-
Towards Secure and Decentralized Sharing of IoT Data
Authors:
Hien Thi Thu Truong,
Miguel Almeida,
Ghassan Karame,
Claudio Soriente
Abstract:
The Internet of Things (IoT) bears unprecedented security and scalability challenges due to the magnitude of data produced and exchanged by IoT devices and platforms. Some of those challenges are currently being addressed by coupling IoT applications with blockchains. However, current blockchain-backed IoT systems simply use the blockchain to store access control policies, thereby underutilizing t…
▽ More
The Internet of Things (IoT) bears unprecedented security and scalability challenges due to the magnitude of data produced and exchanged by IoT devices and platforms. Some of those challenges are currently being addressed by coupling IoT applications with blockchains. However, current blockchain-backed IoT systems simply use the blockchain to store access control policies, thereby underutilizing the power of blockchain technology. In this paper, we propose a new framework named Sash that couples IoT platforms with blockchain that provides a number of advantages compared to state of the art. In Sash, the blockchain is used to store access control policies and take access control decisions. Therefore, both changes to policies and access requests are correctly enforced and publicly auditable. Further, we devise a ``data marketplace'' by leveraging the ability of blockchains to handle financial transaction and providing ``by design'' remuneration to data producers. Finally, we exploit a special flavor of identity-based encryption to cater for cryptography-enforced access control while minimizing the overhead to distribute decryption keys. We prototype Sash by using the FIWARE open source IoT platform and the Hyperledger Fabric framework as the blockchain back-end. We also evaluate the performance of our prototype and show that it incurs tolerable overhead in realistic deployment settings.
△ Less
Submitted 23 August, 2019;
originally announced August 2019.
-
On the Security of Randomized Defenses Against Adversarial Samples
Authors:
Kumar Sharad,
Giorgia Azzurra Marson,
Hien Thi Thu Truong,
Ghassan Karame
Abstract:
Deep Learning has been shown to be particularly vulnerable to adversarial samples. To combat adversarial strategies, numerous defensive techniques have been proposed. Among these, a promising approach is to use randomness in order to make the classification process unpredictable and presumably harder for the adversary to control. In this paper, we study the effectiveness of randomized defenses aga…
▽ More
Deep Learning has been shown to be particularly vulnerable to adversarial samples. To combat adversarial strategies, numerous defensive techniques have been proposed. Among these, a promising approach is to use randomness in order to make the classification process unpredictable and presumably harder for the adversary to control. In this paper, we study the effectiveness of randomized defenses against adversarial samples. To this end, we categorize existing state-of-the-art adversarial strategies into three attacker models of increasing strength, namely blackbox, graybox, and whitebox (a.k.a.~adaptive) attackers. We also devise a lightweight randomization strategy for image classification based on feature squeezing, that consists of pre-processing the classifier input by embedding randomness within each feature, before applying feature squeezing. We evaluate the proposed defense and compare it to other randomized techniques in the literature via thorough experiments. Our results indeed show that careful integration of randomness can be effective against both graybox and blackbox attacks without significantly degrading the accuracy of the underlying classifier. However, our experimental results offer strong evidence that in the present form such randomization techniques cannot deter a whitebox adversary that has access to all classifier parameters and has full knowledge of the defense. Our work thoroughly and empirically analyzes the impact of randomization techniques against all classes of adversarial strategies.
△ Less
Submitted 16 March, 2020; v1 submitted 11 December, 2018;
originally announced December 2018.
-
DoubleEcho: Mitigating Context-Manipulation Attacks in Copresence Verification
Authors:
Hien Thi Thu Truong,
Juhani Toivonen,
Thien Duc Nguyen,
Claudio Soriente,
Sasu Tarkoma,
N. Asokan
Abstract:
Copresence verification based on context can improve usability and strengthen security of many authentication and access control systems. By sensing and comparing their surroundings, two or more devices can tell whether they are copresent and use this information to make access control decisions. To the best of our knowledge, all context-based copresence verification mechanisms to date are suscept…
▽ More
Copresence verification based on context can improve usability and strengthen security of many authentication and access control systems. By sensing and comparing their surroundings, two or more devices can tell whether they are copresent and use this information to make access control decisions. To the best of our knowledge, all context-based copresence verification mechanisms to date are susceptible to context-manipulation attacks. In such attacks, a distributed adversary replicates the same context at the (different) locations of the victim devices, and induces them to believe that they are copresent. In this paper we propose DoubleEcho, a context-based copresence verification technique that leverages acoustic Room Impulse Response (RIR) to mitigate context-manipulation attacks. In DoubleEcho, one device emits a wide-band audible chirp and all participating devices record reflections of the chirp from the surrounding environment. Since RIR is, by its very nature, dependent on the physical surroundings, it constitutes a unique location signature that is hard for an adversary to replicate. We evaluate DoubleEcho by collecting RIR data with various mobile devices and in a range of different locations. We show that DoubleEcho mitigates context-manipulation attacks whereas all other approaches to date are entirely vulnerable to such attacks. DoubleEcho detects copresence (or lack thereof) in roughly 2 seconds and works on commodity devices.
△ Less
Submitted 18 February, 2019; v1 submitted 19 March, 2018;
originally announced March 2018.
-
Sensor-based Proximity Detection in the Face of Active Adversaries
Authors:
Babins Shrestha,
Nitesh Saxena,
Hien Thi Thu Truong,
N. Asokan
Abstract:
Contextual proximity detection (or, co-presence detection) is a promising approach to defend against relay attacks in many mobile authentication systems. We present a systematic assessment of co-presence detection in the presence of a context-manipulating attacker. First, we show that it is feasible to manipulate, consistently control and stabilize the readings of different acoustic and physical e…
▽ More
Contextual proximity detection (or, co-presence detection) is a promising approach to defend against relay attacks in many mobile authentication systems. We present a systematic assessment of co-presence detection in the presence of a context-manipulating attacker. First, we show that it is feasible to manipulate, consistently control and stabilize the readings of different acoustic and physical environment sensors (and even multiple sensors simultaneously) using low-cost, off-the-shelf equipment. Second, based on these capabilities, we show that an attacker who can manipulate the context gains a significant advantage in defeating context-based co-presence detection. For systems that use multiple sensors, we investigate two sensor fusion approaches based on machine learning techniques: features-fusion and decisions-fusion, and show that both are vulnerable to contextual attacks but the latter approach can be more resistant in some cases.
△ Less
Submitted 4 April, 2021; v1 submitted 3 November, 2015;
originally announced November 2015.
-
The Company You Keep: Mobile Malware Infection Rates and Inexpensive Risk Indicators
Authors:
Hien Thi Thu Truong,
Eemil Lagerspetz,
Petteri Nurmi,
Adam J. Oliner,
Sasu Tarkoma,
N. Asokan,
Sourav Bhattacharya
Abstract:
There is little information from independent sources in the public domain about mobile malware infection rates. The only previous independent estimate (0.0009%) [12], was based on indirect measurements obtained from domain name resolution traces. In this paper, we present the first independent study of malware infection rates and associated risk factors using data collected directly from over 55,0…
▽ More
There is little information from independent sources in the public domain about mobile malware infection rates. The only previous independent estimate (0.0009%) [12], was based on indirect measurements obtained from domain name resolution traces. In this paper, we present the first independent study of malware infection rates and associated risk factors using data collected directly from over 55,000 Android devices. We find that the malware infection rates in Android devices estimated using two malware datasets (0.28% and 0.26%), though small, are significantly higher than the previous independent estimate. Using our datasets, we investigate how indicators extracted inexpensively from the devices correlate with malware infection. Based on the hypothesis that some application stores have a greater density of malicious applications and that advertising within applications and cross-promotional deals may act as infection vectors, we investigate whether the set of applications used on a device can serve as an indicator for infection of that device. Our analysis indicates that this alone is not an accurate indicator for pinpointing infection. However, it is a very inexpensive but surprisingly useful way for significantly narrowing down the pool of devices on which expensive monitoring and analysis mechanisms must be deployed. Using our two malware datasets we show that this indicator performs 4.8 and 4.6 times (respectively) better at identifying infected devices than the baseline of random checks. Such indicators can be used, for example, in the search for new or previously undetected malware. It is therefore a technique that can complement standard malware scanning by anti-malware tools. Our analysis also demonstrates a marginally significant difference in battery use between infected and clean devices.
△ Less
Submitted 27 February, 2014; v1 submitted 11 December, 2013;
originally announced December 2013.
-
A Log Auditing Approach for Trust Management in Peer-to-Peer Collaboration
Authors:
Hien Thi Thu Truong,
Claudia-Lavinia Ignat
Abstract:
Nowadays we are faced with an increasing popularity of social software including wikis, blogs, micro-blogs and online social networks such as Facebook and MySpace. Unfortunately, the mostly used social services are centralized and personal information is stored at a single vendor. This results in potential privacy problems as users do not have much control over how their private data is disseminat…
▽ More
Nowadays we are faced with an increasing popularity of social software including wikis, blogs, micro-blogs and online social networks such as Facebook and MySpace. Unfortunately, the mostly used social services are centralized and personal information is stored at a single vendor. This results in potential privacy problems as users do not have much control over how their private data is disseminated. To overcome this limitation, some recent approaches envisioned replacing the single authority centralization of services by a peer-to-peer trust-based approach where users can decide with whom they want to share their private data. In this peer-to-peer collaboration it is very difficult to ensure that after data is shared with other peers, these peers will not misbehave and violate data privacy. In this paper we propose a mechanism that addresses the issue of data privacy violation due to data disclosure to malicious peers. In our approach trust values between users are adjusted according to their previous activities on the shared data. Users share their private data by specifying some obligations the receivers must follow. We log modifications done by users on the shared data as well as the obligations that must be followed when data is shared. By a log-auditing mechanism we detect users that misbehaved and we adjust their associated trust values by using any existing decentralized trust model.
△ Less
Submitted 6 December, 2010;
originally announced December 2010.