based approaches, which use on-chain interaction with the recipients, promise moderate savings for the distributor while imposing a disproportional cost on each recipient. Total costs are broadly linear in the number of recipients independent of the technical approach. We publish the code of the simulation framework for reproducibility, to support future airdrop decisions, and to benchmark innovative bulk payment solutions.
△ Less
Submitted 29 July, 2019;
originally announced July 2019.
-
Affective touch communication in close adult relationships
Authors:
Sarah McIntyre,
Athanasia Moungou,
Rebecca Boehme,
Peder M. Isager,
Frances Lau,
Ali Israr,
Ellen A. Lumpkin,
Freddy Abnousi,
Håkan Olausson
Abstract:
Inter-personal touch is a powerful aspect of social interaction that we expect to be particularly important for emotional communication. We studied the capacity of closely acquainted humans to signal the meaning of several word cues (e.g. gratitude, sadness) using touch sensation alone. Participants communicated all cues with above chance performance. We show that emotionally close people can accu…
▽ More
Inter-personal touch is a powerful aspect of social interaction that we expect to be particularly important for emotional communication. We studied the capacity of closely acquainted humans to signal the meaning of several word cues (e.g. gratitude, sadness) using touch sensation alone. Participants communicated all cues with above chance performance. We show that emotionally close people can accurately signal the meaning of different words through touch, and that performance is affected by the amount of contextual information available. Even with minimal context and feedback, both attention-getting and love were communicated surprisingly well. Neither the type of close relationship, nor self-reported comfort with touch significantly affected performance.
△ Less
Submitted 7 May, 2019;
originally announced May 2019.
-
Detecting Token Systems on Ethereum
Authors:
Michael Fröwis,
Andreas Fuchs,
Rainer Böhme
Abstract:
We propose and compare two approaches to identify smart contracts as token systems by analyzing their public bytecode. The first approach symbolically executes the code in order to detect token systems by their characteristic behavior of updating internal accounts. The second approach serves as a comparison base and exploits the common interface of ERC-20, the most popular token standard. We prese…
▽ More
We propose and compare two approaches to identify smart contracts as token systems by analyzing their public bytecode. The first approach symbolically executes the code in order to detect token systems by their characteristic behavior of updating internal accounts. The second approach serves as a comparison base and exploits the common interface of ERC-20, the most popular token standard. We present quantitative results for the Ethereum blockchain, and validate the effectiveness of both approaches using a set of curated token systems as ground truth. We observe 100% recall for the second approach. Recall rates of 89% (with well explainable missed detections) indicate that the first approach may also be able to identify "hidden" or undocumented token systems that intentionally do not implement the standard. One possible application of the proposed methods is to facilitate regulator' tasks of monitoring and policing the use of token systems and their underlying platforms.
△ Less
Submitted 28 November, 2018;
originally announced November 2018.
-
Detecting Adversarial Examples - A Lesson from Multimedia Forensics
Authors:
Pascal Schöttle,
Alexander Schlögl,
Cecilia Pasquini,
Rainer Böhme
Abstract:
Adversarial classification is the task of performing robust classification in the presence of a strategic attacker. Originating from information hiding and multimedia forensics, adversarial classification recently received a lot of attention in a broader security context. In the domain of machine learning-based image classification, adversarial classification can be interpreted as detecting so-cal…
▽ More
Adversarial classification is the task of performing robust classification in the presence of a strategic attacker. Originating from information hiding and multimedia forensics, adversarial classification recently received a lot of attention in a broader security context. In the domain of machine learning-based image classification, adversarial classification can be interpreted as detecting so-called adversarial examples, which are slightly altered versions of benign images. They are specifically crafted to be misclassified with a very high probability by the classifier under attack. Neural networks, which dominate among modern image classifiers, have been shown to be especially vulnerable to these adversarial examples.
However, detecting subtle changes in digital images has always been the goal of multimedia forensics and steganalysis. In this paper, we highlight the parallels between these two fields and secure machine learning.
Furthermore, we adapt a linear filter, similar to early steganalysis methods, to detect adversarial examples that are generated with the projected gradient descent (PGD) method, the state-of-the-art algorithm for this task. We test our method on the MNIST database and show for several parameter combinations of PGD that our method can reliably detect adversarial examples.
Additionally, the combination of adversarial re-training and our detection method effectively reduces the attack surface of attacks against neural networks. Thus, we conclude that adversarial examples for image classification possibly do not withstand detection methods from steganalysis, and future work should explore the effectiveness of known techniques from multimedia forensics in other adversarial settings.
△ Less
Submitted 9 March, 2018;
originally announced March 2018.
-
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting
Authors:
Samaneh Tajalizadehkhoob,
Tom van Goethem,
Maciej Korczyński,
Arman Noroozian,
Rainer Böhme,
Tyler Moore,
Wouter Joosen,
Michel van Eeten
Abstract:
Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security featu…
▽ More
Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting -- containing 1,259 providers -- by gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10\% and 19\% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels--even higher in the stack, where CMSes can run as client-side software--and that this influence is tied to a substantial reduction in abuse levels.
△ Less
Submitted 22 August, 2017;
originally announced August 2017.
-
Rotten Apples or Bad Harvest? What We Are Measuring When We Are Measuring Abuse
Authors:
Samaneh Tajalizadehkhoob,
Rainer Böhme,
Carlos Gañán,
Maciej Korczyński,
Michel Van Eeten
Abstract:
Internet security and technology policy research regularly uses technical indicators of abuse in order to identify culprits and to tailor mitigation strategies. As a major obstacle, readily available data are often misaligned with actual information needs. They are subject to measurement errors relating to observation, aggregation, attribution, and various sources of heterogeneity. More precise in…
▽ More
Internet security and technology policy research regularly uses technical indicators of abuse in order to identify culprits and to tailor mitigation strategies. As a major obstacle, readily available data are often misaligned with actual information needs. They are subject to measurement errors relating to observation, aggregation, attribution, and various sources of heterogeneity. More precise indicators such as size estimates are costly to measure at Internet scale. We address these issues for the case of hosting providers with a statistical model of the abuse data generation process, using phishing sites in hosting networks as a case study. We decompose error sources and then estimate key parameters of the model, controlling for heterogeneity in size and business model. We find that 84\,\% of the variation in abuse counts across 45,358 hosting providers can be explained with structural factors alone. Informed by the fitted model, we systematically select and enrich a subset of 105 homogeneous "statistical twins" with additional explanatory variables, unreasonable to collect for \emph{all} hosting providers. We find that abuse is positively associated with the popularity of websites hosted and with the prevalence of popular content management systems. Moreover, hosting providers who charge higher prices (after controlling for level differences between countries) witness less abuse. These factors together explain a further 77\,\% of the remaining variation, calling into question premature inferences from raw abuse indicators on security efforts of actors, and suggesting the adoption of similar analysis frameworks in all domains where network measurement aims at informing technology policy.
△ Less
Submitted 6 February, 2017;
originally announced February 2017.
-
$T_1$- and $T_2$-spin relaxation time limitations of phosphorous donor electrons near crystalline silicon to silicon dioxide interface defects
Authors:
S. -Y. Paik,
S. -Y. Lee,
W. J. Baker,
D. R. McCamey. C. Boehme
Abstract:
A study of donor electron spins and spin--dependent electronic transitions involving phosphorous ($^{31}$P) atoms in proximity of the (111) oriented crystalline silicon (c-Si) to silicon dioxide (SiO$_{2}$) interface is presented for [$^{31}$P] = 10$^{15}$ $\mathrm{cm}^{-3}$ and [$^{31}$P] = 10$^{16}$ $\mathrm{cm}^{-3}$ at about liquid $^4$He temperatures ($T = 5$ $\mathrm{K} - 15$ $\mathrm{K}$)…
▽ More
A study of donor electron spins and spin--dependent electronic transitions involving phosphorous ($^{31}$P) atoms in proximity of the (111) oriented crystalline silicon (c-Si) to silicon dioxide (SiO$_{2}$) interface is presented for [$^{31}$P] = 10$^{15}$ $\mathrm{cm}^{-3}$ and [$^{31}$P] = 10$^{16}$ $\mathrm{cm}^{-3}$ at about liquid $^4$He temperatures ($T = 5$ $\mathrm{K} - 15$ $\mathrm{K}$). Using pulsed electrically detected magnetic resonance (pEDMR), spin--dependent transitions between the \Phos donor state and two distinguishable interface states are observed, namely (i) \Pb centers which can be identified by their characteristic anisotropy and (ii) a more isotropic center which is attributed to E$^\prime$ defects of the \sio bulk close to the interface. Correlation measurements of the dynamics of spin--dependent recombination confirm that previously proposed transitions between \Phos and the interface defects take place. The influence of these electronic near--interface transitions on the \Phos donor spin coherence time $T_2$ as well as the donor spin--lattice relaxation time $T_1$ is then investigated by comparison of spin Hahn--echo decay measurements obtained from conventional bulk sensitive pulsed electron paramagnetic resonance and surface sensitive pEDMR, as well as surface sensitive electrically detected inversion recovery experiments. The measurements reveal that both $T_2$ and $T_1$ of \Phos donor electrons spins in proximity of energetically lower interface states at $T\leq 13$ K are reduced by several orders of magnitude.
△ Less
Submitted 4 May, 2009;
originally announced May 2009.